如何重定向（标头位置）到 html 文件？

所以我正在 php 中运行一个注册/登录系统，包括 MySQL。

出于测试目的，成功登录后，我将用户重定向到 index.php，该文件声明用户已登录，并为他提供注销选项。

同时，我制作了一个计划使用的实际 html 页面，因此我只是添加了 index.html，而不是我的 login.php 文件中的 header('location: index.php')。

除非，这种情况发生了。

未找到

在此服务器上找不到请求的 URL /registration/index.html。

知道为什么会发生这种情况吗？我确保我需要的所有文件都在文件夹本身中，index.php 与index.html 共享相同的位置。

我错过了一些明显的事情吗？

// LOGIN USER
if (isset($_POST['login_user'])) {
    $username = mysqli_real_escape_string($db, $_POST['username']);
    $password = mysqli_real_escape_string($db, $_POST['password']);

    if (empty($username)) {
        array_push($errors, "Username is required");
    }
    if (empty($password)) {
        array_push($errors, "Password is required");
    }

    if (count($errors) == 0) {
        $password = md5($password);
        $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
        $results = mysqli_query($db, $query);

        if (mysqli_num_rows($results) == 1) {
            $_SESSION['username'] = $username;
            $_SESSION['success'] = "You are now logged in";
            header('location: index.html');
        }else {
            array_push($errors, "Wrong username/password combination");
        }
    }
}

总的来说，您遇到的问题比重定向问题更重要。如果您创建一个包含在每个基本页面顶部的配置文件，那么您将会有所帮助。另外，使用一些函数将使您的脚本保持可读性，我添加了一些示例。不要使用md5()对于密码，它已经是“想通了”，可以这么说，因此很容易被破解。你想使用password_hash() and password_verify()如果您的 PHP 版本中没有这些（如果可能的话，您应该升级到具有该功能的版本）然后使用 bcrypt 兼容库。另外，在 sql 中使用参数化值，mysqli_real_escape_string()还不够好。最后，我会切换到 mysqli 的 OOP 版本，在我看来，它更容易使用。

/config.php

<?php
# Create a constant for your domain, this makes redirect super easy!
define('BASE_URL', 'http://www.example.com');
# Create a constant for your root folder (this config should be in the root)
define('ROOT_DIR', __DIR__);
# Create a function dir
define('FUNCTIONS', ROOT_DIR.'/functions');
# Add session to this page
session_start();
# Add our session var creator
include_once(FUNCTIONS.'/setSession.php');
# Add our get session function (use to retrieve session values)
include_once(FUNCTIONS.'/getSession.php');
# Add our message creator (set all messages via this)
include_once(FUNCTIONS.'/setMessage.php');
# Include our redirect function
include_once(FUNCTIONS.'/redirect.php');

/函数/validate.php

<?php
function validate($username, $password, $con, &$errors)
{
    # Prepare the statement
    $query = $con->prepare("SELECT * FROM users WHERE username = ?");
    # Bind the parameter
    $query->bind_param('s', $username);
    # Execute the query
    $query->execute();
    # Fetch the row
    $result = $query->fetch_assoc();
    # Stop if there is no username matching
    if(empty($result['password'])) {
        $errors[] = "Invalid Username or Password.";
        return false;
    }
    # See if the password matches
    return (password_verify($password, $result['password']))? $result : false;
}

/functions/redirect.php

<?php
function redirect($path)
{
    header("Location: {$path}");
    exit;
}

/functions/setSession.php

<?php
function setSession($key, $value, $multi = false)
{
    if($multi)
        $_SESSION[$key][] = $value;
    else
        $_SESSION[$key] = $value;
}

/functions/getSession.php

<?php
function getSession($key = false, $clear = false)
{
    if(!empty($key)) {
        $value = (isset($_SESSION[$key]))? $_SESSION[$key] : false;
        if(isset($_SESSION[$key]) && $clear) {
            unset($_SESSION[$key]);
        }
        return value;
    }

    return $_SESSION;
}

/functions/setMessage.php

<?php
# It's easier to store in the same key all the time, then you can save multiple
# and retrieve them all at one time with implode()
function setMessage($msg, $key = 'general')
{
    setSession($key, $msg, true);
}

/functions/getMessage.php

<?php
function getMessage($key = 'general', $clear = true)
{
    return getSession($key, $clear);
}

/登录.php

<?php
# add the config
include_once(__DIR__.'/config.php');
# Preset the errors array
$errors = [];
# Check for login
if (isset($_POST['login_user'])) {
    # Set all variables to match keys
    $username = (isset($_POST['username']))? trim($_POST['username']) : false;
    $password = (isset($_POST['password']))? trim($_POST['password']) : false;
    # See if empty
    if (empty($username)) {
        array_push($errors, "Username is required");
    }
    if (empty($password)) {
        array_push($errors, "Password is required");
    }

    if (count($errors) == 0) {
        # Add the validate function
        include_once(FUNCTIONS.'/validate.php');
        # Remember, we want to use the OOP version of $db
        $results = validate($username, $password, $db, $errors);
        # If the user array is set
        if (!empty($results)) {
            # May as well store all the user data
            setSession('user', $results);
            # Store username (or use the one in the user array instead)
            setSession('username', $username);
            # Save the success message
            setMessage('You are now logged in', 'success');
            # Put in full domain using our constant
            redirect(BASE_URL.'/index.html');
        }else {
            array_push($errors, "Wrong username/password combination");
        }
    }
}