POST变量在SESSION中不起作用

时间:2018-07-24 14:33:07

标签: php mysql sql session post

我想将login.php POST变量$user_key$user_id的值传递给我使用了会话的另一个文件statusdata.php。在statusdata.php中,我想在statusdata.php文件的SQL查询中使用这些会话变量值。

要在login.php中实现此目的,首先我将POST变量$_POST["user_key"]$_POST["id"]的值分别传递给变量$user_key$user_id,然后将值传递将变量$user_key$user_id分别分配给会话变量$_SESSION["key"]$_SESSION["id"],然后在statusdata.php中调用会话变量并将其值传递给变量$user_key$user_id中的statusdata.php

现在问题出在POST变量$_POST["user_key"]$_POST["id"]的值上 不会前往statusdata.php的会话,但是如果我在$user_key中给出$user_idlogin.php的直接值,则会话可以正常工作,但不能使用POST变量

再次,我想清除POST变量是通过一个Android应用从用户那里获取值的问题,该应用要求idkeylogin.php进行用户身份验证,然后移至另一个屏幕并使用id

检索与输入的keystatusdata.php相关的数据

帮助我从会话中的login.php获取post变量的值,以便可以在statusdata.php中使用

login.php

<?php

// Start the session
session_start();

require "conn.php";

if (isset($_POST["id"])) {
  $user_id = mysqli_real_escape_string($conn,$_POST["id"]);
}

if (isset($_POST["user_key"])) {
  $user_key = mysqli_real_escape_string($conn,$_POST["user_key"]);
}

/* USING THESE DIRECT VALUE IN PLACE OF POST VARIABLE IS WORKING FINE IN SESSION FOR BOTH `login.php` and `statusdata.php` which indicate there is no problem with `statusdata.php` but using POST variable is working fine for `login.php` as authenticating user with `id` and `key` but value of POST variable is not going to session in `statusdata.php`.  

$user_key = "8c9333343c6c4222418edb1d7c9f84d051610526085960a1732c7c3d763fff64ec7f5220998434c896dda243ae777d0fb213f36b9b19f7e4a244d5c993b8dfed";
$user_id = "96";
*/

$mysql_qry = "select * from applications where application_key = '".$user_key."' and application_id = ".$user_id." ;";

$result = mysqli_query($conn, $mysql_qry);
if (mysqli_num_rows($result) > 0){
    $_SESSION["key"] = $user_key;
    $_SESSION["id"] = $user_id;
    echo "Login Success";
} else {
    echo "Login Not Success";   
}

?>

statusdata.php

<?php
// Start the session
session_start();

require "conn.php";

$user_key = "-1";
if (isset($_SESSION["key"])) {
  $user_key = $_SESSION["key"];
}

$user_id = "-1";
if (isset($_SESSION["id"])) {
  $user_id = $_SESSION["id"];
}

 //creating a query
 $stmt = $conn->prepare("SELECT applications.application_id, applications.applicant_name, applications.applicant_aadhaar, applications.applicant_phone, applications.subject, applications.date, applications.description, applications.chairperson_remark, applications.status, officer_accounts.name_of_officer, applications.officer_remark, applications.last_update_on 
FROM applications INNER JOIN officer_accounts ON applications.account_id = officer_accounts.account_id 
WHERE applications.application_id = ? AND applications.application_key = ? ;");

 $stmt->bind_param('ss',$user_id,$user_key);

 //executing the query 
 $stmt->execute();

 //binding results to the query 
 $stmt->bind_result($id, $name, $aadhaar, $phone, $subject, $date, $description, $chairperson, $status, $officername, $officerremark, $lastupdate);

 $applications = array(); 

 //traversing through all the result 
 while($stmt->fetch()){
 $temp = array();
 $temp['applications.application_id'] = $id; 
 $temp['applications.applicant_name'] = $name; 
 $temp['applications.applicant_aadhaar'] = $aadhaar; 
 $temp['applications.applicant_phone'] = $phone; 
 $temp['applications.subject'] = $subject;
 $temp['applications.date'] = $date;
 $temp['applications.description'] = $description;
 $temp['applications.chairperson_remark'] = $chairperson;
 $temp['applications.status'] = $status;
 $temp['officer_accounts.name_of_officer'] = $officername;
 $temp['applications.officer_remark'] = $officerremark;
 $temp['applications.last_update_on'] = $lastupdate;
 array_push($applications, $temp);
 }

