![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
天蓬老师Correction status:qualified
Teacher's comments:关于那个数组过滤函数, 代码可能写得过于简洁了, 但你现在就要习惯看这样的代码, 以后你会在更多商业 源码中看到这样的用法
Collection
Collection
1、我首先把登录验证整个流程画了出来;
2、考虑到请求验证分发页会花较多时间,将上次做的登录页拿来做了修改,快速完成了首页、登录、注册页;
3、然后写请求验证分发页,重点是将登录>注册>退出,挨个一边写一边查看效果修改代码!
这次作业对过滤器的使用要顺心很多了,在两个地方有卡壳,一是:action=”handle.php?action=login”漏掉了action=,导致switch一直无法启用反复查看才发现;二是:array_filter()函数和里面的function($user)没理解,回看视频并结合手册解释“该函数把输入数组中的每个键值传给回调函数。如果回调函数返回 true,则把输入数组中的当前键值返回给结果数组。数组键名保持不变。”才顺利理解了!
array_filter($users, function ($user) use ($email, $password) {return $email === $user['email'] && $password === $user['password'];}
<?php//首页//判断是否登录if (filter_has_var(INPUT_COOKIE,'user')) {$user = unserialize(filter_input(INPUT_COOKIE,'user'));}//print_r($user);?><!doctype html><html lang="en"><head><meta charset="UTF-8"><title>首页</title><link rel="stylesheet" href="index.css"></head><body><div><a href="">在线商城</a><!--登录状态判断--><?php if (isset($user)) : ?><a href="" id="logout"><span><?php echo $user['name'] ?></span>退出</a><?php else : ?><a href="login.php">登录</a><?php endif ?></div><script>// 为退出按钮创建事件监听器if (document.querySelector('#logout') !== null) {document.querySelector('#logout').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle.php?action=logout');}});}</script></body></html>
<?php//检查是否重复登录if (filter_input(INPUT_COOKIE, 'user')) {exit('<script>alert("请不要重复登录")</script>');}?><!doctype html><html lang="en"><head><meta charset="UTF-8"><title>用户登录</title><link rel="stylesheet" href="style.css"></head><body><div class="container"><h3>用户登录</h3><form action="handle.php?action=login" method="post"><span><label for="email">邮箱:</label><input type="email" name="email" id="email" placeholder="demo@php.cn" required autofocus></span><span><label for="password">密码:</label><input type="password" name="password" id="password" placeholder="请输入密码" required autofocus></span><span><button>立即登录</button></span></form><div><a href="register.php">还没账号,注册一个!</a></div></div></body></html>
<!doctype html><html lang="en"><head><meta charset="UTF-8"><title>用户注册</title><link rel="stylesheet" href="style.css"></head><body><div class="container"><h3>用户注册</h3><form action="handle.php?action=register" method="post" onsubmit="return compare()"><span><label for="name">昵称:</label><input type="text" name="name" id="name" placeholder="昵称不少于3个字符" required autofocus></span><span><label for="email">邮箱:</label><input type="email" name="email" id="email" placeholder="demo@php.cn" required autofocus></span><span><label for="p1">密码:</label><input type="password" name="p1" id="p1" placeholder="请输入密码" required></span><span><label for="p2">重复:</label><input type="password" name="p2" id="p2" placeholder="再次输入密码" required></span><span><button>立即注册</button><span id="tips" style="color: red"></span></span></form><div><a href="login.php">我有账号,直接登录!</a></div></div><script>// 验证二次密码是否相等?function compare() {if (document.forms[0].p1.value.trim() !== document.forms[0].p2.value.trim()) {document.querySelector('#tips').innerText = '二次密码不相等';return false;}}</script></body></html>
