Index.php 在实时网站上导致空警报

Question

所以我 index.php 有我的默认页面。它在 xampp 上运行良好。所以我将我的整个网站上传到 1&1（我的 domain/hosting 提供商），当我尝试访问我的域时，我收到一个 没有任何消息和完全空白页面的空警报。

我将文件名更改为 index.html，网页加载正常。所以我知道它一定是带有 .php 扩展名的东西或者我的代码在上面。

我还添加了一个名为 .htaccess 的文件，它只包含：

DirectoryIndex index.php

这是我在 index.php 顶部的 php 代码（用 *s 替换了敏感信息）：

<?php

//Connect to a database
  $host_name  = "******.db.1and1.com";
  $database   = "db****";
  $user_name  = "dbo******";
  $password   = "***z.0**";

  $connect = mysqli_connect($host_name, $user_name, $password, $database);
  //    echo("nice job");

//Take the values from the html form and assign them to variables
  $ID = $_POST['name'];
  $userpassword = $_POST['password'];

//If no passsowrd entered then go straight to index.php
  echo "<script type='text/javascript'>alert($userpassword);</script>";
  if ($userpassword == null) {
    header("Location: http://localhost:82/index3.php");
    die();
  }

//Check to see if the password matches the hashes
  if (md5($userpassword) === '******************' 
      or md5($userpassword) === '***********' 
      or md5($userpassword) === '****************' 
      or md5($userpassword) === '**************') 
 {
 //Add the visitor name to our list
    mysqli_query($connect, "INSERT INTO `WebsiteVisitors` (`Name`) VALUES  ('$ID')") or die("Error in INSERT: ".mysqli_error($connect));
      //    echo "You have entered the correct password, congrats.";

  // Start the session so they can access other pages
    session_start();
    $_SESSION['loggedIn'] = true;
  // Redirect them to rest of site
    header("Location: http://localhost:82/home.php");
    die();
   }

    else {
    header("Refresh: 0; url=index2.php");
    echo "<script type='text/javascript'>alert(\"Wrong Password. Check your     invitation card.\");</script>";

  }
  ?>

Answer 1

由于 $_POST 请求仅在您提交表单后出现，如果 $_POST["name"] 和 $_POST["password"]存在。

所以在使用和操作$_POST变量之前给出一个if语句if(isset($_POST['name']) && isset($_POST['password']))。 Alson session_start() 应该放在脚本的顶部。

以下是您的完整代码，包括检查

<?php
session_start();
// session start should be at top of your script

error_reporting(E_ERROR); // reports only errors

//Connect to a database

$host_name  = "******.db.1and1.com";
$database   = "db****";
$user_name  = "dbo******";
$password   = "***z.0**";

$connect = mysqli_connect($host_name, $user_name, $password, $database);

// $_POST request comes only when form is submitted in your case. So check for $_POST['name'] and $_POST['password']

if(isset($_POST['name']) && isset($_POST['password'])) 
{

        $ID = $_POST['name'];
        $userpassword = $_POST['password'];

        //If no passsowrd entered then go straight to index.php

        if ($userpassword == null)
        {
                echo "<script type='text/javascript'>alert("Empty Password");</script>";
                header("Location: http://localhost:82/index3.php");
                die();
        }

        //Check to see if the password matches the hashes

        if (md5($userpassword) === '******************' 
                  or md5($userpassword) === '***********' 
                  or md5($userpassword) === '****************' 
                  or md5($userpassword) === '**************') 
       {

             //Add the visitor name to our list

             mysqli_query($connect, "INSERT INTO `WebsiteVisitors` (`Name`) VALUES  ('$ID')") or die("Error in INSERT: ".mysqli_error($connect));

              $_SESSION['loggedIn'] = true;

              // Redirect them to rest of site

              header("Location: http://localhost:82/home.php");
              die();
         }
         else
         {
               echo "<script type='text/javascript'>alert(\"Wrong Password. Check your     invitation card.\");</script>";

               header("Refresh: 0; url=index2.php");

        }

  }
  ?>

Index.php 在实时网站上导致空警报

Index.php causing empty alert on live website

html

php

hosting

.htaccess

server