1. 首页
  2. 问答
  3. 使用SESSIONS进行基本登录

使用SESSIONS进行基本登录

2012-06-28 17 views
-4

我遇到了使用php和mysql的简单登录问题。使用SESSIONS进行基本登录

这里是我的代码:

的login.php

<?php 

    //include 'core/init.php'; 
    include 'functions.php'; 

    //JH check if user is logged in already 
    if (loggedin()) { 
     header("location: userarea.php"); 
     exit(); 
    } 

    if ($_POST['login']) { 
     $user = $_POST['user']; 
     $pass = $_POST['pass']; 
     $remember = $_POST['remember']; 
     $password_encrip = hash('md5', $pass); 

    if ($user&&$pass) { 
     $login = mysql_query("SELECT * FROM users WHERE user='$user'"); 
     while ($row = mysql_fetch_assoc($login)) 
     $db_pass = $row['pass']; { 

     if ($password_encrip==$db_pass) 
      $login_ok = TRUE; 
     else 
      $login_ok = FALSE; 
     } 

     if ($login_ok==TRUE) { 

      if ($remember=="on") 
       setcookie("user", $user, time()+7200); 

      else if ($remember=="") 
       $_SESSION['user']=$user; 

      header("Location: userarea.php"); 
      exit(); 

     } else 
      echo "ERROR: Username/Password combination incorrect!"; 

     } else 
      die("ERROR: Hit back and enter username and password!"); 
    } 


    ?> 

    <form action="login.php" method="POST"> 
    <b style="font-size:150%;">Log in</b><br/> 
    Username: <input type="text" name="user"/><br/> 
    Password: <input type="password" name="pass"/><br/> 
    <input type="checkbox" name="remember" />Remember me<br/> 
    <input type="submit" name="login" value="Log in"/> 
    </form>

的functions.php

<?php 

    // REPORT ERRORS? 
    //error_reporting(E_ALL); 

    // SESSIONS CHECK 
    session_start(); 

    //CONNECT TO DATABASE/CONNECT 
    mysql_connect("localhost","MYSQL","PASS") or die(); 
    mysql_select_db('DB') or die(); 

    // LOGIN CHECK FUNCTION 
    function loggedin() 
    { 
     if (isset($_SESSION['$user']) || isset($_COOKIE['$user'])) 
     { 
      $loggedin = TRUE; 
      return $loggedin; 
     } 
    } 


    ?>

USERAREA.PHP

 <?php 

    //include 'core/init.php'; 
    include 'functions.php'; 

    //JH check if user is logged in already 
    if (!loggedin()) 
    { 
     header("location: login.php"); 
     exit(); 
    } 

    ?> 

    <p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/> 


    <?php 
     echo "Welcome SESS: ".$_SESSION['user']. "<br/>"; 
     echo "Welcome Cookie: ".$_COOKIE['user']. "<br/>"; 
    ?>

任何人都可以请帮助?

来源

2012-06-28 user1489713

+3

什么似乎是问题?什么不行? –

+0

TOTZBALLS ??真的... TOTZBALLS? – bretterer

+0

基本上它转发给我userarea.php,但它踢我回到login.php,然后我也得到错误的密码/组合错误。 – user1489713

回答

2

在PHP的顶部,放session_start();(您发布的第一页)。

来源

2012-06-28 20:52:09 ionFish

+0

感谢您的输入,我确定这将不会有任何区别,因为它通过functions.php添加到会话?无论如何都加了! 我取消了MD5传递加密,它现在设置SESSION/COOKIE,但只刷新页面,不发送给userarea.php,并响应SESSION和COOKIE ='admin',因为它应该。 很奇怪,任何人都可以测试这个吗? – user1489713

+0

OOPS,在functions.php中,登录函数不正确,'if(isset($ _ SESSION ['$ user'])|| isset($ _ COOKIE ['$ user']))' - 已删除$并且正常工作。抱歉! – user1489713

+0

我从来没有注意到这一点。 – ionFish

0

给这个镜头一件大事是你总是希望在添加查询之前清理用户输入,并且如果$ _post值没有设置,它们不会返回false,所以如果($ _ POST ['something']] )将返回一个错误

----------------------------------- LOGIN.PHP 



<?php 

    //include 'core/init.php'; 
    include 'functions.php'; 

    //JH check if user is logged in already 
    if (loggedin()) { 
     header("location: userarea.php"); 
     exit(); 
    } 

    if ($_POST['login']) { 
     $user = mysql_real_escape_string($_POST['user']); 
     $pass = mysql_real_escape_string($_POST['pass']); 
     $remember = mysql_real_escape_string($_POST['remember']); 
     $password_encrip = hash('md5', $pass); 

     if (!empty($user) && !empty($pass)) { 
      $login = mysql_query("SELECT * FROM users WHERE user='$user' AND pass = '$password_encrip'"); 

      while ($row = mysql_fetch_assoc($login)) { 

       if (count($row) > 0) { 
        $login_ok = TRUE; 
       } else { 
        $login_ok = FALSE; 
       } 
      } 

      if ($login_ok) { 

       if ($remember == "on") { 
        setcookie("user", $user, time() + 7200); 
       } else if ($remember == "") $_SESSION['user'] = $user; 

       header("Location: userarea.php"); 
       exit(); 

      } else { 
       echo "ERROR: Username/Password combination incorrect!"; 
      } 

     } else { 
      die("ERROR: Hit back and enter username and password!"); 
     } 
    } 


?> 

<form action="login.php" method="POST"> 
    <b style="font-size:150%;">Log in</b><br/> 
    Username: <input type="text" name="user"/><br/> 
    Password: <input type="password" name="pass"/><br/> 
    <input type="checkbox" name="remember"/>Remember me<br/> 
    <input type="submit" name="login" value="Log in"/> 
</form> 


------------------------------------------ FUNCTIONS.PHP 

<?php 

    // REPORT ERRORS? 
    //error_reporting(E_ALL); 

    // SESSIONS CHECK 
    session_start(); 

    //CONNECT TO DATABASE/CONNECT 
    mysql_connect("localhost", "MYSQL", "PASS") or die(); 
    mysql_select_db('DB') or die(); 

    // LOGIN CHECK FUNCTION 
    function loggedin() { 
     if (isset($_SESSION['$user']) || isset($_COOKIE['$user'])) { 
      $loggedin = TRUE; 
      return $loggedin; 
     } 
    } 


?> 






---------------------------------------------- USERAREA.PHP 



<?php 

    //include 'core/init.php'; 
    include 'functions.php'; 

    //JH check if user is logged in already 
    if (!loggedin()) { 
     header("location: login.php"); 
     exit(); 
    } 

?> 

<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/> 


<?php 
    echo "Welcome SESS: " . $_SESSION['user'] . "<br/>"; 
    echo "Welcome Cookie: " . $_COOKIE['user'] . "<br/>"; 
?>

来源

2012-06-29 00:35:33

相关问题

 相关问题