在写上下文Php中不能使用函数返回值使用$ _Session

时间:2014-01-24 22:54:24

标签: php mysql session login

我正在为我正在处理的网站开发登录功能,我正在尝试使用会话方法,但我一直收到错误“致命错误:无法在写入上下文中使用函数返回值。 “有什么想法吗?

<?php
            $db_name="name"; // Database name 
            // Connect to server and select databse.
            mysql_connect("xxxxxxx","xxxx","xxxxxx")or die("cannot connect"); 
            mysql_select_db($db_name)or die("cannot select DB");
            // username and password sent from form 
            $username=$_POST['username']; 
            $password=$_POST['password']; 

            // To protect MySQL injection (more detail about MySQL injection)
            $myusername = stripslashes($username);
            $mypassword = stripslashes($password);
            $myusername = mysql_real_escape_string($username);
            $mypassword = mysql_real_escape_string($password);
            $sql1="SELECT * FROM `professionals` WHERE username='$username'";
            $sql2="SELECT * FROM `professionals` WHERE password='$password'";
            $result1=mysql_query($sql1);
            $result2=mysql_query($sql2);

            // Mysql_num_row is counting table row
            $count=mysql_num_rows($result1);

            // If result matched $myusername and $mypassword, table row must be 1 row
            if($count==1){
                $_SESSION("username")=$result1;
                $_SESSION_("password")=$result2; 
                header("location:Success.html");
            }
            else {
                echo "Wrong Username or Password";
                header("location:Failed.html");
            }
        ?><?php
            $db_name="name"; // Database name 

            // Connect to server and select databse.
            mysql_connect("xxxxxxx","xxxx","xxxxxx")or die("cannot connect"); 
            mysql_select_db($db_name)or die("cannot select DB");
            // username and password sent from form 
            $username=$_POST['username']; 
            $password=$_POST['password']; 

            // To protect MySQL injection (more detail about MySQL injection)
            $myusername = stripslashes($username);
            $mypassword = stripslashes($password);
            $myusername = mysql_real_escape_string($username);
            $mypassword = mysql_real_escape_string($password);
            $sql1="SELECT * FROM `professionals` WHERE username='$username'";
            $sql2="SELECT * FROM `professionals` WHERE password='$password'";
            $result1=mysql_query($sql1);
            $result2=mysql_query($sql2);

            // Mysql_num_row is counting table row
            $count=mysql_num_rows($result1);

            // If result matched $myusername and $mypassword, table row must be 1 row
            if($count==1){ //Write Username and Password goes to page
                $_SESSION("username")=$result1;
                $_SESSION_("password")=$result2; 
                header("location:Success.html");
            }
            else {
                echo "Wrong Username or Password"; //Wrong Password goes to error page
                header("location:Failed.html");
            }
        ?>

2 个答案:

答案 0 :(得分:2)

$_SESSION是一个数组,而不是一个函数。你试着在后面使用它作为后者:

$_SESSION("username")=$result1;
$_SESSION_("password")=$result2;

您需要按如下方式更新代码:

$_SESSION["username"] = $result1;
$_SESSION["password"] = $result2;

您的代码还有许多其他错误:

  1. mysql_*()函数现已弃用。你应该考虑一下 升级您的代码以使用MySQLiPDO

  2. 我在代码中看不到对session_start()的任何调用。这是 当您希望使用用户的会话时需要。

答案 1 :(得分:1)

这很可能就是问题

$_SESSION("username")=$result1;
$_SESSION_("password")=$result2;

应该是

$_SESSION["username"] = $result1;
$_SESSION["password"] = $result2;
相关问题
最新问题