0

ファイルシステムのディレクトリ作業のために、セッション変数にいくつかの要素を追加しようとしましたが、いくつか追加できないことに気付きました。ここに私が持っているものがあります:

    <?php
#login.php

// This page processes the login form submission.

// Upon successful login, the user is redirected.

// Two included files are necessary.

// Check if the form has been submitted:

if(isset($_POST['submitted']))
{

    // For processing the login:

    require_once ('login_functions.php');

    // Need the database connection:

    require_once ('../mysqli_connect.php');

    // Check the login:

    list ($check, $data) = check_login($dbc, $_POST['email'], $_POST['pass']);

    if ($check) //OK!
    {
        // set the session data:

      session_start();

      $_SESSION['user_id'] = $data['user_id'];

      $_SESSION['first_name'] = $data['first_name'];

      $_SESSION['company_name'] = $data['company_name'];

      $_SESSION['email'] = $data['email'];


      // Store the HTTP_USER_AGENT:

      $_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);

        //Redirect:

        $url = absolute_url ('loggedin.php');

        header("Location: $url");

        exit(); // Quit the script.

    }
    else // Unsuccessful!
    {

       // Assign $data to $errors for error reporting
        // in the login_functions.php file.

        $errors = $data;

    }

    mysqli_close($dbc); // Close the database connection


} //End of the main submit conditional

//Create the page:

include('login_page_inc.php');



?>

ログイン機能は次のとおりです。

    <?php #login_functions.php

//This page defines two functions used by the login/logout process.

/*This function determines and returns an absolute URL.
 * It takes one argument: the page that concludes the URL.
 * The argument defaults to index.php
 */

function absolute_url ($page = 'about.php')
{
    //Start defining the URL...
    //URL is http:// plus the host name plus the current directory:

    $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);

    // Remove any trailing slashes:

    $url = rtrim($url, '/\\');

    // Add the page:
    $url .= '/' . $page;

    // Return the URL:

    return $url;

}//End of absolute_url() function.

/*This function validates the form data (email address and password).
 * If both are present, the database is queried.
 * The function requires a database connection
 * The function returns an array of information, including:
 *  - a TRUE/FALSE variable indicating success
 * - an array of either errors or the database result
 */

function check_login($dbc, $email = '', $pass = '')
{
    $errors = array(); // Initialize error array.

    // Validate the email address:

    if (empty($email))
    {
        $errors[] = 'You forgot to enter your email address.';
    }
    else
    {
        $e = mysqli_real_escape_string($dbc, trim($email));
    }

    // Validate the password:

    if (empty($pass))
    {
        $errors[] = 'You forgot to enter your password.';
    }
    else
    {
        $p = mysqli_real_escape_string($dbc, trim($pass));
    }

    if(empty($errors)) //If everything's OK.
    {
        // Retrieve the user_id and first_name for that email/password combo

        $q = "SELECT user_id, first_name, email FROM
            user WHERE email='$e' AND pass=SHA1('$p')";

        $r = @mysqli_query ($dbc, $q); // Run the query.

        //Check the result:

        if (mysqli_num_rows($r)==1)
        {
            //Fetch the record:

            $row = mysqli_fetch_array($r, MYSQLI_ASSOC);

            // Return true and the record:

            return array (true, $row);


        }
        else //Not a match for writer, check the publisher table
        {
            $q = "SELECT pub_id, company_name, cemail FROM
                pub WHERE cemail='$e' AND password=SHA1('$p')";

            $r = @mysqli_query ($dbc, $q);

            if (mysqli_num_rows($r)==1)
         {
            //Fetch the record:

            $row = mysqli_fetch_array($r, MYSQLI_ASSOC);

            // Return true and the record:

            return array (true, $row);

        }
        else
        {
            echo '<p>Invalid Credentials</p>';

         }
        }

    } // End of empty($errors) IF.

    // Return false and the errors:

    return array(false, $errors);

} // End of check_login() function.


?>

注: $_SESSION['first_name'] と $_SESSION['company_name'] は常に正しく機能していましたが、email と user_id の追加は機能していません。前もって感謝します。

4

1 に答える 1

1

ログイン関数は「pub_id」と「cemail」を返すため、email と user_id はパブリッシャーには機能しません。これを修正するには、SQL を次のように変更します。

        $q = "SELECT pub_id as user_id, company_name, cemail AS email FROM 
            pub WHERE cemail='$e' AND password=SHA1('$p')"; 
于 2012-05-18T04:53:14.783 に答える