很多人可能会将PHP mySQL功能用于网站的登录部分
我正在尝试使用此代码;
在每个内容页面上 - 检查是否已登录(在每个内容页面的标题中)
<?php
session_start();
if(! isset($_SESSION["myusername"]) ){
header("location:main_login.php");
}
?>
<html>
<body>
Page Content Here
</body>
</html>
登录脚本(我的main_login.php页面引用)
<?php
ob_start();
$host="ClubEvents.db.9606426.hostedresource.com"; // Host name
$username="ClubEventsRead"; // Mysql username
$password="Pa55word!"; // Mysql password
$db_name="ClubEvents"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
退出代码
<?
session_start();
session_destroy();
header("location:main_login.php");
exit();
?>
MAIN_LOGIN.php
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?php
phpinfo()
?>
但是有些东西不能正常工作,只有登录时才能访问页面login_success.php,因此注销无法正常工作,或者,login_success.php检查无法正常工作。但是我不知道怎么说,我试过和他们一起玩,而且还没有进一步前进
此致
亨利
答案 0 :(得分:1)
session_register()
已弃用。
从PHP 4.1.0开始,首选使用$ _SESSION
$_SESSION["myusername"] = $myusername;
尝试 session_destroy()
,而不是 session_unset()
。
你的IF语句也错了:
将isset($_SESSION[$myusername]
更改为
isset($_SESSION["myusername"]
这就是我管理登录的方式:
<?php session_start();
require_once('../header.php');
$sql = "SELECT ID, username, FROM users WHERE username='$_POST[username]' AND password='$_POST[password]'";
$result = query($sql);
//If nothing is returned from the DB then the credentials are wrong.
if (!$row = mysql_fetch_array($result)) {
header( 'Location: ../index.php' );
die();
}
else {
$user= $row;
}
//All user values ( id_user, username, password, firstname, lastname, avatar ) are saved in $_SESSION for later use.
$_SESSION['ID'] = $user['ID'];
$_SESSION['username'] = $user['username'];
//This variable is used later to verify if a used is still logged in and proceed with loading a profile.
$_SESSION['isLoggedIn'] = 1;
header( 'Location: ../index.php' );
?>
这是我管理注销的方式:
<?php session_start();
require_once('../header.php');
//Session data is destroyed so as to prevent the user from accessing any profiles after disconnection.
session_destroy();
mysql_close($connection);
header( 'Location: ../index.php' );
?>
这是我管理页面内容的方式,具体取决于用户是否登录。
<?php session_start();
echo "Page Content";
if (@$_SESSION['isLoggedIn'] != 1) {
showLogin();
}
else {
showHome();
}
?>
答案 1 :(得分:1)
我从未遇到过以下问题:
unset($_SESSION[$myusername]);
这里的优点是您只清除会话中的会话,并且可以在会话中自由存储其他信息,因为session_destroy()
将清除所有会话数据。
编辑:查看您的代码,如果设置了用户名会话,它总是将用户发送到登录页面。
变化:
<?php
session_start();
if( isset($_SESSION[$myusername]) ){
header("location:main_login.php");
}
?>
to(注意!之前的isset)。您只想在未设置会话时重定向到登录页面。
<?php
session_start();
if(! isset($_SESSION[$myusername]) ){
header("location:main_login.php");
}
?>
评论摘要:
Session[$myusername]
已更改为Session['myusername']
,isset
检查已更改为!isset
。这表明会议没有首先确定。
答案 2 :(得分:0)
尝试session_destroy();
必须帮助..
答案 3 :(得分:0)
您的退出代码应如下所示:
<?php
session_start();
$_SESSION = array();
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
session_destroy();
header("Location: main_login.php"); exit;
?>
区分大小写