Javascript $\成功登录时会话不工作
index.phpJavascript $\成功登录时会话不工作,javascript,php,jquery,ajax,Javascript,Php,Jquery,Ajax,index.php <script> $(document).ready(function(){ $("#login").click(function(e){ e.preventDefault(); email = $("#cs-username-1").val(); password = $("#cs-login-password-1").val(); if(email=
<script>
$(document).ready(function(){
$("#login").click(function(e){
e.preventDefault();
email = $("#cs-username-1").val();
password = $("#cs-login-password-1").val();
if(email=='' || password=='')
{
$("#loginsuccess").html("<p id='red'>All fields are mandatory!<p>");
}
else
{
$.ajax({
type:"POST",
data:{"email":email,"password":password},
url:"login.php",
success: function(data)
{
if (typeof data !== 'object') {
data = JSON.parse(data);
}
if (data.redirect) {
window.location.replace(data.redirect);
} else {
$("#loginsuccess").html('<p id="red">' + data.error + '</p>');
}
}
});
}
});
});
</script>
$(文档).ready(函数(){
$(“#登录”)。单击(功能(e){
e、 预防默认值();
电子邮件=$(“#cs-username-1”).val();
密码=$(“#cs-login-password-1”).val();
如果(电子邮件=“”| |密码=“”)
{
$(“#登录成功”).html(所有字段都是必填的!”;
}
其他的
{
$.ajax({
类型:“POST”,
数据:{“email”:email,“password”:password},
url:“login.php”,
成功:功能(数据)
{
if(数据类型!=='object'){
data=JSON.parse(数据);
}
if(data.redirect){
窗口.位置.替换(数据.重定向);
}否则{
$(“#登录成功”).html('
'+data.error+'
');
}
}
});
}
});
});
login.php
<?php
include("config.php");
$email = mysqli_real_escape_string($con, $_POST['email']);
$password = md5($_POST['password']);
$sql = mysqli_query($con,"select student_id from student where email='".$email."' and password='".$password."' and status='1'");
if (mysqli_num_rows($sql) > 0)
{
$results = mysqli_fetch_array($sql);
$_SESSION['student'] = $results['student_id'];
if (!isset($_POST))
{
header ("Location: dashboard.php");
}
else
{
echo json_encode(array('redirect' => "dashboard.php"));
}
}
else
{
echo json_encode(array('error' => 'Wrong email or password or may be your account not activated.'));
}
?>
请在login.php文件中启动会话:
include("config.php");
session_start();
$email = mysqli_real_escape_string($con, $_POST['email']);
$password = md5($_POST['password']);
或者将session\u start放在config.php文件中session\u start在login.php文件中的什么位置?小点数据:{email:email,password:password},
您的脚本会受到攻击。即使你应该考虑使用<代码> MySqLyI或<代码> PDO < /Case> API,而不是级联值。请不要翻滚自己的密码散列,特别是不使用Md5()或Sh1()。为了用户的安全,PHP提供并请使用它们。@RiggsFolly我不明白“小点”的意思。
include("config.php");
session_start();
$email = mysqli_real_escape_string($con, $_POST['email']);
$password = md5($_POST['password']);