我在试图修复第二页上的会话时遇到问题。问题是,我可以在不登录的情况下导航到下一个页面,这一定意味着我没有正确使用会话
这是登录页面:
<?php
session_start();
$con = mysqli_connect("localhost","root","","user");
if ( isset($_POST['username'],$_POST['password']) ) {
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$select_user = "SELECT * FROM user WHERE Username = '$username' AND password ='$password'";
$run_user = mysqli_query($con, $select_user);
$check_user = mysqli_num_rows($run_user);
if ( $check_user > 0 ) {
$_SESSION['User']= $username;
header('location:ConnectionTest.php');
}
else {
echo "wrong username/password";
}
mysqli_close($con);
}
?>
这是登录页面将导航到的页面
<?php
session_start();
if ( !isset($_SESSION['User']) ) {
header('location:login.php');
}
$con = new mysqli("localhost", "root", "", "schema");
$result = $con->query("SHOW TABLES");
while ( $row = $result->fetch_row() ) {
$table = $row[0];
echo '<h3>',$table,'</h3>';
$result1 = $con->query("SELECT * FROM $table");
if ($result1) {
echo '<table cellpadding="0" cellspacing="0" class="db-table">';
$column = $con->query("SHOW COLUMNS FROM $table");
echo '<tr>';
while($row3 = $column->fetch_row()) {
echo '<th>'.$row3[0].'</th>';
} //endwhile $row3
echo '</tr>';
while($row2 = $result1->fetch_row() ) {
echo '<tr>';
foreach($row2 as $key=>$value) {
echo '<td>',$value,'</td>';
} //endforeach
echo '</tr>';
} //endwhile $row2
echo '</table><br />';
} //endif
} //endwhile $row
$con->close();
?>
尝试在header()
之后停止脚本。这可以防止already sent headers
,因此不会干扰会话:
header(...);
exit;