我想将login.php POST变量$user_key和$user_id的值传递给我使用了会话的另一个文件statusdata.php。在statusdata.php中,我想在statusdata.php文件的SQL查询中使用这些会话变量值。
要在login.php中实现此目的,首先我将POST变量$_POST["user_key"]和$_POST["id"]的值分别传递给变量$user_key和$user_id,然后将值传递将变量$user_key和$user_id分别分配给会话变量$_SESSION["key"]和$_SESSION["id"],然后在statusdata.php中调用会话变量并将其值传递给变量$user_key &$user_id中的statusdata.php
现在问题出在POST变量$_POST["user_key"]和$_POST["id"]的值上
不会前往statusdata.php的会话,但是如果我在$user_key中给出$user_id和login.php的直接值,则会话可以正常工作,但不能使用POST变量
再次,我想清除POST变量是通过一个Android应用从用户那里获取值的问题,该应用要求id和key从login.php进行用户身份验证,然后移至另一个屏幕并使用id
key和statusdata.php相关的数据
帮助我从会话中的login.php获取post变量的值,以便可以在statusdata.php中使用
login.php
<?php
// Start the session
session_start();
require "conn.php";
if (isset($_POST["id"])) {
$user_id = mysqli_real_escape_string($conn,$_POST["id"]);
}
if (isset($_POST["user_key"])) {
$user_key = mysqli_real_escape_string($conn,$_POST["user_key"]);
}
/* USING THESE DIRECT VALUE IN PLACE OF POST VARIABLE IS WORKING FINE IN SESSION FOR BOTH `login.php` and `statusdata.php` which indicate there is no problem with `statusdata.php` but using POST variable is working fine for `login.php` as authenticating user with `id` and `key` but value of POST variable is not going to session in `statusdata.php`.
$user_key = "8c9333343c6c4222418edb1d7c9f84d051610526085960a1732c7c3d763fff64ec7f5220998434c896dda243ae777d0fb213f36b9b19f7e4a244d5c993b8dfed";
$user_id = "96";
*/
$mysql_qry = "select * from applications where application_key = '".$user_key."' and application_id = ".$user_id." ;";
$result = mysqli_query($conn, $mysql_qry);
if (mysqli_num_rows($result) > 0){
$_SESSION["key"] = $user_key;
$_SESSION["id"] = $user_id;
echo "Login Success";
} else {
echo "Login Not Success";
}
?>
statusdata.php
<?php
// Start the session
session_start();
require "conn.php";
$user_key = "-1";
if (isset($_SESSION["key"])) {
$user_key = $_SESSION["key"];
}
$user_id = "-1";
if (isset($_SESSION["id"])) {
$user_id = $_SESSION["id"];
}
//creating a query
$stmt = $conn->prepare("SELECT applications.application_id, applications.applicant_name, applications.applicant_aadhaar, applications.applicant_phone, applications.subject, applications.date, applications.description, applications.chairperson_remark, applications.status, officer_accounts.name_of_officer, applications.officer_remark, applications.last_update_on
FROM applications INNER JOIN officer_accounts ON applications.account_id = officer_accounts.account_id
WHERE applications.application_id = ? AND applications.application_key = ? ;");
$stmt->bind_param('ss',$user_id,$user_key);
//executing the query
$stmt->execute();
//binding results to the query
$stmt->bind_result($id, $name, $aadhaar, $phone, $subject, $date, $description, $chairperson, $status, $officername, $officerremark, $lastupdate);
$applications = array();
//traversing through all the result
while($stmt->fetch()){
$temp = array();
$temp['applications.application_id'] = $id;
$temp['applications.applicant_name'] = $name;
$temp['applications.applicant_aadhaar'] = $aadhaar;
$temp['applications.applicant_phone'] = $phone;
$temp['applications.subject'] = $subject;
$temp['applications.date'] = $date;
$temp['applications.description'] = $description;
$temp['applications.chairperson_remark'] = $chairperson;
$temp['applications.status'] = $status;
$temp['officer_accounts.name_of_officer'] = $officername;
$temp['applications.officer_remark'] = $officerremark;
$temp['applications.last_update_on'] = $lastupdate;
array_push($applications, $temp);
}
//displaying the result in json format
echo json_encode($applications);
// remove all session variables
session_unset();
// destroy the session
session_destroy();
?>
注意--我正在以JSON格式获取statusdata.php SQL查询的输出,最后我在android中将其提取。
请帮助我,我已经尝试了其他所有类似问题所建议的一切,但没有帮助
答案 0 :(得分:0)
您的SQL语句有问题:
$mysql_qry = "select * from applications where application_key = '".$user_key."' and
application_id = '".$user_id."' ;";
将此更改为:
$mysql_qry = "select * from applications where application_key = '".$user_key."' and
application_id = ".$user_id." ;";
application_id的数据类型很可能是整数。 尝试在MySQL提示符下运行它。如果继续,它将显示错误!
