我目前正在网站上工作,我正在制作登录系统。我正在使用会话来跟踪登录状态。涉及到现在登录的页面如下所示: (我在网址中更改定义帖子变量的页面,如:site.domain.com/?home)
的index.php
/* CONNECTION TO CHECK LOGIN STATUS */
<?php
if (isset($_GET["sair"])){
session_start();
session_destroy();
}
if (isset($_SESSION["user"]) && isset($_GET["entrar"])){
mysql_connect("localhost","dbusr","password") or die("Can't connect to DB");
mysql_select_db("mydb") or die("Can't select DB");
$userinfo = $_SESSION["uinfo"];
}
?> /* START OF THE PAGE, RANDOM UNIMPORTANT HTML */
<?php if (!isset($_SESSION["user"])) { ?> /*NOT LOGGED IN...*/
<form id="loginform" method="post" action="scripts/checklogin.php">
<h2>Login</h2>
<?php if (isset($_GET["falha"])) { echo "<span class='erro'>Nome ou senha incorretos</span>"; }?> /*IF LOGIN ERROR*/
<input type="text" name="user" autofocus placeholder="Apelido"/><br />
<input type="password" name="pass" placeholder="Senha"/><br /> /*LOGIN FORM*/
<input type="submit" value="Entrar"/>
</form>
<?php
} else { /*LOGGED IN...*/
if ($userinfo["sexo"]=="0"){ /*GENDER*/
echo "Bem-vindo, ".$userinfo["nome"];
} else {
echo "Bem-vinda, ".$userinfo["nome"];
}?>
<?php }?>
脚本/ checklogin.php
<?php
mysql_connect("localhost","dbusr","password") or die("Can't connect to DB");
mysql_select_db("mydb") or die("Can't select DB");
$user = mysql_real_escape_string(stripslashes($_POST["user"]));
$pass = md5(mysql_real_escape_string(stripslashes($_POST["pass"])));
$result = mysql_query("SELECT * FROM users WHERE apelido = \"".$user."\" AND senha = \"".$pass."\"");
if (count($result)==1) {
session_start();
$_SESSION["user"] = $user;
$_SESSION["pass"] = $pass;
while ($row = mysql_fetch_assoc($result)) {
$_SESSION["uinfo"] = $row;
}
header("location:../?entrar");
} else {
header("location:../?falha");
}
?>
但是当我进入页面并输入我的信息时,它仍然没有显示登录的部分。此外,当我输入错误的登录信息时,它不会向我显示登录表单上的文本(<span>)
答案 0 :(得分:2)
在检查session_start()之前,您需要在index.php中添加$_SESSION["user"]。