Question

我在这里遗漏了一些东西，我似乎无法调用userID并将其保存在会话中。该计划在登录时存储用户ID以供将来更改。现在我似乎无法将userID存储在会话中。我注意到：未定义的索引：第14行的login.php中的userID。

<?php

session_start();
if (!isset($_POST['submit'])){

} else {
require_once("db_const.php");
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
    echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
    exit();
}
$userID = $_SESSION["userID"];
$username = $_POST['username'];
$password = $_POST['password'];

$sql = "SELECT * from userinfo WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
    echo "<p>Invalid username/password combination</p>";
} else {

  setcookie("username", time() +60*60*24*30*365);
$_SESSION['userID'] = $userID;
     echo "<p>Logged in successfully!, Please close the window</p>";
}
}
?>

Answer 1

错误在行

 $userID = $_SESSION["userID"];

似乎未设置会话userID。在分配之前，始终使用isset语言构造检查会话变量是否存在。

if(isset($_SESSION["userID"]))
{
 $userID = $_SESSION["userID"];
}

对您的其他会话变量执行此操作，此测试甚至适用于 $_POST

Answer 2

从会话本身设置后，您永远不会更新$userID。要解决此问题，请fetch结果并存储已获取的ID：

$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
    echo "<p>Invalid username/password combination</p>";
} else {
    $row = $result->fetch_assoc();
    $_SESSION['userID'] = $row['userid']; //case sensitive
    //etc.

在登录时调用用户ID并存储它

2 个答案: