我希望在用户登录时显示“欢迎”用户名“',但它不起作用。我可能会在会话上做错事。
它给出了错误消息:
注意:数组转换为字符串
我的代码:
<?php
require("config.php");
if(empty($_SESSION['user']))
{
header("Location: index.php");
die("Redirecting to index.php");
}
$user = $_SESSION['user'];
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>uvoluntary</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width">
<link href="font/stylesheet.css" rel="stylesheet" type="text/css">
</head>
<body>
<div class="navbar navbar-fixed-top navbar-inverse">
<div class="navbar-inner">
<div class="container">
<a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
<a class="brand">Logged In</a>
<div class="nav-collapse">
<ul class="nav pull-right">
<li><a href="eventsignup.php">Create Event</a></li>
<li><a href="#">My Events</a></li>
<li class="divider-vertical"></li>
<li><a href="logout.php">Log Out</a></li>
</ul>
</div>
</div>
</div>
</div>
<!-- MAIN CONTENT -->
<div class="container content container-fluid" id="home">
<h1 style="text-align: center;">Admin Control Panel</h1>
<!-- HOME -->
<h2>Welcome <?php echo $user; ?> </h2>
</div>
</body>
</html>
CONFIG.PHP
<?php
// These variables define the connection information for your MySQL database
$username = "root";
$password = "";
$host = "localhost";
$dbname = "uvoluntarytest";
$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
try { $db = new PDO("mysql:host={$host};dbname={$dbname};charset=utf8", $username, $password, $options); }
catch(PDOException $ex){ die("Failed to connect to the database: " . $ex->getMessage());}
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
header('Content-Type: text/html; charset=utf-8');
session_start();
?>
的index.php
<?php
require("config.php");
$submitted_username = '';
if(!empty($_POST)){
$query = "
SELECT
id,
username,
password,
salt,
email
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex){ die("Failed to run query: " . $ex->getMessage()); }
$login_ok = false;
$row = $stmt->fetch();
if($row){
$check_password = hash('sha256', $_POST['password'] . $row['salt']);
for($round = 0; $round < 65536; $round++){
$check_password = hash('sha256', $check_password . $row['salt']);
}
if($check_password === $row['password']){
$login_ok = true;
}
}
if($login_ok){
unset($row['salt']);
unset($row['password']);
$_SESSION['user'] = $row;
header("Location: secret.php");
die("Redirecting to: secret.php");
}
else{
echo '<h4 style="color:red;font-weight:bold; margin-top:40px; margin-left:850px;">Username And/or Password Incorrect. Please try again.</h4>';
}
}
?>
答案 0 :(得分:2)
您要么丢失session_start(),要么将其放在文件的顶部。
答案 1 :(得分:1)
让我们看一下您创建$_SESSION['user']的代码 - 听起来您正在为此分配一个数组?尝试执行print_r($user)以查看是否是您的错误来自的数组。也许你需要像echo $user['username']
编辑:您确实正在为$ _SESSION ['user']分配一个数组。这样做:
echo $user['username'];
或者通过执行以下操作来修复数据库代码:
$_SESSION['user'] = $row['username'];
除非您关闭会话,否则在标题调用之前设置会话通常不起作用。
尝试在标题调用之前添加它:
session_write_close();
并将你的session_start()移到最顶端以获得良好的衡量标准。
答案 2 :(得分:1)
为什么不在页面中启动session_start()功能。当您使用会话进行编码时,它需要位于每个页面中。
我没有找到在代码中设置$_SESSION['user']的任何理由......
请更正那些..
答案 3 :(得分:1)
以
开头 session_start()功能在页面中。
当您使用会话进行编码时,它必须位于每个页面中。
试试吧。我希望它足够答案 4 :(得分:0)
欢迎,<?php echo htmlentities($_SESSION['user']['username'], ENT_QUOTES, 'UTF-8'); ?>!
这会显示欢迎(以及用户名或号码)Just Try。