开发者

PHP- Fix problem where sessions only take effect after refreshing

问答 作者:

Please review this Stackoverflow post.

I have the same PHP problem as bob_cobb. Here's Brad Chrisite's answer:

Order of operations.

Place your session creation and test-for-validity check at the very top of the page so the rest of the page can make judgment calls off the existence of $_SESSION['username']

(Chances are you're trying to validate them inside the content area so your "yay" or "ney" message appears in the desired section of the document. Pretty, yes, but the whole开发者_Go百科 top-half of the page can't see that it's [potentially] a valid session.)

He is basically saying that session_start() and the conditionals that check for session variables should be at the top, so that the rest of the page could act based upon that.

However, my session-check is at the top of the page.

<?php
session_start();

if ($_SESSION['username']) 
//User is already logged in, echo the log out button.
...    

else 
//User is not logged in, echo the log in form & button.
...    

//Login form validation if user is not logged in and submitted form.
//At the end, create session variable ($_SESSION['username'])

//Destroy session if user pressed log out button.
session_destroy();
?>

Everything works fine, but, as with the poster of the other question, I have to refresh my page, to get the top script executed (the script that checks for $_SESSION['username']).

Why is that?

Do not echo anything before your entire control flow is finished. What I mean by this is that you should work to separate logic from display (even better: use a pattern like Model-View-Controller). In your case, maybe you can do something like this:

<?php
/* Place all your control logic at the beginning.
   Do not echo anything in this block. */

session_start();

if ($_SESSION['username']) {
  $loggedin = true;
} else {
  $loggedin = false;
  ...    

  //Login form validation if user is not logged in and submitted form.
  //If login succeeded, set $loggedin to true.
  //At the end, create session variable.
}

//Destroy session if user pressed log out button.
  session_destroy();

/* Only display logic below, we do not change any state here */

if($loggedin) {
  echo logout button
} else {
  echo login form
}
?>

The answer is simple. You need not unset the session after making the user registration. Try this 

<?php
session_start();

if ($_SESSION['username']) 
//User is already logged in, echo the log out button.
...    

else 
//User is not logged in, echo the log in form & button.
...    

//Login form validation if user is not logged in and submitted form.
//At the end, create session variable.

//Destroy session if user pressed log out button.
//session_destroy();
--- do a redirect or a refresh here .... 
?>

继续阅读:formsheaderphpsession

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9