<form method = "post" action = "<?php echo $_SERVER['PHP_SELF']; ?>" />
Username:<input type = "text" name ="user"> <br />
Password:<input type = "password" name = "pass"><br />
<input type = "submit" value ="View Logs!"><br />
<?php
$user = $_POST['user'];
$pass = $_POST['pass'];
//Problem here, I need to only allow the user to see logs
// after he or she has entered the correct info.
//Currently code just shows all, when the user hits View Logs
// without any credentials
if (($user == "php") && ($pass == "student"))
echo "Enjoy the Logs!";
else echo "<b>Access Denied!</b>";
?>
php阻止用户查看日志
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
分享- 邀请回答
-
2条回答 默认 最新
- doudao2954 2009-12-15 10:40关注
The problem is that your form is posting directly to log.txt and not processing any of your PHP after the form submission. You'll need to change the action to post to the PHP file itself and then use http_redirect to redirect the user to log.txt after checking the password.
Having said that it's still not going to be very secure though as anyone could get to log.txt by using a direct URL, so you'll need to do some kind of authorisation there. The best thing to do is probably to store log.txt somewhere that's not accessible by through HTTP and then load and display the file using readfile in place of your echo:
<form action="" method="post"> Username:<input type="text" name="user"/> <br /> Password:<input type="password" name="pass"/><br /> <input type="submit" value="View Logs!"/><br /> </form> <?php $user = $_POST['user']; $pass = $_POST['pass']; if (($user == "php") && ($pass == "student")) { echo '<pre>'; readfile('log.txt'); echo '</pre>'; } else { echo "<b>Access Denied!</b>"; } ?>本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报 分享
- 2017-09-02 10:57回答 2 已采纳 The command line you are using created a new thread that performs the task. PHP wont wait for it,
- 2021-05-16 11:53回答 1 已采纳 <?php header("content-type:text/html;charset=utf-8"); function getPrime($num){ $s=""; for (
- 2018-03-22 07:15回答 6 已采纳 条件 $username ,$password 已经从前台获得。 $query = "select * " . " from table "
- 2021-05-31 01:37过滤器解析 apache 访问日志并编译要阻止的危险 ip 列表
- 2016-11-17 09:32回答 3 已采纳 第一步:关闭mysql # service mysqld stop 第二步:屏蔽权限 # mysqld_safe --skip-grant-table 屏幕出现: Start
- 2016-08-25 15:15回答 1 已采纳 This has nothing (really) to do with PHP. You're not wring to a "file" - you're sending your log e
- 2020-04-21 12:14回答 1 已采纳 https://www.cnblogs.com/spectrelb/p/7233688.html
- 2019-05-28 13:50喜羊羊咯的博客 初学php做了一些比较常见且有用的页面,放在上面记录一下咯 我是用了bootstrap框架里面的模态框做注册登陆页面,这样页面比较美观 页面效果: 注册成功条件/功能: 1)用户名不能冲突 2)两次密码必须相同 3)...
- 2016-02-21 00:10回答 3 已采纳 Given the format and the informations provided in the sample log entry posted in the question the
- 2020-01-15 10:58回答 1 已采纳 http://blog.sina.com.cn/s/blog_cfab46ed0102y3u6.html
- 2019-08-07 07:46回答 1 已采纳 It looks like you do not have the appropriate repo added. Try : sudo add-apt-repository ppa:ondre
- 2019-07-22 12:13动态图像处理一、错误和异常处理™ 1.1 错误类型和基本的调试方法™ 1.2 错误日志™ 1.3 异常处理1.1 错误类型和基本的调试方法™ PHP程序的错误发生一般归属于下列三个领域:¾ 语法错误:„ 语法错误最常见,并且...
- 2020-09-04 15:33回答 1 已采纳 https://blog.csdn.net/qincidong/article/details/82781699
- 2021-04-28 05:05weixin_39700215的博客 管理员以管理员身份登录时,我可以在表中看到用户列表例,用户A用户B用户C更多 …目标:我想查看在单击列表中的一个用户时看到的客户。我无法解决这个问题。海事组织Auth::user()->type在这种情况下可以工作吗?...
- 2019-07-16 03:47可对用户上传的文件类型进行限定,也可对其进行扫描,检测出其中的非法字符或程序,阻止其上传,可以查杀各种嵌入型木马程序。 图形化显示 将监测到的非法攻击以图形化的方式展现给网站管理者,可现实攻击类型比例...
- 没有解决我的问题, 去提问
悬赏问题
- ¥100 Jenkins自动化部署—悬赏100元
- ¥15 关于#python#的问题:求帮写python代码
- ¥20 MATLAB画图图形出现上下震荡的线条
- ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘
- ¥15 perl MISA分析p3_in脚本出错
- ¥15 k8s部署jupyterlab,jupyterlab保存不了文件
- ¥15 ubuntu虚拟机打包apk错误
- ¥199 rust编程架构设计的方案 有偿
- ¥15 回答4f系统的像差计算
- ¥15 java如何提取出pdf里的文字?