Php登录问题- post版本

Question

因此，我在php中登录时遇到了问题，我的意思是它可以工作，但是当我重新加载它时，它说：

您正在查找输入的已使用信息的页面。返回到该页面可能会导致重复所采取的任何操作。

所以我真的不知道该做什么，这是代码，如果有其他问题，请帮助我改进它。

PS。我不得不使用漩涡，因为游戏脚本密码我使用的是C++和密码是使用漩涡哈希，因为这是最好的哈希插件有自动柜员机，感谢先进。

PS im是php中的一个新手，两天前就开始了，我就是这样做的：

    <?php

error_reporting(E_ALL);
session_start();


$db = "localhost";
$user = "root";
$password = "";
$base = "samp";

$konekt = mysqli_connect($db, $user, $password, $base);

if (!$konekt) {
    echo "Konekcija sa bazom nije uspela" . mysqli_connect_error();
}

if(isset($_SESSION["name"]) && $_SESSION["name"] )
{
    echo "Vec ste ulogovani, ".$_SESSION["name"]." <br>Automatski vas odjavljujemo.";
    unset( $_SESSION );
    session_destroy();
    exit;
}   

$UserPrijavljen = false;

$userName = isset($_POST["name"]) ? $_POST["name"] : null;
$userPass = isset($_POST["pass"]) ? $_POST["pass"] : null;

if($userName && $userPass)
{
    $hashedPass = hash('whirlpool', $userPass);
    $query = "SELECT Ime FROM Igraci WHERE Ime = '$userName' AND Lozinka = '$hashedPass'";
    $result = mysqli_query( $konekt, $query);

    $row = mysqli_fetch_array($result);

    if($row)
    {
        $UserPrijavljen = true;     
    }
    elseif (!$row) {
        echo "Podatci koje ste uneli nisu ispravni, sesija unistena.";
    }
}

if ( !$UserPrijavljen )
{

    echo "
            <form action='index.php' method='post'>
                Korisnicko Ime: <input type='text' name='name' value='$userName'><br>
                Lozinka: <input type='password' name='pass' value='$userPass'><br>
                <input type='submit' value='log in'>
            </form>
        ";
}
else
{
    echo "<div>";
    echo "Prijavljeni ste kao $userName!";
    echo "</div>";
    $_SESSION["name"] = $userName;
}
?>

当我重新加载页面时，是否有一种方法，它不会破坏会话并将我注销，只是为了保持日志记录，这是

    if(isset($_SESSION["name"]) && $_SESSION["name"] )
{
    echo "Vec ste ulogovani, ".$_SESSION["name"]." <br>Automatski vas odjavljujemo.";
    unset( $_SESSION );
    session_destroy();
    exit;
}   

Answer 1

这段代码会给你一些先机:把它放在同一个页面上，它就能工作了。您必须向数据库中添加一个会话字段，以跟踪记录在案的用户。

# logout code
if($_GET['logout']) {
setcookie("login", '',time()-86400); # delete cookie
exit(); # stop executing here
}


# keep user logged in here (add a session field to your database)
if($_COOKIE["login"] && mb_strlen($_COOKIE["login"]) == '32') {

# revalidate cookie (you could use memcached here)
$session = $konekt->real_escape_string($_COOKIE["login"]);
$query = "SELECT Ime FROM Igraci WHERE session = '$session' LIMIT 1";
$result = mysqli_query( $konekt, $query); $row = mysqli_fetch_array($result);

# message
if($row['Ime']) { 
echo "User is already logged in with username ".$row['Ime']. " and hash: ".$_COOKIE["login"]. '<a href="index.php?logout=1">logout</a>?';
exit(); # don't run the next code below
}


# default login form
echo <<<EOF
<form action='index.php' method='post'>
Korisnicko Ime: <input type='text' name='name' value=''><br>
Lozinka: <input type='password' name='pass' value=''><br>
<input type='submit' value='log in'>
</form>
EOF;


if($_POST['name'] && $_POST['pass']) {
$hashedPass = $konekt->real_escape_string(hash('whirlpool', $_POST['pass']));
$userName = $konekt->real_escape_string($userName);

$query = "SELECT Ime FROM Igraci WHERE Ime = '$userName' AND Lozinka = '$hashedPass' LIMIT 1";
$result = mysqli_query( $konekt, $query); $row = mysqli_fetch_array($result);
if($row) { 
$session = md5($userName.$hashedPass); # user unique identifier
mysqli_query($konekt, "UPDATE Igraci SET session = '$session' WHERE Ime = '$userName' AND Lozinka = '$hashedPass'"); # save to db
setcookie("login", $session,time()+3600); # stay logged in for 1 hour with a unique identifier
echo "You are now logged in with hash: ".$_COOKIE["login"]. '<a href="index.php?logout=1">logout</a>?';
} else {
echo "Podatci koje ste uneli nisu ispravni, sesija unistena."; # wrong pass?
}
}