正在设置会话但未传递会话数据
Session being set but session data not being passed
我遇到了会话问题。由于某种原因,正在设置会话,但未传递会话数据。我检查了会话路径,一切都是正确的。下面有一个登录处理程序,然后会话会在用户登录后进行检查。
我 var_dumped 会话并没有得到任何东西,但是 var_dumped 两个脚本上的 session_id() 并得到相同的会话 ID,表明正在建立会话,但是由于某种原因没有通过。
感谢您的帮助。
login_handler.php
<?php
session_name("tradesman");
session_start();
include '../includes/con.inc.php';
$errors = 0;
$email_address = $_POST['tradesman_email'];
$password = $_POST['tradesman_password'];
$remember_me = $_POST['tradesman_remember_me'];
$login_check = $dbh->prepare("SELECT * FROM tradesman WHERE email_address = :email_address");
$login_check->bindParam(':email_address', $email_address);
$login_check->execute();
if($login_check->rowCount() === 1){
}else{
$response["message"] = 'denied';
$errors++;
}
if($login_check->rowCount() === 1){
while($row = $login_check->fetch()) {
$db_password = $row['password'];
$tradesman_id = $row['tradesman_id'];
$trade_name = $row['trade_name'];
$email_address = $row['email_address'];
if (password_verify($password, $db_password)) {
$update_key = $dbh->prepare("UPDATE tradesman SET token=:token WHERE tradesman_id=:tradesman_id");
$update_key->bindParam(':token', $token);
$update_key->bindParam(':tradesman_id', $tradesman_id);
if($update_key->execute()){
$token = sha1(microtime());
$_SESSION['trade_name'] = $row['trade_name'];
$_SESSION['tradesman_id'] = $row['tradesman_id'];
$_SESSION['token'] = $token;
$response["message"] = 'tradesman_login_success';
}else{
$response["message"] = 'denied';
$errors++;
}
} else {
$response["message"] = 'denied';
$errors++;
}
}
}
echo json_encode($response);
exit();
?>
account.php - 登录后(仅会话检查)
<?php
session_name("tradesman");
session_start();
print_r($_SESSION['token']);
print_r($_SESSION['tradesman_id']);
print_r($_SESSION['trade_name']);
require_once 'includes/con.inc.php';
$session_key = $_SESSION['token'];
$check_user = $dbh->prepare("SELECT * FROM tradesman WHERE token =:session_key LIMIT 1");
$check_user->bindParam(':session_key', $session_key, PDO::PARAM_STR);
if($check_user->execute()) {
$check_user->setFetchMode(PDO::FETCH_ASSOC);
}
if($check_user->execute()){
if($check_user->rowCount() === 1){
while($row = $check_user->fetch()) {
$tradesman_id = $row['tradesman_id'];
}
}else{
header('Location:index.php');
exit();
}
}else{
header('Location:index.php');
exit();
}
?>
问题似乎出在您的第一个脚本中:
...
$update_key = $dbh->prepare("UPDATE tradesman SET token=:token WHERE tradesman_id=:tradesman_id");
// Here you bind the $token variable to the placeholder
$update_key->bindParam(':token', $token);
$update_key->bindParam(':tradesman_id', $tradesman_id);
// Here you execute the query, $token is not defined yet
if($update_key->execute()){
// Here you set the token, it will not be available in the database
$token = sha1(microtime());
$_SESSION['trade_name'] = $row['trade_name'];
$_SESSION['tradesman_id'] = $row['tradesman_id'];
$_SESSION['token'] = $token;
...
您在定义令牌之前在数据库中设置了令牌,因此您在数据库中设置了一个空值。
先定义token,然后存入数据库和session。
当您绑定参数时,将其移动到 if 语句之前应该这样做:
...
$token = sha1(microtime());
if($update_key->execute()){
...
我遇到了会话问题。由于某种原因,正在设置会话,但未传递会话数据。我检查了会话路径,一切都是正确的。下面有一个登录处理程序,然后会话会在用户登录后进行检查。
我 var_dumped 会话并没有得到任何东西,但是 var_dumped 两个脚本上的 session_id() 并得到相同的会话 ID,表明正在建立会话,但是由于某种原因没有通过。
感谢您的帮助。
login_handler.php
<?php
session_name("tradesman");
session_start();
include '../includes/con.inc.php';
$errors = 0;
$email_address = $_POST['tradesman_email'];
$password = $_POST['tradesman_password'];
$remember_me = $_POST['tradesman_remember_me'];
$login_check = $dbh->prepare("SELECT * FROM tradesman WHERE email_address = :email_address");
$login_check->bindParam(':email_address', $email_address);
$login_check->execute();
if($login_check->rowCount() === 1){
}else{
$response["message"] = 'denied';
$errors++;
}
if($login_check->rowCount() === 1){
while($row = $login_check->fetch()) {
$db_password = $row['password'];
$tradesman_id = $row['tradesman_id'];
$trade_name = $row['trade_name'];
$email_address = $row['email_address'];
if (password_verify($password, $db_password)) {
$update_key = $dbh->prepare("UPDATE tradesman SET token=:token WHERE tradesman_id=:tradesman_id");
$update_key->bindParam(':token', $token);
$update_key->bindParam(':tradesman_id', $tradesman_id);
if($update_key->execute()){
$token = sha1(microtime());
$_SESSION['trade_name'] = $row['trade_name'];
$_SESSION['tradesman_id'] = $row['tradesman_id'];
$_SESSION['token'] = $token;
$response["message"] = 'tradesman_login_success';
}else{
$response["message"] = 'denied';
$errors++;
}
} else {
$response["message"] = 'denied';
$errors++;
}
}
}
echo json_encode($response);
exit();
?>
account.php - 登录后(仅会话检查)
<?php
session_name("tradesman");
session_start();
print_r($_SESSION['token']);
print_r($_SESSION['tradesman_id']);
print_r($_SESSION['trade_name']);
require_once 'includes/con.inc.php';
$session_key = $_SESSION['token'];
$check_user = $dbh->prepare("SELECT * FROM tradesman WHERE token =:session_key LIMIT 1");
$check_user->bindParam(':session_key', $session_key, PDO::PARAM_STR);
if($check_user->execute()) {
$check_user->setFetchMode(PDO::FETCH_ASSOC);
}
if($check_user->execute()){
if($check_user->rowCount() === 1){
while($row = $check_user->fetch()) {
$tradesman_id = $row['tradesman_id'];
}
}else{
header('Location:index.php');
exit();
}
}else{
header('Location:index.php');
exit();
}
?>
问题似乎出在您的第一个脚本中:
...
$update_key = $dbh->prepare("UPDATE tradesman SET token=:token WHERE tradesman_id=:tradesman_id");
// Here you bind the $token variable to the placeholder
$update_key->bindParam(':token', $token);
$update_key->bindParam(':tradesman_id', $tradesman_id);
// Here you execute the query, $token is not defined yet
if($update_key->execute()){
// Here you set the token, it will not be available in the database
$token = sha1(microtime());
$_SESSION['trade_name'] = $row['trade_name'];
$_SESSION['tradesman_id'] = $row['tradesman_id'];
$_SESSION['token'] = $token;
...
您在定义令牌之前在数据库中设置了令牌,因此您在数据库中设置了一个空值。
先定义token,然后存入数据库和session。
当您绑定参数时,将其移动到 if 语句之前应该这样做:
...
$token = sha1(microtime());
if($update_key->execute()){
...