PHP登录系统~session.register和session.start错误(更新)

时间:2011-06-18 22:20:43

标签: php session login

我现在已将我的登录系统从session_register()更改为:

更新

<?php
error_reporting(E_ALL);
$host="localhost"; // Host name 
$username="david_bpd"; // Mysql username 
$password="documents123456"; // Mysql password 
$db_name="david_bpd"; // Database name 
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die(mysql_error()); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql) or die(mysql_error());

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
if($count==1){
$_SESSION['myusername'] = $myusername;
echo '<meta http-equiv="refresh" content="0;url=/?module=admin&n=Login_success">';
}
elseif($count==0) {
echo '<meta http-equiv="refresh" content="0;url=/?module=admin&n=Login_Unsuccessful">';
}

我正在使用session_start()来确保用户已登录:

<?php
session_start();
if (isset($_SESSION['myusername'])) {
if ($_SESSION['myusername'] == $myusername) {
//User should be allowed to be on page
} else {
   echo '<meta http-equiv="refresh" content="0;url=/?module=admin&n=index">';
} 

} else {
echo '<meta http-equiv="refresh" content="0;url=/?module=admin&n=index">';
}
?>

但即使我使用正确的凭据登录并注册我的用户名,它仍然会重定向我,就像我没有登录一样?

提交表单的代码

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1"     bgcolor="#CCCCCC">
<tr>
<form action="/?module=admin&n=checklogin" method="post" enctype="multipart/form-data"     name="form1" id="form1">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Administrator Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input type="text" name="myusername" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td> <button type="submit" name="Submit">Login</button>
<img src="../images/ajax-loader.gif" width="16" height="16" style="display: none"/>
<script>
$("button").click(function () {
$("img").show("slow");
});
</script>
</td>
</tr>
</table>
</td>
</form>
</tr>
</table>

任何想法,

由于

3 个答案:

答案 0 :(得分:1)

您忘了在第一个文件中session_start();

<?php
session_start();
error_reporting(E_ALL);
$host="localhost"; // Host name 
$username="david_bpd"; // Mysql username 

答案 1 :(得分:0)

您必须先调用session_start() ,然后设置$ _SESSION ['myusername']

答案 2 :(得分:0)

可能调试帮助:

<?php
session_start();

var_dump($_SESSION, $myusername); // The second one should be unset in your case you need to fix this!

$sessionHasUserName = isset($_SESSION['myusername']);
$userIsLoggedIn = $sessionHasUserName && $_SESSION['myusername'] == $myusername;

printf('<b>Session has User-Name?:</b> %d<br /><b>User is logged in?:</b>:%d<br />', $sessionHasUserName, $userIsLoggedIn);

if ($userIsLoggedIn)
{
  //User should be allowed to be on page
} else {
   echo '<meta http-equiv="refresh" content="0;url=/?module=admin&n=index">';
}

?>