我正在努力从数据库中进行选择并将其添加到 $_SESSION
以继续到个人资料页面。
请注意,“$_SESSION['user'] = $email;
”可以工作并打印在个人资料上,但我确信这是因为它已经提交了我的表单。
Connect.php
<?php
session_start();
$required = array('email', 'password');
// Loop over field names, make sure each one exists and is not empty
$error = false;
foreach($required as $field) {
if (empty($_POST[$field])) {
$error = true;
}
}
if ($error) {
die("All fields are required.");
} else {
//CHECK POINT 1
$con = mysql_connect("**HOST**", "**DB**", "**PASSWORD**");
mysql_select_db("**DB**")or die("cannot select DB");
// username and password sent from form
$email=$_POST['email'];
$psswrd=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$email = stripslashes($email);
$psswrd = stripslashes($psswrd);
$email = mysql_real_escape_string($email);
$psswrd = mysql_real_escape_string($psswrd);
$sql="SELECT * FROM **Table WHERE email='$email' and password='$psswrd'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
//fetch info & create session
$id="SELECT 'id' FROM **table**";
$_SESSION['user'] = $email;
$_SESSION['uid'] = $id;
$_SESSION['name1'] = $fname;
Profile.php
<?php
session_start();
$email = $_SESSION["user"];
$id = $_SESSION["uid"];
$fname = $_SESSION["name1"];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>...</head>
<body>
<div align=center><font color="#000000" face="Bodoni MT" class="ws12"><?php echo "I am ". $id. ". Contact me at ". $email ?></font></div>
</body>
</html>
最佳答案
您必须从数据库获取数据(“$result”变量)。试试这个:
<?php
session_start();
$required = array('email', 'password');
foreach ($required as $field) {
if (empty($_POST[$field])) {
$error = true;
} else {
$error = false;
}
}
if (true === $error) {
die("All fields are required.");
} else {
$con = mysql_connect("**HOST**", "**DB**", "**PASSWORD**");
mysql_select_db("**DB**") or die ("cannot select DB");
$email = $_POST['email'];
$psswrd = $_POST['password'];
$email = stripslashes($email);
$psswrd = stripslashes($psswrd);
$email = mysql_real_escape_string($email);
$psswrd = mysql_real_escape_string($psswrd);
$result = mysql_fetch_assoc(mysql_query("SELECT * FROM **Table WHERE email='$email' and password='$psswrd'"));
if (!empty($result)) {
$_SESSION['user'] = $result['email'];
$_SESSION['uid'] = $result['id']; // id column name in your database
$_SESSION['name1'] = $result['name']; // name column name in your database
}
关于php - 在登录时创建 session 并从 MySQL 创建变量,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19772305/