我使用的是PHP 4.3.9,Apache/2.0.52
我正在尝试使登录系统工作,在登录时可以在会话中注册DB值.一旦我被重定向,我就会丢失会话变量.
我正在使用以下代码在我的登录表单页面和重定向页面上打印会话ID /值:
echo 'session id: ' . session_id() . '
'; echo 'session first name: ' . $_SESSION['first_name'] . '
'; echo 'session user id: ' . $_SESSION['user_id'] . '
'; echo 'session user level: ' . $_SESSION['user_level'] . '
';
这是我的浏览器从我的登录页面打印的内容(我只是将标题重定向到登录页面).这也是来自我的数据库的正确信息,所以此时一切都很好.
session id: 1ce7ca8e7102b6fa4cf5b61722aecfbc session first name: elvis session user id: 2 session user level: 1
这是我重定向/登录页面上打印的内容(当我取消注释标题/重定向时).会话ID是相同的,但我没有得到各个会话变量的值.
session id: 1ce7ca8e7102b6fa4cf5b61722aecfbc session first name: session user id: session user level:
我收到以下错误:
未定义索引:first_name
未定义索引:user_id
未定义索引:user_level
我有一个全局的header.php文件,我的loggedIN.php没有调用,虽然loginOUT.php确实 - 为会话祝酒):
header.php文件
some page layout stuff Login portion is eventually called via include footer stuff
我的loggedIN.php什么也没做,只是启动会话
我的登录脚本的逻辑,关键部分是我正在获取数据库结果直接进入$ _SESSION(大约一半):
if (isset($_POST['login'])) { //access db require_once(MYSQL); //initialize an errors array for non-filled out form fields $errors = array(); //setup $_POST aliases, clean for db and trim any whitespace $email = mysql_real_escape_string(trim($_POST['email']), $dbc); $pass = mysql_real_escape_string(trim($_POST['pass']), $dbc); if (empty($email)) { $errors[] = 'Please enter your e-mail address.'; } if (empty($pass)) { $errors[] = 'Please enter your password.'; } //if all fields filled out and everything is OK if (empty($errors)) { //check db for a match $query = "SELECT user_id, first_name, user_level FROM the rest of my sql here, blah blah blah"; $result = @mysql_query($query, $dbc) OR trigger_error("Query: $query\n
MySQL Error: " . mysql_error($dbc)); if (@mysql_num_rows($result) == 1) { //a match was made, OK to login //register the retrieved values into $_SESSION $_SESSION = mysql_fetch_array($result); mysql_free_result($result); mysql_close($dbc); /* setcookie('access'); //if "remember me" not checked, session cookie, expires when browser closes //in FF you must close the tab before quitting/relaunching, otherwise cookie persists //"remember me" checked? if(isset($_POST['remember'])){ //expire in 1 hour (3600 = 60 seconds * 60 minutes) setcookie('access', md5(uniqid(rand())), time()+60); //EXPIRES IN ONE MINUTE FOR TESTING } */ echo 'cookie: ' . print_r($_COOKIE) . '
'; echo 'session id: ' . session_id() . '
'; echo 'session first name: ' . $_SESSION['first_name'] . '
'; echo 'session user id: ' . $_SESSION['user_id'] . '
'; echo 'session user level: ' . $_SESSION['user_level'] . '
'; ob_end_clean(); session_write_close(); $url = BASE_URL . 'loggedin_test2.php'; header("Location: $url"); exit(); } else { //wrong username/password combo echo 'Either the e-mail address or password entered is incorrect or you have not activated your account. Please try again.'; } //clear $_POST so the form isn't sticky $_POST = array(); } else { //report the errors echo 'The following error(s) occurred:'; echo ''; } } // end isset($_POST['login'])'; foreach($errors as $error) { echo "
- $error
"; } echo '
如果我在登录页面上注释掉标题重定向,我可以用数据库中的正确信息回显$ _SESSION变量.但是,一旦重定向到登录页面,它们就会被取消/取消设置.
有人有主意吗?我几乎整天都花在这上面,不能说我更接近于弄清楚它.
顺便说一下,我最近做了两个简单的测试页面,一个开始一个会话,在它上面设置一些变量,有一个表单提交,重定向到第二个页面,除了读取/输出会话变量之外什么也没做.这一切似乎都很好,我只是在我的主应用程序中遇到问题.
我session_start()
在您的登录脚本中没有看到.如果你没有开始会话我不认为php会保存你放在$_SESSION
数组中的任何数据.同样为了安全起见,我明确地将变量放入$_SESSION
数组中,而不是仅仅覆盖整个事物$_SESSION = mysql_fetch_array($result);
.