Php会话不起作用

时间:2013-12-18 04:13:00

标签: php

我正在尝试使用会话来确定用户是否已登录。人们无法再使用该网址只是登录他们会重定向到mainlogin.html,但现在如果我输入了正确的登录详细信息我被重定向回mainlogin.html,如果我输错了细节,它会通知我。我希望这不是重复。我查看了整个表格并尝试了其他人的方法,但他们并没有为我工作。

checklogin.php 

<?php 
session_start(); 
ob_start();

$host="foo"; // Host name 
$username="bar"; // Mysql username 
$password=""; // Mysql password 
$db_name="foo";// Database name 
$tbl_name="bar"; // Table name 

mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 


$mypassword= sha1($mypassword);
$myusername = stripslashes($myusername);
$mypassword = stripslashes ($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE myusername='$myusername' and    mypassword='$mypassword'";
$result=mysql_query($sql);


$count=mysql_num_rows($result);

if($count==1) {

    $_SESSION['myusername'] = $$myusername;
    $_SESSION['mypassword'] = $$mypassword;

    header("location:login_success.php");
}
else {
    //header('Location: ../mainlogin.html');
    echo "Wrong Username or Password";
}
?><? ob_flush(); ?>

login_success.php 

<?php
session_start();
// Check, if username session is NOT set then this page will jump to login page

if (!isset($_SESSION['myusername'])) {
    header('Location: ../mainlogin.html');
}
exit;
?>

2 个答案:

答案 0 :(得分:8)

美元符号过多?

$_SESSION['myusername'] = $$myusername;$_SESSION['mypassword'] = $$mypassword;  ...

应该是

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;

.. ops ..在会话中存储密码不是一个好主意..最好像教程说的那样

session_register("myusername");
session_register("mypassword");

答案 1 :(得分:0)

  

我希望这段代码能为您提供帮助。

     

     

包括'connect.php';

在session_start();

//从表单

发送的用户名和密码
  

如果(isset($ _ POST [ 'UNAME']))

     

$名为myUsername = $ _ POST [ 'UNAME'];

     

$输入mypassword = $ _ POST [ '的passwd'];

     

// $输入mypassword = MD5($输入mypassword);

     

$ myusername = stripslashes($ myusername);

$ mypassword = stripslashes($ mypassword);

$ myusername = mysql_real_escape_string($ myusername);

$ mypassword = mysql_real_escape_string($ mypassword);

$ sql =“SELECT * FROM $ tbl_name”; // WHERE username ='$ myusername'和password ='$ mypassword'“;

$结果= mysql_query($ SQL);

if(!$ result)

{

die('错误:'。mysqli_error());

}

while($ row = mysql_fetch_array($ result))

if($ myusername == $ row ['username']&amp;&amp; $ mypassword == $ row ['password'])

{

$ _ SESSION ['myusername'] = $ myusername;

$ _ SESSION ['mypassword'] = $ mypassword;

标题( “位置:login_success.php”);

}

否则

{

回复“用户名或密码错误请转到您的电子邮件地址并点击链接然后再登录”;

echo'Login';

}

相关问题
最新问题