带有数据会话的PHP重定向会破坏

时间:2014-02-07 11:48:42

标签: php session

我正在尝试使用header("location")的公式。

除了一件事之外,它的工作正常。当我试图设置持有消息的会话时它会设置会话,但是当我试图写出来时,问题就开始了......

就像他进入if然后删除cookie一样,跳出if并尝试再次到达那里..

这是我的代码:

if (isset($_SESSION['sess_error'])) { 
    echo '<div class="alert alert-danger">';
    foreach ($_SESSION['sess_error'] as $val) { 
        echo $val.'<br>'; 
    }
    unset($_SESSION['sess_error']);
}

if (empty($_POST['username'])) { $error[] = 'Du måste fylla i ett användarnamn...'; }    
if (empty($_POST['password'])) { $error[] = 'Du måste fylla i ett lösenord...'; }
elseif ($sql->num_rows == 0) { $error[] = 'Något fel uppstog, du kunde inte bli inloggad...'; }
if (count($error) > 0) { 
    $_SESSION['sess_error'] = $error;
}

任何人都知道为什么会这样,我该怎么做才能阻止它?

整个剧本:

<?php
SESSION_START();
    if (isset($_POST['login'])) { 
            $error = null;
            $username = $_POST['username'];
            $password = $_POST['password'];
            $sql = $mysqli->query("SELECT * FROM users WHERE username='".$username."' AND password='".$password."' LIMIT 1");
            if (empty($_POST['username'])) { $error[] = 'Du måste fylla i ett användarnamn...'; }
            if (empty($_POST['password'])) { $error[] = 'Du måste fylla i ett lösenord...'; }
            elseif ($sql->num_rows == 0) { $error[] = 'Något fel uppstog, du kunde inte bli inloggad...'; }
                if (count($error) > 0) { 
                    $_SESSION['sess_error'] = $error;
                }
                else { 
                    while ($r = $sql->fetch_array()) { 
                        $_SESSION['sess_username'] = $r['username']; 
                        $_SESSION['sess_userID'] = $r['userID'];
                        $_SESSION['sess_admin'] = $r['admin']; 
                        $_SESSION['sess_logg'] = 1;
                    }
                }
                header("Location: ./");
            }
?>

2 个答案:

答案 0 :(得分:0)

我解决了整个问题,我只需要添加退出;标题后面(“”);它运作得很好!

答案 1 :(得分:-1)

在重定向之后,您可能在页面上缺少要设置表单错误的start_session()。

文件:“login.php”:

    <?php
    session_start();
    var_dump($_SESSION);

    if(isset($_SESSION['session_logg']) && $_SESSION['session_logg'] === '1') { 
        echo 'Logged in :' . $_SESSION['session_username'];
    } elseif (isset($_SESSION['sess_error'])) { 
        var_dump($_SESSION['sess_error']);
        echo '<div class="alert alert-danger">';
        foreach ($_SESSION['sess_error'] as $val) { 
            echo $val.'<br>'; 
        }
        echo '</div>';

        unset($_SESSION['sess_error']);
    }

    if (isset($_POST['login'])) { 
                $error = array();
                $username = isset($_POST['username']) ? $_POST['username'] : false;
                $password = isset($_POST['password']) ? $_POST['password'] : false;

                // no username or password given
                if ($username === false or $password === false) 
                { 
                    $_SESSION['sess_error'][] = 'Login Error.';
                    header("Location: login.php");
                    exit();
                }

                // username, pw given, lets ask db for that guy
                $sql = $mysqli->query("SELECT * FROM users WHERE username='".$username."' AND password='".$password."' LIMIT 1");

                // user not found in db, goodbye
                if ($sql->num_rows == 0) { 
                    $_SESSION['sess_error'][] = 'Något fel uppstog, du kunde inte bli inloggad...';       
                    header("Location: login.php");
                    exit();
                }

                // user found
                else { 
                    $r = $sql->fetch_array()) { 
                    $_SESSION['sess_username'] = $r['username']; 
                    $_SESSION['sess_userID'] = $r['userID'];
                    $_SESSION['sess_admin'] = $r['admin']; 
                    $_SESSION['sess_logg'] = 1;
                    header("Location: index.php");
                    exit();                            
                }                      

     }
    ?>

旁注:未解决您的问题:从未在登录时显示正确的错误。 说:“登录失败”,而不是“用户名xy”未找到。