您的位置: 首页  >  技术问答  >  Php脚本不能仅在Safari中工作(仅限在线 - 它可在本地进行测试)

Php脚本不能仅在Safari中工作(仅限在线 - 它可在本地进行测试)

分类: 技术问答 2022-04-07 15:24:09
问题描述:

This script works in all browsers but not Apple Mac or Windows Safari. It works on same machines in Chrome. It works in other browsers. iOS no problem. It works in localhost too with Safari - just not on line! - Mac Safari: login happens and the user stays briefly (milliseconds) on index.php but immediately gets sent back to login page...

login_do.php below...

<?php
if ($_SERVER['REQUEST_METHOD']=='POST')
    {
        require ('includes/connect_db.php');
        require ('login_tools.php');
        list ($check,$data)=validate($con,$_POST['username'],$_POST['pass']);
        if ($check)
            {session_start();
                $_SESSION['user_id']=$data['user_id'];
                $_SESSION['username']=$data['username'];
                $_SESSION['admin']=$data['admin'];
                load ('index.php');
            }
        else {$errors=$data;}
        mysqli_close($con);
    }
include ('login.php');
?>

Why?

This is the login.php that POSTs to the above script. 

<?php
$page_title='Login';
include ('includes/header.html');?>
<link rel="stylesheet" type="text/css" href="handover.css">
<?php 
if (isset($errors) && !empty($errors))
{
echo'<p id="err_msg">Oops! There was a problem:<br>';
foreach ($errors as $msg)
{
echo "- $msg<br>";
}
echo 'Please try again or <a href="help.php">Ask for help</a></p>';
}
?>
<div id="middler">
<h2>
<form action="login_do.php" method="POST">
<p>
User name: <input type="text" name="username"></p>
<p>
Password: <input type="password" name="pass"></p>
<p>
<input type="submit" name="Login"value="Login"></p>
</form>

</div>
<?php 
include ('includes/logoutfooter.html')?>

The index.php that the login lands on briefly...

<?php 
session_start();
if (isset($_SESSION['username']))
{
    $screenname=$_SESSION['username'];
}
if (isset($_SESSION['admin']))
{
    $admincheck=$_SESSION['admin'];
}

else {$url = 'login.php';
    echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">';}
?>

And finally: login_tools.php

<?php
function load ($page = 'login.php')
{
$url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url=rtrim($url,'/\\');
$url.='/'.$page;
header("Location: $url");
exit();
}
function validate($con,$email='' , $pwd = '')
{
$errors=array();
if (empty($email))
{$errors[]='Enter your user name.';}
else
{$e=mysqli_real_escape_string($con,trim($email));}
if (empty($pwd))
{$errors[]='Enter your password.';}
else
{$p = mysqli_real_escape_string($con,trim($pwd));}

if (empty($errors))
{
$q="SELECT user_id, username, admin
FROM DPLA.users
WHERE username='$e'
AND password='$p'";
$r=mysqli_query($con, $q);
if (@mysqli_num_rows($r)==1)
{$row=mysqli_fetch_array($r,MYSQLI_ASSOC);
return array(true,$row);
}
else
{$errors[]='username and password not found.';}
}
return array(false, $errors);
}

Your else clause that emits the meta-refresh that redirects to login.php is only attached to the $_SESSION['admin'] check. So any non-admin will be redirected back, even if $_SESSION['username'] is set. Change it to:

<?php 
session_start();
if (isset($_SESSION['username']))
{
    $screenname=$_SESSION['username'];
    if (isset($_SESSION['admin']))
    {
        $admincheck=$_SESSION['admin'];
    }
} else {
    $url = 'login.php';
    echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">';
}
?>

相关推荐