1、“前一URL”是什么?在哪里得到的? 2、检查 $LoginRS__query=sprintf("SELECT xm, mm FROM zc WHERE xm='%s' AND mm='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 的内容 3、header后应有exit,否则页面后续内容依然会输出
再有: $loginUsername和$password 是哪里来的? 如果是提交的,那么应确认register_globals=on 否则要用$_POST['loginUsername']和$_POST['password']另外请检查表zc中是否有xm和mm为空的记录当register_globals=off时,$loginUsername和$password为空 查询串变为:SELECT xm, mm FROM zc WHERE xm='' AND mm='' 此时若表中有xm和mm为空的记录则mysql_num_rows($LoginRS) >= 1
session_start(); $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true";// *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; }$MM_restrictGoTo = "Untitled-4.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } 这是前一页的代码
2、检查
$LoginRS__query=sprintf("SELECT xm, mm FROM zc WHERE xm='%s' AND mm='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
的内容
3、header后应有exit,否则页面后续内容依然会输出
$loginUsername和$password 是哪里来的?
如果是提交的,那么应确认register_globals=on
否则要用$_POST['loginUsername']和$_POST['password']另外请检查表zc中是否有xm和mm为空的记录当register_globals=off时,$loginUsername和$password为空
查询串变为:SELECT xm, mm FROM zc WHERE xm='' AND mm=''
此时若表中有xm和mm为空的记录则mysql_num_rows($LoginRS) >= 1
前一页,是某一受限制页,当没有登陆打开受限制页时,转到此页,但登录后不能自动回到受限制页了?
session_start();
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}$MM_restrictGoTo = "Untitled-4.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
这是前一页的代码
CSDN是免费的,但免费的也不一定好,别人愿回答,就回答,不愿就不回答,也无可非议
我希望CSDN为我们菜鸟办一个付费的,按问题难度报价,用真钱交易,可能给我们菜鸟更好,更需要的服务。
要求置顶
这样吧
add_member.php 文件
header("location:/member/login.php?returnurl=/add_member.php");
如:/add_member.php是本页的地址。这是绝对路径。也可以用相对路径
login.php 文件if ($_GET[returnurl] == "") $gourl = "如果不指明,则go这里";
else $gourl = $_GET[returnurl]; 。验证header($gourl);
或
echo "<script language='javascript'>";
echo "location=\"".$gourl."\";";
echo "</script>";