【发布时间】:2017-04-19 11:16:10
【问题描述】:
我的网站中的 $_SESSION 变量有问题。出于某种原因,每当我重新加载页面或浏览网站的其他部分时,它们似乎都会自行重置。
我有几个不同的文件。
站点的会话在“config.php”文件中启动。
config.php
<?php
// Start Session
session_start();
// Turn on all error reporting
ERROR_REPORTING(E_ALL);
ini_set('display_errors', 1);
require_once('classes/database.php');
$link = new DATABASE;
// Include User info
require_once('classes/user.php');
// Create instance for user class
$activeUser = new USER($link);
?>
index.php 具有初始登录屏幕。它还通过调用我的 USERS 类中的函数来检查是否有人已经登录。
index.php
<?php
require('config.php');
// Check if user is already logged in
if($activeUser->isLoggedIn()) {
$activeUser->redirect('home.php');
}
// Logging user into system
if(isset($_POST['login'])) {
$username = $_POST['user'];
$password = $_POST['pass'];
if($activeUser->login($username, $password)) {
$activeUser->redirect('home.php');
}
else {
$activeUser->error = "true";
$activeUser->errorMessage = "Username or password is incorrect";
}
}
print_r($_SESSION);
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>IMD 2000 - Term Project (Will And Tyson)</title>
</head>
<body>
<form id = "registrationForm" method = "POST">
<section id = "loginBox">
<div id = "loginItems" name = "userBox">
Username: <input type = "text" name = "user" required placeholder = "Username" /> <!-- Username input -->
</div>
<div id = "loginItems" name = "passwordBox">
Password: <input type = "password" name = "pass" required placeholder = "Password" /> <!-- Password input -->
</div>
<div id = "loginItems" name = "loginBox">
<input type = "submit" value = "Log In" name = "login" /> <!-- Log in to site -->
</div>
</section>
</form>
<section id = "loginBox" name = "create">
<a href = "newAccount.php">
<input type = "button" value = "Create New Account" name = "createNew" />
</a>
</section>
<section id = "errorBox">
<?php
if($activeUser->error == "true") {
echo $activeUser->errorMessage;
}
?>
</section>
</body>
</html>
我输入了 print_r($_SESSION) 以便验证会话是否在登录时重新启动。
无论如何,一旦你登录到系统,它会引导你到主页,“home.php”
home.php
<?php
require_once('config.php');
echo $_SESSION['username'];
if(!$activeUser->isLoggedIn()) {
header("Location: index.php");
}
print_r($_SESSION);
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>Home</title>
<link rel = "stylesheet" href = "styles/homestylesheet.css">
</head>
<body>
<header class="site-header">
<nav>
<ul>
<li><a href = "home.php">Home</a></li>
<li><a href = "userInfo.php">Your Profile</a></li>
<li><a href="">Name</a></li>
<li><a href = "<?php $activeUser->logout();?>">Log Out</a></li>
</ul>
</nav>
</header>
<h1>Home</h1>
<form id = "registrationForm" method = "POST">
<section id = "loginBox">
<div id = loginItems name = "userBox">
<input type = "text" name = "user post" placeholder = "post" required />
<input type = "submit" name = "submit" value = "post" />
</div>
<div>
<a><img src="Friendface.png" alt="Friendface"/>PosterName</a>
<div>
<post>
tex here
</post>
</div>
</div>
<div>
<a><img src="Friendface.png" alt="Friendface"/>PosterName</a>
<div>
<post>
tex here
</post>
</div>
</div>
</section>
</form>
<section id = "errorBox">
<?php if ($activeUser->error = "true") {echo $activeUser->errorMessage;}?>
</section>
</body>
</html>
这两个文件都调用在我的 user.php 类文件中定义的函数。
classes/user.php
<?php
class USER
{
// Set error to false, and blank error message
public $error = "false";
public $errorMessage = "";
private $conn;
// All the variables needed for the user profile.
public $username;
public $userID;
public $password;
public $firstName;
public $lastName;
public $emailAddress;
public $address;
public $city;
public $province;
public $country;
// OOP variable setting
function __construct($conn){
$this->conn = $conn;
}
// Create a new user
function createNewUser($username, $password) {
// Clean inputs
$username = trim($username);
$password = trim($password);
// Encrypt password
$password = password_hash($password, PASSWORD_DEFAULT);
// Check if username already exists
$checkSQL = "SELECT * FROM users WHERE username = '$username'";
$checkResult = $this->conn->queryDB($checkSQL);
if(mysqli_num_rows($checkResult) > 0) {
$this->error = "true";
$this->errorMessage = "This username has already been taken. Please try again";
return false;
}
// Username does not exist, insert into database
else {
$insertSQL = "INSERT INTO users(username, password) VALUES('$username', '$password')";
$insertResult = $this->conn->queryDB($insertSQL);
// Get the USER ID that is inserted into the function, to be used in the next phase of registration
$userID = mysqli_insert_id($this->conn->getConnected());
// Set the SESSION globals
$_SESSION['username'] = $username;
$_SESSION['userID'] = $userID;
return true;
}
}
// Add or Edit User Info
function userInfo($firstName, $lastName, $address, $city, $province, $country) {
// Clean Inputs
$firstName = trim($firstName);
$lastName = trim($lastName);
$emailAddress = "fakeyfakefake@fakeemail.com";
$address = trim($address);
$city = trim($city);
$province = trim($province);
$country = trim($country);
$userID = $_SESSION['userID'];
// Validate first and last name, as they are the only required identifiers.
