1

我的代码中有以下内容

session_register("myusername");
session_register("mypassword"); 


    <?php

ob_start();
$host="ClubEvents.db.9606426.hostedresource.com"; // Host name 
$username="ClubEventsRead"; // Mysql username 
$password="Pa55word!"; // Mysql password 
    $db_name="ClubEvents"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>

既然 php 函数已被弃用,那么要替换什么?

我一直在阅读http://php.net/manual/en/function.session-register.php但有点困惑,整天都在与这个作斗争。

谢谢

亨利

4

2 回答 2

5

只需将所需的值放在 $_SESSION 数组中,例如:

$_SESSION['myusername'] = "xxx";

我没有在你的代码上看到你 session_start 。不要忘记它。

于 2012-11-23T17:36:34.727 回答
0

我认为您想在会话中保存您的用户名和密码:

首先,在你的代码中使用“login”、“username”、“password”不再安全,一些恶意脚本试图在你的代码中找到这些词并四处游荡。

session_start();
$_SESSION['myuse'] = $myuse;
$_SESSION['mypas'] = $mypas;
于 2014-06-21T22:58:27.193 回答