1. 首页
  2. 问答
  3. 会话变量?传递通过PHP页面

会话变量?传递通过PHP页面

2017-08-13 85 views
-2

我有问题传递会话信息或设置它们。我有这个代码。会话变量?传递通过PHP页面

 // To protect MySQL injection for Security purpose 
     $UserName = stripslashes($UserName); 
     $Password = stripslashes($Password); 
     $UserName = mysqli_real_escape_string($con, $UserName); 
     $Password = mysqli_real_escape_string($con, $Password); 
     // SQL query to fetch information of registerd users and finds user match. 
     $query = mysqli_query($con, "select * from Employee where password='$Password' AND username='$UserName'"); 
     $rows = mysqli_num_rows($query); 
     if ($rows == 1) { 
      $_SESSION['User']= $rows['FName'] $rows['LName']; // Initializing Session 
      header("location: Dashboard.php"); // Redirecting To Other Page 
     } else { 
      header("location: index.php"); // Redirecting To Other Page 
      $error = "Username or Password is invalid"; 
     } 
     mysqli_close($con); // Closing Connection 
    } 
} 
?>

一旦用户已通过身份验证。我希望将用户会话设置为他们的名字和姓氏。如果我需要设置2个不同的会话变量,我可以。

获取信息的页面。这里是重温代码。我可以让它回应用户说欢迎(姓名在这里)。

<?php session_start(); 
$User = $_SESSION['$User']; 
echo $User; 
?> 

<table border="0" width="100%" cellspacing="0" cellpadding="0" height="45" bgcolor="#aabbcc"> 
    <tr> 
     <td> 
      <p align="Left"><font face="Monotype Corsiva" size="3">&nbsp;&nbsp;Welcome <?php echo $User; ?>&nbsp;</font> 
<?php 
//Gets the IP address 
$ip = getenv("REMOTE_ADDR") ; 
Echo "Your IP is " . $ip; 
?> 
    </tr > 
</table>

有人可以给我带头。我已经检查了一些教程等新的会议。只是没有在教程网站上看到解决方案。

新编码!!!这里XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

<?php 
session_start(); // Starting Session 
$error=''; // Variable To Store Error Message 
if (isset($_POST['Submit'])) { 
if (empty($_POST['UserName']) || empty($_POST['Password'])) { 
$error = "Username or Password is invalid"; 
} 
else 
{ 
// Define $username and $password 
$UserName=$_POST['UserName']; 
$Password=$_POST['Password']; 
// Establishing Connection with Server by passing server_name, user_id and password as a parameter 
$con = mysqli_connect("localhost", "USER", "PASS", "DATABASE"); 
if (mysqli_connect_errno()) 
    { 
    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
    } 

// To protect MySQL injection for Security purpose 
$UserName = stripslashes($UserName); 
$Password = stripslashes($Password); 
$UserName = mysqli_real_escape_string($con, $UserName); 
$Password = mysqli_real_escape_string($con, $Password); 
// SQL query to fetch information of registerd users and finds user match. 
$query = mysqli_query($con, "select * from Employee where password='$Password' AND username='$UserName'"); 
$rows = mysqli_num_rows($query); 
if ($rows == 1) { 
$_SESSION['User']= array('FName' =>$rows['FName'], 'LName' => $rows['LName']); // Initializing Session 
header("location: Dashboard.php"); // Redirecting To Other Page 
} else { 
header("location: index.php"); // Redirecting To Other Page 
$error = "Username or Password is invalid"; 
} 
mysqli_close($con); // Closing Connection 
} 
} 
?>

确定其传递到包括在我的dashboard.php是代码

<?php session_start(); 
$User = $_SESSION['User']; 
error_reporting(E_ALL); ini_set('display_errors', 1); 
?> 

<table border="0" width="100%" cellspacing="0" cellpadding="0" height="45" bgcolor="#aabbcc"> 
<tr><td> 
<p align="Left"><font face="Monotype Corsiva" size="3">&nbsp;&nbsp;<?php echo "Welcome {$User['FName']} {$User['LName']}"?>&nbsp;</font> 
<?php 
//Gets the IP address 
$ip = getenv("REMOTE_ADDR") ; 
Echo "Your IP is " . $ip; 
?> 
</tr > 
    </table>

并感谢大家的建议!

来源

2017-08-13 Ken Mckay

+0

在登录脚本上是'session_start();'?如果不是,它需要。 – Rasclatt

+1

也不要这样做''select * from Employee where password ='$ Password'AND username ='$ UserName'“'。你需要查找绑定参数 – Rasclatt

+0

是的,我遗漏了相关顶级代码的顶部。是的,它是与我的数据连接信息 –

回答

0

您将会话变量的键设置为'用户',但在第二个脚本中使用'$ User'。所以这是两个不同的关键。

$rowWithUserName = mysqli_fetch_row($query); // fetch first and only row from query 
$_SESSION['User'] = $rowWithUserName['FName'] . " " . $rowWithUserName['LName']; // Initializing Session to key 'User' 




<?php session_start(); 
    // $User = $_SESSION['$User']; why are you using '$User' as the key inside []. use 'User' instead. 
    $User = $_SESSION['User']; 
    echo $User; 
?>

来源

2017-08-13 19:35:25 Swittmann

2

您将需要修改这条线,因为它应该在你可以在其他的脚本会导致编译错误,如

Parse error: syntax error, unexpected '$rows' (T_VARIABLE) in .....

$_SESSION['User']= $rows['FName'] $rows['LName'];

将其更改为

$_SESSION['User'] = array('FName' => $rows['FName'], 'LName' => $rows['LName']);

现在做

<?php 
session_start(); 

$User = $_SESSION['User']; 

echo "Hello {$User['FName']} {$User['LName']}";

Add error reporting to the top of your file(s) while testing right after your opening PHP tag for example <?php error_reporting(E_ALL); ini_set('display_errors', 1); to see if it yields anything.

来源

2017-08-13 19:36:10 RiggsFolly

+0

它仍然不符合该建议。我现在得到以下内容PHP警告:session_start():无法发送会话缓存限制器 - 已发送的头文件。这是在我的错误文件。不向用户显示名字的第一个和最后一个名字,谢谢你帮助我理解的建议。 –

+0

然后,你必须在第二个脚本中做一些事情,你没有向我们展示发送给浏览器的东西 – RiggsFolly

+0

好的,我要编辑我目前所拥有的内容。我会再次评论代码的更新时间。 –

0

找到解决方案!

// To protect MySQL injection for Security purpose 
$UserName = stripslashes($UserName); 
$Password = stripslashes($Password); 
$UserName = mysqli_real_escape_string($con, $UserName); 
$Password = mysqli_real_escape_string($con, $Password); 
// SQL query to fetch information of registerd users and finds user match. 
$sql = "SELECT * FROM Employee where Password='$Password' AND UserName='$UserName'"; 
    $result = mysqli_query($con, $sql) or die(mysqli_error($con)); 
    $User=mysqli_fetch_array($result); 
$row = mysqli_num_rows($result); 
if ($row == 1) 
{ 
$_SESSION["FName"] = $User['FName']; 
$_SESSION["LName"] = $User['LName']; 
$_SESSION["AccessLvl"] = $User['AccessLvl']; // Initializing Session header 

header("location: Dashboard.php");

来源

2017-08-17 19:15:51

相关问题

 相关问题