Fatal编程技术网
  • php/
  • Php 为什么不是';我的会话变量不能工作吗?

Php 为什么不是';我的会话变量不能工作吗?

php session

Php 为什么不是';我的会话变量不能工作吗?,php,session,session-variables,Php,Session,Session Variables,我已经检查了php标记前的空白,以及会话_start()之类的正常内容,但我一辈子都无法解决这个问题。我正在为一个客户建立一个登录系统,所以这是非常重要的 基本上,一旦我进入第二页$_SESSION['username'];是空的。 我已经把它打印出来了,它是空的,但是atm激活了头重定向,你可以在代码中看到 提前感谢您提供的任何帮助:) 相关代码: <?php session_start(); include '../resources/methods/Library.php'; i

我已经检查了php标记前的空白,以及会话_start()之类的正常内容,但我一辈子都无法解决这个问题。我正在为一个客户建立一个登录系统,所以这是非常重要的

基本上,一旦我进入第二页$_SESSION['username'];是空的。 我已经把它打印出来了,它是空的,但是atm激活了头重定向,你可以在代码中看到

提前感谢您提供的任何帮助:)

相关代码:

<?php
session_start();

include '../resources/methods/Library.php';

if(isset($_SESSION['username']))
{
    //User already logged in!
    header('Location: Index.php');
}

//Username and password submitted by user
$usernameSubmitted = $_POST['username'];
$passwordSubmitted = $_POST['password'];

if($usernameSubmitted != "" && $passwordSubmitted != "")
{
    //User has entered both a username and a password. We shall validate them

    //Connect to database and select all the admin accounts
    connectToDB();
    $query = "SELECT * FROM admins" or die(mysql_error());
    $data = mysql_query($query) or die(mysql_error());
    $numberOfAdmins = mysql_num_rows($data) or die(mysql_error());


    //Check if the username corresponds to any found in the database                        
    $usernameValid = false;

    for($i = 0; $i < $numberOfAdmins; $i++)
    {
        if($usernameSubmitted == mysql_result($data, $i, "Username"))
        {
            $userToLogInAs = $i;
            $usernameValid = true;
        }
    }

    //If username is valid, check password
    if($usernameValid != false)
    {
        //Passwords are held as blowfish encryptions for security. Encypt this so we can compare
        $encryptedPasswordSubmitted = crypt($passwordSubmitted, '$2a$07$buzzybees5hivestottenhoe$');

        if($encryptedPasswordSubmitted == mysql_result($data, $userToLogInAs, "Password"))
        {
            //Create a session variable so the user remains logged in
            $_SESSION['username'] = $usernameSubmitted;

            //User entered the correct username and password, redirect them to the website.
            header('Location: Index.php');
        }
    }

    //If we've got this far then the user didn't authenticate successfully.
    $message = "<h2>Sorry, Invalid Credentials</h2><p>Check that you're tying your username and password correctly.</p>";
}

这只是猜测,但假设您只显示登录脚本的部分代码:

在成功登录时重定向之后,您不会使用
die()
,因此在此之后出现的任何代码以及您在此处未显示的代码都会被执行。如果您在那里操作
$\u会话
变量,则可能会导致问题

为了安全起见,只需将代码更改为:


    if($encryptedPasswordSubmitted == mysql_result($data, $userToLogInAs, "Password"))
    {
        //Create a session variable so the user remains logged in
        $_SESSION['username'] = $usernameSubmitted;

        //User entered the correct username and password, redirect them to the website.
        header('Location: Index.php');
        die();    // this is important!
    }



看看这是否解决了问题。请注意,您需要在重定向到的任何地方都执行此操作。
您认为它不工作是什么意思?您能告诉我们为什么它不工作吗。错误消息?发生了什么出乎意料的事情?这是一个业余错误,没有包括其损坏的原因,在中补充道。为什么不绑定以仅选择具有匹配用户名的行?是的,我使用了exit('test'),我开始并执行上述分支:)cbuckley,rapid development。我只想先让它工作,然后再回去加上消毒和其他东西:)

    if($encryptedPasswordSubmitted == mysql_result($data, $userToLogInAs, "Password"))
    {
        //Create a session variable so the user remains logged in
        $_SESSION['username'] = $usernameSubmitted;

        //User entered the correct username and password, redirect them to the website.
        header('Location: Index.php');
        die();    // this is important!
    }