最受欢迎

会话启动和停止错误Php

Session Start and Stop Error Php

本文关键字:错误 Php 启动 会话 | 更新日期: 2023-09-27

Index.php

<?php
session_start();
require_once('../inc/db/dbc.php');
include('login_helper.php'); 
?>
<!--
html form
-->
Login/Logout Links depending on session state:
<?php 
    if($_SESSION['valid'] == 1){
        echo "<a href='logout.php'>Logout</a>";
        echo 'userID '.$userid;
    }
    else{
        echo "<a href='index.php'>Login</a>";
    }
?>

check_buyer.php

<?php
session_start(); #recall session from index.php where user logged include()
require_once('login_helper.php');
/*
function validateUser()
{
    session_regenerate_id (); //this is a security measure
    $_SESSION['valid'] == 1;
    $_SESSION['userid'] = $userid;
}
function isLoggedIn()
{
    if(isset($_SESSION['valid']) && $_SESSION['valid'])
        return true;
    return false;
}
*/
require_once('../inc/db/dbc.php');
$connect = mysql_connect($h, $u, $p) or die ("Can't Connect to Database.");
mysql_select_db($db);
$LoginUserName = $_POST['userName'];
$LoginPassword = mysql_real_escape_string($_POST['userPass']);
//connect to the database here
$LoginUserName = mysql_real_escape_string($LoginUserName);
$query = "SELECT uID, uUPass, dynamSalt
        FROM User
        WHERE uUName = '$LoginUserName';";
$result = mysql_query($query);
if(mysql_num_rows($result) < 1) //no such USER exists
{
    echo "Invalid Username and/or Password";
}
$ifUserExists = mysql_fetch_array($result, MYSQL_ASSOC);
$dynamSalt = $ifUserExists['dynamSalt'];  #get value of dynamSalt in query above
$SaltyPass = hash('sha512',$dynamSalt.$LoginPassword); #recreate originally created dynamic, unique pass
if($SaltyPass != $ifUserExists['uUPass']) # incorrect PASS
{
    echo "Invalid Username and/or Password";
}
else {
validateUser();
}
//if the user has not logged in
if(!isLoggedIn())
{
    echo "<html>
<head>
<meta http-equiv='refresh' content='0'; url=index.php'>
</head>
<body>
</body>
<html>";
    die();
}
?>

login_helper.php

<?php
 function validateUser()
{
    #session_regenerate_id (); //this is a security measure
    $_SESSION['valid'] == 1;
    $_SESSION['uID'] = $userid;
    echo "Session made";
}
function isLoggedIn()
{
    if(isset($_SESSION['valid']) && $_SESSION['valid'])
        return true;
    return false;
}
function logout()
{
    session_start();
    $_SESSION = array(); //destroy all of the session variables
    session_destroy();
   echo "
    <html>
    <head>
    <meta http-equiv='refresh' content='0'; url=index.php'>
    </head>
    <body>
    </body>
    <html>";
}
?>

pwhome.php

<?php
session_start();
function isLoggedIn()
{
    if(isset($_SESSION['valid']) && $_SESSION['valid'])
        return true;
    return false;
}
//if the user has not logged in
if(!isLoggedIn())
{
    header('Location: index.php');
    die();
}
?>
<?php 
    if($_SESSION['valid'] == 1){
        echo "<a href='logout.php'>Logout</a>";
        echo 'userID '.$userid;
    }
    else{
        echo "<a href='index.php'>Login</a>";
    }
?>

logout.php

<?php    
require_once('login_helper.php');
logout();
?>

当前状态:当我访问index.php并使用确实正确的凭据登录时,我会不断刷新check_buyer.php

如何正确登录(从index.php(并在index.php上提供有效凭据后正确重定向到pwhome.php?

我想知道你的代码,如果你想注销并用新的会话值刷新index.php,为什么不把header( 'Location: index.php' );放在注销函数中?

因此,我认为这可能会有所帮助,修改您的logout.php:

注销.php

<?php  
session_start();
function logout()
{
  $_SESSION = array(); //destroy all of the session variables
  session_destroy();
  echo "logged out?";
  header( 'Location: index.php' );
}
logout();
?>

上次编辑:

试试这个代码:

Index.php

<?php
session_start();
require_once('../inc/db/dbc.php');
?>
<!-- 
html form 
-->
<?php 
    if($_SESSION['valid'] == 1){
        echo "<a href='logout.php'>Logout</a>";
        echo 'userID '.$userid;
    }
    else{
        echo "<a href='index.php'>Login</a>";
    }
?>

check_buyer.php

<?php
session_start(); #recall session from index.php where user logged include()
require_once('../inc/db/dbc.php');
$connect = mysql_connect($h, $u, $p) or die ("Can't Connect to Database.");
mysql_select_db($db);
$LoginUserName = $_POST['userName'];
$LoginPassword = mysql_real_escape_string($_POST['userPass']);
//connect to the database here
$LoginUserName = mysql_real_escape_string($LoginUserName);
$query = "SELECT uID, uUPass, dynamSalt
        FROM User
        WHERE uUName = '$LoginUserName';";
$result = mysql_query($query);
if(mysql_num_rows($result) < 1) //no such USER exists
{
    echo "Invalid Username and/or Password";
}
$ifUserExists = mysql_fetch_array($result, MYSQL_ASSOC);
$dynamSalt = $ifUserExists['dynamSalt'];  #get value of dynamSalt in query above
$SaltyPass = hash('sha512',$dynamSalt.$LoginPassword); #recreate originally created dynamic, unique pass
if($SaltyPass != $ifUserExists['uUPass']) # incorrect PASS
{
    echo "Invalid Username and/or Password";
}
else {
validateUser();
}
//if the user has not logged in
if(!isLoggedIn())
{
    header('Location: index.php');
    die();
}
function validateUser()
{
    session_regenerate_id (); //this is a security measure
    $_SESSION['valid'] = 1;
    $_SESSION['uID'] = $userid;
}
function isLoggedIn()
{
    if(isset($_SESSION['valid']) && $_SESSION['valid'])
        return true;
    return false;
}
?>

logout.php

<?php    
session_start();
function logout()
{
    $_SESSION = array(); //destroy all of the session variables
    session_destroy();
    header( 'Location: index.php' );
}
logout();
?>

而不是

header('Location: index.php');

尝试使用meta refresh进行页面转发。关闭php块后,添加一些HTML代码,如;

<html>
<head>
<meta http-equiv="refresh" content="0; url=index.php">
</head>
<body>
</body>
<html>

当您使用header()函数进行页面转发时,有时会话无法正常工作。

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习