DedeCMS V5.7使用session_register()在PHP5.4以上无法登录后台

想试试织梦的产品,下载了DedeCMS V5.7版本,在本地部署后,正确登录后台的情况下页面没有任何输出和显示(错误登录或密码错误时才有显示),也没有报错。进到脚本调试,发现问题出在登录页login.php中以下部分。
login.php
$cuserLogin = new userLogin($admindir);
        if(!empty($userid) && !empty($pwd))
        {
            $res = $cuserLogin->checkUser($userid,$pwd);
            //success
            if($res==1)
            {
                $cuserLogin->keepUser();//此处以下无输出
                if(!empty($gotopage))
                {
                    ShowMsg('成功登录,正在转向管理管理主页!',$gotopage);
                    exit();
                }
                else
                {
                    ShowMsg('成功登录,正在转向管理管理主页!',"index.php");
                    exit();
                }
echo "ok";
            }
...

到封装userLogin类所在的脚本userlogin.class.php中查看(路径./include/),所用的keepUser()方法代码如下:

userlogin.class.php

function keepUser()
{
if($this->userID != '' && $this->userType != '')
{
global $admincachefile,$adminstyle;
if(empty($adminstyle)) $adminstyle = 'dedecms';

@session_register($this->keepUserIDTag);
$_SESSION[$this->keepUserIDTag] = $this->userID;

@session_register($this->keepUserTypeTag);
$_SESSION[$this->keepUserTypeTag] = $this->userType;

@session_register($this->keepUserChannelTag);
$_SESSION[$this->keepUserChannelTag] = $this->userChannel;

@session_register($this->keepUserNameTag);
$_SESSION[$this->keepUserNameTag] = $this->userName;

@session_register($this->keepUserPurviewTag);
$_SESSION[$this->keepUserPurviewTag] = $this->userPurview;

@session_register($this->keepAdminStyleTag);
$_SESSION[$this->keepAdminStyleTag] = $adminstyle;

PutCookie('DedeUserID', $this->userID, 3600 * 24, '/');
PutCookie('DedeLoginTime', time(), 3600 * 24, '/');

$this->ReWriteAdminChannel();

return 1;
}
else
{
return -1;
}
}

把@去掉,session_register()报出错误:
     Call to undefined function session_register()
证实了问题来源于此。查手册的描述如下:
"版本:(PHP 4, PHP 5 < 5.4.0)"
"本函数已自 PHP 5.3.0 起废弃并将自 PHP 5.4.0 起移除。"

session_register()在PHP5.4后来的版本中已经多余,可以省去而直接用$_SESSION['abc'] ="" ;

查看Stack Overflow关于此方法的问题。

解决方法:去掉或注释掉所有的session_register(),改用直接存$_SESSION数组。
...
//session_register($this->keepUserIDTag);
$_SESSION[$this->keepUserIDTag] = $this->userID;

//session_register($this->keepUserTypeTag);
$_SESSION[$this->keepUserTypeTag] = $this->userType;

//session_register($this->keepUserChannelTag);
$_SESSION[$this->keepUserChannelTag] = $this->userChannel;

//session_register($this->keepUserNameTag);
$_SESSION[$this->keepUserNameTag] = $this->userName;

//session_register($this->keepUserPurviewTag);
$_SESSION[$this->keepUserPurviewTag] = $this->userPurview;

//session_register($this->keepAdminStyleTag);
$_SESSION[$this->keepAdminStyleTag] = $adminstyle;
...

修改后就正常显示了。

我是从织梦主页上下载的"最新"版本,很奇怪难道没有人遇到同样的问题吗。这种问题既然这里能出现,别的部分就无法保证不会有更多这样的隐患存在了。
支付宝扫码打赏 微信扫码打赏

如果本文对你有帮助,欢迎打赏本站

喜欢 ()or分享
    匿名评论
  • 评论
人参与,条评论