PHP丢失会话的页面之间

时间:2018-10-31 12:57:56

标签: php mysql session session-variables

因此,我最近为我的所有用户创建了一个登录脚本和部分,显然允许他们登录到网站上的安全部分以查看某些内容。一旦我检查了所有变量是否正确并且用户输入了正确的详细信息,便设置了两个会话。一个会话保存用户的ID,另一个保存用户登录的时间。

然后,该页面将重定向到一个名为home.php的页面,因此用户登录后便拥有自己的小主页。但是,重定向终于可以了,但是作为另一页上的测试,我要做的是开始会话,然后回显两个会话。

每次它们为空时,这意味着会话不会从一页转移到另一页。我不知道为什么,我只是看不到出了什么问题。所以我的问题是,任何人都可以看到我哪里出问题了。我经过检查以确保我使用的是正确的版本,并且我的主机支持该版本,并且一切都恢复了正常,因此我不知道...请提供帮助! :) 

<?php

//Session 
session_start();


require 'conn.php';


//If the POST var "login" exists (our submit button), then we can
//assume that the user has submitted the login form.
if(isset($_POST['login'])) {

//Retrieve the field values from our login form.
$username = !empty($_POST['username']) ? trim($_POST['username']) : null;
$passwordAttempt = !empty($_POST['password']) ? trim($_POST['password']) : null;

//Retrieve the user account information for the given username.
$sql = "SELECT id, username, password FROM users WHERE username = :username";
$stmt = $pdo->prepare($sql);

//Bind value.
$stmt->bindValue(':username', $username);

//Execute.
$stmt->execute();

//Fetch row.
$user = $stmt->fetch(PDO::FETCH_ASSOC);

//If $row is FALSE.
if($user === false){
    //Could not find a user with that username!
    //PS: You might want to handle this error in a more user-friendly manner!
    die('Incorrect username / password combination!');
} else {
    //User account found. Check to see if the given password matches the
    //password hash that we stored in our users table.

    //Compare the passwords.
    $validPassword = password_verify($passwordAttempt, $user['password']);

    //If $validPassword is TRUE, the login has been successful.
    if($validPassword){

        //Provide the user with a login session.
        $_SESSION["user_id"] = $user['id'];
        $_SESSION["logged_in"] = time();

        echo " Display Errors: ".ini_set('display_errors', 1); 
        echo " Display Startup Errors: ".ini_set('display_startup_errors', 1); 
        echo " Error Reporting: ".error_reporting(E_ALL);

        //echo "<script type='text/javascript'>window.top.location='home.php';</script>";
        //exit;

        //Redirect to our protected page, which we called home.php
        ?>
            <!--<script type="text/javascript">
                alert("Login successful!");
                window.location.href = "home.php";
            </script>-->
        <?php
        exit;

    } else{
        //$validPassword was FALSE. Passwords do not match.
        die('Incorrect username / password combination!');
    }
}

}

?>
<!DOCTYPE html>
<html>
    <head>
    <!-- Basic Page Needs
    –––––––––––––––––––––––––––––––––––––––––––––––––– -->
    <meta charset="utf8">
    <title>Login</title>
    <meta name="description" content="Service Department User Registration Details">
    <meta name="author" content="Ben Smith">

    <!-- Mobile Specific Metas
    –––––––––––––––––––––––––––––––––––––––––––––––––– -->
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <!-- FONT
    –––––––––––––––––––––––––––––––––––––––––––––––––– -->
    <link href="//fonts.googleapis.com/css?family=Raleway:400,300,600" rel="stylesheet" type="text/css">

    <!-- CSS
    –––––––––––––––––––––––––––––––––––––––––––––––––– -->
    <link rel="stylesheet" href="../css/normalize.css">
    <link rel="stylesheet" href="../css/skeleton.css">

    <!-- Favicon
    –––––––––––––––––––––––––––––––––––––––––––––––––– -->
    <link rel="icon" type="image/png" href="../images/favicon.png">

</head>
<body>
    <div class="container">
        <div class="row">
            <h1>Login</h1>

            <form method="post" action="login.php">
              <div class="row">
                <div class="six columns">
                  <label for="username">Username</label>
                  <input class="u-full-width" type="text" name="username" id="username">
                </div>
                <div class="six columns">
                  <label for="password">Password</label>
                  <input class="u-full-width" type="password" id="password" name="password">
                </div>
              </div>

              <input class="button-primary" type="submit" name="login" value="Login"></button>
            </form>

        </div>
    </div>



</body>

所以我原来是

//Provide the user with a login session. 
$_SESSION['user_id'] = $user['id']; 
$_SESSION['logged_in'] = time(); 
//Redirect to our protected page, which we called home.php 
header('Location: home.php'); 
exit;

,一旦到达脚本的那一部分,页面就会重新加载。因此,与其去到home.php,不如刷新login.php,然后屏幕空白(显然是因为屏幕上没有任何内容打印出来)

错误报告 当我将以下代码放入

ini_set('display_errors', 1); ini_set('display_startup_errors', 1); 
error_reporting(E_ALL);

结果我什么也没得到

2 个答案:

答案 0 :(得分:3)

删除第一个exit;,这将停止进一步执行。

旁注:由于已在评论中解决,因此我将其发布为社区Wiki。

答案 1 :(得分:-4)

这是重定向的经典问题。

您需要在重定向之前关闭会话,以便保存会话。

session_write_close();
header('Location: home.php'); 
exit;

更新:PHP会在脚本末尾自动保存会话。但是,如果脚本以exitdie(在重定向中很常见)结尾,则不会这样做。另请参阅以下答案: https://stackoverflow.com/a/14870204/358813

更新2 :另请参见:http://php.net/manual/en/function.session-write-close.php#63970

我不确定最新的PHP版本是否仍然无法在突然退出时保存会话。

相关问题
最新问题