我想创建登录和注销会话
MySQL数据库中的表格看起来像这样
CREATE TABLE `login` (
`id` int(10) NOT NULL auto_increment,
`username` varchar(20) NOT NULL,
`password` varchar(20) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
和MySQL连接命名为config.inc
<?php
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = ''; // Your database name.
$username = ''; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.
// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');
?>
我的index.php
页面看起来像这样
<?php
// Inialize session
session_start();
// Check, if user is already login, then jump to secured page
if (isset($_SESSION['username'])) {
header('Location: securedpage.php');
}
?>
<html>
<head>
<title>PHPMySimpleLogin 0.3</title>
</head>
<body>
<h3>User Login</h3>
<table border="0">
<form method="POST" action="loginproc.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"> </td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"> </td></tr>
<tr><td> </td><td> </td><td><input type="submit" value="Login"></td></tr>
</form>
</table>
</body>
</html>
检查名为loginproc.php
的用户名和密码文件
<?php
// Inialize session
session_start();
// Include database connection settings
include('config.inc');
// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");
// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: index.php');
}
?>
我的安全页面代码名为securedpage.php
<?php
// Inialize session
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.php');
}
?>
<html>
<head>
<title>Secured Page</title>
</head>
<body>
<p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>
</body>
</html>
最后注销页面命名为logout.php
<?php
// Inialize session
session_start();
// Delete certain session
unset($_SESSION['username']);
// Delete all session variables
// session_destroy();
// Jump to login page
header('Location: index.php');
?>
现在我的问题是当我输入用户名和密码时,它只会保留在index.php
,而不会转到另一个页面。请查看此代码并告诉我何时出错。
感谢。
答案 0 :(得分:4)
答案 1 :(得分:0)
根据PHP 5.5不推荐使用所有mysql_ *函数。尝试使用抽象层或mysqli。
在您的loginproc.php中 您应该在成功验证用户名和密码后开始会话,因此在条件
中使用session_start() if (mysql_num_rows($login) == 1)
答案 2 :(得分:0)
首先,您可能拥有多个具有相同凭据的用户。
其次,您可能没有输入用户名或密码的用户。
第三,在SQL Query password = '" . mysql_real_escape_string(md5($_POST['password']))
改为
password = '" . md5(mysql_real_escape_string($_POST['password']))
并检查表名“login”或“user”??
试试这个
答案 3 :(得分:0)
在securedpage.php
中使用:
...
if (!isset($_SESSION['username'])==null)
{
header('Location: index.php');
}
...
而不是:
...
if (!isset($_SESSION['username']))
{
header('Location: index.php');
}
...
在index.php
答案 4 :(得分:0)
session_start();
error_reporting(E_ALL ^ (E_NOTICE | E_WARNING));
if(session_is_registered['username']){
unset($_SESSION['username']);
session_destroy($_SESSION['username']);
print "<script>alert('Anda berhasil logout'); location = '/'; </script>";
}