if(empty($firstName) || empty($lastName)){
$this->error = "true";
$this->errorMessage = "Please enter a value for First AND Last Name";
}
// Important values are valid, insert into database.
else {
// Check if user information is already set for User. If it is, we will use the UPDATE SQL query. If not, we will use the INSERT query
$userInfoCheckSQL = "SELECT userID FROM userInfo WHERE userID = '$userID'";
$userInfoCheckResult = $this->conn->queryDB($userInfoCheckSQL);
$count = mysqli_num_rows($userInfoCheckResult);
if ($count == 1) {
$updateUserInfoSQL = "UPDATE userInfo
SET firstName = '$firstName'
lastName = '$lastName'
address = '$address'
city = '$city'
province = '$province'
country = '$country'
WHERE userID = '$userID'
";
$updateUserInfoResult = $this->conn->queryDB($updateUserInfoSQL);
return true;
}
// User Info Does not exist for this user
else {
$addUserInfoSQL = "INSERT INTO userInfo(userID, firstName, lastName, emailAddress, address, city, province, country) VALUES('$userID','$firstName','$lastName','$emailAddress','$address','$city','$province','$country')";
$addUserInfoResult = $this->conn->queryDB($addUserInfoSQL);
return true;
}
}
}
// Gather User Info From Database
function fetchUserInfo() {
$userID = $_SESSION['userID'];
$fetchInfoQuery = "SELECT users.username, userInfo.* FROM users JOIN userInfo ON users.userID = userInfo.userID WHERE userInfo.userID = '$userID'";
$fetchInfoResult = $this->conn->queryDB($fetchInfoQuery);
$row = mysqli_fetch_array($fetchInfoResult, MYSQLI_ASSOC);
$count = mysqli_num_rows($fetchInfoResult);
if($count == 1) {
$username = $row['username'];
$firstName = $row['firstName'];
$lastName = $row['lastName'];
$emailAddress = $row['emailAddress'];
$address = $row['address'];
$city = $row['city'];
$province = $row['province'];
$country = $row['country'];
/*
// Create a Table to display the information
echo "<table id = 'userInfoTable'>";
// Create Rows and columns to store all the info
echo "<tr><td>Username:</td><td>$username</td></tr>";
echo "<tr><td>First Name:</td><td>$firstName</td></tr>";
echo "<tr><td>Last Name:</td><td>$lastName</td></tr>";
echo "<tr><td>E-Mail Address:</td><td>$emailAddress</td></tr>";
echo "<tr><td>Address:</td><td>$address</td></tr>";
echo "<tr><td>City:</td><td>$city</td></tr>";
echo "<tr><td>Province:</td><td>$province</td></tr>";
echo "<tr><td>Country:</td><td>$country</td></tr>";
// Close the table
echo "</table>";
*/
return true;
}
else {
return false;
}
}
// Log in function
function login($username, $password) {
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = $this->conn->queryDB($sql);
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
// Validate the hash of the password
$valid = password_verify($password, $row['password']);
if ($valid) {
// Set Session Variables
$_SESSION['username'] = $username;
$_SESSION['userID'] = $row['userID'];
return true;
}
}
// Check if user is already logged in function
function isLoggedIn() {
if(isset($_SESSION['username'])) {
return true;
}
}
// Redirect to different section of site function
function redirect($url) {
session_write_close();
header("Location: $url");
exit;
}
// Log out function
function logout() {
$_SESSION = array();
// Delete the cookies!
if(ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time()-42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Destroy the session
session_destroy();
}
/*
// Delete User Account
function deleteAccount() {
global $conn;
checkLoginStatus();
// Delete user info first
$sqlDeleteInfo = "DELETE FROM userInfo WHERE userID = '$userID'";
$deleteInfoResult = $conn->query($sqlDeleteInfo);
if($deleteInfoResult) {
echo "User info deleted successfully<br>";
$sqlDeleteAccount = "DELETE FROM users WHERE userID = '$userID'";
$deleteAccountResult = $conn->query($sqlDeleteAccount);
if ($deleteAccountResult){
echo "Account has been deleted successfully.<br>";
echo "Please click <a href = 'index.php'>here</a> to return to the index page.";
session_destroy();
}
else {
"Error while deleting account <br>";
}
}
else {
echo "Error while deleting user info<br>";
}
}*/
// End of class
}
?>
我相信问题出在重定向功能或注销功能本身的某个地方,但我终生无法弄清楚原因。会话仅在配置文件中启动,该文件包含在它需要的任何地方,并且我告诉站点销毁会话的唯一时间是在注销功能中,我仅在单击“注销”链接时调用在主页上。
我非常感谢人们可以提供的任何帮助。我花了比我想承认的时间更长的时间来解决这个问题。
非常感谢!
更新:我创建了一个新的 php 文件并测试了会话更新。会话在我的测试文件上完美更新。
sessionTest.php
<?php
include('config.php');
echo "This is testing " . $_SESSION['test'] . "sessions";
$_SESSION['test'] = "updating ";
//session_destroy();
?>
【问题讨论】:
-
你能尝试用其他三个php文件创建另一个目录并查看它们。它会转移会话吗?是的?问题出在您的 PHP 中。不?也许尝试重新安装 PHP...
-
抱歉,Koen,恐怕我没跟上。您的意思是创建一个包含 php 文件的新文件夹并查看 session 变量是否在那里工作?
-
是的,确实如此
-
Koen,查看我最近的更新。我创建了一个新文件并快速测试了会话更新。它在这个文件中工作正常,所以它一定是我的代码中的东西。我只是不知道它可能是什么
标签: php session session-variables