PHP会话不会工作 [英] PHP Session won't work

查看:121
本文介绍了PHP会话不会工作的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Ok我想在这里创建一个简单的登录,但我的登录代码以及intropage不能正常工作。尝试调整SESSION的代码,但找不到运气。



以下是我的login.php的代码:

 <?php require_once(includes / connection.php); ?> 
<?php include(includes / header.php); ?> 
 
 
<?php 
 
 if(isset($ _ POST [login])){
 
 if ($ _POST ['username'])&&!empty($ _ POST ['password'])){
 $ username = $ _ POST ['username']; 
 $ password = $ _ POST ['password']; 
 
 
 $ query = mysql_query(SELECT * FROM usertbl WHERE username ='。$ username。'and password ='。 
 
 
 $ numrows = mysql_num_rows($ query); 
 if($ numrows!= 0)
 {
 while($ row = mysql_fetch_assoc($ query))
 {
 $ dbusername = $ row ['username' ]; 
 $ dbpassword = $ row ['password']; 
} 
 
 if($ username == $ dbusername& $ password == $ dbpassword)
 {
 session_start(); 
 $ _SESSION ['session_username'] = $ username; 
 
 / *重定向浏览器* / 
头(位置:intropage.php); 
} 
} else {
 $ message =用户名或密码无效! 
} 
 
} else {
 $ message =所有字段都必填! 
} 
} 
?> 
 
 
 
 
< div class =container mlogin> 
< div id =login> 
< h1> LOGIN< / h1> 
< form name =loginformid =loginformaction =method =POST> 
< p> 
< label for =user_login>用户名< br /> 
< input type =textname =usernameid =usernameclass =inputvalue =size =20/>< / label& 
< / p> 
< p> 
< label for =user_pass>密码< br /> 
< input type =passwordname =passwordid =passwordclass =inputvalue =size =20/>< / label& 
< / p> 
< p class =submit> 
< input type =submitname =loginclass =buttonvalue =Log In/> 
< / p> 
< p class =regtext>没有帐户? < a href =register.php>在此注册< / a>!< / p> 
< / form> 
 
< / div> 
 
< / div> 
 
 
<?php include(includes / footer.php); ?> 
<?php if(!empty($ message)){echo< p class = \error\> 。 信息: 。 $ message。 < / p>;}?>

然后这里是我的intropage.php的代码在我重定向页面。

 <?php 
 session_start(); 
 if(!isset($ _ SESSION [session_username])){
 header(location:login.php); 
} else {
?> 
 
 
<?php include(includes / header.php); ?> 
 
< h2>欢迎,<?php echo $ _SESSION ['session_username'];?> ;! < / h2> 
< p>< a href =logout.php>退出< / a>这里!< / p> 
 
 
 
 
<?php 
} 
?>

有任何帮助吗?只是想做这项工作,或者如果有什么,你可以调整,使我可以找到我犯了一个错误。非常感谢!

解决方案

您需要检查是否在所有页面中设置会话名称 if (isset($ _ SESSION [session_username]))



login.php
$ b 

 <?php 
 
 error_reporting(E_ALL); ini_set('display_errors',1); 
 session_start(); 
 
?> 
 
<?php require_once(includes / connection.php); ?> 
<?php include(includes / header.php); ?> 
 
<?php 
 
 if(isset($ _ SESSION [session_username])){
 // echoSession is set; //用于测试目的
 header(Location:intropage.php); 
} 
 
 else {
 echo您尚未登录。 
} 
 
 if(isset($ _ POST [login])){
 
 if(!empty($ _ POST ['username']) &!empty($ _ POST ['password'])){
 $ username = $ _ POST ['username']; 
 $ password = $ _ POST ['password']; 
 
 $ query = mysql_query(SELECT * FROM usertbl WHERE username ='。$ username。'and password ='。 
 
 $ numrows = mysql_num_rows($ query); 
 if($ numrows!= 0)
 
 {
 while($ row = mysql_fetch_assoc($ query))
 {
 $ dbusername = $ row ['用户名']; 
 $ dbpassword = $ row ['password']; 
} 
 
 if($ username == $ dbusername& $ password == $ dbpassword)
 
 {
 
 / / old placement 
 // session_start(); 
 $ _SESSION ['session_username'] = $ username; 
 
 / *重定向浏览器* / 
头(位置:intropage.php); 
} 
} else {
 // $ message =用户名或密码无效! 
 
 echo用户名或密码无效! 
} 
 
} else {
 $ message =所有字段都必填! 
} 
} 
?> 
 
 
 
 
< div class =container mlogin> 
< div id =login> 
< h1> LOGIN< / h1> 
< form name =loginformid =loginformaction =method =POST> 
< p> 
< label for =user_login>使用者名称< br /> 
< input type =textname =usernameid =usernameclass =inputvalue =size =20/>< / label& 
< / p> 
< p> 
< label for =user_pass>密码< br /> 
< input type =passwordname =passwordid =passwordclass =inputvalue =size =20/>< / label& 
< / p> 
< p class =submit> 
< input type =submitname =loginclass =buttonvalue =Log In/> 
< / p> 
< p class =regtext>没有帐户? < a href =register.php>在此注册< / a>!< / p> 
< / form> 
 
< / div> 
 
< / div>





脚注: / p>

您的现有代码向 SQL注入 。使用 预准备语句 ,或 PDO



mysql _ * 函数弃用通知:



http://www.php.net/manual/en/intro.mysql.php



此扩展程序自PHP 5.5.0起已被弃用,不建议用于编写新代码,因为它将来会被删除。而是 mysqli PDO_MySQL 扩展名。另请参阅 MySQL API概述 以便在选择MySQL API时获得进一步帮助。



这些函数允许您访问MySQL数据库服务器。有关MySQL的详细信息,请访问» http://www.mysql.com/



MySQL的文档可以在» http://dev.mysql .com / doc /





密码
$ b

我注意到您可能以纯文本存储密码。不建议这样做。



使用以下方法之一:





其他链接:




Ok I am trying to create a simple login here but my login code as well as the intropage wont work properly. Tried to tweak the code for SESSION but find no luck.

