我一直在努力解决这个问题,试着从问题中解读但却无法得到它。我开始会话并在另一个页面中需要它,但是当我想使用它在当前会话ID上插入一些文本时,它在数据库中始终为零。请向我解释,也许我想念它。谢谢!
<?php
ob_start();
session_start();
if(isset($_SESSION['$user_id']) && !empty($_SESSION['$user_id']))
{
return true;
}
else
return false;
?>
include.php
<?php
include ("login._form.php");
require ("include.php");
require("require.php");
if ($_SERVER["REQUEST_METHOD"]== "POST")
{
$username = mysqli_real_escape_string($link, $_POST["user"]);
$password = mysqli_real_escape_string($link,$_POST["password"]);
if(empty($username) || empty($password))
{
die();
}
$row = mysqli_query($link,"SELECT * FROM `users` WHERE username ='$username'");
if($row === false)
{
echo "Query Error";
}
while($fetch = mysqli_fetch_array($row)){
if($username == $fetch["username"] && $password == $fetch["password"])
{
$_SESSION["id"] = $id;
header('Location:index.php');
}
else
die("user does'n exist");
}
mysqli_close($link);
}
login.php
?>
require("include.php");
include ("yd_sendpage_form.php");
require("require.php");
if ($_SERVER["REQUEST_METHOD"]== "POST")
{
$user_id = $_SESSION["id"];
$text = mysqli_real_escape_string($link,$_POST["text"]);
if(empty($text))
{
die("Field Can't Be Empty!");
}
$insert = mysqli_query($link,"INSERT INTO `text`(`id`, `user_id`, `text`) VALUES ('$user_id','$user_id','$text')");
}
?>
yd_sendpage.php
答案 0 :(得分:0)
更改
if(isset($_SESSION['$user_id']) && !empty($_SESSION['$user_id']))
到
if(!empty($_SESSION['id']))
不要忘记SQL injection,你的代码容易受到攻击 More information about SQL injection in your code
答案 1 :(得分:0)
$ _ SESSION [“id”]未设置,所以我将$ _SESSION [“id”]更改为$ _SESSION [“user”] = login.php和其他页面中的$ username到$ _SESSION [“user” ]那很有效。谢谢!