Create a session in PHP

Asked

Viewed 450 times

1

I am trying to get the login system of my site to create a session for the logged-in user, causing it to appear your name on the next page he logs in, but it is not appearing. Follows the code:

verifi_login.php

<?php
session_start();  
$_SESSION['nome'] = $_POST['NOME'];  
$_SESSION['senha'] = $_POST['SENHA'];  

include 'bd.php';

if($_POST["NOME"] == "geral" && $_POST["SENHA"] == "geral"){
     echo
                "<script>
                 alert('Bem Vindo adm!');   
                 window.location.href='info_php.php';                
                 </script>";
}



$link = mysqli_connect($servidor,$usuario,$senha,$banco);

if(isset($_POST["NOME"]) && isset($_POST["SENHA"]))
    {
        if(!empty($_POST["NOME"]) && !empty($_POST["SENHA"]))
        {
                $sql = "select * from empresa where  NOME =             '".$_POST['NOME']."' and SENHA = '".$_POST['SENHA']."';";

                $result = $link ->query($sql);

            if($result->num_rows > 0) {

            $_SESSION['nome'] = $nome;
            $_SESSION['senha'] = $senha;

            echo
                "<script>
                 alert('Bem Vindo!');
                 window.location.href='index2.php';              
                 </script>";
            }               


            else{
                unset ($_SESSION['nome']);
                unset ($_SESSION['senha']);
                echo
                "<script>
                 alert('Login ou senha Incorreta!');               
                 </script>";

             }

index2.php

<?php
session_start();

if((!isset ($_SESSION['nome']) == true) and (!isset ($_SESSION['senha']) == true))
{
    unset($_SESSION['nome']);
    unset($_SESSION['senha']);
    header('location:index.php');
}
?>

<!DOCTYPE html>
<html>
<title>EVA system</title>
<meta charset="UTF-8">
<body>
<span>Bem-Vindo, <strong><?php echo $_SESSION['nome']; ?></strong></span><br>
  • And what warning messages appear?

  • It started right when you start the session, if you perform a var_dump in $_POST['NAME']; returns what?

  • @Andersoncarloswoss, alerts work correctly, just the part where the user name appears that is not working apparently.

  • That’s why I asked for the ones that show up, to find out which parts of the code are executed.

  • @Andersoncarloswoss Welcome! (when logged in correctly)

2 answers

1


The following lines are strange to me:

 $_SESSION['nome'] = $nome;
 $_SESSION['senha'] = $senha;

The variables $nome and $senha have not been instantiated, Session will be left with no data in the respective fields. You can remove these two lines as you are already assigning the values passed by POST before:

$_SESSION['nome'] = $_POST['NOME'];  
$_SESSION['senha'] = $_POST['SENHA']; 

0

Never save "sensitive" variables in the session without using any encryption, this data is often exposed by cookies or other PHP failures.

I advise you to learn Codeigniter, Laravel, Symfony or Slim3 for developing PHP Apps.

  • I agree with the first part, now the part exposed by cookies does not make sense.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.