我已经构建了一个非常基本的脚本,允许用户登录,出于某种原因我第一次登录,在主页上我之后如果我点击了我就会退出。奇怪的是它只是第一次发生。所以,如果我再次登录,我无法顺利导航。
感觉就像首次登录后自动注销一样。
任何想法???
先谢谢。
这是我执行登录的逻辑
function client_email_exists($email){
require(PATH . '/core/model/db_connect.php');
try{
$query = $db->prepare("
SELECT COUNT(client_id)
FROM clients
WHERE client_email = :email
");
$query->bindParam(':email', $email, PDO::PARAM_STR);
$query->execute();
}catch(Exception $e){
include_once(PATH . "/core/view/error.php");
exit();
}
return $query->fetchColumn() ? true : false;
}
function login($email, $password) {
require(PATH . '/core/model/db_connect.php');
$user_id = user_id_from_email($email);
try{
$query = $db->prepare("
SELECT COUNT(client_id)
FROM clients
WHERE client_email = :email
AND client_pass = :pass
");
$query->bindParam(':email', $email, PDO::PARAM_STR);
$query->bindParam(':pass', md5($password), PDO::PARAM_STR);
$query->execute();
}catch(Exception $e){
include_once(PATH . "/core/view/error.php");
exit();
}
return $query->fetchColumn() ? $user_id : false;
}
function login($email, $password) {
require(PATH . '/core/model/db_connect.php');
$user_id = user_id_from_email($email);
try{
$query = $db->prepare("
SELECT COUNT(client_id)
FROM client_users
WHERE client_email = :email
AND client_pass = :pass
");
$query->bindParam(':email', $email, PDO::PARAM_STR);
$query->bindParam(':pass', md5($password), PDO::PARAM_STR);
$query->execute();
}catch(Exception $e){
include_once(PATH . "/core/view/error.php");
exit();
}
return $query->fetchColumn() ? $user_id : false;
}
/* [0] ==> Login Validation */
if(!empty($_POST)) {
$email = $_POST['email'];
$password = $_POST['password'];
if(empty($email) === true || empty($password) === true) {
$messages[] = '<p class="alert alert-danger">Necesitas introducir email y Contraseña</p>';
} elseif (client_email_exists($email) === false) {
$messages[] = '<p class="alert alert-danger">No podemos encontrar tu email o nombre de usuario, asegurate de que estás registrado!</p>';
} else {
$login = login($email, $password);
if($login === false){
$messages[] = '<p class="alert alert-danger">La combinación es incorrecta!</p>';
} else {
$_SESSION['client_login'] = $login;
header('Location: index.php');
exit();
}
}
}
然后要检查用户是否已登录,我使用此功能,位于所有用户页面下方session_start()
function login_protect(){
if(!isset($_SESSION['client_login']) OR empty($_SESSION['client_login'])){
header("Location: login.php");
exit();
}
}
这是page.php的一个例子,请注意在config.php中声明了session_start()
<?php
// ==> Model Code
require_once('config.php'); // session_start() included here
require_once(PATH . '/core/model/main.php');
require_once(PATH . '/core/model/contingencies.php');
// ==> Controller Code
login_protect();
$page = "contingencies";
include_once(PATH . '/core/controller/date_logic.php');
$contingencies = get_contingencies($show_month, $show_year);
// ==> View Code
include_once(PATH . '/core/view/header.php');
include_once(PATH . '/core/view/contingencias.tmpl.php');
include_once(PATH . '/core/view/footer.php');
干杯!
答案 0 :(得分:0)
我发现了问题,
在没有www的情况下发布到登录表单时,我遇到了这个问题。所以会话没有正确存储,好像将它作为另一个域。