Community Learn Tools Library Leisure
search
English
Home > List of blog posts > COOKIE与SESSION存储与读取 - 第九期先上班20191126
Blogger Information
Blog 40
fans 3
comment 0
visits 48223
Special Recommendation
More>
Related recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
COOKIE与SESSION存储与读取 - 第九期先上班20191126
MArtian
Original
1268 people have browsed it

COOKIE登录

cookie.gif

INDEX页面判断是否登录来显示“登录”或“退出”按钮

// 1: 已登录: 显示出用户的登录信息, 显示退出按钮if (isset($_COOKIE['username'])) {
    echo '<p align="center">';
    echo '用户: ' . $_COOKIE['username'] . '已登录<br>';
    echo '<a href="dispatch.php?action=logout">退出</a>';
    echo '</p>';} else {
    // 2. 未登录,就跳转到登录页面
    echo '<p align="center"><a href="dispatch.php?action=login">请登录</a></p>';}

dispatch.php 请求分发页面

// 连接数据库require '../require/pdo_config.php';// 获取请求参数$action = isset($_GET['action']) ? $_GET['action'] : 'login';$action = htmlentities(strtolower(trim($action)));// 请求分发switch ($action) {
    // 1. 登录页面
    case 'login':
        // 加载登录表单
        include __DIR__ . '/login.php';
        break;

    // 2. 验证登录
    case 'check':
        include __DIR__ . '/check.php';
        break;

    // 3. 退出登录
    case 'logout':
        include __DIR__ . '/logout.php';
        break;

    // 默认操作
    default:
        header('Location: index.php');
        echo '<script>location.assign("index.php");</script>';}

login登录页面判断是否已登录,防止用户重复登录

<?php
    // 防止用户重复登录
    if (isset($_COOKIE['username'])) {
        echo '<script>alert("不要重复登录");location.assign("index.php");</script>';
    }?>

check判断用户登录,并把username存储到cookie,以此作为判断登录依据

$pdo = new PDO($dsn,$db['userName'],$db['userPwd']);if($_SERVER['REQUEST_METHOD']==='POST'){
    $username = $_POST['username'];
    $userpwd = md5($_POST['userpwd']);
    $sql = 'SELECT `username`,`userpwd` FROM `user` WHERE `username` = :username AND `userpwd` = :userpwd LIMIT 1';
    $stmt = $pdo->prepare($sql);
    $stmt->execute([':username'=>$username,':userpwd'=>$userpwd]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
    if(false === $user){
        echo '<script>alert("登录失败");history.back();</script>';
    }
    else{
        $stmt = $pdo->prepare('UPDATE `user` SET `logindate` =:logindate WHERE `username`=:username');
        $stmt -> execute([':logindate'=>$time,':username'=>$user['username']]);
        setcookie('username',$user['username']);
        echo '<script>alert("登录成功");location.assign("index.php");</script>';
        exit;
    }}else{
    die('请求错误');}unset($pdo);

退出登录操作

<?phpif(isset($_COOKIE['username'])){
    setcookie('username',null,time()-3600);
    echo '<script>alert("退出成功");location.assign("index.php");</script>';}else{
    echo '<script>alert("请先登录");location.assign("login.php");</script>';}

SESSION登录

session.gif

dispatch请求分发

<?phprequire_once 'require/pdo_config.php';session_start();$action = isset($_GET['action']) ? $_GET['action'] : 'login';$action = htmlentities(strtolower(trim($action)));switch($action){
    case 'login' :
        include __DIR__ . '/login.php';
        break;
    case 'check' :
        include __DIR__ .'/check.php';
        break;
    case 'logout' :
        include __DIR__ .'/logout.php';
        break;
    default :
        header('location:index.php');
        echo('<script>location.assign("index.php")</script>');}

判断用户登录是否成功

if($_SERVER['REQUEST_METHOD']==='POST'){
    $username = $_POST['username'];
    $userpwd = md5($_POST['userpwd']);
    $sql = 'SELECT `username`,`userpwd` FROM `user` WHERE `username` = :username AND `userpwd` = :userpwd LIMIT 1';
    $stmt = $pdo->prepare($sql);
    $stmt->execute([':username'=>$username,':userpwd'=>$userpwd]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
    if(false === $user){
        echo '<script>alert("登录失败");history.back();</script>';
    }
    else{
        $stmt = $pdo->prepare('UPDATE `user` SET `logindate` =:logindate WHERE `username`=:username');
        $stmt -> execute([':logindate'=>$time,':username'=>$user['username']]);
        $_SESSION['username']=$user['username'];
        echo '<script>alert("登录成功");location.assign("prepareInsert.php");</script>';
        exit;
    }}else{
    die('请求错误');}unset($pdo);

清空SESSION退出登录

if(isset($_SESSION['username'])){
    session_destroy();
    echo '<script>alert("退出成功");location.assign("index.php");</script>';}else{
    echo '<script>alert("请先登录");location.assign("login.php");</script>';}

总结

1.COOKIE与SESSION是php中非常有效的在多页面间跟踪用户的手段,其中COOKIE保存在客户端,SESSION保存在服务端,客户端COOKIE会被篡改,不应该保存敏感信息到COOKIE,相反SESSION可以存储用户密码等敏感信息,一些不必要的类似用户基础设置的信息可以保存在COOKIE中减少服务器压力。

2.使用$_COOKIE$_SESSION超全局变量来访问COOKIE和SESSION,值都是以数组形式存储的,设置COOKIE值使用setcookie()函数,参数为(下标,值,存储时间),其中存储时间以秒为单位,设置为60,COOKIE有效期就是1分钟,60*60就是1小时,60*60*24就是一天,以此类推。

3.如果要销毁COOKIE,只需要把它的有效时长设置为负数或使用unset()函数即可。

4.在使用SESSION之前需要使用session_start()先打开会话,才能对SESSION的值进行读写,销毁SESSION使用session_destroy()函数。



1.jpg2.jpg


Correcting teacher:查无此人查无此人

Correction status:qualified

Teacher's comments:完成的不错,继续加油
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
0 comments
Author's latest blog post