早上好折叠!
我被困住了,需要你的专业知识:)
我几年来一直使用以下开源登录脚本:https://github.com/panique/php-login-advanced(我已经定制了一些东西,但登录/进程/注册脚本保持不变。
最近我将所有文件移动到运行在PHP 5.6.28上的新服务器并且登录会话停止工作(注册仍然有效,登录用户在mysql中正常显示)但是php会话没有检测到用户登录后,如果我将相同的文件移回旧服务器,一切正常。
有人告诉我,为了安全起见,在上次PHP升级中发生了一些变化,但我无法找到需要更改/适应会话变量的代码部分才能正确传递。
附件中的某些内容是否可能失败?
/* Class constructor */
function Process(){
global $session;
/* User submitted login form */
if(isset($_POST['sublogin'])){
$this->procLogin();
}
/* ProcLogin */
function procLogin(){
global $session, $form;
/* Login attempt */
$retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember']));
/* Login successful */
if($retval){
header("location:dashboard.php");
}
/* Login failed */
else{
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
header("location:failed.php");
}
}
OR
function startSession(){
global $database; //The database connection
session_start(); //Tell PHP to start the session
/* Determine if user is logged in */
$this->logged_in = $this->checkLogin();
/**
* Set guest value to users not logged in, and update
* active guests table accordingly.
*/
if(!$this->logged_in){
$this->username = $_SESSION['username'] = GUEST_NAME;
$this->userlevel = GUEST_LEVEL;
$database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
}
/* Update users last active timestamp */
else{
$database->addActiveUser($this->username, $this->time);
}
/* Remove inactive visitors from database */
$database->removeInactiveUsers();
$database->removeInactiveGuests();
/* Set referrer page */
if(isset($_SESSION['url'])){
$this->referrer = $_SESSION['url'];
}else{
$this->referrer = "/";
}
/* Set current url */
$this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
}