-2

以下のコードは私のページを壊します...壁紙もテーブルも表示されません。表示されるのは、ロゴとログイン フォームだけです。フォームにログインすると、アカウント名といくつかの番号が表示されます。以下のコードを修正するにはどうすればよいですか?

    <?php

   include 'wasudf.php';

   //
   // get session id
   //
   $SessionID = $_GET['SessionID'];

   if (!$SessionID)
      $SessionID = $_POST['SessionID'];

   if (!$SessionID)
       $SessionID = $_COOKIE['SessionID'];

   if (!$Function)
      $Function = $_GET['FunkShun'];

   if (!$Function)
      $Function = $_POST['FunkShun'];

   if (!$Function)
      $Function="Home";

   if (!$SessionID)
      {

echo'     <form action="index.php" method="post" id="LoginForm" style="color:#FFF">';
echo'     <input type="hidden" name="SessionID" value="new"></input>';
echo'     Username:';
echo'     <label>';
echo'     <input type="text" name="AccountNo" value="" class="input" size="28"></input>';
echo'     </label>';
echo'     <BR /><BR />';
echo'     &nbsp;&nbsp;Password:';
echo'    <label>';
echo'    <input type="password" name="Password" value="" class="input" size="30"></input>';
echo'    </label>';
echo'     <BR /><BR />';
echo'    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="image" src="images/input-img.gif" value="Log On" class="input-img"></input>';
echo'    <BR /><br />';
echo'    <a href="#" class="link" style="font-size:12px;">Register now!</a>   <a href="#" style="font-size:12px;">Forgotten your password?</a> ';
echo'    </form>';

return;
      }

   //
   // this is a new session - add to web session table
   //
   if ($SessionID == "new")
      {
      $AccountNo = check_input(strtoupper(trim($_POST['AccountNo'])));
      $Password = check_input(strtoupper(trim($_POST['Password'])));

      if (!$AccountNo)
         ExitLogOn("Invalid Account/Password");

      $rs=mysql_query("select * from accounts where code='$AccountNo' and password='$Password'",$db);
      $row=mysql_fetch_array($rs);

      if (!$row)
         ExitLogOn("Invalid Account/Password!");

      mysql_query("update system set nextsession = nextsession + 1",$db);

      $rs=mysql_query("select * from system",$db);
      $row=mysql_fetch_array($rs);

      $SessionID = $row['nextsession'];

      //
      // ensure this session does not exist already
      // also remove any sessions belonging to this account
      //    - ie account can only be logged on one workstation at any time
      //
      mysql_query("delete from websession where sessionid='$SessionID' or account='$AccountNo'",$db);

      $Expiry=strtotime("+1 hour");

      $xCommand = "insert into websession set ";
      $xCommand = $xCommand . "sessionid='$SessionID',";
      $xCommand = $xCommand . "ipaddress='" . $_SERVER['REMOTE_ADDR'] . "',";
      $xCommand = $xCommand . "account='$AccountNo',";
      $xCommand = $xCommand . "password='$Password',";
      $xCommand = $xCommand . "date='" . date('YmdHis',$Expiry) . "'";

      mysql_query($xCommand,$db);
      }

   $rs=mysql_query("select * from websession where sessionid='$SessionID'",$db);
   $row=mysql_fetch_array($rs);

   if (!$row)
      {
      mysql_query("delete from websession where sessionid='$SessionID'",$db);
      mysql_query("delete from elist where code='$SessionID'",$db);
      ExitLogOn("Session Expired");
      }

   if ($row['date'] < date('YmdHis'))
      {
      mysql_query("delete from websession where sessionid='$SessionID'",$db);
      mysql_query("delete from elist where code='$SessionID'",$db);
      ExitLogOn("Session Expired!!");
      }

   $Expiry=strtotime("+1 hour");

   $xCommand = "update websession set ";
   $xCommand = $xCommand . "date='" . date('YmdHis',$Expiry) . "'";
   $xCommand = $xCommand . "where sessionid='$SessionID'";

   mysql_query($xCommand,$db);

   $AccountNo = $row['account'];
   $Password = $row['password'];
   $MiscData = $row['data'];

   $rs=mysql_query("select * from accounts where code='$AccountNo' and password='$Password'",$db);
   $row=mysql_fetch_array($rs);

   if (!$row)
      ExitLogOn("Invalid Account/Password!!");

   $Name = trim($row['name']);
   $Balance = $row['balance'];

      if ($Function == "Home")
      {
      echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="post">';
      echo '<input type="hidden" name="SessionID" value="' . $SessionID . '"></input>';
      echo '<table width=800 align=center>';

      echo '   <tr>';
      echo '      <td align=center colspan="4" style="color:#F93;">';
      echo           $Name;
      echo '      </td>';
      echo '   </tr>';

      echo '   <tr>';
      echo '      <td align=center colspan="4" style="color:#F93;">';
      echo '         Current Balance $ ' . snumber($Balance,10);
      echo '      </td>';
      echo '   </tr>';

      echo '   <tr>';
      echo '      <td align=center colspan="4">';
      echo '         &nbsp';
      echo '      </td>';
      echo '   </tr>';

      echo '</table>';
      echo '</form>';
      }

?>
4

1 に答える 1

0

両方GETPOST同じページで使用しています。

$SessionID = $_GET['SessionID'];

if (!$SessionID)
  $SessionID = $_POST['SessionID'];

if (!$SessionID)
   $SessionID = $_COOKIE['SessionID'];

if (!$Function)
  $Function = $_GET['FunkShun'];

if (!$Function)
  $Function = $_POST['FunkShun'];

そして、のすべての再割り当てとは$Function何ですか?

于 2012-11-02T19:18:35.753 に答える