这是我的登录表单php代码。据我所知,这段代码还可以,但会话处理存在问题。我认为我的代码中没有创建会话。但是看不出任何错误当然我研究它很多资源很多都证明了这一点。任何帮助必须得到赞赏。
主页 -
<?php
session_start();
session_regenerate_id();
if(!isset($_SESSION['user'])) // if there is no valid session
{
header("Location: login.html?action=no");
die();
} else {
}
?>
登录页面(index.php) -
<?php
if(isset($_POST['submit']))
{
$dbHost = "localhost"; //Location Of Database usually its localhost
$dbUser = "root"; //Database User Name
$dbPass = ""; //Database Password
$dbDatabase = "testdb"; //Database Name
$db = mysql_connect($dbHost,$dbUser,$dbPass)or die("Error connecting to database.");
//Connect to the databasse
mysql_select_db($dbDatabase, $db)or die("Couldn't select the database.");
//Selects the database
/*
The Above code can be in a different file, then you can place include'filename.php'; instead.
*/
//Lets search the databse for the user name and password
//Choose some sort of password encryption, I choose sha256
//Password function (Not In all versions of MySQL).
$usr = mysql_real_escape_string($_POST['username']);
$pas = hash('sha256', mysql_real_escape_string($_POST['password']));
$sql = mysql_query("SELECT * FROM users_table
WHERE username='$usr' AND
password='$pas'
LIMIT 1");
session_start();
if(isset($_POST['username']) && isset($_POST['password']))
{
if( auth($_POST['username'], $_POST['password']) )
{
// auth okay, setup session
$_SESSION['user'] == $_POST['username'];
isset($_SESSION['user']);
session_register("user");
// redirect to required page
$Groups = $result["Groups"];
if($Group == 'a')
{ // "Admin"
$_SESSION['user'] == $_POST['username'];
isset($_SESSION['user']);
session_register("user");
header("Location: video.html");
} elseif($Group == 'admin') {
$_SESSION['user'] == $_POST['username'];
isset($_SESSION['user']);
session_register("user");
header("Location: home.html");
} else {
// didn't auth go back to loginform
header( "Location: index.html" );
}
}
}
?>
答案 0 :(得分:2)
$_SESSION['user'] == $_POST['username'];
应该是
$_SESSION['user'] = $_POST['username'];