PDO:isset&会话不起作用

时间:2014-03-26 22:30:27

标签: php mysql forms pdo isset

我有一个密码保护页面,只能使用用户名和密码访问。一切都必须正确,但我没有!

这是我的表格( index.php )和pn:

<?php
if (isset($_POST['name'], $_POST['password'])) {

    $dns = "mysql:host=localhost;dbname=department_c";
    $option = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES UTF8');
    try{
        $pdo = new PDO($dns, "root", "", $option);
        $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    } catch(PDOException $e){
        die("Erreur de connection.");
    }

    $sql="SELECT * FROM admin WHERE name = :name AND password = MD5(:password)";
    $stmt = $pdo->prepare($sql);
    $stmt->bindValue('name', $_POST['name']);
    $stmt->bindValue('password', $_POST['password']);
    $stmt->execute();

    $nbMembre = $stmt->rowCount();

    if($nbMembre == 1){
        $membre = $stmt->fetch(PDO::FETCH_ASSOC);
        header("location:test.php");
    } else {
        $msg="<font color='orange'>Enter username and  password.</font>";
    }
} else {
    $msg ="<font color='red'>Lgon!</font>";
}

?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<meta charset="UTF-8" />
</head>
<body>
<form action="" method="post">
<label for="name">Username: </label>
<input type="text" name="name" /><br/>
<label for="password">Passwprd: </label>
<input type="password" name="password" /><br/>
<input type="submit" value="login" />
</form>
<p><?php echo $msg; ?></p>
</body>
</html>

这是我的测试页面。它非常适合用户名和密码进行保护和访问。没有if(!isset($_SESSION['name']))或者如果我像if(isset($_SESSION['name']))那样进入页面,但是!isset 我不能!

以下是代码( test.php ):

<?php
session_start();
require 'connect.php';
if(!isset($_SESSION['name'])){
header("location:index.php");
exit();
    }
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Test</title>
</head>
<body>
<header>
</div>
wellcome
Hellos-.....
<br>
<a href="logout.php"><h2>Logout</h2></a>
</div>
</body>
</html>

这是我的退出代码( logout.php ):

<?php
session_start();
$_SESSION = array();
session_destroy();
if(!isset($_SESSION['name'])){
 header("location:index.php");
}else{
 echo"<h2> There was a problem with logging out!</h2>";
 exit();
}

?>

1 个答案:

答案 0 :(得分:0)

修改

index.php文件中:

尝试将session_start(); $_SESSION['name'] = $_POST['name'];放在$membre = $stmt->fetch(PDO::FETCH_ASSOC);header("location:test.php");之间,然后按照我在原始答案中添加的条件语句进行操作。

我测试并为我工作过:

...

    if($nbMembre == 1){
        $membre = $stmt->fetch(PDO::FETCH_ASSOC);

// my addition

session_start();
$_SESSION['name'] = $_POST['name'];

        header("location:test.php");
    } else {
        $msg="<font color='orange'>Enter username and password.</font>";
    }
} else {
    $msg ="<font color='red'>Lgon!</font>";
}

...
// rest of code

原始答案

基于以下内容:(测试代码作为一个文件工作)

将一个变量分配给表单的POST元素,然后从$_POST分配会话名称。

这将被视为您的登录页面:

<?php
session_start();
// require 'connect.php';

if(isset($_POST['submit'])){

    $name = $_POST['name'];
    $_SESSION['name'] = $_POST['name'];

if(isset($_SESSION['name']) && !empty($_SESSION['name'])){

    echo "session is set";
    echo "<br>";
    echo $name;

    } else  { 

        echo "session is NOT set";

            }

       } // brace for if(isset($_POST['submit']))
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Test</title>
</head>
<body>

<form action="" method="post">
<label for="name">Username: </label>
<input type="text" name="name" /><br/>
<label for="password">Password: </label>
<input type="password" name="password" /><br/>
<input type="submit" name="submit" value="TEST" />

</form>
</body>
</html>

然后就是你现在拥有的 test.php

<?php
session_start();
require 'connect.php';

    if(isset($_SESSION['name']) && !empty($_SESSION['name'])){

        echo "session is set";
        echo "<br>";
        echo $name;

        } else  { 

        //  echo "session is NOT set";
         header("location:index.php");

                }
/* old method
if(!isset($_SESSION['name'])){
header("location:index.php");
exit();
    }
*/

?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Test</title>
</head>
<body>
<header>
</div>
wellcome
Hellos-.....
<br>
<a href="logout.php"><h2>Logout</h2></a>
</div>
</body>
</html>

<强>密码:

我还注意到您使用MD5存储密码。不再推荐这样做。

以下是一些密码存储选项:

其他链接:


<强>会话

这是一个关于会话的直观教程: