0
我正在做我的第一个动态网站与HTML5/PHP/MySQL的。 我不明白为什么这不起作用。 根目录下的index.php文件基本上将所有内容放在一起。 这是在example.com/(或example.com/index.php):点击在提交登录形式重定向到index.php,并不登录
<!doctype html>
<html>
<?php
include("layout/header.php");
include("layout/layout.html");
/*content BEGIN*/
if (!empty($_SERVER['QUERY_STRING'])) {
$page = $_SERVER['QUERY_STRING'];
if(substr($page, -1) == '/') {
$page = substr($page, 0, -1);
}
/*$page = basename($page);*/
if (!file_exists("page/$page.php")){
include("layout/404.html");
}
else{
include("page/$page.php");
}
}
else {
include("page/home.php");
}
/*content END*/
include("layout/footer.html");
?>
</html>
中的.htaccess有这样的:
RewriteRule ^(.*)$ index.php?/$1 [L]
所以基本上example.com/foo/bar显示内容网站布局中的example.com/page/foo/bar.php。
这post.php中(位于example.com/page/admin/post.php并在example.com/admin/post布局访问) 完全正常工作:
<div class="text">
<?php
session_start();
if (!isset($_SESSION['login'])){
header("Location: /admin/login");
}
if(isset($_POST['submit']) && ($_POST['submit'])=="Post"){
if (!isset($_POST["title"]) || (trim($_POST["title"])=="")){
echo "Insert a title.";
}
elseif(!isset($_POST["post"]) || (trim($_POST["post"])=="")){
echo "You forgot the post";
}
elseif(!isset($_POST["author"]) || (trim($_POST["author"])=="")){
echo "Write your name";
}
else{
$postTitle = $_POST["title"];
$post = $_POST["post"];
$postAuthor = $_POST["author"];
include "mysql.php";
$sql = new mysql();
$sql->connect();
$sql->insert("post",array($postTitle, $post, $postAuthor),"title,post,author");
echo "Great Success!";
$sql->disc();
}
}
else{
?>
<form action="<?php $_SERVER["PHP_SELF"];?>" method="post">
<h2>New Post:</h2>
Title:
<br />
<input name="title" type="text" size="64" />
<br />
Text:
<br />
<textarea name="post" cols="80" rows="20"></textarea>
<br />
Author:
<br />
<input name="author" type="text" size="32" />
<br />
<input name="submit" type="submit" value="Post" />
</form>
<?php
}
?>
</div>
因此,作为我说这工作正常。 但是我的登录面板(example.com/page/admin/login.php或example.com/admin/login)仅在我直接访问它(example.com/page/admin/login.php)时才有效,所以如果没有在它周围的布局。 如果我通过它加载的example.com/admin/login访问它的“正确方式”,但是一旦点击提交,它总是将我重定向到example.com/index.php(这个确切的URL,而不是example.com/)牛逼实际登录我 下面是login.php中的代码:
<div class="text">
<?php
session_start();
if(isset($_SESSION['login'])){
header("Location: /admin/panel");
}
if(isset($_POST["submit"]) && (trim($_POST["submit"])=="Login")){
if (!isset($_POST["password"]) || (trim($_POST["password"])=="")){
echo "Insert password";
}
elseif (!isset($_POST["username"]) || (trim($_POST["username"])=="")){
echo "Insert your username";
}
$username = trim(filter_var($_POST['username'], FILTER_SANITIZE_STRING));
$password = trim(filter_var($_POST['password'], FILTER_SANITIZE_STRING));
$password = sha1($password);
include "mysql.php";
$sql = new mysql();
$sql->connect();
$loginlist = $sql->query("SELECT user_id FROM users WHERE username = '$username' AND password = '$password'");
if(mysql_num_rows($loginlist)==0){
echo "Username/password wrong";
}
else{
$userdata = $sql->extract($loginlist);
$_SESSION["login"] = $userdata->user_id;
$sql->disc();
header("Location: /admin/panel");
}
}
else{
?>
<h2>Admin panel login</h2>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Username:
<br>
<input name="username" type="text" size="16">
<br>
Password:
<br>
<input name="password" type="password" size="64">
<br>
<input name="submit" type="submit" value="Login">
<br>
</form>
<?php
}
?>
</div>
而且Apache的日志说:
"POST /index.php HTTP/1.1" 200 2906
对于每一个出现这种情况的时间。