我的会话在localhost中不起作用

时间：2014-02-23 19:23:32

标签： php html session

我的问题是我的会话无法在localhost中运行

我无法通过localhost登录。有人可以帮帮我

这是我的会话代码

<?php

include('config.php');
session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $email       = $_POST['email'];
    $password    = $_POST['password'];
    $salt        = sha1(md5($password));
    $password    = md5($password . $salt);
    $sql         = "SELECT email FROM registered_members WHERE email='$email' and password='$password'";
    $result      = mysql_query($sql);
    $row         = mysql_fetch_array($result);

    $count       = mysql_num_rows($result);
    $sql1        = "SELECT email,password FROM admin WHERE email='$email' and password='$password'";
    $result1     = mysql_query($sql1);
    $row1        = mysql_fetch_array($result1);
    $count_admin = mysql_num_rows($result1);

    if ($count == 1) {
        session_register("email");
        session_register("password");
        $_SESSION['login_user'] = $email;
    }

    if ($count_admin == 1) {
        session_register("email");
        session_register("password");
        $_SESSION['login_admin'] = $email;
    }
    if ($count < 1 && $count_admin < 1)
        echo "Wrong email or Password";
    elseif ($count >= 1 && $count_admin < 1)
        header("location:member.php");
    elseif ($count < 1 && $count_admin >= 1)
        header("location:admincp/admin-panel.php");    
}

?>

请帮帮我

1 个答案:

答案 0 :(得分：0)

尝试使用基于OOP的示例：

Session.class.php

<?php

class Session {

    const SALT         = 'foo';
    const SESSION_NAME = '__DATABASE__';
    const PROTOCOL     = 'http';
    const HOST         = 'example.com';

    const PAGE_LOGIN  = 0;
    const PAGE_MEMBER = 1;
    const PAGE_ADMIN  = 2;

    private $pdo;
    private $id;
    private $admin;

    public static function connect() {
        static $self;
        if ($self === null) {
            if (isset($_SESSION[self::SESSION_NAME])) {
                $self = $_SESSION[self::SESSION_NAME];
            } else {
                $self = $_SESSION[self::SESSION_NAME] = new self;
            }
        }
        return $self;
    }

    public function __wakeup() {
        $this->__construct();
    }

    public function isLogined() {
        return $this->id !== null;
    }

    public function isAdmin() {
        return (bool)$this->admin;
    }

    public function getId() {
        return $this->id;
    }

    public function login($email, $password) {
        $admin_id = $this->adminLogin($email, $password);
        $member_id = $this->menberLogin($email, $password);
        if ($admin_id === false and $member_id === false) {
            throw new RuntimeException('Wrong email or password');
        } elseif ($admin_id === false) {
            $this->id = $member_id;
            $this->admin = false;
        } else {
            $this->id = $admin_id;
            $this->admin = true;
        }
        return $this;
    }

    public function autoRedirect($current_page) {
        if ($this->admin === null and $current_page !== self::PAGE_LOGIN) {
            self::redirect('/login.php');
        }
        if ($this->admin === false and $current_page !== self::PAGE_MEMBER) {
            self::redirect('/member.php');
        }
        if ($this->admin === true and $current_page !== self::PAGE_ADMIN) {
            self::redirect('/admincp/admin-panel.php');
        }
    }

    private static function redirect($path) {
        header(sprintf('Location: %s://%s%s', self::PROTOCOL, self::HOST, $path));
        exit;
    }

    private function __construct() {
        $this->pdo = new PDO(
            'mysql:dbname=test;host=localhost;charset=utf8',
            'user',
            '',
            array(
                PDO::MYSQL_ATTR_EMULATE_PREPARES => false,
                PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
                PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
                PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
            )
        );
    }

    private function adminLogin($email, $password) {
        $sql = 'SELECT id FROM admin WHERE email = ? AND password = ? LIMIT 1';
        $stmt = $this->pdo->prepare($sql);
        $stmt->execute(array($email, sha1(self::SALT . $password)));
        return $stmt->fetchColumn();
    }

    private function memberLogin($email, $password) {
        $sql = 'SELECT id FROM registered_members WHERE email = ? AND password = ? LIMIT 1';
        $stmt = $this->pdo->prepare($sql);
        $stmt->execute(array($email, sha1(self::SALT . $password)));
        return $stmt->fetchColumn();
    }

}

的login.php

<?php

require 'Session.class.php';

try {

    session_start();
    DB::connect()->autoRedirect(Session::PAGE_LOGIN);
    if (isset($_POST['email'], $_POST['password'])) {
        DB::connect()->login($_POST['email'], $_POST['password']]);
    }
    DB::connect()->autoRedirect(Session::PAGE_LOGIN);

} catch (Exception $e) {

    $msg = $e->getMessage();

}

header('Content-Type: text/html; charset=utf-8');

?>
<!DOCTYPE html>
<body>
<?php if (isset($msg)): ?>
<p><?=$msg?></p>
<?php endif; ?>
<form method="post" action="">
Email: <input type="text" name="email" value=""><br>
Password: <input type="password" name="password" value=""><br>
<input type="submit">
</form>
</body>
</html>