使用PHP会话变量时出现了新问题。问题是,它们似乎都适用于Chrome和FireFox,但不能在我的iPhone上使用Safari(注意:目前我无法访问本地页面以使用Internet Explorer对其进行测试,但这不在此问题的范围内我想)。
当我在我正在处理的网站上登录用户时,这是一个特殊问题。这是代码:
的index.php
<?php session_start();
include ("dbconfig.php");
?>
<html>
<head>
<title>My Webpage</title>
<link rel = "stylesheet" type = "text/css" href = "site.css" />
<link rel="shortcut icon" href="index.html?img=favicon" type="image/ico" />
<script>
function validatingForm(){
var x;
var y;
var e;
var p;
x = document.getElementById('nameCheck').value;
y = document.getElementById('password').value;
e = document.getElementById('errorMsg');
p = document.getElementById('errorPass');
if(x !="" && y !=""){
return true;
}
else if(x =="" && y == ""){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="red">(required) Password:</font>';
return false;
}
else if(x =="" && y!=""){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="blue">Password:</font>';
return false;
}
else if(y =="" && x!=""){
p.innerHTML='<font color="red">(required) Password:</font>';
e.innerHTML='<font color="blue">Name:</font>';
return false;
}
}
function validatingSignUpForm(){
var x;
var y;
var e;
var p;
x = document.getElementById('newonameCheck').value;
y = document.getElementById('newopassword').value;
e = document.getElementById('newoerrorMsg');
p = document.getElementById('newoerrorPass');
if(x !="" && y !=""){
return true;
}
else if(x =="" && y == ""){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="red">(required) Password:</font>';
return false;
}
else if(x =="" && y!=""){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="blue">Password:</font>';
return false;
}
else if(y =="" && x!=""){
p.innerHTML='<font color="red">(required) Password:</font>';
e.innerHTML='<font color="blue">Name:</font>';
return false;
}
}
function addValidate(){
var x;
var y;
var z;
var e;
var p;
var r;
x = document.getElementById('nameCheck').value;
y = document.getElementById('password').value;
z = document.getElementById('role').value;
e = document.getElementById('errorMsg');
p = document.getElementById('errorPass');
r = document.getElementById('errorRole');
if(x !="" && y !="" && z !="empty"){
return true;
}
else if(x =="" && y == "" & z == "empty"){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="red">(required) Password:</font>';
r.innerHTML='<font color="red">(required) Role:</font>';
return false;
}
else if(x !="" && y == "" & z == "empty"){
e.innerHTML='<font color="blue">Name:</font>';
p.innerHTML='<font color="red">(required) Password:</font>';
r.innerHTML='<font color="red">(required) Role:</font>';
return false;
}
else if(x =="" && y!="" && z == "empty"){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="blue">Password:</font>';
r.innerHTML='<font color="red">(required) Role:</font>';
return false;
}
else if(x =="" && y == "" && z != "empty"){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="red">(required) Password:</font>';
r.innerHTML='<font color="blue">Role:</font>';
return false;
}
else if(x =="" && y!="" && z != "empty"){
e.innerHTML='<font color="red">(required) Name:</font>';
p.innerHTML='<font color="blue">Password:</font>';
r.innerHTML='<font color="blue">Role:</font>';
return false;
}
else if(y =="" && x!="" && z != "empty"){
p.innerHTML='<font color="red">(required) Password:</font>';
e.innerHTML='<font color="blue">Name:</font>';
r.innerHTML='<font color="blue">Role:</font>';
return false;
}
}
</script>
</head>
<body>
<?php include("header.php"); ?>
<?php
if (isset($_SESSION['user']))
/* user is logged in */
echo "<p class ='welcome' id='greeting'> Hi, ". $_SESSION['user'] . "! Welcome to the site!</p>";
else
/* user is NOT logged in*/
echo "<p class ='welcome' id='greeting'> Please Login:</p>
<form action='welcome.php' method='post'>
<center><b id = 'errorMsg'>Name:</b>
<input type='text' id='nameCheck' name = 'username' /></center>
<br />
<center><b id='errorPass'>Password:</b> <input type='password' id ='password' name = 'password'/></center>
