2

我设置了一个 php 页面,以便用户可以单击链接进行登录,然后会弹出一个带有登录凭据的弹出窗口 (signin.php)。当他们填写信息并单击登录按钮时,信息在 signinfinal.php 中得到验证。当他们正确登录时,我正在尝试创建一个会话。因此,当他们登录或关闭弹出窗口时,我希望他们所在的主页(index.php)刷新,并且我希望“登录 | 注册”链接更改为“嗨,(用户名)!” 我将所有这些设置为一个名为 '$var' 的 php 变量,变量中有一些 javascript。

奇怪的是,我能够在多个浏览器上注册和登录我的计算机,页面刷新并正确存储了我的会话,但其他用户报告说即使刷新页面后会话也无法正常工作。这是一个棘手的问题,如果有人可以帮助我解决它,我将不胜感激。

这是 index.php 顶部的代码...

        <?php 
         // this starts the session 
         session_start(); 
         $var = "";
         $varcontact = "<a href='JavaScript:newPopup(\"http://www.yourfantasyfootballrealit.com/contact.php\");' class='three'>Contact</a>";
         // echo variable from the session, we set this on our other page 
         if ($_SESSION['userid'] == "") {
                $var = "<a href='JavaScript:newPopup(\"http://www.yourfantasyfootballrealit.com/register.html\");' class='two'>Register</a> | <a href='JavaScript:newPopup(\"http://www.yourfantasyfootballrealit.com/signin.php\");' class='two'>Sign In</a>";
            } else {
            $var = "Hello, ".$_SESSION['userid'] ."! | " . "<a href=\"http://www.yourfantasyfootballreality.com/logout.php\" class='two'>Log Out</a>";
            }
         ?> 
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
        <head>
            <script src="jquery-1.8.1.js"></script>
            <script src="jquery.easing-1.3.pack.js"></script>
            <script src="jquery-easing-compatibility.1.2.pack.js"></script>
            <script src="coda-slider.1.1.1.pack.js"></script>
            <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
            <link rel="icon" href="http://www.indiana.edu/favicon.ico" />
            <title>YourFantasyFootballReality</title>
            <link rel="stylesheet" type="text/css" href="mystyle.css" />

            <script type="text/javascript">
            // Popup window code
            function newPopup(url) {
                popupWindow = window.open(url,'popUpWindow','height=450,width=600,left=10,top=10,resizable=no,scrollbars=yes,toolbar=yes,menubar=no,location=no,directories=no,status=yes')
            }
    function closeWin() {
        document.write("<p>This is 'myWindow'</p>");
    }
    </script>

        </head>
            <body>
<!--Login and Register links-->
                    <div class="enter">
                        <?=$var?>
                    </div>

这是signin.php的所有代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>Sign In</title></head>
<body onunload="window.opener.location.reload();">
<h1>Sign In</h1>

<form action="signinfinal.php" method="POST">

 <table cellpadding="2" cellspacing="0" border="0">
   <tr>
     <td width="130"> User ID: </td>
     <td width="140"> <input name="UserID" type="text"> </td>
     <td width="300" rowspan="7" valign="top"> </td>
   </tr>
   <tr><td> Password: </td>
     <td><input name="Password" type="password" size="15"></td>
   </tr>
   <tr>
     <td colspan="2"><input type="submit" value="Sign In" name="action">
    </td>
   </tr>
 </table>
</form>
</body>
</html>

这是signinfinal.php的所有代码......

<?php

session_start();
//$id = $_SESSION['userid'];
//$pw = $_SESSION['password'];



//this connects to the database
$con = mysql_connect("localhost","yourfan_jeengle","armyjoe");
mysql_select_db("yourfan3_demo", $con);

 //this is the info the user entered stored as variables
 $UserID    = $_POST["UserID"];
 $Password  = $_POST["Password"];
 $Action    = $_POST["action"];

 //this filters throught the variables to check against mysql injections
 $UserID = (filter_var($UserID, FILTER_SANITIZE_STRING));
 $UserID = (filter_var($UserID, FILTER_SANITIZE_URL));
 $Password = (filter_var($Password, FILTER_SANITIZE_STRING));
 $Password = (filter_var($Password, FILTER_SANITIZE_URL));

 //this is the variables that displays errors and correct instructions
 $errors = "";  

 //this gets the password from the userid entered by user
 $result = mysql_query("SELECT Password FROM Users WHERE User_ID = '$UserID'");
 $row = mysql_fetch_array($result);
 $newresult = $row['Password'];

 if (strcmp($Action, "Sign In") == 0) {
 //this what happens when the user enters data for the first time and the info is wrong
 if (($newresult == $Password) && (($UserID) && ($Password))) {
    $greeting = "Welcome, " . $UserID;
    $_SESSION['userid'] = $UserID;
    $what="Log Out";
 } else { 
    $errors .= "<li> Incorrect Credentials!";
    $what="Sign In";
 }
 if ($errors) { $color = "#ffcccc"; $fontColor = "brown"; }
 } else {
    header("Location: http://www.yourfantasyfootballrealit.com/logout.php");
 }

 ?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
 <head><title>Sign In</title></head>

