PHP会话在表单提交时结束

时间:2014-03-02 10:46:29

标签: php

当我在页面上提交表单导致会话结束并且用户必须重新登录时,我遇到了问题。我花了好几个小时尝试对此进行排序,而不是随时随地进行排序! 这是表单中的代码 - 

<?php
session_start(); /// initialize session
$title = 'Month Edit';
include("passwords.php");
$user_email = check_logged(1, $dbc);
?>

表单代码只是

passwords.php页面是

<?php
require ('ct_db.php');//This is the database info
$query = "SELECT * FROM users";
$result = mysqli_query ($dbc, $query);

while($check_row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
  $this_us = $check_row['user'];
  $this_ps = $check_row['pass'];
  $USERS[$this_us] = $this_ps;
}

function check_logged($page, $dbc)
{ 
     global $_SESSION, $USERS;
     if (!array_key_exists($_SESSION["logged"],$USERS))
      { 
        header("Location: login.php"); 
     }
     else
     {
        $this_user = $_SESSION["logged"];
        $query = "SELECT * FROM users WHERE user = '$this_user'";
        $result = mysqli_query ($dbc, $query);
        $row2 = mysqli_fetch_array($result, MYSQLI_ASSOC);
        $user_email = $row2['email'];
        $user_permission = $row2['permissions'];
        if($page == 3 && ($user_permission=="admin" || $user_permission=="user"))
        {
         header("Location: login.php"); 
        }
      else
      {
      if($page == 2 && $user_permission=="user")
      {
      header("Location: login.php"); 
      }
      else
      {
        echo '<div id="logged_in">';
        echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
        echo 'Logged in as <span style="color:blue">'.$_SESSION["logged"]."</span> ";
        echo 'email '.$user_email.' ';
        echo '<input type="submit" value="Logout" id="log_out"/></div><br>'; 
        return $user_email;
      }
    }
    }
}; 
?>

我还有一个登录页面,其中包含以下内容

<?php
session_start();
$title = 'login';
require ('ct_db.php');
$query = "SELECT * FROM users";
$result = @mysqli_query ($dbc, $query);

 while($check_row = mysqli_fetch_array($result, MYSQLI_ASSOC))
  {
  $this_us = $check_row['user'];
  $this_ps = $check_row['pass'];
  $USERS[$this_us] = $this_ps;
  }


function check_logged($page)
{ 
     global $_SESSION, $USERS; 
     if (!array_key_exists($_SESSION["logged"],$USERS))
      { 
        header("Location: login.php"); 
     }
     else
     {
        $this_user = $_SESSION["logged"];
        require ('ct_db.php');
        $query = "SELECT * FROM users WHERE user = '$this_user'";
        $result = mysqli_query ($dbc, $query);
        $row2 = mysqli_fetch_array($result, MYSQLI_ASSOC);
        $user_email = $row2['email'];
        $user_permission = $row2['permissions'];
        if($page == 3 && ($user_permission=="admin" || $user_permission=="user"))
        {
         header("Location: login.php"); 
        }
      else
      {
      if($page == 2 && $user_permission=="user")
      {
      header("Location: login.php");
      }
      else
      {
        echo '<div id="logged_in">';
        echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
        echo 'Logged in as <span style="color:blue">'.$_SESSION["logged"]."</span> ";
        echo 'email '.$user_email.' ';
        echo '<input type="submit" value="Logout" id="log_out"/>'; 
        return $user_email;
        }
        }
    }
}; 

require ('ct_db.php');
if ($_POST["ac"]=="log")
 { /// do after login form is submitted  
     if ($USERS[$_POST["username"]]==$_POST["password"]) /// check if submitted  username and password exist in $USERS array 
     { 
          $_SESSION["logged"]=$_POST["username"];
          $_SESSION["email"] = 'email address';
          echo 'email = '.$_SESSION["email"];
     } 
     else
     {
          echo 'Incorrect username/password. Please, try again.';
     };
};

if ($_POST["ax"]=="out")
 { /// do after login form is submitted
     if ($USERS[$_POST["username"]]==$_POST["password"]) /// check if submitted  username and password exist in $USERS array 
     {
          session_destroy();
          echo 'You are logged out';
          //header("Location: login.php");
          die;
     }
}; 

if (array_key_exists($_SESSION["logged"],$USERS)) //// check if user is logged or not  
{ 
     echo "You are logged in.";
     echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
     echo '<input type="submit" value="Logout" />'; 
     echo '</form>';
     header("Location: mainPage3.php"); 

      //// if user is logged show a message  
} 
else 
{ //// if not logged show login form 
    echo '<div id="login">';
    echo '<h1>Connectivity</h1>';
    echo 'Please login<br><br>';
    echo '<form action="login.php" method="post"><input type="hidden" name="ac" value="log"> '; 
    echo 'Username: <input type="text" name="username" id="username"/><br>'; 
    echo 'Password: <input type="password" name="password" id="password"/><br>'; 
    echo '<input type="submit" value="Login" />'; 
    echo '</form>'; 
    echo '</div><!--End login-->';
}; 
?>

在我尝试解决问题时,我已经改变并添加了大量代码,我确信它比它应该更复杂。我可以在没有注销的情况下从一个页面移动到另一个页面,并且可以刷新包含该表单的页面有任何问题。但如果我按提交,我会回到登录页面。 我唯一能想到的可能是线索是用户信息与站点信息位于不同的数据库中,但我已经检查过以确保每个都有正确的代码。 任何帮助都感激不尽。

1 个答案:

答案 0 :(得分:0)

我只能在你的代码登录和注销中看到两种提交按钮(两次),这两种形式都有action = login.php。

单击注销按钮时会通过代码销毁会话。 当已经登录的用户单击登录按钮(假设按钮可见)时,它会将帖子中的值设置为空值,并且用户将被重定向到login.php页面,因为验证将抛出记录== false

我没有测试过您的代码,但显然这似乎是问题所在。

相关问题
最新问题