所以之前创建会话时,执行用户点击登录验证码:LoggedIn.php访问
<?php
include 'connect.php';
if (!isset($_POST['username'], $_POST['password'])) {
// Could not get the data that should have been sent.
die ('Username and/or password does not exist!');
}
// Prepare our SQL
if ($stmt = $mysqli->prepare('SELECT password FROM users WHERE username = ?')) {
// Bind parameters (s = string, i = int, b = blob, etc), hash the password using the PHP password_hash function.
$stmt->bind_param('s', $_POST['username']);
if(!$stmt->execute()){
trigger_error("there was an error....".$mysqli->error, E_USER_WARNING);
}
$stmt->store_result();
// Store the result so we can check if the account exists in the database.
if ($stmt->num_rows > 0) {
$stmt->bind_result($password);
$stmt->fetch();
// Account exists, now we verify the password.
if (password_verify($_POST['password'], $password)) {
// Verification success! User has loggedin!
header('location: userPage.php');
//**should I create the session here?**
} else {
echo 'Incorrect username and/or password!';
}
} else {
echo 'Incorrect username blar password!';
}
$stmt->close();
} else {
echo 'Could not prepare statement!';
}
?>
OR应该当他们在userPage.php会话创建。 这是他们得到在登录时
<?php
ob_start();
include 'connect.php';
if(!isset($_SESSION['username']) || !isset($_SESSION['password']))
{
header("location:http://www.fortunefilly.com/loginTemplate.php");
}
else
{
session_start();
$username =$_SESSION['username'] ;
}
?>
访问的页面,但我不认为它实际上是创建一个会话,因为我尝试回声出$ USERNAME,但它不工作。只是在场景中几个三分球将是有益的
预先感谢您
失踪'的session_start();'在代码的开始,否则这一切(与会话)是无用的。 – user5173426
您需要为$ _SESSION ['username']变量赋值 –
,因为您没有在$ _SESSION ['username']中看到任何内容,因为您没有在会话开始后分配它。你开始会话(session_start()),然后立即尝试访问$ _SESSION ['username']。 –