I'm using PHP 4.3.9, Apache/2.0.52

我使用的是PHP 4.3.9,Apache / 2.0.52

I'm trying to get a login system working that registers DB values in a session where they're available once logged in. I'm losing the session variables once I'm redirected.

我正在尝试让登录系统工作,在会话中注册DB值,一旦登录就可以使用它。一旦我被重定向,我就会丢失会话变量。

I'm using the following code to print the session ID/values on my login form page and the redirected page:

我正在使用以下代码在我的登录表单页面和重定向页面上打印会话ID /值:

echo '<font color="red">session id:</font> ' . session_id() . '<br>';
echo '<font color="red">session first name:</font> ' . $_SESSION['first_name'] . '<br>';
echo '<font color="red">session user id:</font> ' . $_SESSION['user_id'] . '<br>';
echo '<font color="red">session user level:</font> ' . $_SESSION['user_level'] . '<br><br>';

This is what's printed in my browser from my login page (I just comment out the header redirect to the logged in page). This is the correct info coming from my DB as well, so all is fine at this point.

这是我的浏览器从我的登录页面打印的内容(我只是将标题重定向到登录页面)。这也是来自我的数据库的正确信息,所以此时一切都很好。

session id: 1ce7ca8e7102b6fa4cf5b61722aecfbc
session first name: elvis
session user id: 2
session user level: 1

This is what's printed on my redirected/logged in page (when I uncomment the header/redirect). Session ID is the same, but I get no values for the individual session variables.

这是我在重定向/登录页面上打印的内容(当我取消注释标题/重定向时)。会话ID是相同的,但我没有得到各个会话变量的值。

session id: 1ce7ca8e7102b6fa4cf5b61722aecfbc
session first name:
session user id:
session user level:

I get the following errors:

我收到以下错误:

Undefined index: first_name
Undefined index: user_id
Undefined index: user_level

未定义索引:first_name未定义索引:user_id未定义索引:user_level

I have a global header.php file which my loggedIN.php does NOT call, though loggedOUT.php does - to toast the session):

我有一个全局的header.php文件,我的loggedIN.php没有调用,虽然loginOUT.php确实 - 为会话祝酒):

header.php 

<?php
ob_start();
session_start();

//if NOT on loggedout.php, check for cookie. if exists, they haven't explicity logged out so take user to loggedin.php
if (!strpos($_SERVER['PHP_SELF'], 'loggedout.php')) {
    /*if (isset($_COOKIE['access'])) {
        header('Location: www.mydomain.com/loggedin.php');
    }*/
} else {
    //if on loggedout.php delete cookie
    //setcookie('access', '', time()-3600);

    //destroy session
    $_SESSION = array();
    session_destroy();
    setcookie(session_name(), '', time()-3600);
}

//defines constants and sets up custom error handler
require_once('config.php');

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

some page layout stuff

Login portion is eventually called via include

footer stuff

My loggedIN.php does nothing but start the session

我的loggedIN.php什么也没做,只是启动会话

<?php
session_start();
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

The logic of my login script, the key part being I'm fetching the DB results right into $_SESSION (about half way down):

我的登录脚本的逻辑,关键部分是我正在获取数据库结果直接进入$ _SESSION(大约一半):

if (isset($_POST['login'])) {
        //access db
        require_once(MYSQL);

        //initialize an errors array for non-filled out form fields
        $errors = array();

        //setup $_POST aliases, clean for db and trim any whitespace
        $email  = mysql_real_escape_string(trim($_POST['email']), $dbc);
        $pass   = mysql_real_escape_string(trim($_POST['pass']), $dbc);

        if (empty($email)) {
            $errors[] = 'Please enter your e-mail address.';
        }

        if (empty($pass)) {
            $errors[] = 'Please enter your password.';
        }

        //if all fields filled out and everything is OK
        if (empty($errors)) {
            //check db for a match
            $query = "SELECT user_id, first_name, user_level 
                    FROM the rest of my sql here, blah blah blah";

            $result = @mysql_query($query, $dbc) 
                OR trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error($dbc));

            if (@mysql_num_rows($result) == 1) { //a match was made, OK to login

                //register the retrieved values into $_SESSION
                $_SESSION = mysql_fetch_array($result);
                mysql_free_result($result);
                mysql_close($dbc);
                /*              
                setcookie('access'); //if "remember me" not checked, session cookie, expires when browser closes
                                     //in FF you must close the tab before quitting/relaunching, otherwise cookie persists

