关于使用php维护会话

时间:2016-09-18 06:49:35

标签: php session

这是我的login_check php文件和login_done php文件。 在我输入Session函数之前,它运行良好。 但是在我插入一些会话功能之后,它已经停止工作并导致导致无效登录"即使有有效身份证和密码。

' login_check.php' 

<?php
    session_start();
    include_once ('../config.php');
    $mysqli = new mysqli($DB['host'], $DB['id'], $DB['pw'], $DB['db']);
    if (mysqli_connect_error()) {
        exit('Connect Error (' . mysqli_connect_errno() . ') '. mysqli_connect_error());
    }

    extract($_POST);

    $q = "SELECT * FROM ap_member WHERE id='$user_id'";

    $result = $mysqli->query($q);

    if($result->num_rows==1) {
        $encrypted_pass = sha1($user_pass);
        $row = $result->fetch_array(MYSQLI_ASSOC);
        if( $row['pw'] == $encrypted_pass ) {
            header("Location: http://sovereign-recipe.com/member/login_done.php");
            exit();
        }
        else {
            echo 'wrong password';
        }
    }
    else {
        echo 'ID does not exist or invalid approach. Try again.';
    }

    if( $row['pw'] == $encrypted_pass ) {
            $_SESSION['is_logged'] = 'YES';
            $_SESSION['user_id'] = $user_id;
            header("Location: http://sovereign-recipe.com/member/login_done.php");
            exit();
        }
        else {
            $_SESSION['is_logged'] = 'NO';
            $_SESSION['user_id'] = '';
            header("Location: http://sovereign-recipe.com/member/login_done.php");
            exit();
        }

?>

&#39; login_done.php&#39; 

<?php
    session_start();
    $is_logged = $_SESSION['is_logged'];

    if($is_logged=='YES') {
        $user_id = $_SESSION['user_id'];
        $message = $user_id . 'login success. session would continue with your logged-in info. start your surf.';
    }
    else {
        $message = 'your log-in is invalid. please, try again.';
    }

    var_dump($_SESSION);

?>

    <html>
        <head>
            <title>login result</title>
            <meta charset="utf-8" >
        </head>
        <body>

    <?php
        echo $message;
    ?>

    </body>
</html>

enter image description here

1 个答案:

答案 0 :(得分:0)

在login_check.php中尝试这种方法

session_start();
include_once ('../config.php');
$mysqli = new mysqli($DB['host'], $DB['id'], $DB['pw'], $DB['db']);
if (mysqli_connect_error()) {
    exit('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}

extract($_POST);

$q = "SELECT * FROM ap_member WHERE id='$user_id'";

$result = $mysqli->query($q);

if ($result->num_rows == 1) {
    $encrypted_pass = sha1($user_pass);
    $row = $result->fetch_array(MYSQLI_ASSOC);
    if ($row['pw'] == $encrypted_pass) {
        $_SESSION['is_logged'] = 'YES';
        $_SESSION['user_id'] = $user_id;
    } else {
        $_SESSION['is_logged'] = 'NO';
        $_SESSION['user_id'] = '';
        //echo 'wrong password';
    }
} else {
    $_SESSION['is_logged'] = 'NO';
    $_SESSION['user_id'] = '';
    echo 'ID does not exist or invalid approach. Try again.';
}

//You can to use here your redirect, then remove the previous
header("Location: http://sovereign-recipe.com/member/login_done.php");
exit();

我希望这对你有所帮助。

相关问题
最新问题