所以我正在尝试创建一个登录系统,我已经测试过login.php正确获取POST数据,我可以在那里打印出来。但我创建的应该发送回index.php并找到会话变量'password'设置而不是空,但它总是再次打印登录页面。为什么我无法访问会话变量?
my functions.php文件:
<?php
function sec_session_start() {
$session_name = 'quassist_session';
session_name($session_name);
$secure = true;
$httponly = true;
if (ini_set('session.use_only_cookies', 1) === FALSE) {
header("Location: ../error.php?err=Could not initiate a safe session (ini_set)");
exit();
}
$cookieParams = session_get_cookie_params();
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
session_start();
session_regenerate_id(true);
}
function sec_session_logout() {
$_SESSION = array();
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]);
session_destroy();
}
?>
我的login.php文件:
<?php
include_once 'functions.php';
sec_session_start();
$_SESSION['username'] = $_POST['formuser'];
$_SESSION['password'] = $_POST['formpass'];
header("Location: index.php"); /* Redirect browser */
exit();
?>
我的index.php文件:
<?php
include_once("functions.php");
sec_session_start();
echo "<html>";
echo "<head>";
echo "<title>Login</title>";
echo "<link rel='stylesheet' href='style.css'>";
echo "</head>";
echo "<body>";
if(isset($_SESSION['password']) && !empty($_SESSION['password'])) {
// user entered password
echo $_SESSION['username'] . "<br>" . $_SESSION['password'];
// logout
// sec_session_logout();
} else {
echo "<div class='login-page'>";
echo "<div class='form'>";
echo "<form class='login-form' action='http://www.quassist.com/login.php' method='post'/>";
echo "<input name='formuser' type='text' placeholder='username'/>";
echo "<input name='formpass' type='password' placeholder='password'/>";
echo "<button type='submit' value='Submit'>login</button>";
echo "</form>";
echo "</div>";
echo "</div>";
}
echo "</body>";
echo "</html>";
?>
答案 0 :(得分:1)
在
$secure = true;
只能在使用TLS / HTTPS时使用。否则会阻止cookie工作。
答案 1 :(得分:-1)
你必须在php代码的第一行实现session_start函数。