问题描述

无法启动并运行我的会话.在过去的几个小时里，我一直在查看我的代码，但我看不出它有什么问题.我遇到的问题是，每次输入用户名和密码时，它只会将我重定向到登录页面，以便在应该显示securepage.php 时再次输入信息.

Having trouble getting my session up and running. I've been over looking my code for the past couple hours and I can't see to find what is wrong with it. The problem I am experiencing is that every time I type the username and password in, it just redirects me to the login page to type in the info again when it should be displaying the securedpage.php..

这是我的代码:

loginproc.php 页面 - 此页面逐步执行 if 语句并直接进入 else

loginproc.php page - This page steps through if statement and goes straight to the else

<?php

// Inialize session
session_start();

// Include database connection settings
include('../../model/database.php');

// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string($_POST['password']) . "')");

// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: index.php');
}

?>

securedpage.php 页面

<?php

// Inialize session
session_start();

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.php');
}

?>
<html>

<head>
<title>Secured Page</title>
</head>

<body>

<p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>

</body>

</html>

database.php 页面

<?php
$dsn = 'mysql:host=localhost;dbname=sports_db';
$username = '';
$password = '';
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);

try {
    $db = new PDO($dsn, $username, $password, $options);
} catch (PDOException $e) {
    $error_message = $e->getMessage();
    include 'errors/db_error_connect.php';
    exit;
}

function display_db_error($error_message) {
    global $app_path;
    include 'errors/db_error.php';
    exit;
}
?>

推荐答案

您不能混合使用 PDO 和 mysql .. 您正在 PDO 中创建查询并使用 mysql_*尝试将您的代码更改为

You cannot mix PDO and mysql .. You are creating query in PDO and using mysql_* Try changing your code to

<?php

// Inialize session
session_start();

// Include database connection settings
include('../../model/database.php');

// Retrieve username and password from database according to user's input
$stmt = $db->prepare("SELECT * FROM user WHERE (`username` = :username) and (`password` = :password)");

$result = $stmt->execute(array(':username'=>$_POST['username'],':password'=>$_POST['password']));
$num_rows = $stmt->rowCount();
// Check username and password match
if ( $num_rows > 0) {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: index.php');
}

?>

见参考

这篇关于简单的登录会话 php的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！