Mysqli 和使用会话用户 ID 登录
[英]Mysqli and Logging in with A Session User Id
问题描述
I just started learning mysqli last night and am currently having an issue with a function I created.
我昨晚刚开始学习 mysqli,目前我创建的函数有问题。 The function should log in the user.该功能应登录用户。 However, when I type in an existing username with the authentic or a made up password, the login page reloads displaying the $user_id .但是,当我使用真实密码或编造密码输入现有用户名时,登录页面会重新加载并显示$user_id 。 I'm at a lost at what is wrong.我对出了什么问题感到迷茫。 I didn't have this problem when I had mysql.我有mysql的时候没有这个问题。
/**
* Returns FALSE, if no valid user found
* Returns user_id of matching user with $username and $password
*/
function login ($mysqli, $username, $password) {
// not required at all
// $user_id = user_id_from_username($mysqli, $username);
// initialize, in case we do not get a mysqli-statement
$userID = FALSE;
$password = md5($password);
$stmt = $mysqli->prepare(
"SELECT `user_id` "
. " FROM `users` "
. " WHERE ( `username` = ? ) "
. " AND ( `password` = ? ) "
);
if ( $stmt ) {
$stmt->bind_param('ss', $username, $password);
$stmt->execute();
$stmt->bind_result($userID);
if ( TRUE !== $stmt->fetch()) {
$userID = FALSE;
}
}
$stmt->close();
return $userID;
}
And here is when I call the function login in the login page.这是我在登录页面中调用函数登录的时候。 $mysqli is the variable containing the connection to the database. $mysqli是包含与数据库的连接的变量。
// Now, needs to check against FALSE to work [changed by @SteAp]
// var_dump( $login ); returns with int(1)
// and this is what I want, the integer 1
//Sends me to start.php but start.php does not recognize
//the variable $_SESSION['user_id']
if ( FALSE === ($login = login($mysqli, $username, $password)) ) {
$errors[] = 'That username/password combination is incorrect';
} else {
$_SESSION['user_id'] = $login;
header('Location: start.php');
exit();
}
if (empty($errors) === false) {
echo '<div>'. output_errors($errors) . '</div>';
}
2 个解决方案
解决方案1
1 已采纳 2012-09-01 22:42:23
Return the user info, not the count:返回用户信息,而不是计数:
$stmt = $mysqli->prepare("SELECT `user_id` FROM `users` WHERE `username` = ?";
$stmt->bind_param("s", $_SESSION['username']);
$result = $stmt->get_result();
$user_info = $result->fetch_assoc();
Now, $user_info if either FALSE or the found record.现在, $user_info如果是FALSE或找到的记录。 So you can get the id from $user_info['id'] and any other user data respectively.因此,您可以分别从$user_info['id']和任何其他用户数据中获取 id。
And, certainly, you need to start a session , before any assignment to $_SESSION gets passed along .而且,当然,您需要在对 $_SESSION 的任何分配传递之前启动一个会话。 Example from PHP manual : PHP手册中的示例:
page1.php page1.php
session_start();
echo 'Welcome to page #1';
$_SESSION['favcolor'] = 'green';
$_SESSION['animal'] = 'cat';
$_SESSION['time'] = time();
// Works if session cookie was accepted
echo '<br /><a href="page2.php">page 2</a>';
page2.php page2.php
session_start();
echo 'Welcome to page #2<br />';
echo $_SESSION['favcolor']; // green
echo $_SESSION['animal']; // cat
echo date('Y m d H:i:s', $_SESSION['time']);
// You may want to use SID here, like we did in page1.php
echo '<br /><a href="page1.php">page 1</a>';
解决方案2
0 2012-09-01 22:40:26
Replace the following line:替换以下行:
if ($return == 1) {echo $user_id;} else {return false;}
with和
if ($return == 1) {return $user_id;} else {return false;}
In your example, you are writing the $user_id variable in the browser, instead of returning it to the function that calls it.在您的示例中,您正在浏览器中编写$user_id变量,而不是将其返回给调用它的函数。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.