有人可以向我解释我的登录设置出错了吗?我已经概述了下面的过程并包含了我正在使用的代码。一切都有效,除了会话变量似乎永远不会被设置。
我转发的页面将会话变量转储到页面上,除了到达下一页的时间,会话变量似乎不存在。如果我实际上将$ _SESSION变量作为对AJAX调用的json响应的一部分返回,它将返回正确的值,但是一旦页面发生更改,值似乎就会消失。
提交的登录表格
对login.php进行AJAX调用
login.php检查数据库的用户名和密码 如果找到用户,则为会话设置$ _SESSION变量, 运行一些其他SQL并返回成功,如果没有返回相应的错误。
如果成功转发用户,AJAX函数会从login.php接收结果 客户页面,如果没有显示结果错误。
$("#login_form_header").submit(function(event){
event.preventDefault();
$.ajax({
url: 'xhr/login.php',
data: $(this).serialize(),
type: 'post',
dataType: 'json',
success: function(result){
if (result.success){
window.location = "logged.php";
return false;
};
},
error: function(e){console.log("Could not retrieve login information")}
});
return false;
});
<?PHP
# Start the user session
if(!isset($_SESSION)) {
session_start();
};
# Make sure form data was passed to the script
IF (isset($_POST['username']) && isset($_POST['password'])){
# Connect to the database
REQUIRE('../../../../db_oystrr.php');
# Define variables
$given_username = $_POST['username'];
$given_password = $_POST['password'];
$given_username = stripslashes($given_username);
$given_password = stripslashes($given_password);
$given_username = mysql_real_escape_string($given_username);
$given_password = mysql_real_escape_string($given_password);
$matched_username = "";
$matched_password = "";
# See if there is matching info in the database
$sql = 'SELECT username, pass FROM users WHERE username="'.$given_username.'"';
$result = mysql_query($sql);
while($row = mysql_fetch_assoc($result)){
$pass_hash = *********;
if ($pass_hash == $row['pass']){
$matched_username = $row['username'];
$matched_password = $row['pass'];
};
};
# If there was a match
IF ($matched_username != "" && $matched_password != ""){
# If there is only one result returned
$session_sql = 'SELECT * FROM users WHERE username="'.$matched_username.'" AND pass="'.$matched_password.'";';
$session_result = mysql_query($session_sql);
$returned_row = mysql_fetch_assoc($session_result);
$user_check = mysql_num_rows($returned_row);
IF(count($user_check) > 0 && count($user_check) < 2){
# Set our session values
$_SESSION['id'] = $returned_row['id'];
$_SESSION['last_login'] = $returned_row['last_login'];
$_SESSION['username'] = $returned_row['username'];
$_SESSION['signup_date'] = $returned_row['signup_date'];
session_write_close();
# Set users last login date and time and re-hash their password to this login
$this_login = **********;
$hashed_password = **********;
$update_sql = '************';
mysql_query($update_sql);
echo json_encode(array("success"=>"user logged in", "session"=>$_SESSION));
}ELSE
echo json_encode(array("error"=>"More than one user with the same information. What did you do?!"));
}ELSE
echo json_encode(array("error"=>"Invalid login provided."));
}ELSE
echo json_encode(array("error"=>"You must enter a username and Password."))
&GT;
答案 0 :(得分:3)