会话变量?通过PHP页面传递

时间:2017-08-13 19:23:15

标签: php mysqli session-variables

我遇到传递会话信息或设置问题的问题。我有这个代码。

        // To protect MySQL injection for Security purpose
        $UserName = stripslashes($UserName);
        $Password = stripslashes($Password);
        $UserName = mysqli_real_escape_string($con, $UserName);
        $Password = mysqli_real_escape_string($con, $Password);
        // SQL query to fetch information of registerd users and finds user match.
        $query = mysqli_query($con, "select * from Employee where password='$Password' AND username='$UserName'");
        $rows = mysqli_num_rows($query);
        if ($rows == 1) {
            $_SESSION['User']= $rows['FName'] $rows['LName']; // Initializing Session
            header("location: Dashboard.php"); // Redirecting To Other Page
        } else {
            header("location: index.php"); // Redirecting To Other Page
            $error = "Username or Password is invalid";
        }
        mysqli_close($con); // Closing Connection
    }
}
?>

用户进行身份验证后。我希望将用户的会话设置为他们的名字和姓氏。如果我需要设置2个不同的会话var我可以。

获取信息的页面。这是重温代码。我可以让它回应用户所说的欢迎(姓名在这里)。 

<?php session_start(); 
 $User = $_SESSION['$User'];
 echo $User;
 ?>

<table border="0" width="100%" cellspacing="0" cellpadding="0" height="45" bgcolor="#aabbcc">
    <tr>
        <td>
            <p align="Left"><font face="Monotype Corsiva" size="3">&nbsp;&nbsp;Welcome <?php echo $User; ?>&nbsp;</font>
<?php
//Gets the IP address
$ip = getenv("REMOTE_ADDR") ;
Echo "Your IP is " . $ip;
?>
    </tr >
</table>

有人可以给我带头。我已经检查了一些教程等等。只是没有在教程网站上看到解决方案。

新编码!!! XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 

<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['Submit'])) {
if (empty($_POST['UserName']) || empty($_POST['Password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$UserName=$_POST['UserName'];
$Password=$_POST['Password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$con = mysqli_connect("localhost", "USER", "PASS", "DATABASE");
if (mysqli_connect_errno())
   {
   echo "Failed to connect to MySQL: " . mysqli_connect_error();
   }

// To protect MySQL injection for Security purpose
$UserName = stripslashes($UserName);
$Password = stripslashes($Password);
$UserName = mysqli_real_escape_string($con, $UserName);
$Password = mysqli_real_escape_string($con, $Password);
// SQL query to fetch information of registerd users and finds user match.
$query = mysqli_query($con, "select * from Employee where password='$Password' AND username='$UserName'");
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$_SESSION['User']= array( 'FName' =>$rows['FName'], 'LName' => $rows['LName']); // Initializing Session
header("location: Dashboard.php"); // Redirecting To Other Page
} else {
header("location: index.php"); // Redirecting To Other Page
$error = "Username or Password is invalid";
}
mysqli_close($con); // Closing Connection
}
}
?>

好的,它传递给我的dashboard.php中的include是这个代码

<?php session_start(); 
 $User = $_SESSION['User'];
 error_reporting(E_ALL); ini_set('display_errors', 1);
 ?>

 <table border="0" width="100%" cellspacing="0" cellpadding="0" height="45" bgcolor="#aabbcc">
<tr><td>
 <p align="Left"><font face="Monotype Corsiva" size="3">&nbsp;&nbsp;<?php echo "Welcome {$User['FName']} {$User['LName']}"?>&nbsp;</font>
<?php
 //Gets the IP address
 $ip = getenv("REMOTE_ADDR") ;
 Echo "Your IP is " . $ip;
 ?>
</tr >
  </table>

谢谢大家的建议!!!

3 个答案:

答案 0 :(得分:2)

您需要修改此行,因为它应该导致编译错误,如

  

解析错误:语法错误,意外&#39; $ rows&#39; (T_VARIABLE)在...... 

$_SESSION['User']= $rows['FName'] $rows['LName'];

将其更改为

$_SESSION['User'] = array( 'FName' => $rows['FName'], 'LName' => $rows['LName'] );

现在在另一个脚本中你可以做到

<?php
session_start();

$User = $_SESSION['User'];

echo "Hello {$User['FName']} {$User['LName']}";
  

error reporting添加到   例如,在打开PHP标记之后立即测试的文件顶部   <?php error_reporting(E_ALL); ini_set('display_errors', 1);看看它是否会产生任何结果。

答案 1 :(得分:0)

您将会话变量的密钥设置为“用户”,但在第二个脚本中使用“$ User”。这是两个不同的关键。 

$rowWithUserName =  mysqli_fetch_row($query); // fetch first and only row from query 
$_SESSION['User'] = $rowWithUserName['FName'] . " " . $rowWithUserName['LName']; // Initializing Session to key 'User' 




<?php session_start(); 
     // $User = $_SESSION['$User'];  why are you using '$User' as the key inside []. use 'User' instead. 
     $User = $_SESSION['User'];
     echo $User;
 ?>

答案 2 :(得分:0)

找到了解决方案!! 

// To protect MySQL injection for Security purpose
$UserName = stripslashes($UserName);
$Password = stripslashes($Password);
$UserName = mysqli_real_escape_string($con, $UserName);
$Password = mysqli_real_escape_string($con, $Password);
// SQL query to fetch information of registerd users and finds user match.
$sql = "SELECT * FROM Employee where Password='$Password' AND UserName='$UserName'";
    $result = mysqli_query($con, $sql) or die(mysqli_error($con));
    $User=mysqli_fetch_array($result);
$row = mysqli_num_rows($result);
if ($row == 1) 
{
$_SESSION["FName"] = $User['FName'];
$_SESSION["LName"] = $User['LName'];
$_SESSION["AccessLvl"] = $User['AccessLvl']; // Initializing Session header

header("location: Dashboard.php");
相关问题
最新问题