doudi7782 2017-02-24 13:21
浏览 29
已采纳

在继续到真实路径之前使所有链接流过php文件(如登录页面)

I have this script

<?php
$username = "namey";
$password = "passy";
$salted = "salty";

if (isset($_COOKIE['Cookiename'])) {if ($_COOKIE['Cookiename'] == sha1($password.$salted)) {
?>
<body>
<span>
it works
</span></body>


<?php
      exit;} 
      else {
      echo "Bad Cookie, Baaad lol";
      exit;}}

if (isset($_GET['auth']) && $_GET['auth'] == "login") {
   if ($_POST['user'] != $username) {
      echo "The Provided Username Was Not Correct.";
      exit;}
      else if ($_POST['keypass'] != $password) {
      echo "The Provided Password Was Not Correct.";
      exit;}
      else if ($_POST['user'] == $username && $_POST['keypass'] == $password) {
      setcookie('Cookiename', sha1($_POST['keypass'].$salted));
      header("Location: $_SERVER[PHP_SELF]");}
      else {
      echo "Something's wrong with the server.";}}
?>
<div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>?auth=login" method="post">
<label>Username<input type="text" name="user" id="user" /></label><br/>
<label>Password<input type="password" name="keypass" id="keypass" /></label><br/>
<input type="submit" id="submit" value="Login"/>
</div>
</form>

& basically i need every link on the site to come though here & look if the user is logged in before letting him access any page he requested.

i have just started learning PHP & right now i am confused, the code you see on top is a code i have seen here on this website

i googled for a way to do this but no results

  • 写回答

2条回答 默认 最新

  • dongliantong3229 2017-02-24 14:12
    关注

    You can create a main php file and add a check to look if the user is logged-in.

    And include the main php file at the top of every script you want to protect.

    so if you create a file called check.php

    //add this to the created file check.php
if (!isset($_COOKIE['loggedin']) && !$_COOKIE['loggedin']){
  header('Location: YOUR URL')
  die();
}

    and add this setcookie('loggedin', true));

    under setcookie('Cookiename', sha1($_POST['keypass'].$salted));

    and include check.php at the top of your scripts.

    hope this helps :)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 Matlab在app上输入带有矩阵形式的初始条件发生错误
  • ¥15 CST仿真别人的模型结果仿真结果S参数完全不对
  • ¥15 误删注册表文件致win10无法开启
  • ¥15 请问在阿里云服务器中怎么利用数据库制作网站
  • ¥60 ESP32怎么烧录自启动程序
  • ¥50 html2canvas超出滚动条不显示
  • ¥15 java业务性能问题求解(sql,业务设计相关)
  • ¥15 52810 尾椎c三个a 写蓝牙地址
  • ¥15 elmos524.33 eeprom的读写问题
  • ¥15 用ADS设计一款的射频功率放大器