1. 首页
  2. 问答
  3. 访问

访问

2015-09-25 57 views
0

所以之前创建会话时,执行用户点击登录验证码:LoggedIn.php访问

<?php 
include 'connect.php'; 
if (!isset($_POST['username'], $_POST['password'])) { 
    // Could not get the data that should have been sent. 
    die ('Username and/or password does not exist!'); 
} 
// Prepare our SQL 
if ($stmt = $mysqli->prepare('SELECT password FROM users WHERE username = ?')) { 
    // Bind parameters (s = string, i = int, b = blob, etc), hash the password using the PHP password_hash function. 
    $stmt->bind_param('s', $_POST['username']); 
    if(!$stmt->execute()){ 
    trigger_error("there was an error....".$mysqli->error, E_USER_WARNING); 
    } 
    $stmt->store_result(); 
    // Store the result so we can check if the account exists in the database. 
    if ($stmt->num_rows > 0) { 
     $stmt->bind_result($password); 
     $stmt->fetch();  
     // Account exists, now we verify the password. 
     if (password_verify($_POST['password'], $password)) { 
      // Verification success! User has loggedin! 
      header('location: userPage.php'); 
        //**should I create the session here?** 

     } else { 
      echo 'Incorrect username and/or password!'; 
     } 
    } else { 
     echo 'Incorrect username blar password!'; 
    } 
    $stmt->close(); 
} else { 
    echo 'Could not prepare statement!'; 
} 
?>

OR应该当他们在userPage.php会话创建这是他们得到在登录时

<?php 
ob_start(); 
include 'connect.php'; 
if(!isset($_SESSION['username']) || !isset($_SESSION['password'])) 
{ 
    header("location:http://www.fortunefilly.com/loginTemplate.php"); 
} 
else 
{ 
    session_start(); 
    $username =$_SESSION['username'] ; 
} 
?>

访问的页面,但我不认为它实际上是创建一个会话,因为我尝试回声出$ USERNAME,但它不工作。只是在场景中几个三分球将是有益的

预先感谢您

来源

2015-09-25 Small Legend

+3

失踪'的session_start();'在代码的开始,否则这一切(与会话)是无用的。 – user5173426

+0

您需要为$ _SESSION ['username']变量赋值 –

+0

,因为您没有在$ _SESSION ['username']中看到任何内容,因为您没有在会话开始后分配它。你开始会话(session_start()),然后立即尝试访问$ _SESSION ['username']。 –

回答

2

如果您打算使用/创建/取消设置(任何)会话,您必须在代码的最开始处编写session_start();

LoggedIn.php

<?php 
include 'connect.php'; 
session_start(); 
if (!isset($_POST['username'], $_POST['password'])) { 
    // Could not get the data that should have been sent. 
    die ('Username and/or password does not exist!');

或者在您的userPage.php:

<?php 
session_start(); 
ob_start(); 
include 'connect.php'; 
if(!isset($_SESSION['username']) || !isset($_SESSION['password'])) 
{ 
    header("location:http://www.fortunefilly.com/loginTemplate.php"); 
}

编辑:

现在再回到这个问题,你需要set会议,良好的palce将是:

if (password_verify($_POST['password'], $password)) { 
      // Verification success! User has loggedin! 

      header('location: userPage.php'); 
        //**should I create the session here?**

服用右出像牙齿疼痛

if(!isset($_SESSION['username'])){ //should do it

来源

2015-09-25 16:36:03 user5173426

+2

这个“||” !isset($ _ SESSION ['password'])'应该到处都是! *可怕* –

+0

@ Fred-ii-我不能相信我错过了那些,就像他们说的那样_Time是最好的老师!_ ;-) – user5173426

+0

@ Fred-ii-我应该用什么来代替||。 !isset($ _ SESSION ['password']) –

1

会议必须在访问会话变量之前启动:

<?php 
session_start(); 
ob_start(); 
include 'connect.php'; 
if(!isset($_SESSION['username']) || !isset($_SESSION['password'])) 
{ 
    header("location:http://www.fortunefilly.com/loginTemplate.php"); 
} 
else 
{ 
    $username =$_SESSION['username'] ; 
}

>

来源

2015-09-25 16:33:24

+0

这仍然不会分配$ _SESSION ['username']。这需要在它有价值之前分配。 –

+0

我在哪里指定它? –

+0

当然,但如果您不认为该值是在其他位置设置的,您将不会检查isset的用户名。显示的场景表明它在其他地方设置,例如验证登录页面。 –

相关问题

 相关问题