dongxing6802 2015-04-15 21:44
浏览 30
已采纳

在一个案例中标题后保留PHP会话,在另一个标题后丢失

There are lots of posts about PHP sessions being lost after a header redirect. My issue is that I have one script where the session is preserved after a header redirect and another case where it isn't.

The session is preserved after the header redirect in this script:

<?php

session_start();
include 'settings.php';
include 'mysql_connect.php';

$name = mysqli_real_escape_string($conn, $_POST['user_name']);
$email = mysqli_real_escape_string($conn, $_POST['user_email']);
$fbid = mysqli_real_escape_string($conn, $_POST['user_fbid']);

$sql = "SELECT * FROM users WHERE email = '" . $email . "'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    if($row = $result->fetch_assoc()) {
        $_SESSION['user_name'] = $row['name'];
        $_SESSION['user_email'] = $row['email'];
        $_SESSION['user_fb_id'] = $row['fb_id'];
        $_SESSION['user_pundit_name'] = $row['pundit_name'];
        $_SESSION['user_id'] = $row['id'];
        header('Location: ' . $site_url . 'whats_next.php');
    }
} else {
    $insert_new_user = "INSERT INTO users (name, email, fb_id) VALUES ('" . $name . "', '" . $email . "', '" . $fbid . "')"; 
    $result = $conn->query($insert_new_user);
    $_SESSION['user_name'] = $name;
    $_SESSION['user_email'] = $email;
    $_SESSION['user_fb_id'] = $fb_id;
    $_SESSION['user_id'] = $row['id'];
    $msg = wordwrap("Congratulations " . $name . ",
You are now a registered Pundit. Like all pundits, you will be consulted for your wisdom from time from time to time. You will receive emails announcing an “open question” to be answered by you and your fellow pundits [or, if you have selected that option, you can go to PUNDITNETWORK.com and answer open question whenever you want.] The questions will usually ask you to forecast the outcome of an event in the near future. The question will remain open for a certain period of time. After that time, you can go to the Pundit forum at PUNDITNETWORK and discuss the question with fellow Pundits. We will add points to your Pundit rating for every right answer. High ratings can lead to recognition and prizes. As the PUNDITNETWORK grows, the opportunities for both recognition and prizes will also grow. In the meantime, enjoy the game! And feel free to challenge friends, relatives, classmates, teachers, co-workers or anybody who thinks he/she “knows it all” to test their skills and join you for a little friendly competition.", 70);
    mail($email, "Welcome to PunditNetwork", $msg);
    header('Location: ' . $site_url . 'whats_next.php');
}

?>

The session is not preserved after the header redirect in this script:

<?php

session_start();
include 'settings.php';
include 'mysql_connect.php';

$email = $_GET['email'];
$secret_key = $_GET['secret_key'];
$q = "SELECT * FROM email_confirmations WHERE email = '" . $email . "' AND secret_key = '" . $secret_key . "'";
$r = $conn->query($q);
if ($r->num_rows > 0) {
    if($row = $r->fetch_assoc()) {
        $q1 = "SELECT * from users WHERE email = '" . $row['email'] . "'";
        $r1 = $conn->query($q1);
        if ($r1->num_rows > 0) {
            $q2 = "UPDATE users SET password = '" . $row['password'] . "' WHERE email = '" . $row['email'] . "'";
            $r2 = $conn->query($q2);
            $q3 = "SELECT * from users WHERE email = '" . $row['email'] . "'";
            $r3 = $conn->query($q3);
            if ($row3 = $r3->fetch_assoc()) {
                $_SESSION['user_name'] = $row3['name'];
                $_SESSION['user_email'] = $row3['email'];
                $_SESSION['user_fb_id'] = $row3['fb_id'];
                $_SESSION['user_pundit_name'] = $row3['pundit_name'];
                $_SESSION['user_id'] = $row3['id'];
                // var_dump($_SESSION); // session is correct when var dumped
                header('Location: ' . $site_url . 'whats_next.php');
            }
        }
        /*
        else {
            $q2 = "INSERT INTO users (name, email, password) VALUES ('" . $row['name'] . "', '" . $row['email'] . "', '" . $row['password'] . "')";
            $r2 = $conn->query($q2); 
            $q3 = "SELECT * from users WHERE email = '" . $row['email'] . "'";
            $r3 = $conn->query($q3);
            if ($r3->num_rows > 0) {
                if ($row3 = $r3->fetch_assoc()) {
                    $_SESSION['user_name'] = $row3['name'];
                    $_SESSION['user_email'] = $row3['email'];
                    $_SESSION['user_fb_id'] = $row3['fb_id'];
                    $_SESSION['user_pundit_name'] = $row3['pundit_name'];
                    $_SESSION['user_id'] = $row3['id'];
                    header('Location: ' . $site_url . 'whats_next.php');
                }
            }
        }*/
    }
}
else {
    echo 'error, you got the wrong email';
}

?>
  • 写回答

1条回答 默认 最新

  • 啊啊啊小孔 2015-04-15 21:48
    关注

    I had one similar issue once but it was for ASPx, still check if the url starts with or without "www" in both redirects, having them diff caused a new session id being created when I had the issue.Take a look it could be a similar case.

    If someone wants to read about "www" and not "www" "URL with WWW and URL without WWW" -Is there any difference between them?

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 phython如何实现以下功能?查找同一用户名的消费金额合并—
  • ¥15 孟德尔随机化怎样画共定位分析图
  • ¥18 模拟电路问题解答有偿速度
  • ¥15 CST仿真别人的模型结果仿真结果S参数完全不对
  • ¥15 误删注册表文件致win10无法开启
  • ¥15 请问在阿里云服务器中怎么利用数据库制作网站
  • ¥60 ESP32怎么烧录自启动程序,怎么查看客户esp32板子上程序及烧录地址
  • ¥50 html2canvas超出滚动条不显示
  • ¥15 java业务性能问题求解(sql,业务设计相关)
  • ¥15 52810 尾椎c三个a 写蓝牙地址