2016-02-17 07:58
浏览 49


I have a login page(checklogin.php) that leads to my website's homepage(index.php) on successful sign in. In order to ensure that index.php (& every page in the website) can only be accessed through the login page, i've made use of a session variable which is checked at the start of index.php as follows:

if( !isset($_SESSION['myusername']) )

After adding this, logging in through checklogin.php results in an error('wrong username, password' - even thought both are approved); when i get rid of the above session code in the index.php, the homepage opens without error.

Below is the code in checklogin.php:


$host="localhost"; // Host name 
$username="garbo45"; // Mysql username 
$password="water5"; // Mysql password 
$db_name="garbo45"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select database.
$conn = new mysqli($host, $username, $password, $db_name);
if ($conn->connect_error) die($conn->connect_error);

// username and password sent from form 

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysqli_real_escape_string($conn, $myusername);
$mypassword = mysqli_real_escape_string($conn, $mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysqli_query($conn, $sql);

// Mysql_num_row is counting table row

// If result matched $myusername and $mypassword, table row must be 1 row

// Register $myusername, $mypassword and redirect to file "loginsuccess.php"
$_SESSION['myusername']= "myusername"; 
$_SESSION['mypassword']= "mypassword"; 
else {
echo "Wrong Username or Password";

Why is the session code block in the index.php causing this error when the username and password (which i've verified is among those set in the members table) goes through as soon as the session checking is removed? Would appreciate any help in understanding and addressing this.

图片转代码服务由CSDN问答提供 功能建议

我有一个登录页面( checklogin.php ),可以访问我网站的主页( index.php )成功登录。为了确保只能通过登录页面访问index.php(以及网站中的每个页面),我已经使用了会话 在 index.php 开头检查的变量如下:

if(!isset(  $ _SESSION ['myusername']))

添加此内容后,通过checklogin.php登录会导致错误(“用户名,密码错误” - 即使两者都被批准) ; 当我摆脱index.php中的上述会话代码时,主页打开时没有错误。

以下是 checklogin.php 中的代码:

 <代码>&LT; PHP 
 $的主机= “本地主机”;  //主机名
 $ username =“garbo45”;  // Mysql用户名
 $ password =“water5”;  // Mysql密码
 $ db_name =“garbo45”;  //数据库名称
 $ tbl_name =“members”;  //表名
 $ conn = new mysqli($ host,$ username,$ password,$ db_name); 
if($ conn-&gt; connect_error)die(  $ conn-&gt; connect_error); 
 $ myusername = $ _ POST ['myusername'];  
 $的输入mypassword = $ _ POST [ '输入mypassword'];  
 $ myusername = stripslashes($ myusername); 
 $ mypassword = stripslashes($ mypassword); 
 $ myusername = mysqli_real_escape_string($ conn,$ myusername); 
 $ mypassword = mysqli_real_escape_string($ conn,$ mypassword  ); 
 $ sql =“SELECT * FROM $ tbl_name WHERE username ='$ myusername'和password ='$ mypassword'”; 
 $ result = mysqli_query($ conn,$ sql); 
 // Mysql_num_row 是计数表行
 $ count = mysqli_num_rows($ result); 
 //如果结果匹配$ myusername和$ mypassword,表行必须是1行
if($ count == 1){
  //注册$ myusername,$ mypassword并重定向到文件“loginsuccess.php”
 $ _SESSION ['myusername'] =“myusername”;  
 $ _SESSION ['mypassword'] =“mypassword”;  
else {
 <  p>为什么在删除会话检查后,当用户名和密码(我已经验证的是在成员表中设置的用户名和密码)之后,index.php中的会话代码块会导致此错误? 非常感谢理解和解决这个问题的任何帮助。 
  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dongzhanjuan5141 2016-02-17 08:02

    You are missing session_start() on your checklogin.php.

    Without session_start() your following code will not work :

    $_SESSION['myusername']= "myusername"; 
    $_SESSION['mypassword']= "mypassword"; 
    解决 无用
    打赏 举报

相关推荐 更多相似问题