PHP $_SESSION 变量未显示值
[英]PHP $_SESSION variable not showing the value
问题描述
I'm making a text in the header of the page which holds the name of the user that is logged in. It worked for some time but when i went to do other things, this just stopped.
我在包含已登录用户名的页面的 header 中创建一个文本。它工作了一段时间,但是当我去做其他事情时,它就停止了。 It's like $_SESSION['ime'] is holding an empty value;就像 $_SESSION['ime'] 持有一个空值; I'm pretty sure i didn't touch anything related to that.我很确定我没有碰任何与此相关的东西。
Here is some code: My main php file:这是一些代码:我的主要 php 文件:
session_start();
// initializing variables
$username = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'root', '', 'audiprojekat');
// REGISTER USER
if (isset($_POST['reg_user'])) {
$vrsta = "KO";
$ime = mysqli_real_escape_string($db, $_POST['ime']);
$prezime = mysqli_real_escape_string($db, $_POST['prezime']);
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password = mysqli_real_escape_string($db, $_POST['password']);
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM registrovani WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password);//encrypt the password before saving in the database
$query = "INSERT INTO registrovani (ime, prezime, username, email, password, vrsta)
VALUES('$ime','$prezime','$username', '$email', '$password', '$vrsta')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['ime'] = $ime;
$_SESSION['success'] = "You are now logged in";
header('location: user.php');
}
}
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM registrovani WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['ime'] = $ime;
$_SESSION['email'] = $email;
$_SESSION['success'] = "You are now logged in";
header('location: user.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
this is the html page:这是 html 页面:
<?php include('server.php'); ?>
<p id="user_cont" style="color: white; margin-left: 80%; margin-top: 0; margin-bottom: 0; width: 20%; background-color: black; padding: .5%; font-family: 'Rajdhani', sans-serif; font-size: 140%; border-left: thick red solid;">
<?php
if(isset($_SESSION['username'])){
echo $_SESSION['ime'];
echo " <a href='logout.php' style='color: red; text-decoration: none;'>Odjavite se</a>";
}
else echo " <a href='login.php' style='color: white; text-decoration: none;'>Prijavite se</a>";
?>
</p>
$_SESSION['username'] and $_SESSION['password'] is okay but $_SESSION['ime'], $_SESSION['prezime'], $_SESSION['email'] are empty. $_SESSION['username'] 和 $_SESSION['password'] 没问题,但 $_SESSION['ime'], $_SESSION['prezime'], $_SESSION['email'] 是空的。
I checked mySQL database and everything is written correctly.我检查了 mySQL 数据库,一切都正确写入。
1 个解决方案
解决方案1
0 已采纳 2020-05-18 15:18:34
Your program had 2 steps, 1. reg_user, 2. login_user您的程序有 2 个步骤,1. reg_user,2. login_user
I think you are saying some parameters are empty after logged in to your page.我想你是说登录到你的页面后一些参数是空的。 However, you did not read your data from Select query.但是,您没有从 Select 查询中读取数据。
Sample code to read from query and store SESSION data:从查询中读取并存储 SESSION 数据的示例代码:
$row = $results->fetch_assoc();
$_SESSION['ime'] = $row['ime'];
$_SESSION['email'] = $row['email'];
$_SESSION['prezime'] = $row['prezime'];
Reference: https://www.w3schools.com/php/func_mysqli_fetch_assoc.asp参考: https://www.w3schools.com/php/func_mysqli_fetch_assoc.asp
At last, please read more about SQL injection either PDO or MYSQLI.最后,请阅读更多关于 SQL 注入 PDO 或 MYSQLI 的信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.