PHP無法設置會話變量
[英]PHP Unable to set a session variable
問題描述
從登錄頁面中,我正在捕獲用戶和密碼值:
<?php
session_start();
$error='';
$rows = 0;
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$mysqli = new mysqli("localhost","xxxxx","xxxxx","xxxxxxx");
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$username = stripslashes($username);
$password = stripslashes($password);
$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
$query = "select count(*) from login where password='$password' AND username='$username'";
if ($stmt = $mysqli->prepare($query)) {
$stmt->execute();
$stmt->store_result();
$rows = $stmt->num_rows;
$stmt->close();
}
}
$mysqli->close();
if ($rows == 1) {
$_SESSION['login_user']=$username;
header("location: profile.php");
} else {
header("location: login.php");
$error = "Username or Password is invalid";
}
?>
我的profile.php腳本如下所示:
<?php
include('session.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>Your Home Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
<b id="logout"><a href="logout.php">Log Out</a></b>
</div>
</body>
</html>
和session.php
<?php
if(!isset($_SESSION['login_user'])){
header('Location: login.php');
}
?>
我的代碼流程就像提交登錄表單時一樣,validate_login.php源代碼將驗證用戶的詳細信息。 如果詳細信息正確,將顯示profile.php頁面或再次返回登錄頁面。
我有3個困難;
- 如何調試PHP腳本?
- 為什么我的代碼又回到登錄頁面-我已經通過硬編碼測試了錯誤的未定義變量(強制轉儲)-我發現在進入if時定義了會話變量[if($ rows = = 1)]
- 還有什么其他方法可以驗證會話-基本上只有登錄的用戶才能看到其他頁面?
3 個解決方案
解決方案1
1 已采納 2014-12-18 10:06:09
您在session.php中沒有會話
<?php
if(!isset($_SESSION['login_user'])){
header('Location: login.php');
}
?>
您需要添加session_start();
所以你會得到
<?php
session_start();
if(!isset($_SESSION['login_user'])){
header('Location: login.php');
}
?>
為了安全起見,最好使用准備prepared statements准備prepared statements 。 對於錯誤處理,請嘗試使某個會話真正存在?
if(session_id() == '' || !isset($_SESSION)) {
// session isn't started
echo "No session";
}
解決方案2
1 2014-12-18 10:09:42
您的session.php應該是
empty()本質上等同於!isset($var) || $var == false!isset($var) || $var == false
<?php
session_start();
if(empty($_SESSION['login_user'])){
header('Location: login.php');
}
?>
將session.php包含到您的腳本和其他任何供注冊用戶使用的頁面中
<?php
include_once('session.php');
$error='';
$rows = 0;
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$mysqli = new mysqli("localhost","xxxxx","xxxxx","xxxxxxx");
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$username = stripslashes($username);
$password = stripslashes($password);
$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
$query = "select count(*) from login where password='$password' AND username='$username'";
if ($stmt = $mysqli->prepare($query)) {
$stmt->execute();
$stmt->store_result();
$rows = $stmt->num_rows;
$stmt->close();
}
}
$mysqli->close();
if ($rows == 1) {
$_SESSION['login_user']=$username;
header("location: profile.php");
} else {
header("location: login.php");
$error = "Username or Password is invalid";
}
?>
解決方案3
0 2014-12-18 10:21:33
在使用任何會話變量之前,請調用session_start()函數。
如果收到諸如以下警告:警告:無法修改標頭信息-標頭已發送(輸出從script:line開始),則使用@抑制運算符
@session_start() //@ for error suppression
無法使用PHP變量設置$ _SESSION變量
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.