我正在处理登录和用户个人资料的一个代码,但我遇到了会话问题。我想在用户通过Login.php登录时进行,然后转到User.php。但是当我在新标签页中打开此页面时,它会转到Login.php并再次请求登录。谁能告诉我哪里错了?我的代码如下。
的login.php
<?php
session_start();
// check if session set.
if(isset($_SESSION['id'])) {
$url=SITE_URL.'User.php';
(header("Location: $url"));
}
?>
<?php
include("dbconfig.php");
include('class/userClass.php');
$userClass = new userClass();
$errorMsgLogin='';
if (!empty($_POST['loginSubmit']))
{
$usernameEmail=$_POST['username'];
$password=$_POST['password'];
if(strlen(trim($usernameEmail))>1 && strlen(trim($password))>1 )
{
$id=$userClass->userLogin($usernameEmail,$password);
if($id)
{
$url=SITE_URL.'User.php';
header("Location: $url");
}
else
{
$errorMsgLogin="Please check login details.";
}
}
}
?>
<!doctype html>
<html>
<head>
</head>
<body>
<form id="contact-form" method="post">
<div class="login-controls">
<div class="form-input">
<input type="text" class="txt-box" name="username" id="username" placeholder="Username" required>
</div>
<div class="form-input">
<input type="password" class="txt-box" name="password" id="password" placeholder="Password" required>
</div>
<div class="errorMsg"><?php echo $errorMsgLogin; ?></div>
<div class="main-bg">
<input type="submit" name="loginSubmit" id="submit" class="btn " value="Login">
</div>
<div class="check-box">
<a href="ForgotPassword.php">Forgot your Password ?</a>
</div>
</form>
</br></br>
</body>
</html>
user.php的
<?php
session_start();
// check if session set.
if(!isset($_SESSION['id']) || empty($_SESSION['id'])) {
$url=SITE_URL.'Login.php';
die(header("Location: $url"));
}
?>
<?php
$session_id=$_SESSION['id'];
include('class/userClass.php');
$userClass = new userClass();
include('dbconfig.php');
$userDetails=$userClass->userDetails($session_id);
?>
<!doctype html>
<html>
<head>
</head>
<body>
------------something-----
</body>
</html>
dbconfig.php
<?php
session_start();
/* DATABASE CONFIGURATION */
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'XXXXXX');
define('DB_PASSWORD', 'XX2');
define('DB_DATABASE', 'Xxxx');
define("SITE_URL", "http://try1234.com"); // Eg. http://yourwebsite.com
function getDB()
{
$dbhost=DB_SERVER;
$dbuser=DB_USERNAME;
$dbpass=DB_PASSWORD;
$dbname=DB_DATABASE;
try {
$dbConnection = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
$dbConnection->exec("set names utf8");
$dbConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $dbConnection;
}
catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
}
?>
userClass.php
<?php
class userClass
{
/* User Login */
public function userLogin($usernameEmail,$password)
{
$db = getDB();
$hash_password= hash('sha256', $password);
$stmt = $db->prepare("SELECT id FROM profile WHERE username=:usernameEmail AND pass=:hash_password");
$stmt->bindParam("usernameEmail", $usernameEmail,PDO::PARAM_STR) ;
$stmt->bindParam("hash_password", $hash_password,PDO::PARAM_STR) ;
$stmt->execute();
$count=$stmt->rowCount();
$data=$stmt->fetch(PDO::FETCH_OBJ);
$db = null;
if($count)
{
$_SESSION['id']=$data->id;
return true;
}
else
{
return false;
}
}
/* User Details */
public function userDetails($id)
{
try{
$db = getDB();
$stmt = $db->prepare("SELECT email,username,Pname, Mobile FROM profile WHERE id=:id");
$stmt->bindParam("id", $id,PDO::PARAM_INT);
$stmt->execute();
$data = $stmt->fetch(PDO::FETCH_OBJ);
return $data;
}
catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
}
?>
答案 0 :(得分:2)
如评论中所述,如果您想在任何页面上使用会话,始终需要启动会话。
这通常是每个页面上的第一件事:
<?php
session_start();
//.....the rest of your code.
显然,您需要在session.php页面上启动它才能使其正常工作。
值得注意的是,session.php逻辑有点多余。你最好做一些类似的事情:
<?php
session_start();
// check if session set.
if(!isset($_SESSION['id']) || empty($_SESSION['id'])) {
$url=SITE_URL.'Login.php';
die(header("Location: $url"));
}
// otherwise continue.
include('class/userClass.php');
$userClass = new userClass();
//.... the rest of your code.
如果会话存在,上面将删除冗余/递归检查&amp;允许正确的代码“流”。
答案 1 :(得分:0)
如果您知道每个页面都需要会话可用性,则可以修改session.auto_start = 1并添加session_start();,或者您可以按照上面建议的评论者进行操作并添加{{1}在您的每个文件中(或使用包含include的基础session_start();)