我目前正在开发一个网站,并且正在制作一个登录系统。我正在使用 session 来跟踪登录状态。目前涉及到登录的页面如下所示: (我更改在 url 中定义帖子变量的页面,如下所示:site.domain.com/?home)
index.php
/* CONNECTION TO CHECK LOGIN STATUS */
<?php
if (isset($_GET["sair"])){
session_start();
session_destroy();
}
if (isset($_SESSION["user"]) && isset($_GET["entrar"])){
mysql_connect("localhost","dbusr","password") or die("Can't connect to DB");
mysql_select_db("mydb") or die("Can't select DB");
$userinfo = $_SESSION["uinfo"];
}
?> /* START OF THE PAGE, RANDOM UNIMPORTANT HTML */
<?php if (!isset($_SESSION["user"])) { ?> /*NOT LOGGED IN...*/
<form id="loginform" method="post" action="scripts/checklogin.php">
<h2>Login</h2>
<?php if (isset($_GET["falha"])) { echo "<span class='erro'>Nome ou senha incorretos</span>"; }?> /*IF LOGIN ERROR*/
<input type="text" name="user" autofocus placeholder="Apelido"/><br />
<input type="password" name="pass" placeholder="Senha"/><br /> /*LOGIN FORM*/
<input type="submit" value="Entrar"/>
</form>
<?php
} else { /*LOGGED IN...*/
if ($userinfo["sexo"]=="0"){ /*GENDER*/
echo "Bem-vindo, ".$userinfo["nome"];
} else {
echo "Bem-vinda, ".$userinfo["nome"];
}?>
<?php }?>
脚本/checklogin.php
<?php
mysql_connect("localhost","dbusr","password") or die("Can't connect to DB");
mysql_select_db("mydb") or die("Can't select DB");
$user = mysql_real_escape_string(stripslashes($_POST["user"]));
$pass = md5(mysql_real_escape_string(stripslashes($_POST["pass"])));
$result = mysql_query("SELECT * FROM users WHERE apelido = \"".$user."\" AND senha = \"".$pass."\"");
if (count($result)==1) {
session_start();
$_SESSION["user"] = $user;
$_SESSION["pass"] = $pass;
while ($row = mysql_fetch_assoc($result)) {
$_SESSION["uinfo"] = $row;
}
header("location:../?entrar");
} else {
header("location:../?falha");
}
?>
但是当我进入页面并输入我的信息时,它仍然不显示已登录的部分。另外,当我输入错误的登录名时,它不会在登录表单上显示文本(<span>
)
最佳答案
在检查$_SESSION["user"]
之前,您需要在index.php中添加session_start()
。
关于php - 基于 session 的登录无法正常工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9233889/