我觉得你的问题是一个FUBAR换行符:)有没有添加登录页面引用,这是你解封检查,如果登录失败,会话变量。
要非常小心,你把你的<?php ?>
标签 - 在.inc文件,如db.php中包括 - 你可以省略上最后一行收盘?>
标签,以避免意外ENTER键,然后按CTRL + S失败,潜入你的输出缓冲区(ob)中不需要的换行符。如果ob_start被激活,则在您选择或脚本结束之前,不会从服务器写入任何内容。否则,如果不是,默认是每个\ n将刷新输出并启动净荷的内容部分。
的login.php:
<?php
session_start(); // put this on top-most line in your script
$ok = check($_POST['user'], $_POST['pass']);
if($ok) {
$user = db_get_user_creds($_POST['user']);
$_SESSION['name'] = $user['name'];
$_SESSION['job_title'] = $user['job_title'];
} else {
// session_unset();
unset($_SESSION['name']);
unset($_SESSION['job_title']);
}
?>
admin.php的
<?php
session_start(); // put this on top-most line in your script
// or, use ob_start at the very first line
// (with no widespace what so ever written out before it)
include('db.php');
?> I am writing out a newline here, session/header section is going to become unstable
<?php
// Inialize session
// @session_start(); moved up top
ob_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['name']) || ($_SESSION['job_title'] != "admin")) {
header('Location: index.php');
}
ob_flush();
?>
见 '我在这里写出来换行' 位
更深一点下来rabbithole去;沟通流程如下:
1) HEADERS such as
Connection: keep-alive\r\n
Content-Type: text/html\r\n (etc)
2) DOUBLE NEWLINE (one newline with no previous chars on that line)
\r\n
3) CONTENTS
Body
Of Page
确实管理员有名字吗? :) – mschr
如果在@session_start()之前删除'@';'是否有错误报告? – Leri
@mschr是的,但他们很多:D –