セッションを使用して単純なログインフォームを作成していますが、ログインを押すとindex.phpにリダイレクトされるという問題がありますが、 home.php に移動する必要があります。logout.phpでセッションを破棄し、index.phpにリダイレクトしますが、ログイン ボタンが何らかの方法でindex.phpにリダイレクトし ます。
index.php
<?php
require_once('global.php');
if(@$logged == 1)
{
header("Location: home.php");
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>index page</title>
</head>
<body>
<h1> this is the index page</h1>
<a href="login.php">Login</a>
</body>
</html>
グローバル.php
<?php
session_start();
require_once('connect.php');
// cheking if the sessions are set
if(isset($_SESSION['username']))
{
$session_username = $_SESSION['username'];
$session_pass = $_SESSION['password'];
$session_id = $_SESSION['id'];
//cheking if the member exist
$query = mysql_query("SELECT * FROM members WHERE id = '".$session_id."' AND password = '".$session_pass."' LIMIT 1") or die("could not select memeber");
$count_count = mysql_num_rows($query);
if($count_count > 0)
{
$logged = 1;
while($row = mysql_fetch_array($query))
{
$session_username = $row['username'];
}
$_SESSION['username'] = $session_username;
$_SESSION['pass'] = $session_pass;
$_SESSION['id'] = $session_id;
}
else
{
header("Location: logout.php");
exit();
}
}
else
{
// if the user not loged in
$logged = 0;
}
?>
login.php
<?php
require_once('global.php');
$message = "";
if(isset($_POST['email']))
{
$email = $_POST['email'];
$pass = $_POST['password'];
// error handling
if((!$email) ||(!$pass))
{
$message = 'please insert both fields';
}
else
{
//secure data
$email = mysql_real_escape_string($email);
$pass = sha1($pass);
$query = mysql_query("SELECT * FROM members WHERE email = '".$email."' AND password = '".$pass."'LIMIT 1") or die("could not select data");
$count_query = mysql_num_rows($query);
if($count_query == 0)
{
$message = 'your info was inccorrect';
}
else
{
//start SESSIONS
$_SESSION['pass'] = $pass;
while($row = mysql_fetch_array($query))
{
$username = $row['username'];
$id = $row['id'];
}
$_SESSION['username'] = $username;
$_SESSION['id'] = $id;
}
header("Location: home.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>login to membership website </title>
</head>
<body>
<h1> login to my website</h1>
<p><?php print("$message"); ?></p>
<form action="login.php" method="post">
<input type="text" name="email" placeholder="email adress" /><br />
<input type="password" name="password" placeholder="password" /><br />
<input type="submit" value="Login" />
</form>
</body>
</html>
home.php
<?php
require_once('global.php');
if($logged == 0)
{
header("Location: index.php");
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<h1>this the home page</h1>
</body>
</html>
logout.php
<?php
session_start();
session_destroy();
/*
if(session_is_registered('username'))
{
echo "you are loged in we can not log you out";
exit();
}
*/
//else
//{
header("Location: index.php");
//}
?>