0

有人能告诉我如何解决这个问题吗?我花了很多天寻找解决方案,但我找不到。

这是我的问题。

“login.php”文件:

require_once("./include/membersite_config.php");

if(isset ($_POST['submitted']))
{
    if($fgmembersite->Login())
    {
        $fgmembersite->RedirectToURL("login-home.php");
    }
}

**membersite_config . php ** contains host, username, pass, and also calls **fg_membersite . php ** which contains functions:

function Login()
{
    if(empty($_POST['username']))
    {
        $this->HandleError("UserName is empty!");
        return false;
    }

    if(empty($_POST['password']))
    {
        $this->HandleError("Password is empty!");
        return false;
    }

    $username = trim($_POST['username']);
    $password = trim($_POST['password']);

    if(!isset($_SESSION))
    {
        $sessid = session_start();
    }
    if(!$this->CheckLoginInDB($username, $password))
    {
        return false;
    }

    $_SESSION[$this->GetLoginSessionVar()] = $username;

    ** echo empty($_SESSION[$sessionvar])? 'true' : 'false'; **
    return true;
}

function CheckLogin()
{
    if(!isset($_SESSION))
    {
        session_start();
    }

    $sessionvar = $this->GetLoginSessionVar();
    ** echo empty($_SESSION[$sessionvar])? 'true' : 'false'; **

    if(empty($_SESSION[$sessionvar]))
    {
        return false;
    }

    return true;
}

function GetLoginSessionVar()
{
    $retvar = $this->rand_key;
    $retvar = 'usr_' . substr($retvar, 0);
    return $retvar;
}

function CheckLoginInDB($username, $password)
{
    if(!$this->DBLogin())
    {
        $this->HandleError("Database login failed!");
        return false;
    }
    $username = $this->SanitizeForSQL($username);
    $pwdmd5 = $password;
    $qry = "Select name, email from $this->tablename where username='$username' and password='$pwdmd5' and confirmcode='y'";

    $result = mysql_query($qry, $this->connection);

    if(!$result || mysql_num_rows($result) <= 0)
    {
        $this->HandleError("Error logging in. The username or password does not match");
        return false;
    }

    $row = mysql_fetch_assoc($result);

    $_SESSION['name_of_user'] = $row['name'];
    $_SESSION['email_of_user'] = $row['email'];

    return true;
}

**login - home . php ** after successfully logged in:

require_once("./include/membersite_config.php");

if(!$fgmembersite->CheckLogin())
{
    $fgmembersite->RedirectToURL("login.php");
    exit;
}

问题是:我已经回应检查 $_SESSION[] 数组的状态。输入正确的用户名和密码后,echo empty($_SESSION[$sessionvar]) ?'真假'; Login函数中显示为false,但CheckLogin中显示为true。我不知道为什么。

4

1 回答 1

3

session_start()通过添加 cookie 或查询参数来识别用户来启动或继续会话。您必须将它放在模板的顶部(在打印出任何内容之前,甚至是空白行),即使用户已经有一个会话:

<?php
session_start();
?>
于 2013-05-03T20:36:03.957 回答