-1

我做了这个代码:

文件索引.php:

  <?php
        if (isset($_POST['valider']))
            { if (!isset($_SESSION)) { session_start(); }
                   require("function.php");
                        $email                   = mysql_escape_string($_POST['email']); 
                        $password                    = mysql_escape_string($_POST['password']); 
                        if(!VerifierAdresseMail($email)){?>
                        <script>alert('invalid mail');</script>
    <?php
                        }
                        else{
                        if(!authentification($email,$password))
                        {?>
                        <script>alert('logging failed');</script>
                        <?php
                        }
                        else{
                        header('Location: choice.php'); 
                        }}
                        }
        ?>

在function.php中:

<?php
function VerifierAdresseMail($adresse)  
{  
   $Syntaxe='#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,6}$#';  
   if(preg_match($Syntaxe,$adresse))  
      return true;  
   else  
     return false;  
}
function statistics($id){
$HOST_DB ="localhost";
                $NAME_DB="makempf3_captcha";
                $USER_DB ="root";
                $PWD_DB="";

                $connect = mysql_connect($HOST_DB,$USER_DB,$PWD_DB);
                $db=mysql_select_db($NAME_DB);
?><script>alert(<?php echo $cle ?>);</script><?php              
                $Log_query=mysql_query(
                    "   
                        SELECT * 
                        FROM  tbl_captcha
                        WHERE user_id ='$id'


                        ") or die(mysql_error());
$_SESSION['success'] =0;
$_SESSION['fail'] =0;
                      if ($Log_query == true && mysql_num_rows($Log_query) >0) {
?><script>alert('heni');</script><?php
                               while ($Res_user = mysql_fetch_array($Log_query) ) {
                                $_SESSION['success'] += $Res_user['success'];
                                $_SESSION['fail'] += $Res_user['fail'];


                            }
}





}
function authentification($mail,$pwd_U){

                 $HOST_DB ="localhost";
                $NAME_DB="makempf3_captcha";
                $USER_DB ="root";
                $PWD_DB="";

                $connect = mysql_connect($HOST_DB,$USER_DB,$PWD_DB);
                $db=mysql_select_db($NAME_DB);          

                $Log_query=mysql_query(
                    "   
                        SELECT * 
                        FROM  tbl_user
                        WHERE email ='$mail'
                        AND   user_pass   ='$pwd_U'

                        ") or die(mysql_error());

                        if ($Log_query == true && mysql_num_rows($Log_query) >0) {
                            $Res = array();
                            while ($Res_user = mysql_fetch_array($Log_query) ) {
                               $_SESSION['mail'] = $mail;
                                $_SESSION['pwd'] = $pwd_U;
                                $_SESSION['id'] = $Res_user['id'];


                            }
                            return true;
                        }
                        else return false;

}




?>

当我在choice.php 中验证$_SESSION['id'] 时,它为null,但在index.php(重定向之前)中它有一个值。我不明白为什么我丢失了这个会话变量

4

4 回答 4

2

您的isset()检查是不够的,因为它只会在$_SESSION为 NULL 时执行,而且永远不会 - 它是一个空数组,并且它始终存在,甚至在您调用session_start().

于 2012-12-29T00:43:37.417 回答
0

您必须始终运行session_start();才能使用会话,即使您只是阅读它们。此外,$_SESSION它是一个超全局的,所以它永远不会为空: http: //php.net/manual/en/reserved.variables.session.php

于 2012-12-29T00:43:53.740 回答
0

您可以在没有 isset() 检查的情况下运行 session_start。从手册:

session_start() 根据通过 GET 或 POST 请求或通过 cookie 传递的会话标识符创建会话或恢复当前会话。

不要忘记在choice.php 中运行session_start

于 2012-12-29T01:07:09.937 回答
0

您的 Index.php 应该是这样的。你永远不应该告诉用户他们错了登录的哪一部分.....只是它失败了。

<?php
session_start();
require("function.php");

if (isset($_POST['valider']))
    { 
        $email = mysql_escape_string($_POST['email']); 
        $password = mysql_escape_string($_POST['password']); 
        if(VerifierAdresseMail($email) && authentification($email,$password))
            {
                header('Location: choice.php');
            }
            else
               {
                   echo "Invalid Login";
               }
?>
于 2012-12-29T01:07:47.523 回答