PHP_SELF登录

【$_SERVER['PHP_SELF']】

<form name="form1" action="<?php  $_SERVER['PHP_SELF']?>" method="POST">

此表单将提交给本页验证。

表单中元素的name属性标记不同的元素， php根据name的值响应浏览器的请求。

admin_login.php 代码如下：

**************************** code start

<?php
session_start();
include 'include/config.php';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
 <title>管理登录 - <?php echo $gb_name?></title>
    <script language="javascript" >
 function FrontPage_Form1_Validator(theForm)
 {
  if(theForm.admin_user.value=="")
  {
   alert("please input admin account:");
   theForm.admin_user.focus();
   return(false);
  }
  if(theForm.admin_pass.value=="")
  {
   alert("please input admin passport:");
   theForm.admin_pass.focus();
   return(false);
  }
  return(true);
 }
 </script>
    <link rel="stylesheet" href="include/global.css" />
</head>
<body onload="i=0">
<div id="main">
 <?php include 'include/head.php';?>
 <div id="submit">
 <?php
 if($_GET[out]){   //如果未点击退出，就保持session的值
 unset($_SESSION['admin_user']);
 unset($_SESSION['admin_pass']);
    echo "<script language=\"javascript\">location.href='admin_login.php';</script>";
  }
 if(!isset($_SESSION['admin_user'])) //**** if session中没有用户名的值****
   {

    if(!$_POST['submit']){  // 由是否点击了提交按钮来判断是否include登录表单
     echo "please login first!";

?>
<form name="form1" action="<?php  $_SERVER['PHP_SELF']?>" method="POST" onsubmit="return FrontPage_Form1_Validator(this)">
<label for="admin_user">管理员账号：</label>
<input type="text" name="admin_user" id="admin_user" value=""><br/>
<label for="admin_pass">管理员passward：</label>
<input type="password" name="admin_pass" id="admin_pass" value=""><br/>

<input type="submit" name="submit" id="sbutton" value="OK"/>
</form>
<br/>
<a href="register.php">注册</a>

<?
     include 'login.htm';
    }
    else{// 若表单已经提交了，则验证表单中的值（此处仅为用户名和密码）
     $admin_user=$_POST['admin_user'];
     $admin_pass=$_POST['admin_pass'];
     $rs=$db->execute("select admin_user,admin_pass from ".TABLE_PREFIX."gbconfig where admin_user='".$admin_user."'");//查询数据库
     if($db->num_rows($rs)>=1){
      $row=$db->fetch_array($rs);
      $db->free_result($rs);
      if($row['admin_pass']==$admin_pass){//通过验证则保存session
       $_SESSION['admin_user']=$admin_user;
       $_SESSION['admin_pass']=$admin_pass;// save session
       //echo "session save successful";

       echo "login successful , please wait....<br/><a href=index.php>if the browser do not return to the home page ,please click here</a>";
       if(isset($_SESSION['userurl'])){//此处判断成功则跳转至userurl所指的页面，失败则回index页。想要实现的功能是在用户登录之后自动跳转回登录之前所在的页面。想要在session中保存当前正在浏览的页面的url
        $url=$_SESSION['userurl'];
        //header("location:$url");
       //location.href=$_SESSION['userurl']; 
        echo "<meta http-equiv=\"refresh\" content=\"2;url=$url\">";
       }
       else
        echo "<meta http-equiv=\"refresh\" content=\"2;url=index.php\">";
      // echo "<script language=\"javascript\">history.go(-1)</script>";

      }
      else{
       echo "<script language=\"javascript\">alert('wrong password!');history.go(-1)</script>";
      }
     }
     else{
      echo "<script language=\"javascript\">alert('wrong account!');</script>";
      echo "<meta http-equiv=\"refresh\" content=\"2;url=register.php?admin_user=$admin_user&admin_pass=$admin_pass\">";
     }
    }
   }
 else{    // **** else 若session值已经存在，则只显示退出按钮****   
 ?>
<div id="alertmsg">
  <a href='?out=exit'>退出</a>
<?

  echo "show list";
 ?>
</div><!--end div#alertmsg-->
<?php

}?>
 </div><!--end div#main-->
  <h2>管理登录页面</h2>

</body>
</html>

********************** code end