检查是否登录了错误帮助!

 收藏

我这里的新手与此代码有错误。如果我使用正确的用户名和密码登录,则不会在首页上显示“对不起,请登录” :(打开页面时,我很难检查用户是否已登录。请帮助我!谢谢:)

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
        <?php
            //code to check if logged in or not
            include("include/session.php");
            if (!(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] != '')) {
            echo "<center><font face='Verdana' size='2' color=red>
            Sorry, Please login and use this page. </font></center><br/>";
            echo "<center><a href=\"login_form_admin.php\">Click Here to log in</a></center>"; 
            exit;
            }
        ?>
<html xmlns="http://www.w3.org/1999/xhtml">
    <body bgcolor="black" link="#FFFF00" vlink="#FFFC17" alink = "white">
        <?php
            include("include/session.php");
        ?>
        <p>
        <br/>
        <font face = "century gothic" size = "3" color = "#FFFC17"/>
        <?php
        if($session->logged_in){
        echo "&nbsp;&nbsp;&nbsp;Welcome <b>$session->username</b>, you are logged in. <br/>";
        }
        ?>

        <center>
        <a href = "homebody_admin.php">Home</a>&nbsp&nbsp&nbsp
        <a href = "settings_admin.php">Settings</a>&nbsp&nbsp&nbsp
        <?php echo "<a href=\"process.php\">Logout</a>"; ?>
        </center>

    </body>
</html>
回复
  • kesse 回复

    你好!它仍然没有用:)非常感谢Zagga的回复!这是session.php的代码:)

    <?
    include("database.php");
    include("form.php");
    
    class Session
    {
       var $username;            //Username given
       var $userid;              //Random value generated on current login
       var $userlevel;           //The level to which the user pertains
       var $time;                //Time user was last active (page loaded)
       var $logged_in;           //True if user is logged in, false otherwise
       var $userinfo = array();  //The array holding all user info
       var $url;                 //The page url current being viewed
       var $referrer;            //Last recorded site page viewed
       var $ip;                  //Remote IP address  
    
       function Session(){
          $this->ip = $_SERVER["REMOTE_ADDR"];
          $this->time = time();
          $this->startSession();
       }
    
       function startSession(){
          global $database;  
          session_start();   
    
          /* Determine if user is logged in */
          $this->logged_in = $this->checkLogin();
    
          /* Set referrer page */
          if(isset($_SESSION['url'])){
             $this->referrer = $_SESSION['url'];
          }else{
             $this->referrer = "/";
          }
    
          /* Set current url */
          $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
       }
    
       function checkLogin(){
          global $database; 
          /* Check if user has been remembered */
          if(isset($_COOKIE['cookname'])){
             $this->username = $_SESSION['username'] = $_COOKIE['cookname'];
          }
    
          if(isset($_SESSION['username'])){
             if($database->confirmUserName($_SESSION['username']) != 0){
                unset($_SESSION['username']);
                return false;
             }
    
             $this->userinfo  = $database->getUserInfo($_SESSION['username']);
             $this->username  = $this->userinfo['username'];
             return true;
          }
          else{
             return false;
          }
       }
    
       function login($subuser, $subpass, $subremember){
          global $database, $form;  
    
          /* Checks if this IP address is currently blocked*/   
          $result = $database->confirmIPAddress($this->ip);
    
          if($result == 1){
             $error_type = "access";
             $form->setError($error_type, "Access denied for ".TIME_PERIOD." minutes");
          } 
    
          /* Return if form errors exist */
          if($form->num_errors > 0){
             return false;
          }
    
          $error_type = "attempt";
          /* Username and password error checking */
          if(!$subuser || !$subpass || strlen($subuser = trim($subuser)) == 0){
             $form->setError($error_type, "Username or password not entered");
          }
    
          if($form->num_errors > 0){
             return false;
          }
    
          /* Checks that username is in database and password is correct */
          $subuser = stripslashes($subuser);
          $result = $database->confirmUserPass($subuser, $subpass);
    
          if($result == 1){
             $form->setError($error_type, "Invalid username or password.");
             $database->addLoginAttempt($this->ip);
          }
    
          if($form->num_errors > 0){
             return false;
          }
    
          /* Username and password correct, register session variables */
          $this->userinfo  = $database->getUserInfo($subuser);
          $this->username  = $_SESSION['username'] = $this->userinfo['username'];
    
    
          /* Null login attempts */
          $database->clearLoginAttempts($this->ip);
    
          if($subremember){
             setcookie("cookname", $this->username, time()+COOKIE_EXPIRE, COOKIE_PATH);
          }
    
          /* Login completed successfully */
          return true;
       }
    
       function logout(){
          global $database;  
    
          if(isset($_COOKIE['cookname'])){
             setcookie("cookname", "", time()-COOKIE_EXPIRE, COOKIE_PATH);
          }
    
          unset($_SESSION['username']);
    
          $this->logged_in = false;
    
       }
    };
    
    
    /* Initialize session object */
    $session = new Session;
    
    /* Initialize form object */
    $form = new Form;
    
    ?>
    

  • CM犯贱 回复

    我建议您先整理HTML。您混合了html和php。通过将您的绝大多数代码放在dtd之上,尝试使它们分开。您还使用了很多不推荐使用的html标签,例如center和fontface。使用css为您的网页设置样式,可以减少混乱的情况。您似乎在页面顶部没有session_start。这是传播会议的必要条件

  • 猪猪侠 回复

    耶! :)我发现了我的错误!非常感谢您帮助我实现这一目标!哈哈

  • 大人、恕罪 回复

    As diafol suggested, make sure you have session_start(); at the top of your page then try changing your first IF statement to:

    if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] == ''){
    

    这将检查是否未设置$ _SESSION ['logged_in']变量,或者是否已设置但该变量为空(比当前代码效率稍高)。 如果这不起作用,请将代码发布在session.php页面中,因为在设置会话变量时可能会出现错误。

  • 一南 回复

    关心2股?