<br /><br />
<center><input type='submit' value='Log In' onClick='return validatingForm()'/></center>
</form>
<p class ='welcome' id='greeting'> OR Sign Up:</p>
<form action='sign_up.php' method='post'>
<center><b id = 'newoerrorMsg'>Name:</b>
<input type='text' id='newonameCheck' name = 'addusername' /></center>
<br />
<center><b id='newoerrorPass'>Password:</b> <input type='password' id ='newopassword' name = 'addpassword'/></center>
<br /><br />
<center><input type='submit' value='Sign Up' onClick='return validatingSignUpForm()'/></center>
</form>
";
?>
<?php
if (isset($_SESSION['user']) && $_SESSION['role'] == 'admin') {
/*query user db */
$user_rs = $db_con->query("SELECT * FROM users");
/* Assume there is a recordset and create the table */
echo "<center>
<h1> User List:</h1>
<table border='1'>
<tr>
<td><b>User ID</b></td>
<td><b>Username</b></td>
<td><b>Password</b></td>
<td><b>Options</b></td>
</tr>";
/* loop through recordset - new row for each user */
while( $record = $user_rs->fetch_object() ){
echo "
<tr>
<td>" . $record->id . "</td>
<td>" . $record->username . "</td>
<td>" . $record->password . "</td>
<td><a href='remove_user.php?id=" . $record->id . "'>Delete</a></td>
</tr>";
}
/* Close the table */
echo "
</table>
</center>
<br />";
}
else if (isset($_SESSION['user']) && $_SESSION['role'] == 'user') {
/*query user db */
$user_rs = $db_con->query("SELECT * FROM users WHERE username = '" . $_SESSION['user'] . "'");
/* Assume there is a recordset and create the table */
echo "<center>
<h1> Your Profile:</h1>
<table border='1'>
<tr>
<td><b>User ID</b></td>
<td><b>Username</b></td>
<td><b>Password</b></td>
</tr>";
/* take one row for user only */
$record = $user_rs->fetch_object();
echo "
<tr>
<td>" . $record->id . "</td>
<td>" . $record->username . "</td>
<td>" . $record->password . "</td>
</tr>";
/* Close the table */
echo "
</table>
</center>
<br />";
}
#else {
#do nothing
# }
?>
<?php
if (isset($_SESSION['user']) && $_SESSION['role']=="admin")
echo "<p class ='welcome' id='greeting'> Add User:</p>
<form action='add_user.php' method='post' onSubmit='return addValidate();' style = 'border: 2px grey solid; padding: 5px'>
<b id='errorMsg'>Name:</b>
<input type='text' id='nameCheck' name='addusername'/>
<br /><br />
<b id='errorPass'>Password:</b> <input type='password' id='password' name='addpassword'/>
<br /><br />
<b id='errorRole'>Role:</b> <select name='addrole' id='role' >
<option value='empty'>Select Role</option>
<option value='admin'>Admin</option>
<option value='user'>Ordinary User</option></select>
<br /><br />
<input type='submit' value='Add'/>
</form>";
?>
<?php if (isset($_SESSION['user']))
echo "<center><a href='logout.php'>Logout</a></center>";?>
<p class = "content"> This is a page that is a scrap work in progress. </p>
<?php include("footer.php"); ?>
</body>
</html>
的welcome.php
<?php session_start();
include('dbconfig.php');?>
<html>
<head>
<title>My Webpage</title>
<link rel = "stylesheet" type = "text/css" href = "site.css" />
<link rel="shortcut icon" href="index.html?img=favicon" type="image/ico" />
<body>
<?php include("header.php"); ?>
<p class="welcome" id="greeting">
<?php
$usercheck = $_POST["username"];
$passcheck = $_POST["password"];
$db_query = "SELECT * FROM users WHERE username = '" . $usercheck . "'";
$result = mysqli_query($db_con, $db_query);
if(!$result) {
die(mysqli_error($db_con));
}
if(mysqli_num_rows($result) > 0) {
$record = mysqli_fetch_array($result);
if (md5($passcheck) == $record['password']){
echo "Welcome, " . $_POST["username"] . "! You are now logged in. <br/>";
$_SESSION['user']= $_POST["username"];
$_SESSION['pass']= $passcheck;
$_SESSION['role']= $record['role'];
}
else
echo "Sorry, wrong password. <br/>";
}
else
echo "No such user exists... <br />";
?>
<a href="index.php">Click here</a> to return to the main page.
<?php include("footer.php"); ?>
</body>
</html>