由于某种原因,登录我的网站必须完成两次才能工作。如果有人知道我为什么欣赏它。
以下是我授权的代码:
<?php
session_start();
require_once($_SERVER['DOCUMENT_ROOT'].'/config.php');
require_once(SITE_ROOT.'includes/exceptions.php');
require_once(SITE_ROOT.'data/model.php');
/*
* The purpose of this class is to manage
* access to the application, making sure the
* users are logged in before they can access
* certain features
*/
class Auth extends Model
{
function isUserLoggedIn()
{
/*
* Check for the user_id in $_SESSION
* and see if it's the database. Return
* true or false
*
*/
if(isset($_SESSION['user']))
{
return true;
}
else
{
return false;
}
}
static function redirectToLogin()
{
header("location: http://". DOMAIN .APP_DIR . "index.php?action=login");
}
static function redirectToMain()
{
header("location: http://". DOMAIN . APP_DIR . "index.php?action=main");
}
static function login($user)
{
/*
* Authenticate the user passing to the function
* a instance of the User object
*/
try
{
$db = parent::getConnection();
$pass = $user->getPassword();
$query = "select username, password from users where username = '".$user->getUsername()."' and password = '".$user->getPassword()."'";
$results = $db->query($query);
if(empty($results)) {
throw new Exception('There was a problem logging you in', EX_LOGIN_ERROR);
}
$row = $results->fetch_assoc();
$user = $row['username'];
$_SESSION['user'] = $user;
}
catch(Exception $e){
throw $e;
}
}
static function logout()
{
$old_user = $_SESSION['user'];
unset($_SESSION['user']);
session_destroy();
}
}
?>
THX
答案 0 :(得分:4)
我会听@strager作为你的代码,从我有限的PHP经验来看,似乎没有显示任何会导致错误的内容。虽然我忍不住提供一些与你的问题无关的简单重构,但这只会让 me 感觉更好:
<?php
session_start();
require_once($_SERVER['DOCUMENT_ROOT'].'/config.php');
require_once(SITE_ROOT.'includes/exceptions.php');
require_once(SITE_ROOT.'data/model.php');
/*
* The purpose of this class is to manage
* access to the application, making sure the
* users are logged in before they can access
* certain features
*/
class Auth extends Model
{
function isUserLoggedIn()
{
/*
* Check for the user_id in $_SESSION
* and see if it's the database. Return
* true or false
*
*/
return isset($_SESSION['user']);
}
static function redirectToLogin()
{
header("location: http://". DOMAIN .APP_DIR . "index.php?action=login");
}
static function redirectToMain()
{
header("location: http://". DOMAIN . APP_DIR . "index.php?action=main");
}
static function login($user)
{
/*
* Authenticate the user passing to the function
* a instance of the User object
*/
$db = parent::getConnection();
$pass = $user->getPassword(); // replaced getPassword in the query with this variable, else there is no need to set it here.
$query = "select username, password from users where username = '".$user->getUsername()."' and password = '".$pass."'";
$results = $db->query($query);
if(empty($results)) {
throw new Exception('There was a problem logging you in', EX_LOGIN_ERROR);
}
$row = $results->fetch_assoc();
$_SESSION['user'] = $row['username'];
// Why bother surrounding with try...catch just to throw the same exception
}
static function logout()
{
// what is $old_user used for? I can't see it set as a global variable anywhere
$old_user = $_SESSION['user'];
unset($_SESSION['user']);
session_destroy();
}
}
?>
答案 1 :(得分:1)
我们没有足够的代码来指出错误。该问题可能与您的网站设计有关,在此网站设置中,在处理登录之前会发送有关您的登录状态的信息。如果没有,那么根据这些信息,我不知道出了什么问题。
答案 2 :(得分:0)
您的问题似乎已经得到解答,但如果网络服务器自动重定向您,也会出现问题:
yourdomain.com
到
<强> WWW .yourdomain.com
或者相反。
答案 3 :(得分:0)
它不是由重定向引起的。在设置或接收会话变量之前,应始终使用Session_start()。即它需要在类方法中。