为了账号安全,请及时绑定邮箱和手机立即绑定

分配 $_SESSION 变量

首页 猿问 分配 $_SESSION 变量

分配 $_SESSION 变量

PHP
浮云间 2022-10-14 16:17:19
如果我要使用 $_GET 方法获取用户名,如果我有多个用户登录,我会遇到问题。最新登录的用户会覆盖其他用户的信息(不在数据库中),如果前一个用户用户试图谈论他们的用户名将是最新用户的用户名。前任。用户 Xp10d3 登录。他的用户名仍然是 Xp10d3。用户 IiBlurBeriI 登录。Xp10d3 的用户名突然变成了 IiBlurBeriI 的用户名。我知道这样做的原因,但我想知道是否要将 $_SESSION 变量分配给 $_GET 变量,该变量会保持静态而不改变吗?如果没有,我该如何解决这个问题?login_check_update.php:<?php    session_start();    /* Sends an email to the user and adds the special key to another database */    $username = $_GET['username']; /* Gets the username that was submitted in the HTML form. */    $password = $_GET['password']; /* Gets the password that was submitted in the HTML form. */    $servername = "localhost"; /* MySQL database. Change if needed! Most of the time its not localhost unless you're hosting on your computer. */    $user = 'usernamelol'; /* MySQL username. Change if needed. */    $pass = 'passwordlol'; /* MySQL password. Change if needed. */    $dbname = 'vibemcform'; /* MySQL database name. Change if needed. */    $bytes = random_bytes(10); /* Randomized code */    $key = bin2hex($bytes); /* Makes the randomized code */    $link = "live.php";    $con = new mysqli($servername, $user, $pass, $dbname); /* Connects to the database */    $query = mysqli_query($con, "SELECT * FROM data WHERE (USERNAME = $username) AND password = $password");    if (!$query || mysqli_num_rows($query) == 1) {        echo "Found data in the database! Visit the chat!";        echo "<form action='live.php' method='post'><a href='".$link."'><input type='submit' name='btn1' value='$username'/></a></form>";        echo "Session ID: ". session_id() . ". ";    } else {        echo "Username not found/password incorrect. Please try again!";    }    $conn = null;    echo 'Username submitted: ' . $username . ' Password submitted: ' . $password . ' .'; exit;?>以下代码并不真正相关,因为我主要是复制它,因为我不知道如何进行实时聊天,但我了解其中的 98%:live.php:<?phpsession_start();$username = $_POST['btn1'];//Create a session of username and logging in the user to the chat roomif(isset($_POST['username'])){    $_SESSION['username']=$username;}
查看完整描述

1 回答

?
holdtom

TA贡献1805条经验 获得超10个赞

$_SESSION[""] 变量是全局变量。我以前不知道,但我现在知道了。我刚刚为每个注册的用户分配了每个变量。


<!DOCTYPE HTML>

<html>

<head>

    <style>

        body {

            text-align: center;

            font-family: sans-serif;

        }

        a {

            text-decoration: none;

            color: blue;

        }

        #logout {

            margin: 0 auto;

            text-align: center;

            border: 1px solid;

            border-radius: 5px;

            max-width:1024px;;

            height: 800px;

        }

    </style>

</head>

<body>

    <div id="logout">

        <?php

            session_start();

            /* Sends an email to the user and adds the special key to another database */

            $username = $_GET['username']; /* Gets the username that was submitted in the HTML form. */

            $password = $_GET['password']; /* Gets the password that was submitted in the HTML form. */

            $email = $_GET['email']; /* Gets the email that was submitted in the HTML form. */

            $servername = "localhost"; /* MySQL database. Change if needed! Most of the time its not localhost unless you're hosting on your computer. */

            $user = 'xxxx'; /* MySQL username. Change if needed. */

            $pass = 'xxxx'; /* MySQL password. Change if needed. */

            $dbname = 'vibemcform'; /* MySQL database name. Change if needed. */


            $bytes = random_bytes(10); /* Randomized code */

            $key = bin2hex($bytes); /* Makes the randomized code */


            $con = new mysqli($servername, $user, $pass, $dbname); /* Connects to the database */

            $query = mysqli_query($con, "SELECT * FROM `data` WHERE USERNAME='".$username."'"); /* Gets the username that was submitted */

            $hash = password_hash($password, PASSWORD_DEFAULT);

            $_SESSION['hash'] = $hash;

            $_SESSION['password_not'] = $password;

            if (mysqli_num_rows($query) > 0) { /* If the username exists... */

                    echo "ERROR: Username already exists. Please try signing up again.";

                    $con -> close();

                    exit;

            } else { /* If the username DOESN'T exist... */

                try {

                    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $user, $pass);

                    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

                    $sql = "INSERT INTO dont (STR, USERNAME, PASSWORD, EMAIL)

                    VALUES ('$key', '$username', '$hash', '$email')"; /* Insert all the data to the database */

                    $conn->exec($sql);

                }

                catch(PDOException $e) {

                    echo $sql . "<br>" . $e->getMessage();

                }

            }


            $conn = null;

            $msg = "localhost/vibemcform/verify.php?str=". $key . " Please verify your email!";

            $msg = wordwrap($msg,70);

            /*

            $headers = array("From: xp10d363@gmail.com",

                "X-Mailer: PHP/" . PHP_VERSION

            );

            */

            if (mail($email,"Verify your email",$msg/*, $headers*/)) {

                echo 'Message accepted to your email address! Check your email to verify your account.';

            } else {

                echo 'Message not sent to your email. Contact the owner of the website!';

            }

            exit;

        ?>


        <a href="index.html">Home</a>

    </div>

</body>

</html>



查看完整回答
反对 回复 2022-10-14
  • 1 回答
  • 0 关注
  • 135 浏览

添加回答

了解更多

举报

0/150
提交
取消
意见反馈 帮助中心 APP下载
官方微信