 //displaying the result in json format 
 echo json_encode($applications);

 // remove all session variables
session_unset(); 

// destroy the session 
session_destroy(); 

?>

注意--我正在以JSON格式获取statusdata.php SQL查询的输出,最后我在android中将其提取。

请帮助我,我已经尝试了其他所有类似问题所建议的一切,但没有帮助

3 个答案:

答案 0 :(得分:0)

您的SQL语句有问题:

$mysql_qry = "select * from applications where application_key = '".$user_key."' and 
application_id = '".$user_id."' ;";

将此更改为:

$mysql_qry = "select * from applications where application_key = '".$user_key."' and 
application_id = ".$user_id." ;";

application_id的数据类型很可能是整数。 尝试在MySQL提示符下运行它。如果继续,它将显示错误!

答案 1 :(得分:0)

我认为,您的问题与分配if值之前输入的$_SESSION语句有关。您可以检查数据库中是否有与查询相对应的数据,否则,您永远不会在statusdata.php文件中获得这两个会话值。 您可以通过在没有$_SESSION语句的情况下分配if值来检查我的答案,然后尝试再次访问它们。

答案 2 :(得分:-1)

不是一个完整的答案,但是对脚本进行了许多改进:

login.php:

<?php

// Start the session
session_start();

require "conn.php";

if (isset($_POST["id"])) {
  $user_id = $conn->real_escape_string($_POST["id"]);
}

if (isset($_POST["user_key"])) {
  $user_key = $conn->real_escape_string($_POST["user_key"]);
}

// check output is as expected
echo "ID:" . $user_id;
echo "Key:" . $user_key;

/* USING THESE DIRECT VALUE IN PLACE OF POST VARIABLE IS WORKING FINE IN SESSION FOR BOTH `login.php` and `statusdata.php` which indicate there is no problem with `statusdata.php` but using POST variable is working fine for `login.php` as authenticating user with `id` and `key` but value of POST variable is not going to session in `statusdata.php`.  

$user_key = "8c9333343c6c4222418edb1d7c9f84d051610526085960a1732c7c3d763fff64ec7f5220998434c896dda243ae777d0fb213f36b9b19f7e4a244d5c993b8dfed";
$user_id = "96";
*/

$mysql_qry = <<<EOF
SELECT * from applications
WHERE application_key = "{$user_key}" and application_id = "{$user_id}"
EOF;

$result = $conn->query($mysql_qry);
if ($result->num_rows() > 0) {
    $_SESSION["key"] = $user_key;
    $_SESSION["id"] = $user_id;
    echo "Login Success";
} else {
    echo "Login Not Success";   
}

?>

Statusdata.php:

<?php
// Start the session
session_start();

require "conn.php";

// use ternary operators, you can even try ?: operator
$user_key = isset($_SESSION["key"]) ? $_SESSION["key"] : '-1';
$user_id = isset($_SESSION["id"]) ? $_SESSION["id"] : '-1';

// use heredocs for creating a query, they let you format your query neatly
// also try using shorter names 
$query = <<<EOF
SELECT app.application_id, app.applicant_name, 
    app.applicant_aadhaar, app.applicant_phone, 
    app.subject, app.date, app.description, 
    app.chairperson_remark, app.status, 
    oa.name_of_officer, app.officer_remark, 
    app.last_update_on 
FROM applications app
INNER JOIN officer_accounts oa
ON app.account_id = oa.account_id 
WHERE app.application_id = ? AND app.application_key = ? ;
EOF;

$stmt = $conn->prepare($query);
$stmt->bind_param('ss',$user_id,$user_key);    
//executing the query 
$stmt->execute();

$applications = array(); 
$result = $stmt->get_result();

// get the rows, use fetch_object or fetch_array
while ($row = $result->fetch_object()) {
    $applications[] = $row;
}

//displaying the result in json format 
echo json_encode($applications);

// remove all session variables
session_unset(); 

// destroy the session 
session_destroy(); 

?>