我有一个登录页面( checklogin.php ),在登录成功后会通往我网站的主页( index.php )。确保index.php(以及网站中的每个页面)只能通过登录页面访问,我已经使用了在 index.php 如下:
<?php
session_start();
if( !isset($_SESSION['myusername']) )
header("location:checklogin.php");
?>
添加后,通过checklogin.php登录会导致错误(&#39;错误的用户名,密码&#39; - 甚至认为两者都获得批准);当我摆脱index.php中的上述会话代码时,主页打开时没有错误。
以下是 checklogin.php 中的代码:
<?php
$host="localhost"; // Host name
$username="garbo45"; // Mysql username
$password="water5"; // Mysql password
$db_name="garbo45"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select database.
$conn = new mysqli($host, $username, $password, $db_name);
if ($conn->connect_error) die($conn->connect_error);
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysqli_real_escape_string($conn, $myusername);
$mypassword = mysqli_real_escape_string($conn, $mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysqli_query($conn, $sql);
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "loginsuccess.php"
$_SESSION['myusername']= "myusername";
$_SESSION['mypassword']= "mypassword";
header("location:index.php");
}
else {
echo "Wrong Username or Password";
}
?>
为什么当会话检查被删除后,当用户名和密码(我已经验证的是在成员表中设置的用户名和密码)之后,index.php中的会话代码块会导致此错误?非常感谢理解和解决这个问题的任何帮助。
答案 0 :(得分:3)
您session_start()
上遗漏了checklogin.php
。
如果没有session_start()
,您的以下代码将无效:
$_SESSION['myusername']= "myusername";
$_SESSION['mypassword']= "mypassword";