isset（SESSION ['user']）not working

Question

我有这个PHP脚本，无法检测到会话变量是否存在。我一直在寻找堆栈溢出一段时间，我还没有找到任何解决我的问题。这里是代码：

<?php 
session_start(); 
if(isset($_SESSION['user'])){ 
?> 
<html> 
<head> 
</head> 
<body> 
it exists 
</body> 
</html> 
<?php 
    } 
    else{ 
?> 
<html> 
<head> 
</head> 
<body> 
nope 
</body> 
</html> 
<?php 
    } 
} 
else{ 
?> 
<html> 
<head> 
</head> 
<body> 
it doesn't 
</body> 
</html> 
<?php 
} 
?> 

这里是设置会话代码：

<?php 
session_start(); 
$dsn = 'mysql:host=localhost;dbname=noterate'; 
$usernameForSQL = '*******'; 
$passwordForSQL = '*********'; 
$db = new PDO($dsn, $usernameForSQL, $passwordForSQL); 
function checkLogin($usrn, $pswd, $database){ 
    $query = "SELECT * FROM accounts WHERE username='$usrn' and userpassword='$pswd'"; 
    $statement = $database->prepare($query); 
    $statement->execute(); 
    if($statement->rowcount() > 0){ 
     return true; 
    } 
    else{ 
     return false; 
    } 
} 
if(isset($_POST['username']) && isset($_POST['password'])){ 
    $username = $_POST['username']; 
    $password = $_POST['password']; 
    if(checkLogin($username, $password, $db, 'accounts')){ 
     $_SESSION['user'] = $username; 
?> 

Answer 1

看到这个帖子了如何处理的密码...它使用mysqli但你应该能够很容易地看到它如何与pdo一起工作。 https://stackoverflow.com/a/26321573/623952

插入你的密码是这样的：

$password_to_insert_into_db = password_hash($plaintext_password, PASSWORD_BCRYPT); 

我改变的变量名和事物。 B/C对我来说比较容易。

<?php 

session_start(); 

// for my testing... 
$_POST['username'] = 'noterate'; 
$_POST['password'] = 'noterateE'; 
// ----------------------------------- 

$dsn = 'mysql:host=localhost;dbname=test'; 

$usernameForSQL = 'root'; 
$passwordForSQL = ''; 

$db = new PDO($dsn, $usernameForSQL, $passwordForSQL); 

$user = isset($_POST['username']) ? $_POST['username'] : ''; 
$pass = isset($_POST['password']) ? $_POST['password'] : ''; 

if (!empty($user) && !empty($pass)) { 
    if (checkLogin($user, $pass, $db)) { 
     $_SESSION['user'] = $user; 
    } 
    else echo "error: user not validated<br/>"; 
} 

function checkLogin($user, $pass, $db) { 

    $query = "select * 
       from user 
       where username = ? "; 

    $stmt = $db->prepare($query); 
    $stmt->execute(array($user)); 

    $result = $stmt->fetch(PDO::FETCH_ASSOC); 
    if ($result) { 
     if (password_verify($pass, $result['password'])) { 
     $_SESSION['user'] = $user; 
     return true; 
     } 
     // else... password doesn't match 
    } 
    // else... username doesn't exist 

    return false; 
} 
/* 
mysql> describe user; 
+----------+-------------+------+-----+---------+----------------+ 
| Field | Type  | Null | Key | Default | Extra   | 
+----------+-------------+------+-----+---------+----------------+ 
| userid | int(11)  | NO | PRI | NULL | auto_increment | 
| username | varchar(60) | YES | UNI | NULL |    | 
| password | varchar(60) | YES |  | NULL |    | 
+----------+-------------+------+-----+---------+----------------+ 
3 rows in set (0.02 sec) 



mysql> select * from user; 
+--------+-------------+--------------------------------------------------------------+ 
| userid | username | password              | 
+--------+-------------+--------------------------------------------------------------+ 
|  1 | my_username | $2y$10$fc48JbA0dQ5dBB8MmXjVqumph1bRB/4zBzKIFOVic9/tqoN7Ui59e | 
|  2 | stuff  | $2y$10$o3s39w.9HqeuUP0j7o9qv.NyMSFMfbsa6SzNZi2gnOo4Zol69w/mm | 
|  17 | new_user | $2y$10$lIFIUN2q0UzB9Wtmc/kuCuW7driQkpZHiPIiwQPskanSPXqQbXZGu | 
|  18 | noterate | $2y$10$YEsHG2X4rjPArViZTUtM4uEs27e.GR7g05T7Ajno2j0aogMXADbQ2 | 
+--------+-------------+--------------------------------------------------------------+ 
4 rows in set (0.00 sec) 

*/ 
?> 


<?php 
session_start(); 

var_dump($_SESSION); 

if (isset($_SESSION['user'])) { ?> 
    <div>it exists</div> 
<?php } else { ?> 
    <div>nope</div> 
<?php } ?>