Here's the code for my login.php:

<?php require_once("includes/connection.php"); ?>
<?php include("includes/header.php"); ?>


<?php

if(isset($_POST["login"])){

if(!empty($_POST['username']) && !empty($_POST['password'])) {
    $username=$_POST['username'];
    $password=$_POST['password'];


    $query=mysql_query("SELECT * FROM usertbl WHERE username='".$username."' AND password='".$password."'");


    $numrows=mysql_num_rows($query);
    if($numrows!=0)
    {
    while($row=mysql_fetch_assoc($query))
    {
    $dbusername=$row['username'];
    $dbpassword=$row['password'];
    }

    if($username == $dbusername && $password == $dbpassword)
    {
    session_start();
    $_SESSION['session_username']=$username;

    /* Redirect browser */
    header("Location: intropage.php");
    }
    } else {
    $message = "Invalid username or password!";
    }

} else {
    $message = "All fields are required!";
}
}
?>




    <div class="container mlogin">
            <div id="login">
    <h1>LOGIN</h1>
<form name="loginform" id="loginform" action="" method="POST">
    <p>
        <label for="user_login">Username<br />
        <input type="text" name="username" id="username" class="input" value="" size="20" /></label>
    </p>
    <p>
        <label for="user_pass">Password<br />
        <input type="password" name="password" id="password" class="input" value="" size="20" /></label>
    </p>
        <p class="submit">
        <input type="submit" name="login" class="button" value="Log In" />
    </p>
        <p class="regtext">No account yet? <a href="register.php" >Register Here</a>!</p>
</form>

    </div>

    </div>


    <?php include("includes/footer.php"); ?>
    <?php if (!empty($message)) {echo "<p class=\"error\">" . "MESSAGE: ". $message . "</p>";} ?>

Then for here's the code for my intropage.php where in I redirect the page.

<?php 
session_start();
if(!isset($_SESSION["session_username"])){
    header("location:login.php");
} else {
?>


<?php include("includes/header.php"); ?>

    <h2>Welcome, <?php echo $_SESSION['session_username'];?>! </h2>
    <p><a href="logout.php">Logout</a> Here!</p>




<?php
}
?>

Any help please? Just wanna make this work or if anything you can tweak so that I can find where I made a mistake. A big thanks!

解决方案

You need to check if the session name is set inside all pages using if(isset($_SESSION["session_username"]))

login.php

<?php

error_reporting(E_ALL); ini_set('display_errors', 1);
session_start();

?>

<?php require_once("includes/connection.php"); ?>
<?php include("includes/header.php"); ?>

<?php

if(isset($_SESSION["session_username"])){
// echo "Session is set"; // for testing purposes
header("Location: intropage.php");
}

else{
echo "You are not logged in.";
}

if(isset($_POST["login"])){

if(!empty($_POST['username']) && !empty($_POST['password'])) {
    $username=$_POST['username'];
    $password=$_POST['password'];

    $query =mysql_query("SELECT * FROM usertbl WHERE username='".$username."' AND password='".$password."'");

    $numrows=mysql_num_rows($query);
    if($numrows!=0)

    {
    while($row=mysql_fetch_assoc($query))
    {
    $dbusername=$row['username'];
    $dbpassword=$row['password'];
    }

    if($username == $dbusername && $password == $dbpassword)

    {

// old placement
//    session_start();
    $_SESSION['session_username']=$username;

    /* Redirect browser */
    header("Location: intropage.php");
    }
    } else {
//    $message = "Invalid username or password!";

echo  "Invalid username or password!";
    }

} else {
    $message = "All fields are required!";
}
}
?>




    <div class="container mlogin">
            <div id="login">
    <h1>LOGIN</h1>
<form name="loginform" id="loginform" action="" method="POST">
    <p>
        <label for="user_login">Username<br />
        <input type="text" name="username" id="username" class="input" value="" size="20" /></label>
    </p>
    <p>
        <label for="user_pass">Password<br />
        <input type="password" name="password" id="password" class="input" value="" size="20" /></label>
    </p>
        <p class="submit">
        <input type="submit" name="login" class="button" value="Log In" />
    </p>
        <p class="regtext">No account yet? <a href="register.php" >Register Here</a>!</p>
</form>

    </div>

    </div>

Footnotes:

Your present code is open to SQL injection. Use prepared statements, or PDO.

mysql_* functions deprecation notice:

http://www.php.net/manual/en/intro.mysql.php

This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.

These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.

Documentation for MySQL can be found at » http://dev.mysql.com/doc/.

Passwords

I noticed that you may be storing passwords in plain text. This is not recommended.

Use one of the following:

Other links:

这篇关于PHP会话不会工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