使用cookie和session 分别实现用户登录，验证，退出等基本操作--2019年4月18号

login.php文件代码

实例

<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">

    <title>登录</title>
</head>
<body>
<?php //echo isset($_SEEION['user_name']);?>
<?php session_start(); if(!empty($_SESSION['user_name'])):
include __DIR__.'/public/include/connect.php';
$sql='SELECT * FROM `user` WHERE `user_name`=:user_name';
$user_name=$_SESSION['user_name'];
$stmt=$pdo->prepare($sql);
$stmt->bindParam(':user_name',$user_name);
$stmt->execute();
if($stmt->fetch(PDO::FETCH_ASSOC)!=false):
     echo '<script> alert("您已登录");window.location.href="admin.php";</script>' ;
endif;
else:;
?>
<form action="check.php" method="post" onsubmit="return isEmpty()">
    <label for="email">邮箱：</label>
        <input type="email" name="email" id="email"><br>
    <label for="password">密码：</label>
        <input type="password" name="password" id="password"><br>
    <button>登录</button>
</form>
<?php endif;?>
<script type="text/javascript">
    function isEmpty() {
        var email = document.getElementById('email').value;
        var password = document.getElementById('password').value;
        if (email.length === 0 || password.length === 0 ) {
            alert('邮箱或密码不能为空');
            return false;
        }
    }
</script>
</body>
</html>

check.php文件代码

实例

<?php
include __DIR__.'/public/include/connect.php';
session_start();
if(isset($_SESSION['user_name']) ) {
    $sql = 'SELECT * FROM `user` WHERE `user_name`=:user_name AND `user_pw`=:password';
    $user_name = $_SESSION['user_name'];
    $password = $_SESSION['user_pw'];
    $stmt = $pdo->prepare($sql);
    $stmt->bindParam(':user_name', $user_name);
    $stmt->bindParam(':password', $password);
    $stmt->execute();
    if ($stmt->fetch(PDO::FETCH_ASSOC) != false) {
        echo '<script> alert("您已登录");window.location.href="admin.php";</script>';
    } else {
        echo '<script> alert("你的信息有误，请重新登录");window.location.href="login.php";</script>';
        session_unset();
        exit;
    }
}else if(count($_POST )===2 && isset($_SEEION['user_name'])===false){
    $email=$_POST['email'];
    $password=$_POST['password'];
    $sql='SELECT * FROM `user` WHERE `email`=:email AND `user_pw`=:password ';
//  LIMIT 1提取数量为1.ORDER BY user_id DESC按照user_id的倒序排列。
    $stmt=$pdo->prepare($sql);
    $date=['email'=>$email,'password'=>$password];
    $stmt->execute($date);
    $user=$stmt->fetch(PDO::FETCH_ASSOC);
    if($user===false){
        echo '<script> alert("账号或者密码错误，请重新输入");history.back()</script>';
        //window.location.href="login.php";JS跳转到指定页面的方法，histroy.back() JS中跳转到上一个页面的代码！
    }else{
        $_SESSION['user_name']=$user['user_name'];
        $_SESSION['user_pw']=$user['user_pw'];
        echo '<script> alert("账登录成功");window.location.href="admin.php"</script>';
    }
}else{
    echo '<script> alert("请先登录");window.location.href="login.php";</script>' ;
}

?>

admin.php文件代码

实例

<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport"
          content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>后台</title>
</head>
<body>
<?php session_start(); if(isset($_SESSION['user_name'])): //这里要再加一层数据库验证，是否能找到此账号，省略了?>
<h1>欢迎<?php echo $_SESSION['user_name'];?>登录</h1>
<?php else:echo '<script> alert("请先登录");window.location.href="login.php";</script>';?>
<?php endif;?>
<p><a href="loginout.php">退出</a></p>
</body>
</html>

loginout.php文件代码

实例

<?php
session_start();
if(isset($_SESSION['user_name'])){
    include __DIR__.'/public/include/connect.php';
    $sql='SELECT * FROM `user` WHERE `user_name`=:user_name';
    $user_name=$_SESSION['user_name'];
    $stmt=$pdo->prepare($sql);
    $stmt->bindParam(':user_name',$user_name);
    $stmt->execute();
    if($stmt->fetch(PDO::FETCH_ASSOC)!=false){
        session_unset();
        echo '<script> alert("退出成功");window.location.href="login.php";</script>';
    }
}else{
    echo '<script> alert("请先登录");window.location.href="login.php";</script>';
}