<?php
error_reporting(0);
$path = './tmp/';
$sess_name = session_name();
echo $sess_name;
$sess_id = $_GET[$sess_name];
echo $sess_id;
session_id($sess_id);
session_save_path($path);
session_start();
if ((trim($_POST['username'])) != 'tm' and (trim($_POST['password']) != '111'))
{
echo "<script>alert('用户名与密码错误!');location.href='index.php'</script>";
}
$_SESSION['admin'] = 'mrsoft';
?>
即便执行到以上的alert语句。但在location跳转之前仍然会执行后面的session属性赋值语句。