在 PHP 中使用 require_once 和会话/验证系统和会话
我正在尝试做一个 Todo 网站,我已经完成了编程,但遇到了一些问题。
当尝试在会话中使用 require_once 时,它不起作用,我尝试使用代码的第二部分进行验证,一旦密码正确并提交,会话值“login”应设置为 true,但是它不会这样做,只是将我发送到代码第二部分中设置的错误文件。 感谢您的投入和帮助。
这是我的代码:
应该将 $_SESSION["login"] 设置为“true”的代码 ($_SESSION['login'] = true;)
<?php
require_once "B_session.php";
require_once "DB_connection.php";
$mysqli = connection();
$error = '';
$message = '';
if ($_SERVER["REQUEST_METHOD"] == "POST" && empty($error)){
if(!empty(trim($_POST['username']))){
$username = trim($_POST['username']);
if(!preg_match("/(?=.*[a-z])(?=.*[A-Z])[a-zA-Z]{4,}/", $username) || strlen($username) > 30){
$error .= "Der Benutzername entspricht nicht dem geforderten Format.<br />";}
} else {
$error .= "Geben Sie bitte den Benutzername an.<br />";
}
if(!empty(trim($_POST['password']))){
$password = trim($_POST['password']);
if(!preg_match("/(?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/", $password)){
$error .= "Das Passwort entspricht nicht dem geforderten Format.<br />";
}
} else {
$error .= "Geben Sie bitte das Passwort an.<br />";
}
if(empty($error)){
$query = "SELECT username, password, rights from users where username = ?";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("s", $username);
$stmt->execute();
if(!$stmt->bind_param("s", $username)){
$error .= 'bind_param() failed '. $mysqli->error . '<br />';
}
if(!$stmt->execute()){
$error .= 'execute() failed '. $mysqli->error . '<br />';
}
$result = $stmt->get_result();
if($result->num_rows){
$row = $result->fetch_assoc();
if(password_verify($password, $row["password"]))
$message .= "Sie sind nun eingeloggt";
$_SESSION['login'] = true;
$_SESSION['username'] = $row["username"];
$_SESSION['admin'] = $row["admin"];
if ($row["admin"]) {
header('Location: ../Administrator/A_home.php');
} else {
header('Location: Backend/U_home.php');
}
} else {
$error .= "Benutzername oder Passwort sind falsch";
}
} else {
$error .= "Benutzername oder Passwort sind falsch";
}
}
包含文件“B_session.php”的代码:
<?php
session_start();
session_regenerate_id();
if (!isset($_SESSION['login']) && $_SESSION['login'] == false) {
header("location: ../Backend/B_error.html");
}
我的登录表单:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="Styles.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<title>Registrierung</title>
</head>
<body>
<form action="Backend/loginPost.php" method="post">
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3">
<div class="panel panel-login">
<div class="panel-heading">
<div class="row">
<div class="col-xs-6">
<a href="login.php" id="login-form-link">Login</a>
</div>
<div class="col-xs-6">
<a href="adminlogin.php" class="active" id="register-form-link">register as admin</a>
</div>
</div>
<hr>
</div>
<div class="panel-body">
<div class="row">
<div class="col-lg-12">
<form id="login-form" action="Backend/loginPost.php" method="post" role="form">
<div class="form-group">
<input type="text" name="username" id="username" tabindex="1" class="form-control" placeholder="Username" required>
</div>
<div class="form-group">
<input type="password" name="password" id="password" tabindex="2" class="form-control" placeholder="Password" required>
</div>
<div class="form-group">
<div class="row">
<div class="col-sm-6 col-sm-offset-3">
<input type="submit" name="login" id="login" tabindex="4" class="form-control btn btn-login" value="Log In">
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</form>
</body>
</html>
I'm trying to do a Todo website, I am at the end of programming it but I got into some problems.
When trying to use require_once with sessions it won't work, I'm trying to make a verification with the second part of code, as soon as the password is right and submitted the session value "login" should be set to true, but It doesn't do it, and just sends me to the error file that is set in the second part of the code.
Thanks for your inputs and help.
Here is my code:
Code that should set my $_SESSION["login"] to "true" ($_SESSION['login'] = true;)
<?php
require_once "B_session.php";
require_once "DB_connection.php";
$mysqli = connection();
$error = '';
$message = '';
if ($_SERVER["REQUEST_METHOD"] == "POST" && empty($error)){
if(!empty(trim($_POST['username']))){
$username = trim($_POST['username']);
if(!preg_match("/(?=.*[a-z])(?=.*[A-Z])[a-zA-Z]{4,}/", $username) || strlen($username) > 30){
$error .= "Der Benutzername entspricht nicht dem geforderten Format.<br />";}
} else {
$error .= "Geben Sie bitte den Benutzername an.<br />";
}
if(!empty(trim($_POST['password']))){
$password = trim($_POST['password']);
if(!preg_match("/(?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/", $password)){
$error .= "Das Passwort entspricht nicht dem geforderten Format.<br />";
}
} else {
$error .= "Geben Sie bitte das Passwort an.<br />";
}
if(empty($error)){
$query = "SELECT username, password, rights from users where username = ?";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("s", $username);
$stmt->execute();
if(!$stmt->bind_param("s", $username)){
$error .= 'bind_param() failed '. $mysqli->error . '<br />';
}
if(!$stmt->execute()){
$error .= 'execute() failed '. $mysqli->error . '<br />';
}
$result = $stmt->get_result();
if($result->num_rows){
$row = $result->fetch_assoc();
if(password_verify($password, $row["password"]))
$message .= "Sie sind nun eingeloggt";
$_SESSION['login'] = true;
$_SESSION['username'] = $row["username"];
$_SESSION['admin'] = $row["admin"];
if ($row["admin"]) {
header('Location: ../Administrator/A_home.php');
} else {
header('Location: Backend/U_home.php');
}
} else {
$error .= "Benutzername oder Passwort sind falsch";
}
} else {
$error .= "Benutzername oder Passwort sind falsch";
}
}
code of the included file "B_session.php":
<?php
session_start();
session_regenerate_id();
if (!isset($_SESSION['login']) && $_SESSION['login'] == false) {
header("location: ../Backend/B_error.html");
}
My login form:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="Styles.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<title>Registrierung</title>
</head>
<body>
<form action="Backend/loginPost.php" method="post">
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3">
<div class="panel panel-login">
<div class="panel-heading">
<div class="row">
<div class="col-xs-6">
<a href="login.php" id="login-form-link">Login</a>
</div>
<div class="col-xs-6">
<a href="adminlogin.php" class="active" id="register-form-link">register as admin</a>
</div>
</div>
<hr>
</div>
<div class="panel-body">
<div class="row">
<div class="col-lg-12">
<form id="login-form" action="Backend/loginPost.php" method="post" role="form">
<div class="form-group">
<input type="text" name="username" id="username" tabindex="1" class="form-control" placeholder="Username" required>
</div>
<div class="form-group">
<input type="password" name="password" id="password" tabindex="2" class="form-control" placeholder="Password" required>
</div>
<div class="form-group">
<div class="row">
<div class="col-sm-6 col-sm-offset-3">
<input type="submit" name="login" id="login" tabindex="4" class="form-control btn btn-login" value="Log In">
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</form>
</body>
</html>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论