-1
如果用戶沒有登錄,我已經創建了用戶必須登錄的主頁。成功登錄前必須登錄兩次
這裏是我的index.php:
<?php
error_reporting(-1);
session_start();
echo $_SESSION['PHPSESSID'];
echo $_COOKIE['PHPSESSID'];
require_once('config.php');
require_once('core/login.php');
$config = new Notesconfig();
$baseURL = $config -> baseURL;
$login = new Login();
$connect = $login -> connectDB($config -> host, $config -> user, $config -> password, $config -> db);
if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) {
$login -> processLogin($connect, $_POST['username'], md5($_POST['password']), $baseURL);
}
if(isset($_GET['logout'])) {
$login -> processLogout($connect, $baseURL);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang='en' xml:lang='en' xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" href="<?php echo $baseURL; ?>/css/main.css">
</head>
<body class="mainBody">
<div id="container">
<div id="header">
</div>
<div id="content">
<?php
if(!isset($_SESSION['PHPSESSID']) || empty($_SESSION['PHPSESSID']) || !isset($_COOKIE['PHPSESSID']) || empty($_COOKIE['PHPSESSID']) || ($_SESSION['PHPSESSID']) != ($_COOKIE['PHPSESSID'])) {
?>
<div id="main-content" style="width: 960px;">
<?php
$login -> viewLoginForm();
?>
</div>
<?php
}
else {
?>
<div id="main-content" style="width: 710px;">
</div>
<div id="right-column" style="width: 250px;">
<a href="./?logout=true" class="logout" target="_self" >Logout</a>
</div>
<?php
}
?>
</div>
<div id="footer">
</div>
</div>
</body>
</html>
這是我core/login.php:
<?php
class Login {
//Connect Database
public function connectDB($host, $user, $password, $db) {
$connect = mysqli_connect($host, $user, $password, $db); //mysqli_connect(host,username,password,dbname,port,socket);
if($connect) {
echo "Database Connection Established.";
return $connect;
}
else {
echo "Database Connection Failed.";
}
}
//Login User
public function processLogin($connection, $username, $password, $baseURL) {
$username = mysqli_real_escape_string($connection, stripslashes($username));
$password = mysqli_real_escape_string($connection, stripslashes($password));
$db = "SELECT `username`, `password`, `phpsessid` FROM `login` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1";
$db_query = mysqli_query($connection, $db);
if(mysqli_num_rows($db_query)) {
echo "Query Success.";
$row = mysqli_fetch_array($db_query);
$_SESSION['PHPSESSID'] = $row['phpsessid'];
setcookie("PHPSESSID", $row['phpsessid'], 0);
}
else {
echo "Query Failed. Reason:".$connection->error;
return false;
}
mysqli_close($connection);
header('Location: '.$baseURL);
die;
}
//Logout User
public function processLogout($connection, $phpsessid, $baseURL) {
unset($_SESSION['PHPSESSID']);
//unset($_COOKIE['PHPSESSID']);
setcookie("PHPSESSID", $phpsessid, time()-360000);
mysqli_close($connection);
header('Location: '.$baseURL);
}
//Display Login Form
public function viewLoginForm() {
echo '<form action=" " id="loginForm" method="POST" >';
echo '<table class="loginForm">';
echo '<tr>';
echo '<td>Matric No.</td><td><input type=\"text\" name="username" /></td>';
echo '</tr>';
echo '<tr>';
echo '<td>Password</td><td><input type="password" name="password" /></td>';
echo '</tr>';
echo '<tr>';
echo '<td> </td><td><input type="submit" name="login" value="Login" /></td>';
echo '</tr>';
echo '</table>';
echo '</form>';
}
}
?>
的config.php只是包含了一些數據我想使用:
<?php
class Notesconfig {
public $baseURL = 'http://localhost/notes';
public $siteName = 'Notes';
public $host = 'localhost';
public $user = 'root';
public $password = '';
public $db = 'notes';
}
?>
不過,我需要登錄兩次,然後成功設置session和cookies,而我不需要註銷兩次。
當我第一次點擊登錄時,我得到Query Success,但沒有登錄。
然後我再次點擊登錄,這次我會成功登錄。
登錄後,我點擊註銷,然後返回到登錄頁面。再次,我需要登錄兩次才能成功登錄。
我該如何解決這個錯誤?
編輯
改變所有PHPSESSID和解決問題。
添加刪除Cookie和會話...爲什麼你不只是設置1會話用戶,並在註銷時將其刪除?它更容易:) – Svetoslav
快速提示:將'mysql_real_escape_string'更改爲'mysqli_real_escape_string' - 您正在混合'MySQL_'和'MySQLi_' –
@ Fred-ii-,感謝您的快捷。 – Chin