POST 变量在 SESSION 中不起作用答案

【问题标题】：POST variable is not working in SESSIONPOST 变量在 SESSION 中不起作用
【发布时间】：2019-01-01 05:34:30
【问题描述】：

我想将login.php POST 变量$user_key 和$user_id 的值传递给我使用过会话的另一个文件statusdata.php。在statusdata.php 中，我想在statusdata.php 文件的SQL 查询中使用那些会话变量值。

为了在login.php中实现这一点，我首先将POST变量$_POST["user_key"]和$_POST["id"]的值分别传递给变量$user_key和$user_id，然后我将变量$user_key和$user_id的值传递给会话变量$_SESSION["key"] 和$_SESSION["id"] 分别在statusdata.php 中调用会话变量并将它们的值传递给$user_key 和$user_id 的变量statusdata.php

现在问题是值 POST 变量 $_POST["user_key"] & $_POST["id"] 不会去到statusdata.php 的会话，但是如果我在login.php 中给出$user_key 和$user_id 的直接值，那么会话工作正常但不能使用POST 变量

再次，我想清除 POST 变量正在通过一个 android 应用程序从用户那里获取值，该应用程序要求 id 和 key 从 login.php 对用户进行身份验证，然后移动到另一个屏幕并检索与输入相关的数据id 和 key 使用 statusdata.php

帮我在会话中从login.php 获取post 变量的值，以便在statusdata.php 中使用它

login.php

<?php

// Start the session
session_start();

require "conn.php";

if (isset($_POST["id"])) {
  $user_id = mysqli_real_escape_string($conn,$_POST["id"]);
}

if (isset($_POST["user_key"])) {
  $user_key = mysqli_real_escape_string($conn,$_POST["user_key"]);
}

/* USING THESE DIRECT VALUE IN PLACE OF POST VARIABLE IS WORKING FINE IN SESSION FOR BOTH `login.php` and `statusdata.php` which indicate there is no problem with `statusdata.php` but using POST variable is working fine for `login.php` as authenticating user with `id` and `key` but value of POST variable is not going to session in `statusdata.php`.  

$user_key = "8c9333343c6c4222418edb1d7c9f84d051610526085960a1732c7c3d763fff64ec7f5220998434c896dda243ae777d0fb213f36b9b19f7e4a244d5c993b8dfed";
$user_id = "96";
*/

$mysql_qry = "select * from applications where application_key = '".$user_key."' and application_id = ".$user_id." ;";

$result = mysqli_query($conn, $mysql_qry);
if (mysqli_num_rows($result) > 0){
    $_SESSION["key"] = $user_key;
    $_SESSION["id"] = $user_id;
    echo "Login Success";
} else {
    echo "Login Not Success";   
}

?>

statusdata.php

<?php
// Start the session
session_start();

require "conn.php";

$user_key = "-1";
if (isset($_SESSION["key"])) {
  $user_key = $_SESSION["key"];
}

$user_id = "-1";
if (isset($_SESSION["id"])) {
  $user_id = $_SESSION["id"];
}

 //creating a query
 $stmt = $conn->prepare("SELECT applications.application_id, applications.applicant_name, applications.applicant_aadhaar, applications.applicant_phone, applications.subject, applications.date, applications.description, applications.chairperson_remark, applications.status, officer_accounts.name_of_officer, applications.officer_remark, applications.last_update_on 
FROM applications INNER JOIN officer_accounts ON applications.account_id = officer_accounts.account_id 
WHERE applications.application_id = ? AND applications.application_key = ? ;");

 $stmt->bind_param('ss',$user_id,$user_key);

 //executing the query 
 $stmt->execute();

 //binding results to the query 
 $stmt->bind_result($id, $name, $aadhaar, $phone, $subject, $date, $description, $chairperson, $status, $officername, $officerremark, $lastupdate);

 $applications = array(); 

 //traversing through all the result 
 while($stmt->fetch()){
 $temp = array();
 $temp['applications.application_id'] = $id; 
 $temp['applications.applicant_name'] = $name; 
 $temp['applications.applicant_aadhaar'] = $aadhaar; 
 $temp['applications.applicant_phone'] = $phone; 
 $temp['applications.subject'] = $subject;
 $temp['applications.date'] = $date;
 $temp['applications.description'] = $description;
 $temp['applications.chairperson_remark'] = $chairperson;
 $temp['applications.status'] = $status;
 $temp['officer_accounts.name_of_officer'] = $officername;
 $temp['applications.officer_remark'] = $officerremark;
 $temp['applications.last_update_on'] = $lastupdate;
 array_push($applications, $temp);
 }

 //displaying the result in json format 
 echo json_encode($applications);

 // remove all session variables
session_unset(); 

// destroy the session 
session_destroy(); 

