【发布时间】:2018-02-27 12:30:08
【问题描述】:
我有一个会话问题。由于某种原因,正在设置会话,但没有传递会话数据。我检查了会话路径,这一切都是正确的。下面有一个登录处理程序,然后一旦用户登录,会话就会检查。
我 var_dumped 会话并没有得到任何结果,但是 var_dumped 两个脚本上的 session_id() 并获得了相同的会话 id,表明会话正在建立,但由于某种原因没有通过。
感谢您的帮助。
login_handler.php
<?php
session_name("tradesman");
session_start();
include '../includes/con.inc.php';
$errors = 0;
$email_address = $_POST['tradesman_email'];
$password = $_POST['tradesman_password'];
$remember_me = $_POST['tradesman_remember_me'];
$login_check = $dbh->prepare("SELECT * FROM tradesman WHERE email_address = :email_address");
$login_check->bindParam(':email_address', $email_address);
$login_check->execute();
if($login_check->rowCount() === 1){
}else{
$response["message"] = 'denied';
$errors++;
}
if($login_check->rowCount() === 1){
while($row = $login_check->fetch()) {
$db_password = $row['password'];
$tradesman_id = $row['tradesman_id'];
$trade_name = $row['trade_name'];
$email_address = $row['email_address'];
if (password_verify($password, $db_password)) {
$update_key = $dbh->prepare("UPDATE tradesman SET token=:token WHERE tradesman_id=:tradesman_id");
$update_key->bindParam(':token', $token);
$update_key->bindParam(':tradesman_id', $tradesman_id);
if($update_key->execute()){
$token = sha1(microtime());
$_SESSION['trade_name'] = $row['trade_name'];
$_SESSION['tradesman_id'] = $row['tradesman_id'];
$_SESSION['token'] = $token;
$response["message"] = 'tradesman_login_success';
}else{
$response["message"] = 'denied';
$errors++;
}
} else {
$response["message"] = 'denied';
$errors++;
}
}
}
echo json_encode($response);
exit();
?>
account.php - 登录后(仅限会话检查)
<?php
session_name("tradesman");
session_start();
print_r($_SESSION['token']);
print_r($_SESSION['tradesman_id']);
print_r($_SESSION['trade_name']);
require_once 'includes/con.inc.php';
$session_key = $_SESSION['token'];
$check_user = $dbh->prepare("SELECT * FROM tradesman WHERE token =:session_key LIMIT 1");
$check_user->bindParam(':session_key', $session_key, PDO::PARAM_STR);
if($check_user->execute()) {
$check_user->setFetchMode(PDO::FETCH_ASSOC);
}
if($check_user->execute()){
if($check_user->rowCount() === 1){
while($row = $check_user->fetch()) {
$tradesman_id = $row['tradesman_id'];
}
}else{
header('Location:index.php');
exit();
}
}else{
header('Location:index.php');
exit();
}
?>
【问题讨论】:
-
“但是 var_dumped session_id() 并获得了会话 id” - 在 both 脚本中在哪里?他们的会话ID在这两种情况下都相同吗?您是否通过浏览器开发工具检查过 cookie 是否被接受,以及是否会在下一个请求中返回?
-
@bob 查看错误报告显示和 PDO 错误处理php.net/manual/en/pdo.error-handling.php
-
@CBroe 我已经更新了这个问题。是的,在这两个脚本中,它们都是相同的,并且接受了 cookie。
-
@bob 您是否意识到您已将
session_name("tradesman"); session_start();按此顺序排列在login_handler.php中?此外,您不必使用while($row = $check_user->fetch())只需使用$row = $check_user->fetch(); $tradesman_id = $row['tradesman_id']; -
@Toleo 应该是这样(
session_name()部分)。
标签: php session session-variables