我的项目管理员无法在我的 PHP 本地主机上工作

发布于 2024-09-06 09:57:38 字数 3803 浏览 3 评论 0原文

我正在开发一个 osCommerce 项目，该项目可以在主服务器上访问，但是当我尝试在 LOCALHOST 上访问该项目的管理部分时，登录页面确实接受我的登录，理想情况下它应该接受我的登录并将我重定向到索引,php.. 下面是我正在使用的登录脚本。

<?php
  require('includes/application_top.php');

  if ($session_started == false) {
  echo 'session not started';
  }

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
    $password = tep_db_prepare_input($HTTP_POST_VARS['password']);

// Check if email exists
    $check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
    if (!tep_db_num_rows($check_admin_query)) {
      $HTTP_GET_VARS['login'] = 'fail';
    } else {
      $check_admin = tep_db_fetch_array($check_admin_query);

      //BOF code for cPanel installer - convert password to cre hash
      $check_password = $check_admin['login_password'];
      if (substr($check_password, 0, 8) == '_cPanel_'){
        $check_password = substr($check_password, 8);
        $password_hash = tep_encrypt_password($check_password);
        tep_db_query("UPDATE " . TABLE_ADMIN . " SET admin_password = '" . $password_hash . "'");
        $check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
        $check_admin = tep_db_fetch_array($check_admin_query);
      }
      //EOF code for cPanel installer - convert password to cre hash

      // Check that password is good
      if (!tep_validate_password($password, $check_admin['login_password'])) {
        $HTTP_GET_VARS['login'] = 'fail';
      } else {
        if (tep_session_is_registered('password_forgotten')) {
          tep_session_unregister('password_forgotten');
        }

        $login_id = $check_admin['login_id'];
        $login_groups_id = $check_admin[login_groups_id];
        $login_firstname = $check_admin['login_firstname'];
        $login_email_address = $check_admin['login_email_address'];
        $login_logdate = $check_admin['login_logdate'];
        $login_lognum = $check_admin['login_lognum'];
        $login_modified = $check_admin['login_modified'];

        tep_session_register('login_id');
        tep_session_register('login_groups_id');
        tep_session_register('login_firstname');

        //$date_now = date('Ymd');
        tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");

        if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin@localhost') || ($login_modified == '0000-00-00 00:00:00')) {
          tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, '', 'SSL'));
        } else {
          tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
        }

      }
    }
  }

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
  include('includes/functions/rss2html.php');
?>

我尝试跟踪问题，每当我使用正确的电子邮件和密码登录时，它都不会给我“$HTTP_GET_VARS['action']”

有人可以指导我什么吗这里出问题了吗？

根据最初的回复

我在本地主机中启用了register_long_arrays，并且在电子邮件地址和密码输入错误的情况下它运行良好。

原文

I am working on a osCommerce project, which is accessible on the main server, but when i try to access the admin portion of the project on my LOCALHOST the login page do accepts my login, ideally it should accept my login and redirect me to index,php..
below is the login script i am using..

<?php
  require('includes/application_top.php');

  if ($session_started == false) {
  echo 'session not started';
  }

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
    $password = tep_db_prepare_input($HTTP_POST_VARS['password']);

// Check if email exists
    $check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
    if (!tep_db_num_rows($check_admin_query)) {
      $HTTP_GET_VARS['login'] = 'fail';
    } else {
      $check_admin = tep_db_fetch_array($check_admin_query);

      //BOF code for cPanel installer - convert password to cre hash
      $check_password = $check_admin['login_password'];
      if (substr($check_password, 0, 8) == '_cPanel_'){
        $check_password = substr($check_password, 8);
        $password_hash = tep_encrypt_password($check_password);
        tep_db_query("UPDATE " . TABLE_ADMIN . " SET admin_password = '" . $password_hash . "'");
        $check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
        $check_admin = tep_db_fetch_array($check_admin_query);
      }
      //EOF code for cPanel installer - convert password to cre hash

      // Check that password is good
      if (!tep_validate_password($password, $check_admin['login_password'])) {
        $HTTP_GET_VARS['login'] = 'fail';
      } else {
        if (tep_session_is_registered('password_forgotten')) {
          tep_session_unregister('password_forgotten');
        }

        $login_id = $check_admin['login_id'];
        $login_groups_id = $check_admin[login_groups_id];
        $login_firstname = $check_admin['login_firstname'];
        $login_email_address = $check_admin['login_email_address'];
        $login_logdate = $check_admin['login_logdate'];
        $login_lognum = $check_admin['login_lognum'];
        $login_modified = $check_admin['login_modified'];

        tep_session_register('login_id');
        tep_session_register('login_groups_id');
        tep_session_register('login_firstname');

        //$date_now = date('Ymd');
        tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");

        if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin@localhost') || ($login_modified == '0000-00-00 00:00:00')) {
          tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, '', 'SSL'));
        } else {
          tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
        }

      }
    }
  }

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
  include('includes/functions/rss2html.php');
?>

I tried tracking the issue, whenever I login with correct email and password it doesnt give me the "$HTTP_GET_VARS['action']"

Could someone guide me whats going wrong here?

ACCORDING TO THE INITIAL REPLIES

i have register_long_arrays enabled in my localhost and it is working very well in case of wrong input of email address and password..

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

苏大泽ㄣ 2024-09-13 09:57:38

HTTP_GET_VARS 等变量称为“长数组”，已被弃用，并且可以禁用。

请参阅register_long_arrays 指令，关于此：也许它在您的服务器上被禁用？

Instead of `$HTTP_GET_VARS`, you should be using the `$_GET` super-global array.

有关一些参考，请参阅：

Note : OS-commerce is a quite old piece of software, and was developped before long-arrays were deprecated -- which is probably why they are used... and why it is possible to enable the `register_long_arrays` directive in PHP's configuration.

当然这是不建议用于新软件...但如果您必须使用它...它可能比替换 $HTTP_GET_VARS 的每个实例更容易。