?>

注意 - 我正在以 JSON 格式获取 statusdata.php SQL 查询的输出，因为最后我在 android 中提取它。

请帮助我，我已经尝试了其他类似问题所建议的所有方法，但没有任何帮助

【问题讨论】：

对查询的错误报告和错误检查是一个开始。
这里也没有 HTML
这些是 Android 应用程序的 PHP 脚本 HTML 不是必需的，我已经提到过
在任何情况下，请参阅我的第一条评论。您没有检查错误并假设它按原样工作。
我已经尝试过错误检查，但我不明白为什么 post 变量没有进入 statusdata.php

标签： php mysql sql session post

【解决方案1】：

您的 SQL 语句有问题：

$mysql_qry = "select * from applications where application_key = '".$user_key."' and 
application_id = '".$user_id."' ;";

将其更改为：

$mysql_qry = "select * from applications where application_key = '".$user_key."' and 
application_id = ".$user_id." ;";

application_id 的数据类型很有可能是整数。尝试在 MySQL 提示符下运行它。如果继续，它将显示错误！

【讨论】：

bhai post 对login.php 工作正常我想做的是使用statusdata.php 中的 post 变量的值
你检查过我提到的SQL语句吗？

【解决方案2】：

我认为，您的问题与您在分配 $_SESSION 值之前放置的 if 语句有关。您可以检查您的数据库中是否有与您的查询相对应的数据，否则您将永远不会在 statusdata.php 文件中获得这两个会话值。您可以通过分配不带if 语句的$_SESSION 值来检查我的答案，然后尝试再次访问它们。

【讨论】：

用if和没有if两种方式都试过了，没有区别，问题仍然存在

【解决方案3】：

不是一个完整的答案，而是对脚本的一些改进：

login.php：

<?php

// Start the session
session_start();

require "conn.php";

if (isset($_POST["id"])) {
  $user_id = $conn->real_escape_string($_POST["id"]);
}

if (isset($_POST["user_key"])) {
  $user_key = $conn->real_escape_string($_POST["user_key"]);
}

// check output is as expected
echo "ID:" . $user_id;
echo "Key:" . $user_key;

/* USING THESE DIRECT VALUE IN PLACE OF POST VARIABLE IS WORKING FINE IN SESSION FOR BOTH `login.php` and `statusdata.php` which indicate there is no problem with `statusdata.php` but using POST variable is working fine for `login.php` as authenticating user with `id` and `key` but value of POST variable is not going to session in `statusdata.php`.  

$user_key = "8c9333343c6c4222418edb1d7c9f84d051610526085960a1732c7c3d763fff64ec7f5220998434c896dda243ae777d0fb213f36b9b19f7e4a244d5c993b8dfed";
$user_id = "96";
*/

$mysql_qry = <<<EOF
SELECT * from applications
WHERE application_key = "{$user_key}" and application_id = "{$user_id}"
EOF;

$result = $conn->query($mysql_qry);
if ($result->num_rows() > 0) {
    $_SESSION["key"] = $user_key;
    $_SESSION["id"] = $user_id;
    echo "Login Success";
} else {
    echo "Login Not Success";   
}

?>

Statusdata.php：

<?php
// Start the session
session_start();

require "conn.php";

// use ternary operators, you can even try ?: operator
$user_key = isset($_SESSION["key"]) ? $_SESSION["key"] : '-1';
$user_id = isset($_SESSION["id"]) ? $_SESSION["id"] : '-1';

// use heredocs for creating a query, they let you format your query neatly
// also try using shorter names 
$query = <<<EOF
SELECT app.application_id, app.applicant_name, 
    app.applicant_aadhaar, app.applicant_phone, 
    app.subject, app.date, app.description, 
    app.chairperson_remark, app.status, 
    oa.name_of_officer, app.officer_remark, 
    app.last_update_on 
FROM applications app
INNER JOIN officer_accounts oa
ON app.account_id = oa.account_id 
WHERE app.application_id = ? AND app.application_key = ? ;
EOF;

$stmt = $conn->prepare($query);
$stmt->bind_param('ss',$user_id,$user_key);    
//executing the query 
$stmt->execute();

$applications = array(); 
$result = $stmt->get_result();

// get the rows, use fetch_object or fetch_array
while ($row = $result->fetch_object()) {
    $applications[] = $row;
}

//displaying the result in json format 
echo json_encode($applications);

// remove all session variables
session_unset(); 

// destroy the session 
session_destroy(); 

?>

【讨论】：

尝试在第一个脚本中打印 $user_key 和 $user_id 的值，以检查 mysqli_escape_string 是否没有破坏它们。还要回显第二个脚本中的值，看看它们是否是从 $_SESSION 中检索到的好吗
再次发生了同样的事情，我在帖子中提到了在 login.php 中为 id 和 key 提供直接值然后 echo $user_key 和 $user_id 在 login.php 和 statusdata.php 中都有效但是使用 POST 代替直接值，它适用于 login.php，但这些值在 statusdata.php 中不起作用