为什么我不能在PHP 7中访问我的会话变量?

时间:2017-04-25 23:27:03

标签: php html ubuntu login apache2

所以我正在尝试创建一个登录系统,我已经测试过login.php正确获取POST数据,我可以在那里打印出来。但我创建的应该发送回index.php并找到会话变量'password'设置而不是空,但它总是再次打印登录页面。为什么我无法访问会话变量?

my functions.php文件:

<?php

function sec_session_start() {
    $session_name = 'quassist_session';
    session_name($session_name);
    $secure = true;
    $httponly = true;
    if (ini_set('session.use_only_cookies', 1) === FALSE) {
        header("Location: ../error.php?err=Could not initiate a safe session (ini_set)");
        exit();
    }
    $cookieParams = session_get_cookie_params();
    session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
    session_start();
    session_regenerate_id(true);
}

function sec_session_logout() {
    $_SESSION = array();
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]);
    session_destroy();
}

?>

我的login.php文件:

<?php

include_once 'functions.php';

sec_session_start();
$_SESSION['username'] = $_POST['formuser'];
$_SESSION['password'] = $_POST['formpass'];
header("Location: index.php"); /* Redirect browser */
exit();

?>

我的index.php文件:

<?php
include_once("functions.php");
sec_session_start();

    echo "<html>";
    echo "<head>";
    echo "<title>Login</title>";
    echo "<link rel='stylesheet' href='style.css'>";
    echo "</head>";
    echo "<body>";

if(isset($_SESSION['password']) && !empty($_SESSION['password'])) {
    // user entered password
    echo $_SESSION['username'] . "<br>" . $_SESSION['password'];
    // logout
    // sec_session_logout();
} else {
    echo "<div class='login-page'>";
    echo "<div class='form'>";
    echo "<form class='login-form' action='http://www.quassist.com/login.php' method='post'/>";
    echo "<input name='formuser' type='text' placeholder='username'/>";
    echo "<input name='formpass' type='password' placeholder='password'/>";
    echo "<button type='submit' value='Submit'>login</button>";
    echo "</form>";
    echo "</div>";
    echo "</div>";
}

    echo "</body>";
    echo "</html>";
?>

2 个答案:

答案 0 :(得分:1)

$secure = true;

只能在使用TLS / HTTPS时使用。否则会阻止cookie工作。

答案 1 :(得分:-1)

你必须在php代码的第一行实现session_start函数。