0

if 有效,但打印的用户名是“username”,在这种情况下应该是真实的用户名“teste”。也许我需要一个变量或其他东西来显示它,但我没有到达那里:s

这是我的会话启动代码:

<?php
session_start();
ob_start();
$host="localhost"; // Nome do Host
$username="segu24img"; // Mysql username 
$password="desny"; // Mysql password 
$db_name="segurao_imagem"; // Nome base de dados
$tbl_name="users"; // Nome da tabela

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row

if($count==1){

// Register $username, $password and redirect to file "login_success.php"
$_SESSION['username'] = 'username';
//session_register("username");
$_SESSION['password'] = 'password';
//session_register("password");
header("location:login_sucess.php");
}
else {
echo "Wrong Username or Password";
}
?>

我使用此代码显示会话的用户名:

<?php 

            if(isset($_SESSION['username'])){ ?>

              </p>

              <p>Bem Vindo<u><?php echo $_SESSION['username']; ?></u>- <a href="logout.php">Logout</a></p>

<?php } else{ ?>

    <p><a href="#login-box" class="login-window">Login</a></p>

<?php } ?></p>
4

3 回答 3

4

你在username这里分配字面意思:

$_SESSION['username'] = 'username';

那么为什么还要显示其他任何东西呢?也许你应该使用

$_SESSION['username'] = $username;
                        ^^^^^^^^^

密码字段同上。作为一般提示,您应该将密码存储在会话中。

于 2013-07-23T15:59:17.267 回答
1

您设置$_SESSION['username']等于文字字符串“用户名”。应该是$_SESSION['username'] = $username

更新:不要将密码存储为会话。它不是必需的,也不安全。如果您稍后需要密码,请使用用户名会话作为参考进行 SQL 查询。

于 2013-07-23T15:58:42.733 回答
0 
$_SESSION['username'] = 'username';
//session_register("username");
$_SESSION['password'] = 'password';

you need to fetch the MySQL data and try using MySQLi
于 2013-07-23T15:58:58.450 回答