答案 1 :(得分:0)
我认为,您的问题与分配if值之前输入的$_SESSION语句有关。您可以检查数据库中是否有与查询相对应的数据,否则,您永远不会在statusdata.php文件中获得这两个会话值。
您可以通过在没有$_SESSION语句的情况下分配if值来检查我的答案,然后尝试再次访问它们。
答案 2 :(得分:-1)
不是一个完整的答案,但是对脚本进行了许多改进:
login.php:
<?php
// Start the session
session_start();
require "conn.php";
if (isset($_POST["id"])) {
$user_id = $conn->real_escape_string($_POST["id"]);
}
if (isset($_POST["user_key"])) {
$user_key = $conn->real_escape_string($_POST["user_key"]);
}
// check output is as expected
echo "ID:" . $user_id;
echo "Key:" . $user_key;
/* USING THESE DIRECT VALUE IN PLACE OF POST VARIABLE IS WORKING FINE IN SESSION FOR BOTH `login.php` and `statusdata.php` which indicate there is no problem with `statusdata.php` but using POST variable is working fine for `login.php` as authenticating user with `id` and `key` but value of POST variable is not going to session in `statusdata.php`.
$user_key = "8c9333343c6c4222418edb1d7c9f84d051610526085960a1732c7c3d763fff64ec7f5220998434c896dda243ae777d0fb213f36b9b19f7e4a244d5c993b8dfed";
$user_id = "96";
*/
$mysql_qry = <<<EOF
SELECT * from applications
WHERE application_key = "{$user_key}" and application_id = "{$user_id}"
EOF;
$result = $conn->query($mysql_qry);
if ($result->num_rows() > 0) {
$_SESSION["key"] = $user_key;
$_SESSION["id"] = $user_id;
echo "Login Success";
} else {
echo "Login Not Success";
}
?>
Statusdata.php:
<?php
// Start the session
session_start();
require "conn.php";
// use ternary operators, you can even try ?: operator
$user_key = isset($_SESSION["key"]) ? $_SESSION["key"] : '-1';
$user_id = isset($_SESSION["id"]) ? $_SESSION["id"] : '-1';
// use heredocs for creating a query, they let you format your query neatly
// also try using shorter names
$query = <<<EOF
SELECT app.application_id, app.applicant_name,
app.applicant_aadhaar, app.applicant_phone,
app.subject, app.date, app.description,
app.chairperson_remark, app.status,
oa.name_of_officer, app.officer_remark,
app.last_update_on
FROM applications app
INNER JOIN officer_accounts oa
ON app.account_id = oa.account_id
WHERE app.application_id = ? AND app.application_key = ? ;
EOF;
$stmt = $conn->prepare($query);
$stmt->bind_param('ss',$user_id,$user_key);
//executing the query
$stmt->execute();
$applications = array();
$result = $stmt->get_result();
// get the rows, use fetch_object or fetch_array
while ($row = $result->fetch_object()) {
$applications[] = $row;
}
//displaying the result in json format
echo json_encode($applications);
// remove all session variables
session_unset();
// destroy the session
session_destroy();
?>