我经历了不少文章,无法找到我要找的东西。我之前尝试过使用$ GLOBALS,但在查询mysql时效果不好。
我在这里遇到的问题是我希望在整个页面上显示用户名,并在登录屏幕上确认用户名和密码后包含的所有php文件。
我的意思示例(为简化而删除了密码哈希):
<?php
include('config.php');
global $logged;
$email = $_POST["email"];
$GLOBALS['email'] = $email;
$password = $_POST["password"];
$results = sqlQuery("SELECT upassword FROM usertable WHERE useremail='$email' LIMIT 1");
foreach ($results as $result)
{
$cpassword = $result[0][0];
}
if($cpassword === $password)
{
echo "Login succesful";
$logged = 0;
Redirect('index.php', false);
}
else
{
$logged = 1;
echo "Incorrect Username or Password";
}
?>
==============================
function sqlQuery($sql) {
global $db_conn;
// execute query
$db_result = mysql_query($sql, $db_conn);
// if db_result is null then trigger error
if ($db_result === null) {
trigger_error(mysql_errno() . ": " . mysql_error() . "\n");
exit();
}
// prepare result array
$resultSet = Array();
// if resulted array isn't true and that is in case of select statement then open loop
// (insert / delete / update statement will return true on success)
if ($db_result !== true) {
// loop through fetched rows and prepare result set
while ($row = mysql_fetch_array($db_result, MYSQL_NUM)) {
// first column of the fetched row $row[0] is used for array key
// it could be more elements in one table cell
$resultSet[$row[0]][] = $row;
}
}
// return result set
return $resultSet;
}
==================
<?php
// include config with database definition
include('config.php');
// start transaction
sqlQuery('start transaction');
// delete all
sqlQuery('delete from sometable');
// accept parameters - p is array (suppress errors by adding "@" sign)
$arr = @$_REQUEST['p'];
// if input array exists (in all cases except deleting last element)
if (is_array($arr)) {
// open loop through each array element
foreach ($arr as $p) {
// detach values from combined parameters
// $tbl parameter is ignored because saving goes only from table 1
list($sub_id, $row, $col) = explode('_', $p);
// discard clone id part from the sub_id
$sub_id = substr($sub_id, 0, 2);
// insert to the database
sqlQuery("insert into sometable (sub_id, tbl_row, tbl_col) values ('$sub_id', $row, $col)");
}
}
// commit transaction (sqlCommit is function from config.php)
sqlCommit();
// redirection to the index.php
header('location: index.php');
?>
现在,如果我要使用查询中登录名中看到的$ GLOBALS ['email']: sqlQuery(“插入sometable(sub_id,tbl_row,tbl_col)值('$ sub_id',$ row,$ col)”);这会失败,你怎么能这样做?
答案 0 :(得分:2)
该评论解释了Globals的用途。即使你几乎不应该使用Globals。
现在,问你的问题。将session_start()放在脚本的顶部。是的,在<?php之后
然后,修改此代码块。
if($cpassword === $password)
{
echo "Login succesful";
$logged = 0;
Redirect('index.php', false);
$_SESSION['user_email']= (isset($_POST['email'])) ? $_POST['email'] : false;
}
现在,您需要的一切就是回复电子邮件,您可以随时在脚本中的任何位置使用echo $_SESSION['user_email']。只要函数session_start()可用于该页面。
您的代码和整体逻辑确实错过了一些约定和标准,因此我建议您阅读PHP the right way。学习一些好东西。
答案 1 :(得分:0)
您可以使用SESSIONS并存储当前session所需信息的用户名。
例如,一旦您开始会话$_SESSION['username']。
现在每页都可以echo $_SESSION['username']。