<body onunload="window.opener.location.reload();">

<h1>Sign In</h1>

<?=$greeting?>

<form action="signinfinal.php" method="POST">

 <table cellpadding="2" cellspacing="0" border="0">
   <tr>
     <td width="130"> User ID: </td>
     <td width="140"> <input name="UserID" type="text" value="<?=$UserID?>"></td>
     <td bgcolor="<?=$color?>" width="300" rowspan="7" valign="top"><font color=<?=$fontColor?>><ul> <?=$errors?></font> </ul> </td>
   </tr>
   <tr> <td> Password: </td><td><input name="Password" type="password" size="15" value="<?=$Password?>"></td></tr>
   <tr><td colspan="2"><input type="submit" value="<?=$what?>" name="action">
   </tr>
 </table>

</form>
</body>
</html>

如有必要,这是 logout.php 中的内容...

<?php
session_start();
session_destroy();
?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Log Out</title>

<script language="JavaScript">
var time = null
function move() {
window.location = 'http://www.yourfantasyfootballreality.com'
}
</script>

<!--<meta http-equiv="REFRESH" content="1;url=http://www.yourfantasyfootballreality.com/"></HEAD>-->
<BODY>

<body onload="timer=setTimeout('move()',000)">
<script language="javascript">
<!--
setTimeout("self.close();",0000)
//-->
</script>

</BODY>
</HTML>
4

4 回答 4

0 
**index.php file**

         if (!isset($_SESSION['userid'])) {
                $var = "<a href='JavaScript:newPopup(\"http://www.yourfantasyfootballrealit.com/register.html\");' class='two'>Register</a> | <a href='JavaScript:newPopup(\"http://www.yourfantasyfootballrealit.com/signin.php\");' class='two'>Sign In</a>";
            } else {
            $var = "Hello, ".$_SESSION['userid'] ."! | " . "<a href=\"http://www.yourfantasyfootballreality.com/logout.php\" class='two'>Log Out</a>";
            }
         ?>
**signupfinal.php file**

<?php

@session_start();
//$id = $_SESSION['userid'];
//$pw = $_SESSION['password'];



//this connects to the database
$con = mysql_connect("localhost","yourfan_jeengle","armyjoe");
mysql_select_db("yourfan3_demo", $con);

 //this is the info the user entered stored as variables
 $UserID    = $_POST["UserID"];
 $Password  = $_POST["Password"];
 $Action    = $_POST["action"];

 //this filters throught the variables to check against mysql injections
 $UserID = (filter_var($UserID, FILTER_SANITIZE_STRING));
 $UserID = (filter_var($UserID, FILTER_SANITIZE_URL));
 $Password = (filter_var($Password, FILTER_SANITIZE_STRING));
 $Password = (filter_var($Password, FILTER_SANITIZE_URL));

 //this is the variables that displays errors and correct instructions
 $errors = "";  

 //this gets the password from the userid entered by user
 $result = mysql_query("SELECT * FROM Users WHERE User_ID = '$UserID' and password='$Password'");
 $row = mysql_fetch_array($result);
if(mysql_num_rows($result) >0 ){
    $_SESSION['userid']=$UserID;
    header("location:index.php");
}
else{
    echo 'failes to login';
}
?>
于 2012-09-05T16:53:45.077 回答
0

我认为 signinfinal.php 中的条件应该是,您在成功登录后将用户发送到 logout.php。所以改变条件。

if (!$errors) { $color = "#ffcccc"; $fontColor = "brown"; }
} else {
header("Location: http://www.yourfantasyfootballrealit.com/logout.php");
}
于 2012-09-05T16:40:04.603 回答
0

在您的页面上,session_start();需要成为<?php标签之后的第一件事。没有其他东西可以出现在它之前 - 没有空格,没有评论,什么都没有。

所以代替这个:

<?php 
         // this starts the session 
         session_start();

你需要这个:

<?php
session_start();

笔记:

要使用基于 cookie 的会话,必须在向浏览器输出任何内容之前调用 session_start()。 (资源)

此外,您没有在signin.php页面上启动会话,这在技术上可能无关紧要,但我也会将上述代码添加到该页面。

另外,您的 IF 语句不正确。

应该:

    if (strcmp($Action, "Sign In") == 0) {
          //this what happens when the user enters data for the first time and the info is wrong
          if (($newresult == $Password) && (($UserID) && ($Password))) {
             $greeting = "Welcome, " . $UserID;
             $_SESSION['userid'] = $UserID;
             $what="Log Out";
          } else { 
             $errors .= "<li> Incorrect Credentials!";
             $what="Sign In";
          }
          if ($errors) { $color = "#ffcccc"; $fontColor = "brown"; {
          // Do something... you have nothing here
          } else {
             header("Location: http://www.yourfantasyfootballrealit.com/logout.php");
          }
}
于 2012-09-05T16:41:26.000 回答
0

将错误报告设置为 0,这将停止对屏幕的各种输出,会话将正常工作。这解释了为什么它适用于一个服务器配置而不是另一个。确保将错误输出到文件。

于 2012-10-06T16:05:58.073 回答