PHP$\u会话数据未从一页保存到另一页
我现在正把头撞在墙上。我已经摆弄这个好几个小时了,但我似乎不明白 当我从一个页面导航到另一个页面时,我的会话数据没有保存。顺便说一句,我在WAMP建立了这个 Cookie正在保存,会话数据只有在我在每个脚本开始时重置它时才起作用。我不太清楚在这里该做什么。这可能是一件愚蠢可笑的事情,但任何意见都会受到极大的赞赏 我的登录脚本:PHP$\u会话数据未从一页保存到另一页,php,session,cookies,Php,Session,Cookies,我现在正把头撞在墙上。我已经摆弄这个好几个小时了,但我似乎不明白 当我从一个页面导航到另一个页面时,我的会话数据没有保存。顺便说一句,我在WAMP建立了这个 Cookie正在保存,会话数据只有在我在每个脚本开始时重置它时才起作用。我不太清楚在这里该做什么。这可能是一件愚蠢可笑的事情,但任何意见都会受到极大的赞赏 我的登录脚本: <?php include('../partials/_header.php'); include('includes/connectvars.php');
<?php
include('../partials/_header.php');
include('includes/connectvars.php');
if(!isset($_SESSION['id'])) { //logged in?
if(isset($_POST['submit'])) { // form submitted?
if(!empty($_POST['email']) && !empty($_POST['password'])) { /* Check to make sure post isn't empty in case of JS override/disable */
$email = mysqli_real_escape_string($dbc, trim($_POST['email']));
$password = sha1(mysqli_real_escape_string($dbc, trim($_POST['password'])));
/* query DB */
$query = "SELECT * FROM users WHERE email = '$email' AND password = '$password'";
$result = mysqli_query($dbc, $query) or die ("There was an error with your mySQL query:" . mysqli_error($dbc));
if(mysqli_num_rows($result)==1) { /* Check that matching row exists in users for login */
$row = mysqli_fetch_array($result);
$_SESSION['id'] = $row['id']; // set the session info
$_SESSION['type'] = $row['type'];
$_SESSION['name'] = $row['f_name'];
setcookie('id', $row['id'], time()+ (60*60*24*30));
setcookie('type', $row['type'], time()+ (60*60*24*30));
setcookie('name', $row['f_name'], time()+ (60*60*24*30));
$home_url = '/'; //redirect not working with $_SERVER variable in WAMP. keep an eye for the future
header('Location: '.$home_url);
mysqli_close($dbc);
} else { /* if no match in database ask to resubmit login info or register */?>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#login_form").validate();
});
</script>
<div class="span-24 colborder">
<form id="login_form" action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<label class="error">Your email and/or password are incorrect. </label><br />
<label class="error">If you haven't already signed up, feel free to <a href="user_registration.php" > register</a> </label><br />
<input type="text" name="email" id="email" value="" class="email required" placeholder="example@example.com"/> <br />
<input type="password" name="password" id="password" class="required" value="" /> <br />
<input type="submit" name="submit" value="Login" />
</form>
</div>
<?php
}/* end conditional to check $rows array for username pw match */
} /* end conditional to check that form isn't blank */
else { /* If form is blank ask to resubmit or register */?>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#login_form").validate();
});
</script>
<div class="span-24 colborder">
<form id="login_form" action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<label class="error">You must enter your email and password if you wish to continue.</label><br />
<input type="text" name="email" id="email" value="" class="email required" placeholder="example@example.com"/> <br />
<input type="password" name="password" id="password" class="required" value="" /> <br />
<input type="submit" name="submit" value="Login" />
</form>
</div>
<?php
} // end else to resubmit in case of blank form
} /* end check if form has been submitted */ else{ /* prompt for login if page visited but login form not submitted */ ?>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#login_form").validate();
});
</script>
<div class="span-24 colborder">
<form id="login_form" action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<label class="error">You must be logged in to do that!.</label><br />
<input type="text" name="email" id="email" value="" class="email required" placeholder="example@example.com"/> <br />
<input type="password" name="password" id="password" class="required" value="" /> <br />
<input type="submit" name="submit" value="Login" />
</form>
</div>
<?php
}
} /* end check if cookie isset */ else { //redirect if cookies & session is already set
$home_url = '/';
header('Location: '.$home_url);
}
?>
<?php include('partials/_footer.php'); ?>
在登录脚本中调用setcookie函数之前,会包含头文件。根据我看到的情况,在执行此条件检查时,未设置cookie:
if(isset($_COOKIE['id']) && isset($_COOKIE['name']) && isset($_COOKIE['type']))
正因为如此,它永远不会进入condition语句中,并且以下行不会在头文件中执行:
$_SESSION['id'] = $_COOKIE['id'];
$_SESSION['name'] = $_COOKIE['name'];
$_SESSION['type'] = $_COOKIE['type'];
所以任何人都可以在他们的cookie中指定name=admin
,并成为管理员?不。名字只是他们的名字。好的。指定任意id如何?如果我在cookie中指定id=1
,会怎么样?是的。。。很明显我只是个初学者。我需要对cookie的http设置做些什么来防止这种情况吗?只是不要将其存储在Cookies中。我删除了头文件include,只是运行了登录脚本,但它仍然不起作用。会话嗯…移除它不会有帮助,你需要在某个地方设置会话问题是你正在从cookie设置会话,而你没有在会话之前设置cookie所以它不会工作请忽略我之前的评论我错误地阅读了代码害羞的grinI感谢你的帮助和耐心。我以为我是在登录脚本中设置会话。那不应该先定下来吗?我不认为我写了任何会删除会话数据的东西。如果我的问题看起来很愚蠢,我很抱歉。你是否在每页的顶部都包含你的头文件?你说的cookies被保存是什么意思,会话数据只有在我在每个脚本开始时重置它时才起作用
if(isset($_COOKIE['id']) && isset($_COOKIE['name']) && isset($_COOKIE['type']))
$_SESSION['id'] = $_COOKIE['id'];
$_SESSION['name'] = $_COOKIE['name'];
$_SESSION['type'] = $_COOKIE['type'];