1. 首页
  2. 问答
  3. 当表单提交时结束的PHP会话

当表单提交时结束的PHP会话

2014-03-02 32 views
0

当我在页面上提交表单并导致会话结束并且用户必须重新登录时,我遇到问题。我花了数小时尝试对此进行排序并且没有随处获得它! 这是从哪儿形式是页面的代码 -当表单提交时结束的PHP会话

<?php 
session_start(); /// initialize session 
$title = 'Month Edit'; 
include("passwords.php"); 
$user_email = check_logged(1, $dbc); 
?>

形式的代码只是

的passwords.php页面

<?php 
require ('ct_db.php');//This is the database info 
$query = "SELECT * FROM users"; 
$result = mysqli_query ($dbc, $query); 

while($check_row = mysqli_fetch_array($result, MYSQLI_ASSOC)) 
{ 
    $this_us = $check_row['user']; 
    $this_ps = $check_row['pass']; 
    $USERS[$this_us] = $this_ps; 
} 

function check_logged($page, $dbc) 
{ 
    global $_SESSION, $USERS; 
    if (!array_key_exists($_SESSION["logged"],$USERS)) 
     { 
     header("Location: login.php"); 
    } 
    else 
    { 
     $this_user = $_SESSION["logged"]; 
     $query = "SELECT * FROM users WHERE user = '$this_user'"; 
     $result = mysqli_query ($dbc, $query); 
     $row2 = mysqli_fetch_array($result, MYSQLI_ASSOC); 
     $user_email = $row2['email']; 
     $user_permission = $row2['permissions']; 
     if($page == 3 && ($user_permission=="admin" || $user_permission=="user")) 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     if($page == 2 && $user_permission=="user") 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     echo '<div id="logged_in">'; 
     echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
     echo 'Logged in as <span style="color:blue">'.$_SESSION["logged"]."</span> "; 
     echo 'email '.$user_email.' '; 
     echo '<input type="submit" value="Logout" id="log_out"/></div><br>'; 
     return $user_email; 
     } 
    } 
    } 
}; 
?>

我也有一个登录页面,其中包括以下

<?php 
session_start(); 
$title = 'login'; 
require ('ct_db.php'); 
$query = "SELECT * FROM users"; 
$result = @mysqli_query ($dbc, $query); 

while($check_row = mysqli_fetch_array($result, MYSQLI_ASSOC)) 
    { 
    $this_us = $check_row['user']; 
    $this_ps = $check_row['pass']; 
    $USERS[$this_us] = $this_ps; 
    } 


function check_logged($page) 
{ 
    global $_SESSION, $USERS; 
    if (!array_key_exists($_SESSION["logged"],$USERS)) 
     { 
     header("Location: login.php"); 
    } 
    else 
    { 
     $this_user = $_SESSION["logged"]; 
     require ('ct_db.php'); 
     $query = "SELECT * FROM users WHERE user = '$this_user'"; 
     $result = mysqli_query ($dbc, $query); 
     $row2 = mysqli_fetch_array($result, MYSQLI_ASSOC); 
     $user_email = $row2['email']; 
     $user_permission = $row2['permissions']; 
     if($page == 3 && ($user_permission=="admin" || $user_permission=="user")) 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     if($page == 2 && $user_permission=="user") 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     echo '<div id="logged_in">'; 
     echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
     echo 'Logged in as <span style="color:blue">'.$_SESSION["logged"]."</span> "; 
     echo 'email '.$user_email.' '; 
     echo '<input type="submit" value="Logout" id="log_out"/>'; 
     return $user_email; 
     } 
     } 
    } 
}; 

require ('ct_db.php'); 
if ($_POST["ac"]=="log") 
{ /// do after login form is submitted 
    if ($USERS[$_POST["username"]]==$_POST["password"]) /// check if submitted username and password exist in $USERS array 
    { 
      $_SESSION["logged"]=$_POST["username"]; 
      $_SESSION["email"] = 'email address'; 
      echo 'email = '.$_SESSION["email"]; 
    } 
    else 
    { 
      echo 'Incorrect username/password. Please, try again.'; 
    }; 
}; 

if ($_POST["ax"]=="out") 
{ /// do after login form is submitted 
    if ($USERS[$_POST["username"]]==$_POST["password"]) /// check if submitted username and password exist in $USERS array 
    { 
      session_destroy(); 
      echo 'You are logged out'; 
      //header("Location: login.php"); 
      die; 
    } 
}; 

if (array_key_exists($_SESSION["logged"],$USERS)) //// check if user is logged or not 
{ 
    echo "You are logged in."; 
    echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
    echo '<input type="submit" value="Logout" />'; 
    echo '</form>'; 
    header("Location: mainPage3.php"); 

     //// if user is logged show a message 
} 
else 
{ //// if not logged show login form 
    echo '<div id="login">'; 
    echo '<h1>Connectivity</h1>'; 
    echo 'Please login<br><br>'; 
    echo '<form action="login.php" method="post"><input type="hidden" name="ac" value="log"> '; 
    echo 'Username: <input type="text" name="username" id="username"/><br>'; 
    echo 'Password: <input type="password" name="password" id="password"/><br>'; 
    echo '<input type="submit" value="Login" />'; 
    echo '</form>'; 
    echo '</div><!--End login-->'; 
}; 
?>

在我试图解决问题,我已经改变并添加了很多代码,我相信它比应该更复杂。我可以在页面之间移动页面而不会被注销,并且可以刷新包含任何问题的表单的页面。但如果我按提交,我会回到登录页面。 我唯一能想到的可能是线索是用户信息与网站信息位于不同的数据库中,但我已检查以确保每个人都拥有正确的代码。 任何帮助感激地收到。

来源

2014-03-02 user3006586

+0

你不需要象'$ _SESSION'这样的全球性声明。 – Barmar

+0

为什么您将所有用户名和相关密码存储在数组中?只需查询用户名和密码即可验证是否存在。 –

回答

0

我能够在代码登录和注销(两次)中看到只有两种提交按钮,并且这两个表单都有action = login.php。

单击注销按钮时,会话将通过代码销毁。 当一个已经登录的用户点击登录按钮(假设该按钮是可见的),它会将该帖子中的值设置为空值,并且该用户将被重定向到login.php页面,因为验证会抛出记录==假。

我还没有测试过你的代码,但显然这似乎是问题所在。

来源

2014-03-02 12:07:39 Donkarnash

相关问题

 相关问题