我有一个名为checklog.php的单独文件,其中包含我的会话详细信息
<?php
session_start();
if (!isset($_SESSION['logged'])){
$_SESSION = array();
header('location: login.php');
}
?>
和我的主要上传页面,其中食谱被上传到数据库我试图将用户ID发布到数据库但是无济于事
<?php
require_once ("checklog.php");
require_once ("function.php");
include_once ("home_start_logged.php");
require_once ("db_connect.php");
//get form data//
$_SESSION['userid']== $_POST['userid'];
$upload = trim($_POST['Upload']);
$mealname = trim($_POST['mealname']);
$ingredients = trim($_POST['ingredients']);
$hours = trim($_POST['hours']);
$minutes = trim($_POST['minutes']);
$recipe = trim($_POST['recipe']);
echo $_SESSION['userid'];
if(trim($_POST['Submit']) =="Upload"){
if($db_server){
//clean the input now we have a db connection//
$mealname = clean_string($db_server, $mealname);
$ingredients = clean_string($db_server, $ingredients);
$hour = clean_string($db_server, $hour);
$minutes = clean_string($db_server, $minutes);
$recipe = clean_string($db_server, $recipe);
$ingredients = clean_string($db_server, $ingredients);
$image = clean_string($db_server,$image);
mysqli_select_db($db_server, $db_database) ;
//check whether the recipe exists//
$query= "SELECT mealname FROM `recipename` WHERE mealname='$mealname'";
$result = mysqli_query($db_server, $query);
if ($row = mysqli_fetch_array($result)){
$message = "Meal already exists. Please try again.";
}else{
//upload recipe to database//
$query = "INSERT INTO `recipename` (
mealname, ingredients, hours, minutes, recipe,
imagepath, userID) VALUES ('$mealname',
'$ingredients','$hours','$minutes','$recipe',
'$image','" . $_SESSION['userid'] . "')";
echo query;
mysqli_query($db_server, $query) or
die("Insert failed. ". mysqli_error($db_server));
}
我的表单如下:
<form method="post" action="upload.php" enctype="multipart/form-data">
<li>
Meal Name
<input type="text" name="mealname" />
</li>
<li>
Ingredients
<input type="text" name="ingredients" />
</li>
<li>
Cooking Time
<input type="number" name="hours" placeholder="Hours" />
<input type="number" name="minutes" placeholder="Minutes" />
</li>
<li>
Recipe
<input type="text" name="recipe"/>
</li>
<li>
Have you got a photo?
<input type="file" name="image" id="image" size="10"/>
</li>
<input type="submit" id="submit" name="Submit" value="Upload" />
</form>
这是我定义$ _SESSION
的登录表单<?php
require_once ("function.php");
//get form data//
$username = trim($_POST['username']);
$password = trim($_POST['password']);
//start session//
if ($username&&$password) {
session_start();
require_once("db_connect.php");
//clean the input now we have a db connection//
$username = clean_string($db_server, $username);
$password = clean_string($db_server, $password);
$repeatpassword = clean_string($db_server, $repeatpassword) ;
mysqli_select_db($db_server, $db_database) ;
//check whether the username exists//
$query="SELECT * FROM Users WHERE Username='$username'";
$result=mysqli_query($db_server, $query) ;
if ($row = mysqli_fetch_array($result)){
$db_username = $row['Username'];
$db_password = $row['Password'];
$db_id = $row['userid'];
if ($username==$db_username&&salt($password)==$db_password){
$_SESSION['username']=$username;
$_SESSION['userid']=$db_id;
$_SESSION['logged']="logged";
header ('Location: phpdatabase.php');
}else{
$message = "<h1>Incorrect Password!</h1>";
}
}else{
$message = "<h1>That user does not exist!</h1>" .
"Please <a href='login.php'>try again</a>";
}
mysqli_free_result($result);
require_once ("db_close.php");
}else{
$message = "<h1>Please enter a valid username/password</h1>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Fud.</title>
<link rel="stylesheet" type="text/css" href="site.css" />
</head>
<h1>Login</h1>
<form action='login.php' method='post'>
Username:<input type='text' name='username'><br />
Password: <input type='password' name='password'><br />
<input type='submit' name='submit' value='Login' />
<input name='reset' type='reset' value='reset' />
<h4><a href='register.php'>Register</a></h4>
</form>
<?php echo $message; ?>
答案 0 :(得分:1)
在您的表单userid中没有显示任何内容,因此当您设置:
$_SESSION['userid']= $_POST['userid'];
$_POST['userid']是空的,也许在其他地方你已经在$ _SESSION中设置了用户ID,如果是这种情况你不需要设置任何新内容,只需使用它。
答案 1 :(得分:0)
第二个文件中没有session_start();。
要访问Session全局,您需要启动会话。
使用
$_SESSION['userid']= $_POST['userid'];
不是
$_SESSION['userid']== $_POST['userid'];
答案 2 :(得分:0)
您正在将$_POST数组的值保存到$_SESSION,但请求表单中没有$_POST['userid']这样的元素。
解决方案:最好先登录他/她,对用户进行身份验证。用户登录后,您可以将会话中的用户ID保存在整个会话的每个页面中。
假设您的登录表单包含文本字段名称userid。在开始会话并验证用户后,将其放入登录检查文件中。
$_SESSION['userid'] = $_POST['userid'];
现在在您要将数据插入数据库删除行的页面中
$_SESSION['userid'] = $_POST['userid'];