PHP sessions not being set_问答_开发者_运维开发者技术经验分享

I have a code which logs in via AJAX and then passes the data to a .php file to check it against the SQL. for a test, the username and password is me - me however even tho this comes back from the check it doesn't log me in, it seems like the session is not being set.

log.php

<script type="text/javascript">
$(document).ready(function()
{
$("#login_form").submit(function()
{
    //remove all the 开发者_运维知识库class add the messagebox classes and start fading
                $("#msgbox").removeClass().addClass('messagebox').text('Validating....').fadeIn(1000);
    //check the username exists or not from ajax
    $.post("ejaxlog.php",{    username:$('#username').val(),password:$('#password').val(),rand:Math.random() } ,function(data)
    {
      if($.trim(data)=='yes') //if correct login detail
      {
        $("#msgbox").fadeTo(200,0.1,function()  //start fading the messagebox
        { 
          //add message and change the class of the box and start fading
          $(this).html('Logging in.....').addClass('messageboxok').fadeTo(900,1,
          function()
          { 
             //redirect to secure page
             document.location='http://www.google.com';
          });

        });
      }
      else 
      {
        $("#msgbox").fadeTo(200,0.1,function() //start fading the messagebox
        { 
          //add message and change the class of the box and start fading
          $(this).html('Your login detail   sucks...').addClass('messageboxerror').fadeTo(900,1);
        });     
      }

    });
    return false; //not to post the  form physically
});
//now call the ajax also focus move from 
$("#password").blur(function()
{
    $("#login_form").trigger('submit');
});
   });
  </script>

  <link type="text/css" href="formboxes.css" rel="stylesheet">

  </head>

  <body>
   <?
  echo $_SESSION['u_name'];?>
  <form method="post" action="" id="login_form">
 <div align="center">

 <div >
  User Name : <input name="username" type="text" id="username" value="" maxlength="20" />

 </div>
 <div style="margin-top:5px" >
  Password :
  &nbsp;&nbsp;
 <input name="password" type="password" id="password" value="" maxlength="20" />

 </div>
 <div class="buttondiv">
 <input name="Submit" type="submit" id="submit" value="Login" style="margin-left:-10px; height:23px"  /> <span id="msgbox" style="display:none"></span>

</div>

  </div>
</form>

this then checks the MySQL via the next code, is it is successful it echos out "yes" which i see in my HTTP headers (so must be correct) but it doesnt redirect me to "eindex.php" as specified in the log.php file.

 <?php
session_start();
require("../mcfrdb.php");
 // Included database once using the require method
?>

  <?php


$username = mysql_real_escape_string(stripslashes($_POST['username']));
$pass = mysql_real_escape_string(stripslashes($_POST['password'])); 


$result = mysql_query("SELECT user, pass FROM mcfruse WHERE user='$username'")or die(mysql_error());
$row=mysql_fetch_array($result); 

 if(mysql_num_rows($result)>0)
{

    if(strcmp($row['pass'],$pass)==0)
    {
            echo "yes";
            $_SESSION['name']=$username;
    }
    else
            echo "no";
}
else
    echo "no";

My HTML when using firebug says

yes

so the yes is being echo'ed which means it passes the right pwd and it validates, but it still says "Login detail sucks" and doesnt redirect me to eindex.php

eindex.php

<?php
session_start();
if(!isset($_SESSION['name']))
header("Location:../index.php");
 //if logout then destroy the session and redirect the user
if(isset($_GET['logout']))
 {
 session_destroy();
 header("Location:../index.php");
 }

 require("../mcfrdb.php");
 ?>

I've checked the code over a few times but couldnt find anything. All replies and any help appreciated. Many thanks.

EDIT: even adding in the md5 pwd hashing (omitted from this code) i still get "yes" and when I echo the username and hash, they are bot matching, the session is not being set still however and not redirecting me. on if($.trim(data)=='yes')

Any page you access via AJAX is a separate request and you will need to call session_start() in order for the session super global to be populated.

Your ejaxlog.php returns yes? Are you sure? Try adding alert(data) or console.log(data) to see what does it return. Seems that your script returns not yes or not only yes (may be, some error?). Obviously, you are not redirected because your JavaScript receives not appropriate string, so it does not redirects you. Again, try logging/alerting the data which is returned by the script. Or install something like FireBug for FireFox to see all the requests done by the JavaScript.

use session_start() at the top of your ejaxlog.php page