我有一个login.html,form的定义如下:
<form method="post" action= "do_authorize.php" name="lform">
<span class="style1">First Initial Plus Last Name :</span>
<input type="text" name="user" size="25">
<input type="submit" value="login">
</form>
我的do_authorize如下:
<?
session_start();
require('../databaseConnectionFileFolder/dbconnection.php');
$user = $_POST["user"];
var_dump($user);
$_SESSION['username']=$user;
var_dump($user);
$sql="SELECT * FROM $table_name_users WHERE username = \"$user\"";
var_dump($sql);
$result=@mysql_query($sql,$connection) or die("couldn't execute query");
$num=mysql_numrows($result);
if ($num != 0) {
/*$cookie_name="$user";
$cookie_value="ok";
$cookie_expire=time()+86400;
$cookie_domain=".columbia.edu";
setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain, 0);
*/
print "<script>";
print "self.location='somethingelse.php';";
print "</script>";
} else {
echo "<p>you're not authorized";
}
?>
我已将var_dump($user);和var_dump($sql);包含在适当的位置,并且它似乎不会打印用户值和sql。它每次在浏览器上打印的内容如下:
"; print "self.location='somethingelse.php';"; print ""; } else { echo "
you're not authorized"; } ?>
我指的是this post,我在Dan Nissenbaum的以下评论中提到了健全性检查,这对我有用:
For sanity checking, does the same problem occur in an independent .php file in the same webroot - something simple like <?php $x = array(1,2,3); var_dump($x); ?>?
答案 0 :(得分:0)
尝试在
中编写您的PHP代码<?php //code ?>
而不是
<? //code ?>
我认为打印数据的更好选择是echo。不是print。
答案 1 :(得分:-1)
首先,让我们启用显示错误,通知等:
display_errors = On
display_startup_errors = On
error_reporting(E_ALL);
这样,如果PHP发出任何通知,你就会知道。
现在,试试这个:
ob_start();
var_dump($user);
$out = ob_get_clean();
echo $out;
并告诉我们它是否有效。
祝你好运。