PHP $ session_start()无效

时间:2015-11-15 18:49:20

标签: php login session-variables

我想创建一个PHP帐户系统来访问我网站的特殊部分。 登录信息(第1页)被送到检查页面(第2页),检查信息是否正确,然后重定向到会员页面(第3页)

第1页:

    <form action="inner.php" method="post" class="centered">
    <input type="text" name="usr" placeholder="Username" required><br>
    <input type="password" name="psw" placeholder="Password"required><br>
    <input type="submit" name="submit" value="Log In">
    </form>

第2页:

    <?php
    session_start();

    if ( $POST_["usr"] = "felix" || $POST_["psw"] = "password")
    {

    $_SESSION["usr"] = $POST_["usr"];

    header('Location: member.php');
    }
    else
    {
    header('Location: index.php');
    }
    ?>

第3页

    <?php
    session_start();
    $usr = $_SESSION["usr"];

    if( $usr = felix)
    {
    $name = 'Felix';
    $admin = 'true';
    }
    else
    {
    header('Location: index.php');
    }

    $felix = 'felix@example.com';
    ?>

1 个答案:

答案 0 :(得分:1)

第2页

// $_POST instead of $POST_, wrong variable name
// == instead of =, compare, don't assign
// && instead of ||, usually it is username AND password, not one of both
// additional isset() against "undefined index"-notices
if (isset($_POST['usr']) && isset($_POST['psw']) &&
    $_POST['usr'] == "felix" && $_POST['psw'] == "password")
{
    // Again $_POST instead of $POST_
    $_SESSION["usr"] = $_POST["usr"];
    header('Location: member.php');
} else {
    header('Location: index.php');
}

第3页

<?php
session_start();
$usr = (isset($_SESSION["usr"]) ? $_SESSION["usr"] : "");
if (isset($_SESSION["usr"])) {
    $usr = $_SESSION["usr"];
}
// Again == instead of =
if ($usr == "felix") {
    // Rest of the script