我的项目管理员无法在我的 PHP 本地主机上工作
我正在开发一个 osCommerce 项目,该项目可以在主服务器上访问,但是当我尝试在 LOCALHOST 上访问该项目的管理部分时,登录页面确实接受我的登录,理想情况下它应该接受我的登录并将我重定向到索引,php.. 下面是我正在使用的登录脚本。
<?php
require('includes/application_top.php');
if ($session_started == false) {
echo 'session not started';
}
$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
// Check if email exists
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
if (!tep_db_num_rows($check_admin_query)) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
$check_admin = tep_db_fetch_array($check_admin_query);
//BOF code for cPanel installer - convert password to cre hash
$check_password = $check_admin['login_password'];
if (substr($check_password, 0, 8) == '_cPanel_'){
$check_password = substr($check_password, 8);
$password_hash = tep_encrypt_password($check_password);
tep_db_query("UPDATE " . TABLE_ADMIN . " SET admin_password = '" . $password_hash . "'");
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
$check_admin = tep_db_fetch_array($check_admin_query);
}
//EOF code for cPanel installer - convert password to cre hash
// Check that password is good
if (!tep_validate_password($password, $check_admin['login_password'])) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
if (tep_session_is_registered('password_forgotten')) {
tep_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$login_groups_id = $check_admin[login_groups_id];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
$login_logdate = $check_admin['login_logdate'];
$login_lognum = $check_admin['login_lognum'];
$login_modified = $check_admin['login_modified'];
tep_session_register('login_id');
tep_session_register('login_groups_id');
tep_session_register('login_firstname');
//$date_now = date('Ymd');
tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");
if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin@localhost') || ($login_modified == '0000-00-00 00:00:00')) {
tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, '', 'SSL'));
} else {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
}
}
}
}
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
include('includes/functions/rss2html.php');
?>
我尝试跟踪问题,每当我使用正确的电子邮件和密码登录时,它都不会给我“$HTTP_GET_VARS['action']”
有人可以指导我什么吗这里出问题了吗?
根据最初的回复
我在本地主机中启用了register_long_arrays,并且在电子邮件地址和密码输入错误的情况下它运行良好。
I am working on a osCommerce project, which is accessible on the main server, but when i try to access the admin portion of the project on my LOCALHOST the login page do accepts my login, ideally it should accept my login and redirect me to index,php..
below is the login script i am using..
<?php
require('includes/application_top.php');
if ($session_started == false) {
echo 'session not started';
}
$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
// Check if email exists
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
if (!tep_db_num_rows($check_admin_query)) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
$check_admin = tep_db_fetch_array($check_admin_query);
//BOF code for cPanel installer - convert password to cre hash
$check_password = $check_admin['login_password'];
if (substr($check_password, 0, 8) == '_cPanel_'){
$check_password = substr($check_password, 8);
$password_hash = tep_encrypt_password($check_password);
tep_db_query("UPDATE " . TABLE_ADMIN . " SET admin_password = '" . $password_hash . "'");
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
$check_admin = tep_db_fetch_array($check_admin_query);
}
//EOF code for cPanel installer - convert password to cre hash
// Check that password is good
if (!tep_validate_password($password, $check_admin['login_password'])) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
if (tep_session_is_registered('password_forgotten')) {
tep_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$login_groups_id = $check_admin[login_groups_id];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
$login_logdate = $check_admin['login_logdate'];
$login_lognum = $check_admin['login_lognum'];
$login_modified = $check_admin['login_modified'];
tep_session_register('login_id');
tep_session_register('login_groups_id');
tep_session_register('login_firstname');
//$date_now = date('Ymd');
tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");
if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin@localhost') || ($login_modified == '0000-00-00 00:00:00')) {
tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, '', 'SSL'));
} else {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
}
}
}
}
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
include('includes/functions/rss2html.php');
?>
I tried tracking the issue, whenever I login with correct email and password it doesnt give me the "$HTTP_GET_VARS['action']"
Could someone guide me whats going wrong here?
ACCORDING TO THE INITIAL REPLIES
i have register_long_arrays enabled in my localhost and it is working very well in case of wrong input of email address and password..
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
HTTP_GET_VARS
等变量称为“长数组”,已被弃用,并且可以禁用。请参阅
register_long_arrays
指令,关于此:也许它在您的服务器上被禁用?Instead of `$HTTP_GET_VARS`, you should be using the `$_GET` super-global array.
有关一些参考,请参阅:
$_GET
Note : OS-commerce is a quite old piece of software, and was developped before long-arrays were deprecated -- which is probably why they are used... and why it is possible to enable the `register_long_arrays` directive in PHP's configuration.
当然这是不建议用于新软件...但如果您必须使用它...它可能比替换
$HTTP_GET_VARS
的每个实例更容易。Variables such as
HTTP_GET_VARS
are called long-arrays, and are deprecated -- and can be disabled.See the
register_long_arrays
directive, about this : maybe it's disabled on your server ?Instead of `$HTTP_GET_VARS`, you should be using the `$_GET` super-global array.
For a couple of references, see :
$_GET
Note : OS-commerce is a quite old piece of software, and was developped before long-arrays were deprecated -- which is probably why they are used... and why it is possible to enable the `register_long_arrays` directive in PHP's configuration.
Of course, this is not recommended for new software... But if you have to work with that... it might be easier than replacing every instance of
$HTTP_GET_VARS
.$HTTP_GET_VARS 已过时且已弃用,请使用 $_GET 代替。这同样适用于其他超全局变量:$_POST、$_REQUEST、$_SERVER、$_COOKIES、$_FILES 等。
$HTTP_GET_VARS is old and deprecated, use $_GET instead. Same applies to other superglobals as well: $_POST, $_REQUEST, $_SERVER, $_COOKIES, $_FILES, etc.
尝试使用
$_GET['action']
而不是 $HTTP_GET_VARS['action']
。我建议您将$HTTP_GET_VARS
完全替换为$_GET
。Try
$_GET['action']
instead of $HTTP_GET_VARS['action']
. I suggest you entirely replace$HTTP_GET_VARS
with$_GET
.从 PHP 5.0.3 开始,默认情况下禁用长预定义数组,例如
HTTP_GET_VARS
。使用这个代替:From PHP 5.0.3 long predefined arrays such
HTTP_GET_VARS
got disabled by default. Use this instead: