我有问题传递会话信息或设置它们。我有这个代码。会话变量?传递通过PHP页面
// To protect MySQL injection for Security purpose
$UserName = stripslashes($UserName);
$Password = stripslashes($Password);
$UserName = mysqli_real_escape_string($con, $UserName);
$Password = mysqli_real_escape_string($con, $Password);
// SQL query to fetch information of registerd users and finds user match.
$query = mysqli_query($con, "select * from Employee where password='$Password' AND username='$UserName'");
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$_SESSION['User']= $rows['FName'] $rows['LName']; // Initializing Session
header("location: Dashboard.php"); // Redirecting To Other Page
} else {
header("location: index.php"); // Redirecting To Other Page
$error = "Username or Password is invalid";
}
mysqli_close($con); // Closing Connection
}
}
?>
一旦用户已通过身份验证。我希望将用户会话设置为他们的名字和姓氏。如果我需要设置2个不同的会话变量,我可以。
获取信息的页面。这里是重温代码。我可以让它回应用户说欢迎(姓名在这里)。
<?php session_start();
$User = $_SESSION['$User'];
echo $User;
?>
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="45" bgcolor="#aabbcc">
<tr>
<td>
<p align="Left"><font face="Monotype Corsiva" size="3"> Welcome <?php echo $User; ?> </font>
<?php
//Gets the IP address
$ip = getenv("REMOTE_ADDR") ;
Echo "Your IP is " . $ip;
?>
</tr >
</table>
有人可以给我带头。我已经检查了一些教程等新的会议。只是没有在教程网站上看到解决方案。
新编码!!!这里XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['Submit'])) {
if (empty($_POST['UserName']) || empty($_POST['Password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$UserName=$_POST['UserName'];
$Password=$_POST['Password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$con = mysqli_connect("localhost", "USER", "PASS", "DATABASE");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// To protect MySQL injection for Security purpose
$UserName = stripslashes($UserName);
$Password = stripslashes($Password);
$UserName = mysqli_real_escape_string($con, $UserName);
$Password = mysqli_real_escape_string($con, $Password);
// SQL query to fetch information of registerd users and finds user match.
$query = mysqli_query($con, "select * from Employee where password='$Password' AND username='$UserName'");
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$_SESSION['User']= array('FName' =>$rows['FName'], 'LName' => $rows['LName']); // Initializing Session
header("location: Dashboard.php"); // Redirecting To Other Page
} else {
header("location: index.php"); // Redirecting To Other Page
$error = "Username or Password is invalid";
}
mysqli_close($con); // Closing Connection
}
}
?>
确定其传递到包括在我的dashboard.php是代码
<?php session_start();
$User = $_SESSION['User'];
error_reporting(E_ALL); ini_set('display_errors', 1);
?>
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="45" bgcolor="#aabbcc">
<tr><td>
<p align="Left"><font face="Monotype Corsiva" size="3"> <?php echo "Welcome {$User['FName']} {$User['LName']}"?> </font>
<?php
//Gets the IP address
$ip = getenv("REMOTE_ADDR") ;
Echo "Your IP is " . $ip;
?>
</tr >
</table>
并感谢大家的建议!
在登录脚本上是'session_start();'?如果不是,它需要。 – Rasclatt
也不要这样做''select * from Employee where password ='$ Password'AND username ='$ UserName'“'。你需要查找绑定参数 – Rasclatt
是的,我遗漏了相关顶级代码的顶部。是的,它是与我的数据连接信息 –