我正在创建一个使用会话来存储登录详细信息的网站-我知道这是一个糟糕的安全实践,但这将在稍后处理;现在我只需要解决这个问题。页面1从登录表单获取登录详细信息,并将其存储在会话中。第2页是用来显示这些变量的,但是当我试图访问这些变量时,我得到了这些错误:
Notice: Undefined index: email in /customers/0/4/0/my-domain.com/httpd.www/upload-photo.php on line 10
Notice: Undefined index: password in /customers/0/4/0/my-domain.com/httpd.www/upload-photo.php on line 11
下面是代码——我省略了不相关的部分:第1页
session_start();
var_dump($_SESSION);
ini_set('display_errors',1);
error_reporting(E_ALL);
// Just logged in
if($_POST["email"] != "" || $_POST["password"] != ""){
$email = strtolower($_POST["email"]);
$password = md5($_POST["password"]);
$_SESSION["email"] = $email;
$_SESSION["password"] = $password;
//echo "setting details from http post";
}else{
// Just redirected to this page
$email = $_SESSION["email"];
$password = $_SESSION["password"];
}
和第2页,我得到上面提到的错误:
session_start();
ini_set('display_errors',1);
error_reporting(E_ALL);
var_dump($_SESSION);
$_SESSION["advert"] = $_GET['id'];
echo $_SESSION["email"];
echo $_SESSION["password"];
我已经搜索了SO,并确保在我的session_start();之前没有空格或任何东西顺便说一下,我使用的域名公司是One.com
$_SESSION["email"]和$_SESSION["password"]是在if中设置的,所以在跳过它的情况下,您会得到这个未定义的索引错误(因为具有此索引的元素之前没有在任何地方定义)。要去掉这个Notice,可以使用isset()函数(也可以用它来验证$_POST用户输入)。例子:
echo isset($_SESSION["email"]) ? $_SESSION["email"] : 'There is no element with key "email"';
注:验证您的POST输入:
if(isset($_POST["email"]) && isset($_POST["password"])){}
修改条件为:
if(isset($_POST['email']) && isset($_POST['password'])){
//do login
}
else {
echo " Plese enter email and password";
}
:
login。
<?php
//here must be totaly clear, nothing can't be here
session_start();
if(isset($_POST['email']) && isset($_POST['password'])){
$_SESSION['email'] = $_POST['email'];
$_SESSION['password'] = $_POST['password'];
}
else {
echo "Please enter email and password";
}
//here must be form to login
Logged.php:
<?php
//here must be totaly clear, nothing can't be here
session_start();
if(!isset($_SESSION['email']) && !isset($_SESSION['password'])){
header("Location: Login.php?err=Please login to use members area");
}
else {
echo "You are logged in as:". $_SESSION['email'];
}
我解决了这个问题。当我在一个页面上,我是www.domain.com/page1,但当我在另一个页面没有www - domain.com/page2。这意味着会话变量不是持久化的。要做到这一点,我需要编辑htaccess文件重定向到www,如果没有www在URL