我正在建立一个欢迎用户页面 - 在我的用户登录后,我想在每个页面上回显用户的名字。但是我遇到了困难,看了各种论坛之后我发布了我的代码,希望有人可能知道我哪里出错了。
我有2个关键页面 - 登录和索引页面。
Login.php page
<?php
session_start();
require("includes/connect.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Login</title>
<link rel="stylesheet" type="text/css" href="css/login.css">
<!--Cited Bootstrap: Responsive web design-->
<link href="css/bootstrap-theme.css" rel="stylesheet" type="text/css">
<link rel="stylesheet" type="text/css" href="css/bootstrap.css">
</head>
<body>
<div class="container">
<form class="form-signin" role="form" action="login.php" method="post">
<h2 class="form-signin-heading">Please sign in</h2>
<input type="text" class="form-control" placeholder="Username" name="username_login" required autofocus>
<input class="form-control" type="password" placeholder="Password" name="user_password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
<label class="forgotten"><a href="forgottenpass.php">Forgotten password?</a></label>
</form>
<?php
//if an admin or user session is already in progress then dont let them log in, redirect to 'index.php'
if (isset($_SESSION['admin']) && ($_SESSION['admin'] == true) || isset($_SESSION['user']) && ($_SESSION['user'] == true)) {
echo "You are already logged in";
//if use not logged in then
}else
if ( trim($_POST['username_login']) AND trim($_POST['user_password']))
{
//if username and password are entered, blank before user fills form
$usr = (isset($_POST['username_login'])? $_POST['username_login']:null);
$pwd = (isset($_POST['user_password'])? $_POST['user_password']:null);
//$usr = mysqli_escape_string($usr); //Prevent against SQL Injection by avoiding "\" being executed
// $pwd = mysqli_escape_string($pwd); //Prevent against SQL Injection by avoiding "\" being executed
if ($usr && $pwd){
$epwd = $pwd;
$q = "SELECT * FROM users WHERE UName='$usr' LIMIT 1;";
$resultset = mysqli_query($conn,$q);
$rowcount = mysqli_num_rows($resultset);
if ($rowcount==1){
while ($userRow = mysqli_fetch_assoc($resultset)){
//Get the DB username and password to compare
$dataBaseEmail = $userRow['UName'];
$dataBasePass = $userRow['Password'];
$userGroup = $userRow['UserLevelID'];
}
mysqli_free_result($resultset);
unset($q);
//Compare DB user and pass to those entered
if ($usr == $dataBaseEmail && $epwd == $dataBasePass){
//Now that we know they are activated ect, we can create a session based on their privlidges
if ($userGroup ==1){ //ADMIN load the console
$_SESSION['admin'] = true;
//header("Location: admincreateuser.php");
echo '<div class="login-error">You are an admin user <a href="adminindex.php">Admin</a>.</div>';
//exit;
}else{ //Normal User
$_SESSION['user'] = true;
$_SESSION['user'] = $dataBaseEmail;
//header ("Location: index.php");
echo '<div class="login-error">You are a standard user <a href="index.php">Standard</a>.</div>';
//exit;
}
}else{//user and pass do not match DB
echo '<div class="login-error">Incorrect Password, try again</div>';
}
}else{
echo '<div class="login-error">Error: There is no such user registered on the system. Please check the username and password entered.</div>';
}
}
}
?>
</div> <!-- /container -->
</body>
</html>
Index.php page:
<?php
session_start();
include "includes/header.php";
include "includes/connect.php";
?>
<div class="jumbotron">
<h1>Operating system being used:<?php echo $os?></h1>
<p>Text</p>
<?php echo $os?>
<?php
echo "Hello" .$_SESSION['user'];
?>
非常感谢提前。
答案 0 :(得分:1)
您已将$_SESSION['user']用于两个目的,您可以重命名任何一个$ _SESSION数组
试试这个,
$_SESSION['user'] = true;
$_SESSION['userEmail'] = $dataBaseEmail;
而不是
$_SESSION['user'] = true;
$_SESSION['user'] = $dataBaseEmail;
在欢迎屏幕上,
if(isset($_SESSION['user'])){
echo "Hello" .$_SESSION['userEmail'];
}