Can';不要将变量添加到php会话中
我试图将变量添加到会话中,并在函数中读取该变量 下面是index.php:Can';不要将变量添加到php会话中,php,session,configuration,session-variables,session-cookies,Php,Session,Configuration,Session Variables,Session Cookies,我试图将变量添加到会话中,并在函数中读取该变量 下面是index.php: <?php include("include/config.php"); if(!empty($txt_user) && !empty($txt_pass)) { $result=login_func($txt_user,$txt_pass); if($result==1) { header("Location: homepage.php"); }
<?php
include("include/config.php");
if(!empty($txt_user) && !empty($txt_pass))
{
$result=login_func($txt_user,$txt_pass);
if($result==1)
{
header("Location: homepage.php");
}else{
$alert_class="alert-danger";
}
}
?>
<form action="<?php echo("".$_SERVER['PHP_SELF']."");?>" method='post' class='form-validate' id="test">
<div class="form-group">
<div class="email controls">
<input type="text" name='txt_user' placeholder="Kullanıcı Adınız" class='form-control' data-rule-required="true">
</div>
</div>
<div class="form-group">
<div class="pw controls">
<input type="password" name="txt_pass" placeholder="Şifreniz" class='form-control' data-rule-required="true">
</div>
</div>
<div class="submit">
<input type="submit" value="Giriş Yap" class='btn btn-primary'>
</div>
</form>
<?php
ini_set('session.gc_maxlifetime', 3600);
session_start();
ob_start();
include("class.php");
include("functions.php");
**connections to db**
?>
function login_func($user,$pass)
{
$sql=mysql_query("SELECT * FROM table WHERE user_name='$user' AND pass='$pass' LIMIT 1");
$control_number=mysql_num_rows($sql);
if(($control_number==1))
{
$_SESSION['login_id']=@mysql_result($sql,0,'id');
$_SESSION['login_name']=@mysql_result($sql,0,'name');
$_SESSION['login_email']=@mysql_result($sql,0,'email');
return 1; // true
}else{
return 2; //false
}
}
echo $_SESSION['login_id'];
echo $_SESSION['login_name'];
echo $_SESSION['login_email'];
您正在尝试访问
$txt\u user$txt\u pass尝试使用
$\u POST['txt\u user']$\u POST['txt\u pass']不要使用mysql.*
函数。它们只会使您容易受到SQL注入的攻击。请使用mysqli.*
或准备好的查询。感谢您的评论,我使用的是PHP5.3和所有在服务器上本地工作的代码,而且代码很旧,所以需要升级。