【问题标题】:Empty page after logout注销后的空白页面
【发布时间】:2019-03-09 13:07:27
【问题描述】:

我的登录表单工作正常,但如果我单击注销按钮,它会转到 index.php,但它没有显示任何内容(空白)白屏

登录表格:index.php

<?php
 require('CONFIG/config.php');
 require('CONFIG/db.php');
 if(empty($_SESSION)) // if the session not yet started 
  session_start();


 if(isset($_SESSION['email'])) { // if already login
 header("location: ../dashboard.php"); // send to home page
 exit; 
 }
 ?>
    <form class="form-horizontal" role="form" method="POST" action="PHP/action_login.php">


          <div class="form-group">
            <label class="col-md-4 control-label">Email</label>

            <div class="col-md-6">
              <input type="email" class="form-control" name="email" value="">
            </div>
          </div>

          <div class="form-group">
            <label class="col-md-4 control-label">Password</label>

            <div class="col-md-6">
              <input type="password" class="form-control" name="password">
            </div>
          </div>



          <div class="form-group">
            <div class="col-md-6 col-md-offset-4">
              <button type="submit" class="btn btn-success col-md-6" name="submit" style="margin-right: 15px; background-color:#069370;">Login </button>
            </div>
          </div>
        </form>

动作登录:PHP/action_login.php

<?php

session_start();

if(isset($_POST['submit'])) {

include('CONFIG/config.php');
include('CONFIG/db.php');

$Email = $_POST['email'];
$Password = $_POST['password'];
$_SESSION['email'] = '$Email';

//erroe handler
//check if the input is empty
if(empty($Email) || empty($Password)) {
    header("Location: ../index.php?login=error");
     exit();
}else{
    $sql = "SELECT * from users where email='$Email' AND password='$Password'";
    $sql2 = "SELECT roles.id from users, roles where users.email='$Email'";
    $result2 = mysqli_query($conn, $sql2);
    $result = mysqli_query($conn, $sql);
    $resultCheck = mysqli_num_rows($result);
    if($resultCheck < 1){
        header("Location: ../index.php?login=error");
        exit();
    }else{
        $_SESSION['roleid'] = $result2;
        header("Location: ../dashboard.php?login=success");
        exit();
    }
}
}else{
 header("Location: ../index.php?login=error");
 exit();

}

登出表格:dashboard.php

    <?php
include 'connect_to_database.php'; //connect the connection page

if(empty($_SESSION)) // if the session not yet started 
   session_start();

if(!isset($_SESSION['email'])) { //if not yet logged in
   header("Location: ../index.php");// send to login page
   exit;
} 
?>
          <li class="sub-menu"><a href="#">Admin</a>
                    <ul>
                        <li><a href="users_management.php"><i class="fa fa-user"></i>
                        <span>Users Management</span></a></li>
                        <li>
                        <a href="PHP/action_logout.php">
                            <i class="fa fa-arrow-left"></i>
                            <span class="title">Logout</span>
                        </a></li>
                    </ul>
            </li>

action logout:action_logout.php(PHP文件夹内)

<?php
session_start();
session_unset();
session_destroy();

header("Location: ../index.php");
exit;
?>

问题是当我单击注销时,索引表单什么也不显示,为什么?请检查我的代码谢谢

【问题讨论】:

  • 警告:您对SQL Injections 持开放态度,应该真正使用参数化的prepared statements,而不是手动构建查询。它们由PDOMySQLi 提供。永远不要相信任何类型的输入,尤其是来自客户端的输入。即使您的查询仅由受信任的用户执行,you are still in risk of corrupting your data
  • 切勿以明文形式存储密码! 仅存储密码哈希值。使用 PHP 的 password_hash()password_verify() 。如果您运行的 PHP 版本低于 5.5(我真的希望您不是),您可以使用 password_compat 库来获得相同的功能。

标签: php html


【解决方案1】:

在 action_logout.php 中,您必须删除 session_start(),因为您只需创建一个新会话然后将其销毁

<?php
session_unset();
session_destroy();

header("Location: ../index.php");
exit;
?>

在 index.php 中

你需要检查会话是否为空

就这样

if(isset($_SESSION) && empty($_SESSION)) {
   session_start()
}

【讨论】:

  • 为什么需要检查会话是否既已设置又不为空?为什么不自己打电话给session_start();
猜你喜欢
  • 1970-01-01
  • 1970-01-01
  • 2021-02-14
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2017-12-27
  • 2017-02-21
相关资源
最近更新 更多