0
我想顯示登錄用戶名後登錄,這裏下面是我的代碼我不知道爲什麼它不工作...我已經發布了所有3個文件:用戶名在登錄後不能顯示在PHP + Mysql
第一個文件。 (如果身份驗證將處理)
auth.php
<?php
//Start session
session_start();
//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
header("location: ../index.php");
exit();
}
?>
2日(login_exec.php - 在登錄邏輯作品)
<?php
//Start session
session_start();
//Include database connection details
require_once('connection.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$username = clean($_POST['username']);
$password = clean($_POST['password']);
//Input Validations
if($username == '') {
$errmsg_arr[] = 'Username missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
//If there are input validations, redirect back to the login form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: ../index.php");
exit();
}
//Create query
$qry="SELECT * FROM member WHERE username='$username' AND password='$password'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
// $_SESSION['mem_id'] = $id;
$_SESSION['SESS_MEMBER_ID'] = $member['mem_id'];
$_SESSION['SESS_FIRST_NAME'] = $member['username'];
$_SESSION['SESS_LAST_NAME'] = $member['password'];
$role = $member['role'];
switch ($role) {
case 'user':
$redirect = '../t1.php';
break;
case 'administrator':
$redirect = '../t2.php';
break;
}
// session_write_close();
header('Location: ' . $redirect);
exit();
}else {
//Login failed
$errmsg_arr[] = 'user name and password not found';
$errflag = true;
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: ../index.php");
exit();
}
}
}else {
die("Query failed");
}
?>
第三代碼文件(t2.php):其中用戶會登錄後去:
<?php
require_once('connect/auth.php');
$_SESSION['mem_id'] = $id;
mysql_query("SELECT username FROM member WHERE id=".$_SESSION['mem_id']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>TAILSHIFT MEDIA PORTAL</title>
<style type="text/css">
<!--
.style1 {
font-size: 36px;
font-weight: bold;
}
-->
</style>
</head>
<body>
<div align="right"><a href="index.php"><img src="images/logout.png" /></a></div>
<p align="center" class="style1">Welcome <u><?php echo $row['username']; ?></u></p>
<br /><br /><br />
<div align=center>
<h1>Rest Contents goes here...</h1>
</div>
</body>
</html>
現在我需要用戶名顯示在用戶登錄後訪問該第3頁。
我應該做些什麼改變?
如何?打印應該保存用戶名的SESSION變量。 –
Alex
請考慮使用PDO,它比連接SQL字符串更簡單更安全。 - http://php.net/manual/en/book.pdo.php。 '[MySQL擴展]從PHP 5.5.0開始已棄用,不建議用於編寫新代碼,因爲它將在未來刪除 - http://www.php.net/manual/en/intro。 mysql.php – Mark
@亞歷山大就在你的博客發佈之前,我那樣做了......錯過了那些簡單的東西! CRap! :d – devilcrab