Php会话不起作用
我正在尝试使用会话来确定用户是否已登录。人们不能再使用url登录,他们被重定向到Php会话不起作用,php,Php,我正在尝试使用会话来确定用户是否已登录。人们不能再使用url登录,他们被重定向到mainlogin.html,不过现在如果我输入了正确的登录详细信息,我会被重定向回mainlogin.html,如果输入了错误的详细信息,它会通知我。我希望这不是复制品。我查看了整个表单,尝试了其他人的方法,但它们对我不起作用 checklogin.php <?php session_start(); ob_start(); $host="foo"; // Host name $username="b
mainlogin.html
,不过现在如果我输入了正确的登录详细信息,我会被重定向回mainlogin.html
,如果输入了错误的详细信息,它会通知我。我希望这不是复制品。我查看了整个表单,尝试了其他人的方法,但它们对我不起作用
checklogin.php
<?php
session_start();
ob_start();
$host="foo"; // Host name
$username="bar"; // Mysql username
$password=""; // Mysql password
$db_name="foo";// Database name
$tbl_name="bar"; // Table name
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$mypassword= sha1($mypassword);
$myusername = stripslashes($myusername);
$mypassword = stripslashes ($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE myusername='$myusername' and mypassword='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1) {
$_SESSION['myusername'] = $$myusername;
$_SESSION['mypassword'] = $$mypassword;
header("location:login_success.php");
}
else {
//header('Location: ../mainlogin.html');
echo "Wrong Username or Password";
}
?><? ob_flush(); ?>
<?php
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['myusername'])) {
header('Location: ../mainlogin.html');
}
exit;
?>
login\u success.php
<?php
session_start();
ob_start();
$host="foo"; // Host name
$username="bar"; // Mysql username
$password=""; // Mysql password
$db_name="foo";// Database name
$tbl_name="bar"; // Table name
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$mypassword= sha1($mypassword);
$myusername = stripslashes($myusername);
$mypassword = stripslashes ($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE myusername='$myusername' and mypassword='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1) {
$_SESSION['myusername'] = $$myusername;
$_SESSION['mypassword'] = $$mypassword;
header("location:login_success.php");
}
else {
//header('Location: ../mainlogin.html');
echo "Wrong Username or Password";
}
?><? ob_flush(); ?>
<?php
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['myusername'])) {
header('Location: ../mainlogin.html');
}
exit;
?>
美元符号太多了
$_SESSION['myusername'] = $$myusername;$_SESSION['mypassword'] = $$mypassword; ...
应该是
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
……行动。。在会话中存储密码不是一个好主意。。最好按照教程所说的去做
session_register("myusername");
session_register("mypassword");
我希望这段代码能对你有所帮助
包括“connect.php”
会话_start()
//从表单发送的用户名和密码
如果(isset($_POST['uname']))
$myusername=$_POST['uname']
$mypassword=$\u POST['passwd']
//$mypassword=md5($mypassword)
$myusername=stripslashes($myusername)
$mypassword=stripslashes($mypassword)
$myusername=mysql\u real\u escape\u字符串($myusername)
$mypassword=mysql\u real\u escape\u字符串($mypassword)
$sql=“从$tbl\U名称中选择*”//其中username='$myusername'和password='$mypassword'
$result=mysql\u查询($sql)
如果(!$result)
{
die('Error:'.mysqli_Error())
}
while($row=mysql\u fetch\u数组($result))
如果($myusername==$row['username']&&$mypassword==$row['password']))
{
$\会话['myusername']=$myusername
$\会话['mypassword']=$mypassword
标题(“位置:login_success.php”)
}
否则
{
echo“错误的用户名或密码,请转到您的电子邮件地址并单击链接,然后再登录”
回显“登录”
}检查错误日志。它抛出了什么错误?为什么要使用
stripslashes()
?不要在sha1
上使用stripslashes
,这也只是我自己的一个测试数据库,因为我对phpget不太了解,不需要变量,即$$username应该是$usernameince!注意:如果$username='test'
那么$$username
被解释为$test
变量PHP支持的