【发布时间】:2016-08-02 00:58:59
【问题描述】:
我正在处理一个登录后将转到仅限会员的页面的页面。昨晚我有这个登录工作,然后我改变了一些东西,现在看来会话没有保持设置。今晚我失去理智了。谢谢。
登录表单
<div style="position: absolute; bottom: 175px">
<button class="btn btn-default btn-xs" name="submit" role="button" data-toggle="modal" data-target="#myModal">Member Login</button>
</div>
<!-- Modal -->
<div id="myModal" class="modal fade" role="dialog">
<div class="modal-dialog">
<!-- Modal content-->
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">Member Login</h4>
</div>
<div class="modal-body">
<form method="post" action="" name="login_form">
<p><input type="email" class="span3" name="email" placeholder="Email"></p>
<p><input type="password" class="span3" name="password" placeholder="Password"></p>
<p><button type="submit" id="submit" name="submit" value="Login" class="btn btn-primary">Sign in</button></p>
</form>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
login.php
<?php
session_start();
include("connect.php"); //Establishing connection with our database
$error = ""; //Variable for storing our errors.
if(isset($_POST["submit"]))
{
if(empty($_POST["email"]) || empty($_POST["password"]))
{
$error = "Both fields are required.";
}else
{
// Define $email and $password
$email=$_POST['email'];
$password=$_POST['password'];
// To protect from MySQL injection
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysqli_real_escape_string($db, $email);
$password = mysqli_real_escape_string($db, $password);
$password = sha1($password);
//Check email and password from database
$sql="SELECT id FROM Members WHERE email='$email' and password='$password'";
$result=mysqli_query($db,$sql);
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
//If email and password exist in our database then create a session.
//Otherwise echo error.
if(mysqli_num_rows($result) == 1)
{
$_SESSION['email'] = $email; // Initializing Session
$error = "Success!";
echo "<div class='alert alert-danger alert-dismissible' role='alert'>
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
<span aria-hidden='true'>×</span></button>".$error."</div>";
//header("location: members_only"); // Redirecting To Other Page
}else
{
$error = "Incorrect email or password.";
echo "<div class='alert alert-danger alert-dismissible' role='alert'>
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
<span aria-hidden='true'>×</span></button>".$error."</div>";
}
}
}
?>
仅限会员 这是我的会员专用页面顶部的内容
<?php
session_start();
if (!isset($_SESSION['email']))
{
header('Location: index');
}
?>
当我完成登录表单并提交正确的用户名和密码后,我将被定向到索引,因为我的 $_SESSION['email'] 未设置。如果我删除测试,它会正确转到仅限会员的页面。
【问题讨论】:
-
在进行故障排除时,您需要将问题简化到最低限度,并清楚地描述发生的意外情况或不应该发生的情况,我在这里什么也没看到。
-
在底部的描述中添加了更多关于我所经历的内容。谢谢
-
你的意思是当你删除 SQL 密码检查它有效吗?
-
如果我删除 if (!isset($_SESSION['email'])) { header('Location: index'); } 它的工作原理,但如果你知道会员唯一的页面地址,你不必登录
-
当然!这显然不是您需要解决的问题。您需要排查为什么它没有在
login.php中设置,因此可能是 SQL 查询有否定结果的原因。
标签: php session bootstrap-modal