0
我有3個文件。 (loginFunctions.php,login.php,index.php) 在login.php,我採用的值,並將其傳遞到loginFunction.php檢查值和一份聲明中選擇userID將其返回到login.php。之後login.php調用稱爲(get('value'))的方法來通過userID並返回用戶信息。我在登錄頁面和索引頁面開始了會話。我試圖回顯存儲在會話中的信息,但沒有返回。
我的代碼:
loginFunction.php
<?php
function absolute_url($page = 'index.php') {
//header('Location: http:\\localhost');
//exit(); //terminates the script
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
$url = rtrim($url, '/\\');
$url .= '/' . $page;
return $url;
}
function checkLogin($email = '', $password = '') {
$errors = array();
if (empty($email)){
$errors[] = 'You must enter your email';
}
if (empty($password)){
$errors[] = 'You must enter a password';
}
if (empty($errors)) {
////set up database econnection
require_once 'DO_Classes/mysqli_connect.php';
$db = new Database();
$dbc = $db->getConnection();
$stmt = $dbc->prepare("SELECT user_ID FROM User WHERE user_email=? AND AES_DECRYPT(user_password, 'p0ly')=?");
if ($stmt) {
$stmt->bind_param('ss', $email, $password);
if ($stmt->execute()) {
$stmt->store_result();
$stmt->bind_result($user_ID);
$stmt->fetch();
$stmt->close();
if(!empty($user_ID)){
return array(true, $user_ID);
}else{
/*
* <div class=\"alert alert-success alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
Invalid email or password
</div>
*/
$errors[] = '<div class="alert alert-danger alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<p align="center">Invalid email or password</p>
</div>';
}
} else {
$errors[] = 'Passwords do not match';
}
}else {
echo '<p class="error"> Oh dear. There was a databse error</p>';
echo '<p class = "error">' . mysqli_error($stmt) . '</p>';
}
}
return array(false, $errors);
}
?>
login.php
<?php
if (isset($_POST['submitted'])) {
//require_once is similar to 'include' but ensures the code is not copied multiple times
require_once('Functions/loginFunctions.php');
//list() is a way of assigning multiple values at the same time
//checkLogin() function returns an array so list here assigns the values in the array to $check and $data
list($check, $data) = checkLogin($_POST['email'], $_POST['password']);
if ($check) {
//setcookie('FName', $data['FName'], time()+ 900) ; //cookie expires after 15 mins
//setcookie('LName', $data['LName'], time() + 900) ;
session_start();
require_once 'Classes/DO_Users.php';
$user = new DO_User();
$user->get($data);
//use session variables instead of cookies
//these variables should now be available to all pages in the application as long as the users session exists
$_SESSION['userID'] = $user->userID;
$_SESSION['userType'] = $user->userTypeID;
$_SESSION['last_activity'] = time(); //your last activity was now, having logged in.
$_SESSION['expire_time'] = 60 * 5; //expire time in seconds: three hours (you must change this)
//to enable $_SESSION array to be populated we always need to call start_session() - this is done in header.php
//print_r is will print out the contents of an array
//print_r($_SESSION);
//
//Redirect to another page
$url = absolute_url('index.php'); //function defined in Loginfunctions.php to give absolute path for required page
//this version of the header function is used to redirect to another page
header("Location: $url"); //since we have entered correct login details we are now being directed to the home page
exit();
} else {
$errors = $data;
}
}
if (!empty($errors)) {
//foreach is a simplified version of the 'for' loop
foreach ($errors as $err) {
echo "$err <br />";
}
echo '</p>';
}
//display the form
?>
在index.php,我叫require_once 'header.php';有session_start();但沒有什麼是回來了,爲什麼呢?
這不是一個很大的答案;你需要詳細解釋,以便其他人可能不知道,理解。如果不是,那麼你應該刪除答案/問題。 –
@ Fred-ii-準備好的聲明不起作用,因爲預準備聲明的聲明缺失值。 – imohd23
最好能夠立即在答案中包含這樣的內容,而不是在評論中。包括使用的語法將是一個額外的獎勵。 –