Javascript 警报正在打开一个 PHP 包含文件,而不是停留在主页上

Javascript alert is opening a PHP include file and not staying on the home page

主页是 index.php,它包含一个用于创建用户登录块的不同 sidebar_signin_block.php 文件的包含。在 sidebar_signin_block.php 如果登录成功,我使用这个 javascript 将它们发送到登录成功启动页面: echo "<script>window.open('login-success.php','_self')</script>";} 另一方面,如果登录失败,我有一个 else 语句一个 javascript 的警告框,如下所示:echo "<script>alert('Email or password is incorrect please try again')</script>";

这是我需要帮助的问题。在 index.php 页面上,如果登录成功或失败,包含的文件 sidebar_signin_block.php 将打开并且是可见的网页。我想留在主页 index.php 并且不想打开 sidebar_signin_block.php 页面。任何建议将不胜感激。

以防万一您需要它来进行诊断,我在下面包含了整个侧边栏登录-block.php 文件:

<?php
session_start();
?>

<html>
<body>
<form method="post" action="sidebar-signin-block.php">

        <table width="90%" border="0" align="center" bgcolor="white">


            <tr>
                <td bgcolor="ffffff" colspan="2" align="center"><h2>User Login</h2></td>
            </tr>

            <tr>
                <td align="right">Email:</td>
                <td><input type="text" name="email"></td>
            </tr>

            <tr>
                <td align="right">Password:</td>
                <td><input type="password" name="password"></td>
            </tr>

            <tr>
                <td colspan="2" align="center"><input type="submit" name="login" value="Login"></td>

            </tr>

            <tr>
                <td colspan="2" align="center"><h3 style="margin-top:7px;"><a href="nonadmin_user_forgot_password.php" target="_blank" title="Reset Your Lost Password">Forgot Password?</a></h3></td>
            </tr>


            <tr>
                <td bgcolor="#ffffff" colspan="2" align="center"><div style="padding-top:5px;"><span style="font-size:20px;">Don't have an account?<br /><a href="/includes/register-user.php" title="Register with us!" target="_self">Sign Up</a> is <em>quick</em> and <em>easy</em>!</span></div></td>

        </table>
    </form>

    <?php 

// Connecting to the database and making the Bcrypt functions available
include("admin/includes/connect.php");
include ("lib/password.php");

// Gathering and sanitizing user login input
if(isset($_POST['login'])){

    $email = trim(((isset($conn) && is_object($conn)) ? mysqli_real_escape_string($conn, $_POST['email']) :((trigger_error  ("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : "")));

        $pass = trim(((isset($conn) && is_object($conn)) ? mysqli_real_escape_string($conn, $_POST['password']) : ((trigger_error   ("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : "")));

         // Checking the database records for the user login input
        $hash_query = "select nonadmin_user_pass from nonadmin_user_login where email='$email'";{
                $run_query = mysqli_query($conn, $hash_query);}
                while ($row = mysqli_fetch_assoc($run_query)) {
                $fetch_pass = $row['nonadmin_user_pass'];
                    }
        // If the user email and password matches we start a session                               
        if ((password_verify($pass, $fetch_pass)) == 1){

              // Verifying user login success with splash page then sending user back to the home page
              $_SESSION['email']=$email;
              echo "<script>window.open('login-success.php','_self')</script>";}
    // When the user login fails an alert is given to inform them
    else {
    echo "<script>alert('Email or password is incorrect please try again')</script>";
    echo "<script>window.open('index.php','_self')</script>";}
}
?>
</body>
</html>

如何在 index.php

中检查用户是否已经登录
    <?php
    session_start();
    //in sidebar position, do checking
    if(isset($_SESSION['email']) && $_SESSION['email'] != '')
    {
        //if user already login succesfully, do anything here
    } else {
        //if user not yet login, display side bar
        include 'sidebar-signin-block.php
    }
    //your next index.php code

登录表单的目标(action 属性)指向侧边栏文件。因此,当用户按下提交按钮时,浏览器会请求该页面并将其加载到当前框架中。

为避免这种情况,请将 submit 事件处理程序添加到使用 AJAX 然后 returns false 将表单数据发送到服务器的表单。这会抑制加载表单目标的正常浏览器行为。 AJAX 响应应指示登录是成功还是失败,此时您可以根据需要加载启动页面或显示警报。