个人资料页面无法使用会话ID

时间:2013-05-07 23:08:19

标签: php mysql session

我正在创建一个配置文件页面和一个登录页面,其中我存储会话ID,然后在配置文件中我检查是否isset但我得到的问题是系统总是显示错误消息,我使用< strong> print_r($ _ SESSION); 浏览器显示:

重要数据缺失([first_name] =&gt; [email] =&gt;)

如何解决此错误?????

的login.php

<?php
session_start();
error_reporting(E_ALL);
require_once('include/connect.php');
$message = ""; 
if(!empty($_POST['email']))
{

$email = $_POST['email'];
$pass = $_POST['pass'];

$email = strip_tags($email);
$pass = strip_tags($pass);
$email = mysql_real_escape_string($email);
$pass = mysql_real_escape_string($pass);
//$pass = md5($pass);

$sql=mysql_query( "SELECT user_id, email_address, first_name FROM user WHERE email_address='$email'AND password='$pass'LIMIT 1") or die("error in user table");
$login_check = mysql_num_rows($sql);

  if($login_check > 0)
  {
      $row = mysql_fetch_array($sql);

          $id = $row['user_id'];
          $_SESSION['user_id'] = $id;

          $firstname = $row['first_name'];
          $_SESSION['first_name']= $firstname;

          $email = $row['email_address'];
          $_SESSION['email_address']= $email;

          mysql_query("UPDATE user SET last_log_date=now() WHERE user_id='$id'");

          header("Location: profile.php");    
  }//close if 
  else
  {
      $message = "incorrect Email or Password!!";
      //exit();
  }
}//close if

?>  
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>RegisterPage</title>

<link href='http://fonts.googleapis.com/css?family=Oswald:400,300' rel='stylesheet' type='text/css' />
<link href='http://fonts.googleapis.com/css?family=Abel|Satisfy' rel='stylesheet' type='text/css' />
<link href="default.css" rel="stylesheet" type="text/css" media="all" />

</head>

<body>


       <div id="loginborder">
         <p  style="color:#FF0000" align="left"><?php print("$message") ?></p>

         <!--Login form where user submit his registered email and password-->
         <form action="login.php" method="post">
           email-address:<br />
           <input type="text" name="email" placeholder="Email Adress" />
           <br />
           <br />
           Password:<br />
           <input type="password" name="pass" placeholder="Password" />
           <br />
           <br />
           <input type="submit" name="login" value="Login" />
           <a href="register.php" style="position: absolute; top: 132px; left: 61px;"> <strong> Register</strong></a>
         </form>
       </div> 

profile.php

   <?php
session_start();
 require_once('include/connect.php'); 


if(isset($_GET['user_id']))
{
    $id=$_GET['user_id'];
    var_dump($id);

}
elseif(isset($_SESSION['user_id']))
{
    $id= $_SESSION['user_id'];
}

else
{
    print "Important  data  are missing";
    print_r($_SESSION);
    exit();

}

$sql = mysql_query("SELECT * FROM user  WHERE user_id='$id'") or die(mysql_error());
$row = mysql_fetch_array($sql);

   $firstname=$row['first_name'];
   $lastname=$row['last_name'];
   $birth_date=$row['birth_date'];
   $registered_date=$row['registered_date'];
   //***************for upload img*****************//
   $check_pic="members/$id/image01.jpg";
   $default_pic="members/0/image01.jpg";
   if(file_exists($check_pic))
   {
       $user_pic="<img src=\"$check_pic\"width=\"100px\"/>";
   }
   else
   {
       $user_pic="<img src=\"$default_pic\">";
   }
   echo $id, $firstname, $birth_date;
?>

2 个答案:

答案 0 :(得分:0)

你需要改变一些事情

首先:在您的请求中获取first_name和电子邮件

'SELECT user_id,email,first_name FROM user WHERE email_address='$email'AND password='$pass'LIMIT 1'

其次,删除while循环并执行

$row = mysql_fetch_array($sql);

您限制为1个结果,因此无需在结果中循环

$id=$_SESSION['user_id'];更改为$_SESSION['user_id'] = $id;

此外,将配置文件和删除循环的结果限制为1(user_id =&gt; UNIQUE =&gt; LIMIT 1)

答案 1 :(得分:0)

所有你需要做的就是在一切结账后在会话变量[$ _SESSION ['username']]中存储一个值,然后使用会话中的值从mysql表中选择数据

----------------------------------例如----------- -------------------------------------------

登录login.php

if($login_check > 0)
{
  $_SESSION['email']=$email;//storing variable in SESSION
 header("Location: profile.php");    
}
else
{
  $message = "incorrect Email or Password!!";
  die();// kill the script
}

在profile.php上

<?php
session_start();// start session
require_once('include/connect.php'); //include connection file

$sql = mysql_query("SELECT * FROM user  WHERE email='(mysql_real_escape_string($_SESSION['email']))'") or die(mysql_error());
$row = mysql_fetch_array($sql);
// then just echo all the data you need
?>