我有一个登录脚本,目前存储2个变量,一个有效变量和一个用户名变量。我现在正在尝试添加一个名称变量,因此我更改了MySQL查询以从数据库中获取名称并尝试将该名称存储在会话变量中但由于某种原因它只是不存储它。可能最好只是为了向您展示脚本,我一直在学习PHP仅2个月,所以我非常感谢您的帮助。
<?php
ob_start(); // Start output buffering
session_start(); //must call session_start before using any $_SESSION variables3
$_SESSION['username'] = $username;
function validateUser($username)
{
session_regenerate_id (); //this is a security measure
$_SESSION['valid'] = 1;
$_SESSION['username'] = $username;
$_SESSION['name'] = $userData['name'];
}
$username = isset($_POST['username'])?$_POST['username']:'';
$password = isset($_POST['password'])?$_POST['password']:'';
//connect to the database here
$hostname_Takeaway = "localhost";
$database_Takeaway = "diningtime";
$username_Takeaway = "root";
$password_Takeaway = "root";
$Takeaway = mysql_pconnect($hostname_Takeaway, $username_Takeaway, $password_Takeaway) or trigger_error(mysql_error(),E_USER_ERROR);
mysql_select_db($database_Takeaway, $Takeaway);
$username = mysql_real_escape_string($username);
$query = "SELECT name, password, salt FROM admin_users WHERE username = '$username';";
$result = mysql_query($query) or die(mysql_error());
if(mysql_num_rows($result) < 1) //no such user exists
{
header('Location: http://localhost/diningtime/admin-home.php?login=fail');
die();
}
$userData = mysql_fetch_array($result, MYSQL_ASSOC);
$hash = hash('sha256', $userData['salt'] . hash('sha256', $password) );
if($hash != $userData['password']) //incorrect password
{
header('Location: http://localhost/diningtime/admin-home.php?login=fail');
die();
}
else
{
validateUser($username); //sets the session data for this user
}
//redirect to another page or display "login success" message
header('Location: http://localhost/diningtime/main');
die();
//redirect to another page or display "login success" message
?>
答案 0 :(得分:1)
您的validateUser()函数在作用域中没有$userData变量,因此您要为$ _SESSION ['name']指定NULL。
将$ userData设为全局,以便在函数范围内可见,或将其作为参数传递:
function validateUser($user, $userData) {
^^^^^^^^^-- pass as arg
global $userData;
^^^^^^^^^^^^^^^^^--- bring var in-scope
...
$_SESSION['name'] = $GLOBALS['userData']['name'];
^^^^^^^^^^^^^^^^^^^^^^^^^^^^--- refer to global scope
}
这3个选项中的任何一个都可以解决问题(只是不要同时完成所有这三个选项)
答案 1 :(得分:1)
您的 validateUser 函数无法从$ userData数组中获取值,您需要在其中包含其他文档,例如
function validateUser($username, $name)
然后从您的代码传递这些值,或者您可以在此函数中移动mysql身份验证然后它将工作。通常,函数不会识别您在该函数之外定义的任何变量。
P.S。第五行应该是什么
$_SESSION['username'] = $username;
做什么?我怀疑它在那个地方完全没用: - )
答案 2 :(得分:0)
这里有很多错误。
<?php
ob_start(); // Start output buffering
session_start(); //must call session_start before using any $_SESSION variables3
$_SESSION['username'] = $username;
来自$username来自哪里?
$username = isset($_POST['username'])?$_POST['username']:'';
$password = isset($_POST['password'])?$_POST['password']:'';
现在你正在检查它的存在。
$Takeaway = mysql_pconnect($hostname_Takeaway, $username_Takeaway, $password_Takeaway) or trigger_error(mysql_error(),E_USER_ERROR);
mysql_select_db($database_Takeaway, $Takeaway);
mysql_*已弃用流程已开始。 与您的问题无关,但值得一提
然后来validateUser($username); //sets the session data for this user
现在你正在调用这个函数。我们来看一下这个函数。
function validateUser($username)
{
session_regenerate_id (); //this is a security measure
$_SESSION['valid'] = 1;
$_SESSION['username'] = $username;
$_SESSION['name'] = $userData['name'];
}
您已将$username作为参数传递,但$userData['name']将来自何处? (有关范围,请参阅MarcBs解决方案)
所以yuu有很多要弄清楚。