PHP无法确定用户是否已登录 [英] PHP can't determine whether user is logged in or not

问题描述

我正在创建一个系统，如果用户未登录，则标题将显示"login"(登录)，如果登录，则将显示注销.我现在已经对其进行了简化，仅显示用户是否已登录.使用登录！"表示他们需要登录，然后欢迎光临！"如果他们已登录.我使用了PHP Code Checker网站( https://phpcodechecker.com/)，找不到任何错误.我还搜索了stackoverflow，其他所有人似乎都可以正常工作.

I'm creating a system that the header will show 'login' if the user is not logged in, and if they are, it'll display logout. I've simplified it for now, just showing if the user is logged in or not. With "Login!" meaning they need to login, and "Welcome!" if they are logged in. I used the PHP Code Checker website (https://phpcodechecker.com/) and it couldn't find any errors. I also searched stackoverflow, and everyone else's seems to work.

  <?php
  ob_start();
  session_start();
  require_once 'dbconnect.php';
  if( !isset($_SESSION['user']) ) {
  echo "Login!";
  } else {
  echo "Welcome!";
  }
  ?>

是用于检查用户是否已登录的代码.

is the code that checks if the user is logged in or not.

我的登录页面可用于其他所有内容，因为我的主页显示用户已登录，但是无论如何这里都是代码. (这只是PHP代码，提交"按钮带有HTML等).

My login page works for EVERYTHING else, for my homepage is shows that the user is logged in, but here is the code anyway. (This is only the PHP code, there is HTML for the submit button, ect.)

  <?php
  ob_start();
  session_start();
  require_once 'dbconnect.php';

  // it will never let you open index(login) page if session is set
  if ( isset($_SESSION['user'])!="" ) {
  header("Location: index.php");
  exit;
  }

  $error = false;

  if( isset($_POST['btn-login']) ) { 

  // prevent sql injections/ clear user invalid inputs
  $email = trim($_POST['email']);
  $email = strip_tags($email);
  $email = htmlspecialchars($email);

  $name = trim($_POST['name']);
  $name = strip_tags($name);
  $name = htmlspecialchars($name);


  $pass = trim($_POST['pass']);
  $pass = strip_tags($pass);
  $pass = htmlspecialchars($pass);
  // prevent sql injections / clear user invalid inputs

  if(empty($name)){
  $error = true;
  $nameError = "Please enter your username.";
  }

  if(empty($pass)){
  $error = true;
  $passError = "Please enter your password.";
  }

  // if there's no error, continue to login
  if (!$error) {

  $password = hash('sha256', $pass); // password hashing using SHA256

  $res=mysql_query("SELECT userId, userEmail, userPass FROM users WHERE 
  userName='$name'");
  $row=mysql_fetch_array($res);
  $count = mysql_num_rows($res); // if email/pass correct it returns must be 
  1 row

  if( $count == 1 && $row['userPass']==$password ) {
  $_SESSION['user'] = $row['userId'];
  header("Location: dashboard.php");
  } else {
  $errMSG = "Incorrect Credentials, Try again...";
  }

  }

  }
  ?>

它可以很好地连接到数据库，并且我确定数据库没有问题，因为它可以在我的其他页面上使用.

It connects to the database fine, and i'm certain there is no problems with the database, since it works on my other pages.

我花了很长时间试图弄清楚这一点，但是不能.

I've spent a long-while trying to figure this out, and can't.

谢谢！

推荐答案

在您的代码中

if ( isset($_SESSION['user'])!="" ) {

您正在比较true | false！="

you are comparing true|false != ""

将其更改为if (isset($_SESSION['user'])) {
或者 if (isset($_SESSION['user']) && ($_SESSION['user']!="")) {

change it to if (isset($_SESSION['user'])) {
or if (isset($_SESSION['user']) && ($_SESSION['user']!="")) {

这篇关于PHP无法确定用户是否已登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！