                //"remember me" checked?
                if(isset($_POST['remember'])){ //expire in 1 hour (3600 = 60 seconds * 60 minutes)
                    setcookie('access', md5(uniqid(rand())), time()+60); //EXPIRES IN ONE MINUTE FOR TESTING
                }
                */

echo '<font color="red">cookie:</font> ' . print_r($_COOKIE) . '<br><br>';
echo '<font color="red">session id:</font> ' . session_id() . '<br>';
echo '<font color="red">session first name:</font> ' . $_SESSION['first_name'] . '<br>';
echo '<font color="red">session user id:</font> ' . $_SESSION['user_id'] . '<br>';
echo '<font color="red">session user level:</font> ' . $_SESSION['user_level'] . '<br><br>';

                ob_end_clean();
                session_write_close();

                $url = BASE_URL . 'loggedin_test2.php';
                header("Location: $url");
                exit();
            } else {
            //wrong username/password combo
            echo '<div id="errors"><span>Either the e-mail address or password entered is incorrect or you have not activated your account. Please try again.</span></div>';
            }

            //clear $_POST so the form isn't sticky
            $_POST = array();
        } else { 
        //report the errors
        echo '<div id="errors"><span>The following error(s) occurred:</span>';

            echo '<ul>';
            foreach($errors as $error) {
                echo "<li>$error</li>";
            }
            echo '</ul></div>';
        }

    } // end isset($_POST['login'])

if I comment out the header redirect on the login page, I can echo out the $_SESSION variables with the right info from the DB. Once redirected to the login page, however, they're gone/unset.

如果我在登录页面上注释掉标题重定向,我可以用数据库中的正确信息回显$ _SESSION变量。但是,一旦重定向到登录页面,它们就会被取消/取消设置。

Anyone have any ideas? I've spent nearly all day on this and can't say I'm any closer to figuring it out.

有人有主意吗?我几乎整天都花在这上面,并且不能说我更接近于弄清楚它。

BTW, I recently made 2 simple test pages, one started a session, set some variables on it, had a form submit which redirected to a second page which did nothing but read/output the session vars. It all seems to work fine, I'm just having issues with something I'm doing in my main app.

顺便说一句,我最近制作了两个简单的测试页面,一个开始一个会话,在其上设置一些变量,有一个表单提交,重定向到第二个页面,除了读取/输出会话变量之外什么也没做。这一切似乎工作正常,我只是在我的主应用程序中做的事情有问题。

4 个解决方案

#1

I don't see a session_start() in your login script. If you aren't starting the session I don't think php will save any data you place in the $_SESSION array. Also to be safe I'd explicitly place variables into the $_SESSION array instead of just overwriting the whole thing with $_SESSION = mysql_fetch_array($result);.

我没有在您的登录脚本中看到session_start()。如果你没有开始会话我不认为php会保存你放在$ _SESSION数组中的任何数据。同样为了安全起见,我明确地将变量放入$ _SESSION数组,而不是仅使用$ _SESSION = mysql_fetch_array($ result);覆盖整个事物。

更多相关文章

  1. php变量函数,回调函数
  2. 刷新php页面而不重载内容?
  3. php中static 静态变量和普通变量的区别
  4. 如何通过PHP将HTML页面作为字符串获取?
  5. thinkphp执行删除操作然后成功success后页面跳转失败问题
  6. 您是否认为PHP中的错误形式是在类方法中访问超级全局变量?
  7. 在通过AJAX响应发送的页面上执行javascript函数
  8. 040-PHP使用闭包函数来进行父实例的变量自增,正确示例
  9. 使用jQuery和ajax更改浏览器地址栏URL,无需重载页面[重复]

随机推荐

  1. CentOS7安装MySQL5.7遇到的若干问题记录
  2. 如何将数据从MYsql服务器传输到iphone
  3. 显示mysql表中的所有数据
  4. MySQL数据类型中DECIMAL的作用和用法
  5. mysql莫名问题 ERROR 1045 (28000): Acce
  6. oracle和mysql的几点重要区别总结
  7. MySQL 运算符和函数
  8. Mysql:设置0000-00-00为null
  9. 将数据存入mysql中
  10. mysql 的完整性约束 与单表查询