Php 会话未通过下一页
我正在使用以下代码,它可以将用户输入的值传递到下一页,并将用于使用会话插入数据库。除了会话之外,我的所有代码部分都在工作。php包括session_start();为什么呢?我该怎么办Php 会话未通过下一页,php,mysql,session,Php,Mysql,Session,我正在使用以下代码,它可以将用户输入的值传递到下一页,并将用于使用会话插入数据库。除了会话之外,我的所有代码部分都在工作。php包括session_start();为什么呢?我该怎么办 <?php ob_start();?> <?php // First we execute our common code to connection to the database and start the session require("common.php");
<?php ob_start();?>
<?php
// First we execute our common code to connection to the database and start the session
require("common.php");
// This variable will be used to re-display the user's username to them in the
// login form if they fail to enter the correct password. It is initialized here
// to an empty value, which will be shown if the user has not submitted the form.
// This if statement checks to determine whether the login form has been submitted
// If it has, then the login code is run, otherwise the form is displayed
if(!empty($_POST))
{
// This query retreives the user's information from the database using
// their username.
if(isset($_POST['validEmail']))
{
$query = "
SELECT
*
FROM registered_email
WHERE
email = :validEmail
";
}
// The parameter values
$query_params = array(
':validEmail' => $_POST['validEmail']
);
try
{
// Execute the query against the database
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
// Note: On a production website, you should not output $ex->getMessage().
// It may provide an attacker with helpful information about your code.
die("Failed to run query");
}
// This variable tells us whether the user has successfully logged in or not.
// We initialize it to false, assuming they have not.
// If we determine that they have entered the right details, then we switch it to true.
$login_ok = false;
// Retrieve the user data from the database. If $row is false, then the username
// they entered is not registered.
$row = $stmt->fetch();
if($row)
{
if($_POST['validEmail'] === $row['email'])
{
// If they do, then we flip this to true
$login_ok = true;
}
}
// If the user logged in successfully, then we send them to the private members-only page
// Otherwise, we display a login failed message and show the login form again
if($login_ok)
{
$_SESSION['sesEmail'] = $row;
// Redirect the user to the private members-only page.
if (isset($_POST['validEmail'])) {
echo "<script>location='http://www.some.com/Crd/next.php'</script>";
}
}
else
{
// Tell the user they failed
print "Sorry to say that your Email is not Registered!.";
}
}
?>
这是我的测试页面
<?php require "common.php";
ob_start();
echo $_SESSION['validEmail'];
?>
In common.php将第一行添加为session\u start()
并从测试页面中删除您的问题是您正在回显一个不存在的变量。用户提交的电子邮件存储在$\u POST['validEmail']
中,但您从未将其存储在会话中,因此无法在其他页面上访问它。在对用户进行身份验证后,添加此行
if($login_ok){
...
$_SESSION['validEmail'] = $_POST['validEmail'];
...
}
现在它已保存在会话中,您可以在其他页面上访问它
echo $_SESSION['validEmail'];
顺便说一句,你的登录不好。任何人都可以通过在表单中输入受害者的电子邮件来模拟受害者。你从不根据用户密码检查电子邮件。你正在启动会话和其他页面吗?我的页面顶部有session_start(),session_start()在哪里?session_start,我不是PHP Genius显示你正在使用会话的其他页面和common.phpOkay,从两个文件中取出ob_start,并将session_start in common.php从下到上,就在下面,但我正试图将此用户输入的电子邮件传递给$会话['sesEmail'];来自sql电子邮件:
echo $_SESSION['validEmail'];