0

我正在制作一个登录系统,当我从 AJAX 连接发送请求时,没有设置会话。发送连接:

function onSubmit(form){
    var username = form.username.value;
    var password = form.password.value;
    if(username == ''){
        document.getElementById('error').innerHTML='<font color="red"><b>Please enter a username</b></font>';
        return;
    }
    if(password == ''){
        document.getElementById('error').innerHTML='<font color="red"><b>Please enter a password</b></font>';
        return;
    }
    if(username != '' && password != ''){
        document.getElementById('error').innerHTML='';
        showDiv('loadinglogin');    
        var dataString = 'username='+username+'&password='+password;
    $.ajax({  
      type: "POST",  
      url: "util/login.php",  
      data: dataString,  
      success: function(msg) {  
        if(msg == "ok"){
            document.getElementById('error').innerHTML='<font color="green"><b>Login good, redirecting</b></font>';
            hideDiv('loadinglogin');    
            window.location = "test.php";
        }else{
            document.getElementById('error').innerHTML='<font color="red"><b>Invalid login</b></font>';
            hideDiv('loadinglogin');    
        }
      }  
    }); 



    }
}

设置会话/句柄登录:

<?php
include('database.php');
session_start();
function in_db($u,$p){
    $p = md5($p);
    $p = sha1($p);
    $p = sha1($p);
    $p = md5($p);
    $sql = "SELECT * FROM `users` WHERE `username` = '$u' AND `password` = '$p'";
    $result = mysql_query($sql) or die(mysql_error());  
    while($row = mysql_fetch_object($result))
    { 
        return true;    
    }
    return false;
} 
if(isset($_POST['username']) && isset($_POST['password']) && !isset($$_SESSION['user']) && !isset($$_SESSION['pass'])){
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    if(in_db($username,$password)){
        $_SESSION['user'] = $user;
        $_SESSION['pass'] = $pass;
        print("ok");
    }else{
        print("bad");
    }
}else{
    print("bad");
}
?>

不确定我是否做错了什么:/

编辑:我从 ERROR_LOG 中提取了这个

[18-Oct-2012 07:27:00 UTC] PHP 警告:session_start() [function.session-start]:会话 id 太长或包含非法字符,有效字符为 az、AZ、0-9 和 ' -,' 在 /util/login.php 第 2 行

PHP.ini

register_globals = off
allow_url_fopen = off

expose_php = Off
max_input_time = 60
variables_order = "EGPCS"
extension_dir = ./
upload_tmp_dir = /tmp
precision = 12
SMTP = relay-hosting.secureserver.net
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="


; Only uncomment zend optimizer lines if your application requires Zend Optimizer support

;[Zend]
;zend_optimizer.optimization_level=15
;zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.3
;zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3
;zend_extension=/usr/local/Zend/lib/Optimizer-3.3.3/ZendExtensionManager.so
;zend_extension_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3/ZendExtensionManager_TS.so


; -- Be very careful to not to disable a function which might be needed!
; -- Uncomment the following lines to increase the security of your PHP site.

;disable_functions = "highlight_file,ini_alter,ini_restore,openlog,passthru,
;             phpinfo, exec, system, dl, fsockopen, set_time_limit,
;                     popen, proc_open, proc_nice,shell_exec,show_source,symlink"
4

3 回答 3

1

放在session_start();文件的最开头,在include().

于 2012-10-18T07:25:47.147 回答
0

检查您的代码 - 什么是 $$_SESSION['user']?应该是 $_SESSION?

于 2012-10-18T07:28:23.590 回答
0

试试这个:PHP手册

并检查您的 $$_SESSION 错字。

另外,请尝试

print(session_id());

在开始您的会话之前。

也试试

session_id("my_session");

在开始您的会议之前,让我们知道结果。

于 2012-10-19T16:38:14.797 回答