我创建了一个名为 login.class.php
的类<?php
class Login
{
public $errors = array();
public $messages = array();
private $db_connection = null;
private $username = '';
private $password = '';
private $logged_in = false;
public function __construct()
{
session_start();
if (isset($_GET["logout"]))
{
$this->doLogout();
}elseif(isset($_POST['login']))
{
$this->doLogin($_POST['username'],$_POST['password']);
}
}
// KONEKSI KE DATABASE
private function dbConn()
{
if ($this->db_connection != null)
{
return true;
}else{
try
{
$this->db_connection = new PDO('mysql:host='.HOST.';dbname='.NAME.';charset=utf8', USER, PASS);
return true;
}catch (PDOException $e){
$this->errors[] = "Terdapat kesalahan : ".$e->getMessage();
}
}
return false;
}
// METHOD LOGIN
public function doLogin($username, $password)
{
if ($this->dbConn())
{
$query_user = $this->db_connection->prepare('SELECT * FROM login WHERE username = ? LIMIT 1');
$query_user->bindValue(1, $username, PDO::PARAM_INT);
$query_user->execute();
$hasil = $query_user->fetchObject();
}
if(!isset($hasil->username))
{
$this->errors[] = "Username tidak terdaftar";
}elseif($hasil->password != md5($password)){
$this->errors[] = "Password yang Anda masukkan salah";
}else{
$_SESSION['username'] = $hasil->username;
$_SESSION['logged_in'] = true;
$this->logged_in = $_SESSION['logged_in'];
$this->username = $hasil->username;
$this->password = $hasil->password;
}
}
public function doLogout()
{
$_SESSION = array();
session_destroy();
$this->logged_in = false;
header('Location: index.php');
}
public function UserLoggedIn()
{
return $this->logged_in;
}
} ?>
然后我创建了另外两个名为 login.php
的页面 <?php
require_once 'includes/config.php';
require_once 'classes/login.class.php';
$login = new Login();
if ($login->UserLoggedIn() == true) {
header('Location: admin.php');
} ?>
<form action="" method="post">
<h1>Halaman Login</h1>
<div class="login-fields">
<?php
if(isset($login))
{
if($login->errors)
{
foreach($login->errors as $error) { echo"$error</p>"; }
}else{
echo'<p>Masukkan detail</p>';
}
}
?>
<div class="field">
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" placeholder="Username" class="login username-field" required>
</div> <!-- /field -->
<div class="field">
<label for="password">Password:</label>
<input type="password" id="password" name="password" value="" placeholder="Password" class="login password-field" required>
</div> <!-- /password -->
</div> <!-- /login-fields -->
<div class="login-actions">
<button type="submit" name="login" class="button btn btn-success btn-large">Masuk</button>
</div> <!-- .actions -->
</form>
和 admin.php :
<?php
error_reporting(0);
require_once 'includes/config.php';
require_once 'classes/login.class.php';
$login = new Login();
if ($login->UserLoggedIn() == true) {
//PROTECTED PAGE HERE
}
?>
但 login.class.php 中的 doLogin()已保存会话。
对不起,我很抱歉,我希望你知道我的意思。
答案 0 :(得分:0)
也许你的问题是 $ _ GET [“logout”] 变量仍然设置,并且在构造函数中你的类会使会话失败。尝试在使用后取消设置所有 $ _ GET 变量。
答案 1 :(得分:0)
首先,您需要检查会话工作。创建twp新的php文件,例如test.php,example.php
test.php
<?php
/* Get All errors */
ini_set('display_errors', 'On');
error_reporting(E_ALL);
if(session_id() == '') {
session_start();
}
$_SESSION['test'] = 'test';
?>
<强>使用example.php
<?php
/* Get All errors */
ini_set('display_errors', 'On');
error_reporting(E_ALL);
if(session_id() == '') {
session_start();
}
var_dump($_SESSION['test']);
?>
如果您不查看字符串'test',可以查看下一步:
1)您需要刷新浏览器缓存,删除服务器/主机的cookie,然后重试加载phpMyAdmin。
2)在php.ini文件中编辑会话save_path并更改权限(4777):
示例:
session.save_path = "/var/lib/php/session"