PHP中的$ _SESSION总是返回1

时间:2015-06-21 15:56:20

标签: php

我正在尝试在PHP中开发一个登录系统,其中faculty_login.php displays faculty_login_option.inc.php具有登录表单,如果设置$_SESSION['f_id'],则会重定向到faculty_upload_option.php。使用faculty_table$f_id = $_SESSION['f_id']获取教师详细信息的位置,因为主要key.but $_SESSION['f_id']始终返回1,并且用户以f_id为1的用户身份登录。

 <?php

 //faculty login page.faculty_login.php
 //if logged in show upload option/show login option.

 require_once 'resources/core.inc.php';//session is set here
 require_once 'resources/connect.inc.php';//init db connection

  if(isset($_SESSION['f_id'])&&!empty($_SESSION['f_id'])){
require_once 'faculty_upload_option.inc.php';
   }
   else{
  require_once 'faculty_login_option.inc.php';
  }

 ?>

 <?php

 /* faculty_login_db.php
    * Check if the faculty can login or the credentials are wrong.
  */

  require_once 'resources/core.inc.php';
    require_once 'resources/connect.inc.php';


    if(isset($_POST['f_username'])&&isset($_POST['f_password'])){
     if(!empty($_POST['f_username'])&&!empty($_POST['f_password'])){
                $username = stripcslashes($_POST['f_username']);
                $password = stripcslashes($_POST['f_password']);
                $result = $conn->prepare("SELECT f_id FROM faculty_table       WHERE f_username= :hjhjhjh AND f_password= :asas");
                $result->bindParam(':hjhjhjh', $username);
                $result->bindParam(':asas', $password);
                $result->execute();
                $rows = $result->fetch(PDO::FETCH_NUM);
                if($result->rowCount() == 1) {
                    $_SESSION['f_id'] = $rows ;
                    $_SESSION['f_username'] = $username;
                    header('Location:faculty_login.php');
                }
               else{
                   header('Location:faculty_login.php?username='.$username);
               }
            }
            else{
               header('Location:faculty_login.php');
            }
        }
        else{

               header('Location:faculty_login.php');
        }


    ?>

      <?php

      /* faculty_login_option.php
       * faculty login page. check if user exists/ use faculty_login_db.php
      */

            ?>



        <!DOCTYPE html>
         <!--
         To change this license header, choose License Headers in Project Properties.
          To change this template file, choose Tools | Templates
           and open the template in the editor.
                 -->
               <html>
            <head>
    <title>Home</title>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0 , maximum-scale=1">
    <link rel="stylesheet" href="resources/loginstyle.css">
</head>
<body>
    <?php
    //<img alt="full screen background image" src="images/orange.jpg" id="full-screen-background-image" /> 
    ?>
    <a href="mobileindex.html"><div id="back">Home</div></a>
    <div id="header">
        <h3>FACULTY LOGIN</h3><br>
    </div>
    <hr>



    <div id="container">
        <center>
            <form action="faculty_login_db.php" method="post">
                <input  type="text" onFocus="if(this.value=='Username'){this.value=''}" name="f_username" class="buttons" value="<?php
                    if(isset($_GET['username']))
                        {
                        echo $_GET['username'];
                        }else{echo 'Username';}
                    ?>"><br>
                <input type="password" onFocus="if(this.value=='Password'){this.value='';}" name="f_password" class="buttons" value="Password"><br>
                <input type="submit" value="Login" class="lbutton">
            </form>
        </center>

    <?php
        if(isset($_GET['username'])){
            ?>
        <div id="errormsg">Username or password is invalid.</div>
        <?php
        }
    ?>

</body>


    <?php

     /* this is faculty_upload_option.inc.php
     * To change this license header, choose License Headers in Project     Properties.
      * To change this template file, choose Tools | Templates
       * and open the template in the editor.
       */
      require_once 'resources/core.inc.php';
      require_once 'resources/connect.inc.php';

 if(isset($_SESSION['f_id'])&&isset($_SESSION['f_username'])&&!empty($_SESSION['f_id'])){
     $f_id=trim(isset($_SESSION['f_id']));
      if(!empty($f_id)){
     $result = $conn->prepare("SELECT * FROM faculty_table WHERE f_id=:id");
     $result->bindparam(':id', $f_id);
     $result->execute();
    $rows = $result->fetchAll();
    foreach($rows as $db_rows){
   $f_username = $db_rows['f_username'];
   $category = $db_rows['category'];
  $branch = $db_rows['branch'];
  }
   //page which should be displayed if user logs in.?>


    <html>
     <head><title><?php echo $f_username; ?></title>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0 ,    maximum-scale=1">
     <link href='http://fonts.googleapis.com/css?family=Indie+Flower|Yanone+Kaffeesatz' rel='stylesheet' type='text/css'>
        <link rel="stylesheet" href="resources/upload_style.css">    
     </head>
   <body><div id="parent">
    <div id="header">
        <img src="images/no-profile-image.png" width="30%" id="noimg">
        <span id="addfont"><h1><?php echo $f_username;?></h1></span>
      <h2><?php echo $category;?></h2>
     <p><?php echo $branch;?></p>
        <center><a href="mobileindex.html"><div class="buttons"    id="left">Home</div></a><a href="logout.php"><div class="buttons" id="right">Logout</div></a></center>
     </div>

1 个答案:

答案 0 :(得分:0)

您是否在注销时正确销毁会话?您是否在某个地方遇到条件之前设置了会话ID?在达到比较条件之前有什么价值?

相关问题
最新问题