1. 首頁
  2. 問答
  3. 當表單提交時結束的PHP會話

當表單提交時結束的PHP會話

2014-03-02 62 views
0

當我在頁面上提交表單並導致會話結束並且用戶必須重新登錄時,我遇到問題。我花了數小時嘗試對此進行排序並且沒有隨處獲得它! 這是從哪兒形式是頁面的代碼 -當表單提交時結束的PHP會話

<?php 
session_start(); /// initialize session 
$title = 'Month Edit'; 
include("passwords.php"); 
$user_email = check_logged(1, $dbc); 
?>

形式的代碼只是

的passwords.php頁面

<?php 
require ('ct_db.php');//This is the database info 
$query = "SELECT * FROM users"; 
$result = mysqli_query ($dbc, $query); 

while($check_row = mysqli_fetch_array($result, MYSQLI_ASSOC)) 
{ 
    $this_us = $check_row['user']; 
    $this_ps = $check_row['pass']; 
    $USERS[$this_us] = $this_ps; 
} 

function check_logged($page, $dbc) 
{ 
    global $_SESSION, $USERS; 
    if (!array_key_exists($_SESSION["logged"],$USERS)) 
     { 
     header("Location: login.php"); 
    } 
    else 
    { 
     $this_user = $_SESSION["logged"]; 
     $query = "SELECT * FROM users WHERE user = '$this_user'"; 
     $result = mysqli_query ($dbc, $query); 
     $row2 = mysqli_fetch_array($result, MYSQLI_ASSOC); 
     $user_email = $row2['email']; 
     $user_permission = $row2['permissions']; 
     if($page == 3 && ($user_permission=="admin" || $user_permission=="user")) 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     if($page == 2 && $user_permission=="user") 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     echo '<div id="logged_in">'; 
     echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
     echo 'Logged in as <span style="color:blue">'.$_SESSION["logged"]."</span> "; 
     echo 'email '.$user_email.' '; 
     echo '<input type="submit" value="Logout" id="log_out"/></div><br>'; 
     return $user_email; 
     } 
    } 
    } 
}; 
?>

我也有一個登錄頁面,其中包括以下

<?php 
session_start(); 
$title = 'login'; 
require ('ct_db.php'); 
$query = "SELECT * FROM users"; 
$result = @mysqli_query ($dbc, $query); 

while($check_row = mysqli_fetch_array($result, MYSQLI_ASSOC)) 
    { 
    $this_us = $check_row['user']; 
    $this_ps = $check_row['pass']; 
    $USERS[$this_us] = $this_ps; 
    } 


function check_logged($page) 
{ 
    global $_SESSION, $USERS; 
    if (!array_key_exists($_SESSION["logged"],$USERS)) 
     { 
     header("Location: login.php"); 
    } 
    else 
    { 
     $this_user = $_SESSION["logged"]; 
     require ('ct_db.php'); 
     $query = "SELECT * FROM users WHERE user = '$this_user'"; 
     $result = mysqli_query ($dbc, $query); 
     $row2 = mysqli_fetch_array($result, MYSQLI_ASSOC); 
     $user_email = $row2['email']; 
     $user_permission = $row2['permissions']; 
     if($page == 3 && ($user_permission=="admin" || $user_permission=="user")) 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     if($page == 2 && $user_permission=="user") 
     { 
     header("Location: login.php"); 
     } 
     else 
     { 
     echo '<div id="logged_in">'; 
     echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
     echo 'Logged in as <span style="color:blue">'.$_SESSION["logged"]."</span> "; 
     echo 'email '.$user_email.' '; 
     echo '<input type="submit" value="Logout" id="log_out"/>'; 
     return $user_email; 
     } 
     } 
    } 
}; 

require ('ct_db.php'); 
if ($_POST["ac"]=="log") 
{ /// do after login form is submitted 
    if ($USERS[$_POST["username"]]==$_POST["password"]) /// check if submitted username and password exist in $USERS array 
    { 
      $_SESSION["logged"]=$_POST["username"]; 
      $_SESSION["email"] = 'email address'; 
      echo 'email = '.$_SESSION["email"]; 
    } 
    else 
    { 
      echo 'Incorrect username/password. Please, try again.'; 
    }; 
}; 

if ($_POST["ax"]=="out") 
{ /// do after login form is submitted 
    if ($USERS[$_POST["username"]]==$_POST["password"]) /// check if submitted username and password exist in $USERS array 
    { 
      session_destroy(); 
      echo 'You are logged out'; 
      //header("Location: login.php"); 
      die; 
    } 
}; 

if (array_key_exists($_SESSION["logged"],$USERS)) //// check if user is logged or not 
{ 
    echo "You are logged in."; 
    echo '<form action="login.php" method="post"><input type="hidden" name="ax" value="out"> '; 
    echo '<input type="submit" value="Logout" />'; 
    echo '</form>'; 
    header("Location: mainPage3.php"); 

     //// if user is logged show a message 
} 
else 
{ //// if not logged show login form 
    echo '<div id="login">'; 
    echo '<h1>Connectivity</h1>'; 
    echo 'Please login<br><br>'; 
    echo '<form action="login.php" method="post"><input type="hidden" name="ac" value="log"> '; 
    echo 'Username: <input type="text" name="username" id="username"/><br>'; 
    echo 'Password: <input type="password" name="password" id="password"/><br>'; 
    echo '<input type="submit" value="Login" />'; 
    echo '</form>'; 
    echo '</div><!--End login-->'; 
}; 
?>

在我試圖解決問題,我已經改變並添加了很多代碼,我相信它比應該更復雜。我可以在頁面之間移動頁面而不會被註銷,並且可以刷新包含任何問題的表單的頁面。但如果我按提交,我會回到登錄頁面。 我唯一能想到的可能是線索是用戶信息與網站信息位於不同的數據庫中,但我已檢查以確保每個人都擁有正確的代碼。 任何幫助感激地收到。

來源

2014-03-02 user3006586

+0

你不需要象'$ _SESSION'這樣的全球性聲明。 – Barmar

+0

爲什麼您將所有用戶名和相關密碼存儲在數組中?只需查詢用戶名和密碼即可驗證是否存在。 –

回答

0

我能夠在代碼登錄和註銷(兩次)中看到只有兩種提交按鈕,並且這兩個表單都有action = login.php。

單擊註銷按鈕時,會話將通過代碼銷燬。 當一個已經登錄的用戶點擊登錄按鈕(假設該按鈕是可見的),它會將該帖子中的值設置爲空值,並且該用戶將被重定向到login.php頁面,因爲驗證會拋出記錄==假。

我還沒有測試過你的代碼,但顯然這似乎是問題所在。

來源

2014-03-02 12:07:39 Donkarnash

相關問題

 相關問題