嘿,我正在尝试建立一个登录和注册系统,当用户在标题中登录时,它会向他显示一条用用户名问候他的消息,当他没有登录时,会向他展示一条以客人身份问候他的消息。我的问题是,我假设在页眉页面(member.php页面)中,会话不会被保存,并且用户永远不会登录。在测试我的代码时。用户成功登录后,它会将他重定向到member.php页面,在那里它应该向他显示用户名等等。但事实并非如此。这是我的代码:
member.php:
<?php
error_reporting(E_ALL ^ E_NOTICE);
error_reporting(0);
session_start();
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<LINK REL=StyleSheet HREF="css/styletest.css" TYPE="text/css">
</head>
<body>
<div id="wrapper">
<!-- Website menu -->
<div id="menu-bar">
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
</div>
<!-- End of Website menu -->
<div id="content">
<!-- Website header -->
<div id="header">
<h1>Testing header</h1>
<?php
if ($username && $userid) {
echo "Welcome <b>$username</b>, <a href='./logout.php'>Logout</a>";
} else {
echo "Please login to access this page. <a href='./login.php'>Login here</a>";
}
?>
</div>
<!-- End of Website header -->
<!-- -----Website content----- -->
<p>Testing website content</p>
<!-- End of Website content -->
</div>
<!-- Website footer -->
<div id="footer">
</div>
<!-- End of Website footer -->
</div>
</body>
</html>
这里是login.php:
<?php
error_reporting(E_ALL ^ E_NOTICE);
error_reporting(0);
session_start();
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<LINK REL=StyleSheet HREF="css/styletest.css" TYPE="text/css">
</head>
<body>
<div id="wrapper">
<!-- Website menu -->
<div id="menu-bar">
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
<li><a href="">Testing links</a></li>
</div>
<!-- End of Website menu -->
<div id="content">
<!-- Website header -->
<div id="header">
<h1>Testing header</h1>
<?php
if ($username && $userid) {
echo $username;
} else {
echo 'Welcome guest';
}
?>
</div>
<!-- End of Website header -->
<!-- -----Website content----- -->
<h2>Log in</h2>
<?php
$form='<form action="login.php" method="POST">
<table>
<tr>
<td>Username :</td>
<td><input type="text" name="user"></td>
</tr>
<tr>
<td>Password :</td>
<td><input type="password" name="pass"></td>
</tr>
<tr>
<td></td>
</tr>
<tr>
<td></td>
</tr>
<tr>
<td></td>
</tr>
<tr>
<td></td>
</tr>
<tr>
<td><input type="submit" name="loginbtn" value="Log in"></td>
</tr>
</table>
</form>';
$user = $_POST['user'];
$pass = $_POST['pass'];
if ($_POST['loginbtn']) {
if ($user) {
if ($pass) {
require 'core/connect.php';
$query = mysql_query("SELECT * FROM users WHERE username = '$user' ");
$row = mysql_fetch_assoc($query);
$passwordFromPost = $_POST['pass'];
$hashedPasswordFromDB = $row['password'];
if (password_verify($passwordFromPost, $hashedPasswordFromDB)) {
$query = mysql_query("SELECT * FROM users WHERE username = '$user' ");
$numrows = mysql_num_rows($query);
if ($numrows == 1) {
$query = mysql_query("SELECT * FROM users WHERE username = '$user' ");
$row = mysql_fetch_assoc($query);
$dbactive = $row['active'];
$dbuser = $row['username'];
if ($dbactive == 1) {
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
echo "You have been logged in as <b>$dbuser</b> <a href='./member.php'>Click here</a> to go back to home page";
} else {
echo '<font color="red">You must activate your account to log in.</font>';
echo $form;
}
} else {
echo '<font color="red">You entered an invalid username or password.</font>';
echo $form;
}
} else {
echo '<font color="red">You entered an invalid username or password.</font>';
echo $form;
}
mysql_close();
} else {
echo '<font color="red">You must enter your password.</font>';
echo $form;
}
} else {
echo '<font color="red">You must enter your username.</font>';
echo $form;
}
}else{
echo $form;
}
?>
<!-- End of Website header -->
<!-- -----Website content----- -->
<p>Testing website content</p>
<!-- End of Website content -->
</div>
<!-- Website footer -->
<div id="footer">
</div>
<!-- End of Website footer -->
</div>
</body>
</html>
现在,我不认为在login.php中有任何问题,因为我测试了页面,所有事情都很好,即使是以下代码:
echo "You have been logged in as <b>$dbuser</b> <a href='./member.php'>Click here</a> to go back to home page";
当它在member.php中显示他的用户名时,什么也没发生。感谢阅读。
对我来说,变量$username
和$userid
似乎没有在任何地方初始化。由于您的问题涉及会话,我认为您是从会话中获得这些变量的。如果它们是在其他地方声明的,那么会话就没有使用(根据您的代码)。
在您的member.php
文件中,您写道:
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
这似乎是错误的,因为您正在重新声明会话中的值,而不是简单地获取它们。请使用以下内容。
$username = isset($_SESSION['username']) ? $_SESSION['username'] : false;
$userid = isset($_SESSION['userid']) ? $_SESSION['userid'] : false;
这将检查用户名和用户id是否存储在会话中。如果缺少这些变量,则为其分配值false
。然后,当您进一步向下检查变量时,条件将失败,并执行与访客用户有关的块。
奖金
您还应该养成在使用变量之前检查变量是否存在的习惯。这将帮助您避免undefined variable
错误。使用isset
关键字进行检查。这看起来可能需要做更多的工作,但代码健壮性的提高无法与修复简单错误所花费的时间相比。
希望这有帮助,快乐编码!