许多人可能会将PHP MySQL函数用于网站的登录部分
我正在尝试使用此代码;
在每个内容页面上 - 检查是否已登录
<?php
session_start();
if( isset($_SESSION[$myusername]) ){
header("location:main_login.php");
}
?>
检查登录脚本
<?php
$host="**"; // Host name
$username="**"; // Mysql username
$password="**"; // Mysql password
$db_name="ClubEvents"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
退出代码
<?php
session_start();
session_unset();
header("Location: main_login.php");
?>
但有些东西不起作用,页面login_success.php只应在登录时才能访问,因此注销不起作用,或者login_success.php检查无法正常工作。但是我不知道怎么说,我试过和它们玩耍,但仍然没有进一步前进。
答案 0 :(得分:4)
A quick check in PHP manual would have revealed the answer
如果使用$ _SESSION(或PHP 4.0.6或更低版本的$ HTTP_SESSION_VARS),请使用isset()检查变量是否已在$ _SESSION中注册。
注意:
您的源代码中还有其他错误的内容:myusername应引用,header()
应该跟exit;
答案 1 :(得分:3)
答案 2 :(得分:0)
始终与空检查一起使用
if( isset($_SESSION[$myusername]) and $_SESSION[$myusername]<>"")