0

我想显示: 登录为:_ __ _ ___

到目前为止的代码:

登录检查,

<?php
include('config.php');

// username and password sent from form 
$myemail=$_POST['myemail']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection
$myemail = stripslashes($myemail);
$mypassword = stripslashes($mypassword);
$myemail = mysql_real_escape_string($myemail);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE email='$myemail' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

if($count==1){
session_start(); 
$_SESSION['myemail'] = $myemail; 
header("Location: http://www.jblanksby.yourwebsolution.net/login_success.php?            user=$myemail"); } 
else 
{ header("Location: http://www.jblanksby.yourwebsolution.net/loginerror.php"); 
} 
?>

登录成功页面/第一个会员页面,

<? 
$email = $_GET['myemail']; 
session_start(); 
$_SESSION['myemail'] = $email;  

if(isset($_SESSION['email'])){ 
} else { 
echo " 
<script language='javascript'> 
alert('Sorry, but you must login to view the members area!') 
</script> 
<script> 
window.location='http://jblanksby.yourwebsolution.net/sign_in.php' 
</script> 
"; } 
?>

<html>
blah blah blah
</html>

用于显示用户电子邮件的代码,

Logged in as: <? echo "$email"; ?>

事物的登录方面是完美的。仅显示用户电子邮件被证明是困难的。我做错了什么/错过了什么?

4

3 回答 3

1

由于您试图从会话中显示值,因此您必须使用$_SESSION['email'].

session_start(); // Or, if you have done it ahead, then omit this
echo "Logged in as:".$_SESSION['email'];
于 2012-04-20T00:01:17.867 回答
1

使用 Starx 建议,$_SESSION但您需要将您的session_start作为 PHP 页面的第一行移到上方$email = $_GET['myemail'];(或$email = $_SESSION['email']

<?php
session_start();
$email = $_SESSION['email'];
?>

添加

要使用 session 变量,请像这样声明它(假设您在表单提交中使用 method=post):

<?php
session_start();
$_SESSION['email'] = $_POST['email'];
?>

这对于用户输入当然是不安全的,假设您在将用户输入从一个页面传递到另一个页面并将其注入您的查询之前对其进行了清理,这只是一个简单的示例。

于 2012-04-20T00:17:48.243 回答
0

登录脚本:

$username = $_POST['username'];
$password = $_POST['password'];
$password = sha1($password);

if ($username&&$password) {
        require_once('../db/nstDBconnector.php');
        $qr = "SELECT * FROM `users` WHERE `username` = '$username'";
        $query = mysql_query($qr);
        $numrows = mysql_num_rows($query);

        if ($numrows!=0) {
            // check password against the password in the database
            while ($row = mysql_fetch_array($query, MYSQL_ASSOC)) {
                $storedUsername = $row['username'];
                $storedPassword = $row['password'];
                $storedUserType = $row['user_type'];
                $storedUserFName = $row['full_name'];
                $_SESSION['last_ip'] = $_SERVER['REMOTE_ADDR'];
            }
            // check to see if username and password match
            if ($username==$storedUsername&&$password==$storedPassword) {
                ob_start();
                session_start();
                $_SESSION['username'] = $storedUsername;
                $_SESSION['user_type'] = $storedUserType;
                $_SESSION['full_name'] = $storedUserFName;
                header ('Location: main.php?login=successful');
            } else {
                header ('Location: index.php?error=incorrectPassword');
            }
        } else {
            header ('Location: index.php?error=noUser');
        }
    } else {
        header ('Location: index.php?error=missingUserAndPass');

    }

登录后您将他们带到的页面:

if ($_SESSION['username']) {
    $userLogged = $_SESSION['username'];
    $userType = $_SESSION['user_type'];
    $userFName = $_SESSION['full_name'];
} else {
    header ('Location: http://www.yourdomain.com/index.php?error=notLoggedIn');
}

要在页面上显示用户名的位置:

Logged in as <?php echo $userFName; ?>.

或者

echo "Logged in as ", $userFName, ".";
于 2012-04-20T00:35:25.817 回答