PHP登录系统/会话第一次不起作用

Question

如果我的描述有点模糊,那么在这里诊断这个问题有点困难.我有一个非常标准的登录系统,它在大多数情况下工作正常.我今天注意到一个问题,但是当我重新启动浏览器时......除非我首先访问admin2.php并导航回admin1.php,否则它不会在admin1.php上登录.

之后一切都很完美.我可以退出并重新登录.

这是我有的两个文件......

admin1.php

<style>
#form_contain {
    text-align: center;
}

form {
    display: inline-block;
    margin: 100px 0 0 !important;
}

label {
    display: table-cell !important;
    vertical-align: middle;
}

input[type='text'], input[type="password"] {
    float: left;
    display: table-cell !important;
    margin: 0 0 10px;
    height: 25px;
    width: 260px !important;
}
</style>

<?php
session_start();
include "lib/head.php";

function protect($string)
{
 $string = mysql_real_escape_string($string);
 return $string;
} 

$user = $_SESSION['username']; 

if(!$_POST['submit'])
{
    if ($_SESSION['logged'] == true) {
        include_once("admin_main.php");
        }
    else {

?>

<div id="form_contain">
    <form method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
        <label>Username:</label>
        <input type="text" name="username" maxlength="16">
        <br>
        <label>Password:</label>
        <input type="password" name="password" maxlength="16">
        <br>
        <br>
        <br>
        <input type="submit" name="submit" value="Login" class="btn">
    </form>
    <p id="alert"></p>  
</div>


<?php
    }
}
else
{
  $user = protect($_POST['username']);
  $pass = protect($_POST['password']);

if($user && $pass)
{
    $sql="SELECT id,username FROM catalog_users WHERE username='$user' AND password='$pass'";
    $query=mysql_query($sql) or die(mysql_error());

        if(mysql_num_rows($query) == 1)
        {
            $row = mysql_fetch_assoc($query); // mysql_fetch_assoc gets the value for each field in the row
            $_SESSION['id'] = $row['id']; //creates the first session var
            $_SESSION['username'] = $row['username']; // second session var
            $_SESSION['logged'] = true;

            echo '
                <script language="javascript">
                    window.location = "admin1.php";
                </script>";

            ';

        }
        else
       {
            echo '
                <script language="javascript">
                    window.location="admin_wrong.php";    
                </script>
            ';
        }   
}
else
{           
    echo '
        <script language="javascript">
            window.location="admin_wrong.php";    
        </script>
    ';
}
}
?>

admin2.php

<?php
session_start();
include('lib/head.php');


if (isset($_SESSION['logged']) && $_SESSION['logged'] == true) {
    echo "
        This is a secured page, welcome <b>".$_SESSION['username']."</b>
        <br>
        <br>
        <a href='admin1.php'>Back</a>
        <a href='logout.php'>Logout</a>

        ";
    }
else {
    echo "<b>Sorry, you cannot access this page</b>";
}   


?>

更新:<?php session_start()我的代码顶部之前的CSS 导致了问题

Answer 1

可能是因为你的登录代码来后你的HTML,所以它看起来像你是不是在即使脚本并在脚本的末尾记录您登录.

通常,您希望将PHP和HTML尽可能分开(在不同的文件中),并首先执行所有PHP业务逻辑,然后输出所有HTML.