doudi7782 2017-02-24 13:21
浏览 29
已采纳

在继续到真实路径之前使所有链接流过php文件(如登录页面)

I have this script

<?php
$username = "namey";
$password = "passy";
$salted = "salty";

if (isset($_COOKIE['Cookiename'])) {if ($_COOKIE['Cookiename'] == sha1($password.$salted)) {
?>
<body>
<span>
it works
</span></body>


<?php
      exit;} 
      else {
      echo "Bad Cookie, Baaad lol";
      exit;}}

if (isset($_GET['auth']) && $_GET['auth'] == "login") {
   if ($_POST['user'] != $username) {
      echo "The Provided Username Was Not Correct.";
      exit;}
      else if ($_POST['keypass'] != $password) {
      echo "The Provided Password Was Not Correct.";
      exit;}
      else if ($_POST['user'] == $username && $_POST['keypass'] == $password) {
      setcookie('Cookiename', sha1($_POST['keypass'].$salted));
      header("Location: $_SERVER[PHP_SELF]");}
      else {
      echo "Something's wrong with the server.";}}
?>
<div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>?auth=login" method="post">
<label>Username<input type="text" name="user" id="user" /></label><br/>
<label>Password<input type="password" name="keypass" id="keypass" /></label><br/>
<input type="submit" id="submit" value="Login"/>
</div>
</form>

& basically i need every link on the site to come though here & look if the user is logged in before letting him access any page he requested.

i have just started learning PHP & right now i am confused, the code you see on top is a code i have seen here on this website

i googled for a way to do this but no results

  • 写回答

2条回答 默认 最新

  • dongliantong3229 2017-02-24 14:12
    关注

    You can create a main php file and add a check to look if the user is logged-in.

    And include the main php file at the top of every script you want to protect.

    so if you create a file called check.php

    //add this to the created file check.php
if (!isset($_COOKIE['loggedin']) && !$_COOKIE['loggedin']){
  header('Location: YOUR URL')
  die();
}

    and add this setcookie('loggedin', true));

    under setcookie('Cookiename', sha1($_POST['keypass'].$salted));

    and include check.php at the top of your scripts.

    hope this helps :)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 用windows做服务的同志有吗
  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?
  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图