Php PDO会话存储
我正在使用PDO构建这个简单的登录/注册/注销系统。我正在尝试添加一个会话,以便未登录的用户无法导航到home.php,但即使我添加了Php PDO会话存储,php,mysql,pdo,Php,Mysql,Pdo,我正在使用PDO构建这个简单的登录/注册/注销系统。我正在尝试添加一个会话,以便未登录的用户无法导航到home.php,但即使我添加了session\u start(),并使用$\u会话['user\u email']=$email\u log存储电子邮件 我仍然没有登录就导航到home.php 登录代码: if (isset($_POST['submit_log']) == 1) { $stmt_lg = $conn->prepare("SELECT id, email
session\u start()$\u会话['user\u email']=$email\u logif (isset($_POST['submit_log']) == 1) {
$stmt_lg = $conn->prepare("SELECT id, email, password FROM user WHERE email = :email_log AND password = :password_log");
$stmt_lg->bindParam(":email_log", $email_log);
$stmt_lg->bindParam(":password_log", $password_log);
$stmt_lg->execute();
$user = $stmt_lg->fetch(PDO::FETCH_ASSOC);
if ($user === false) {
echo "<script>alert('Username or password is incorrect.');</script>";
} else {
$_SESSION['user_email'] = $user['email_log'];
$_SESSION['logged_in'] = time();
header('Location: home.php');
exit;
}
}
if(isset($\u POST['submit\u log'])==1){
$stmt_lg=$conn->prepare(“从用户处选择id、电子邮件、密码,其中电子邮件=:电子邮件日志和密码=:密码日志”);
$stmt\u lg->bindParam(“:email\u log,$email\u log”);
$stmt_lg->bindParam(“:password_log”,$password_log);
$stmt_lg->execute();
$user=$stmt_lg->fetch(PDO::fetch_ASSOC);
如果($user==false){
echo“警报('用户名或密码不正确');”;
}否则{
$\会话['user\u email']=$user['email\u log'];
$\u会话['logged\u in']=time();
标题('Location:home.php');
出口
}
}
$sess = $_SESSION['user_email'];
$sess_ch = $conn->prepare("SELECT email FROM user WHERE email = :user_email");
$sess_ch->bindParam(":user_email", $sess);
$sess_ch->execute();
$ses = $sess_ch->setFetchMode(PDO::FETCH_ASSOC);
if ($ses === 1) {
echo "<script>window.location.href = 'index.php';</script>";
}
$sess=$\u会话['user\u email'];
$sess_ch=$conn->prepare(“选择来自用户的电子邮件,其中电子邮件=:用户电子邮件”);
$sess\u ch->bindParam(“:user\u email”,$sess);
$sess_ch->execute();
$ses=$sess_ch->setFetchMode(PDO::FETCH_ASSOC);
如果($ses==1){
echo“window.location.href='index.php';”;
}
<?php
if (isset($_POST['logout'])) {
unset($_SESSION['user_email']);
$_SESSION = array();
session_destroy();
header("Location: index.php");
}
?>
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$name = $_POST['name'];
$email = $_POST['email'];
$pass = $_POST['password'];
$pass2 = $_POST['password2'];
$email_log = $_POST['email_log'];
$password_log = $_POST['password_log'];
try {
$conn = new PDO("mysql:host=$servername;dbname=program", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "<script>alert('Connected successfully');</script>";
if (isset($_POST['submit']) == 1) {
$stmt_ch = $conn->prepare("SELECT email FROM user WHERE email = :email");
$stmt_ch->bindParam(":email", $email);
$stmt_ch->execute();
if ($stmt_ch->rowCount() === 1) {
echo "<script>alert('Username already taken.');</script>";
} else {
$stmt_re = $conn->prepare("INSERT INTO user (name, email, password) VALUES (:name, :email, :password)");
$stmt_re->bindParam(":name", $name);
$stmt_re->bindParam(":email", $email);
$stmt_re->bindParam(":password", $pass);
$stmt_re->execute();
echo "<script>alert('Account was successfully registerd.');</script>";
}
}
if (isset($_POST['submit_log']) == 1) {
$stmt_lg = $conn->prepare("SELECT id, email, password FROM user WHERE email = :email_log AND password = :password_log");
$stmt_lg->bindParam(":email_log", $email_log);
$stmt_lg->bindParam(":password_log", $password_log);
$stmt_lg->execute();
$user = $stmt_lg->fetch(PDO::FETCH_ASSOC);
if ($user === false) {
echo "<script>alert('Username or password is incorrect.');</script>";
} else {
$_SESSION['user_email'] = $user['email_log'];
$_SESSION['logged_in'] = time();
header('Location: home.php');
exit;
}
}
} catch(PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
?>
删除这部分代码,因为失败时,$ses
将返回true和false,此外,您只需检查会话变量是否已设置
if ($ses === 1) {
echo "<script>window.location.href = 'index.php';</script>";
}
这是不正确的:$ses=$sess\u ch->setFetchMode(PDO::FETCH\u ASSOC)作为setFetchMode返回布尔值。因此,如果您要var_dump($ses)
您可能会发现$ses===true
,这与1不同;因此,if语句返回false
相反,请使用:
$ses = $sess_ch->fetch();
if(!$ses){ header('Location: index.php'); }
编辑澄清:我在home.php中谈论过,现在每次我登录home.php时,它都会不断重定向回index.php,并注释掉重定向行和var\u dump($ses)以及var\u转储($\u会话)
所有值都为null,即使我将它们存储在登录名中?是否home.php
以session_start()开始在顶部?请在重定向之前使用所有代码更新home.php。将var_转储放在代码中,因为它们的位置可能相关。每次输入时,它还会将我重定向回index.phplogin@Raymond我有我的答案。请检查我的答案。我有更新。
$ses = $sess_ch->fetch();
if(!$ses){ header('Location: index.php'); }