<?php// 用户资料$users = [['id' => 1,'name' => 'admin','email' => 'admin@php.cn','password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',],['id' => 2,'name' => 'peter','email' => 'peter@php.cn','password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',],];//1、验证请求来源合法性//合法的请求URL白名单$allowUrls = ['login.php', 'register.php', 'index.php'];//获取当前请求的入口地址$currentUrl = basename(filter_input(INPUT_SERVER, 'HTTP_REFERER'));//echo $currentUrl;//验证来源合法性if (!in_array($currentUrl, $allowUrls)) {exit('非法来源');}//2、请求的分发处理//获取到当前请求类型$action = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING);$action = strtolower($action);//echo $action;//分发处理switch ($action) {//登录case 'login'://(1)验证登录请求合法性if (filter_input(INPUT_SERVER, 'REQUEST_METHOD') === 'POST') {//(2)获取当前请求数据$email = filter_var(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL), FILTER_SANITIZE_EMAIL);$password = sha1(filter_input(INPUT_POST, 'password'));// echo $email, $password;$results = array_filter($users, function ($user) use ($email, $password) {return $email === $user['email'] && $password === $user['password'];});// print_r($results);if (count($results) === 1) {setcookie('user', serialize(array_pop($results)));exit('<script>alert("登录成功");location.href="index.php"</script>');} else {exit('<script>alert("邮箱或密码错误,或没有账号!");location.href="register.php"</script>');}} else {exit('请求非法');}break;//退出case 'logout'://检查cookie中是否有该用户,有则删除cookieif (filter_input(INPUT_COOKIE, 'user')) {setcookie('user', null, time() - 3600);exit('<script>alert("退出成功");location.href="index.php"</script>');}break;//注册case 'register'://处理注册信息if (filter_input(INPUT_SERVER, 'REQUEST_METHOD') === 'POST') {//获取注册信息$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);$email = filter_var(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL), FILTER_SANITIZE_EMAIL);$password = sha1(filter_input(INPUT_POST, 'password'));$id = 3;//打包注册信息$data = compact($name, $email, $password, $id);//注册信息写入资料库并提示if (array_push($users, $data)) {exit('<script>alert("注册成功");location.assign("index.php")</script>');}}break;//未定义操作default:exit('未定义的操作');}
<?php//开启会话session_start();//判断是否登录//if (filter_has_var(INPUT_COOKIE,'user')) {// $user = unserialize(filter_input(INPUT_COOKIE,'user'));//}//print_r($user);if (isset($_SESSION['user'])) {$user = $_SESSION['user'];}?><!doctype html><html lang="en"><head><meta charset="UTF-8"><title>首页</title><link rel="stylesheet" href="../index.css"></head><body><div><a href="">在线商城</a><!--登录状态判断--><?php if (isset($user)) : ?><a href="" id="logout"><span><?php echo $user['name'] ?></span>退出</a><?php else : ?><a href="login.php">登录</a><?php endif ?></div><script>// 为退出按钮创建事件监听器if (document.querySelector('#logout') !== null) {document.querySelector('#logout').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle.php?action=logout');}});}</script></body></html>
<?php//开启会话session_start();//检查是否重复登录if (isset($_SESSION['user'])) {exit('<script>alert("请不要重复登录")</script>');}?><!doctype html><html lang="en"><head><meta charset="UTF-8"><title>用户登录</title><link rel="stylesheet" href="../style.css"></head><body><div class="container"><h3>用户登录</h3><form action="handle.php?action=login" method="post"><span><label for="email">邮箱:</label><input type="email" name="email" id="email" placeholder="demo@php.cn" required autofocus></span><span><label for="password">密码:</label><input type="password" name="password" id="password" placeholder="请输入密码" required autofocus></span><span><button>立即登录</button></span></form><div><a href="register.php">还没账号,注册一个!</a></div></div></body></html>
<?php//开启会话session_start();// 用户资料$users = [['id' => 1,'name' => 'admin','email' => 'admin@php.cn','password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',],['id' => 2,'name' => 'peter','email' => 'peter@php.cn','password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',],['id' => 4,'name' => 'wener','email' => 'wener@php.cn','password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',]];//1、验证请求来源合法性//合法的请求URL白名单$allowUrls = ['login.php', 'register.php', 'index.php'];//获取当前请求的入口地址$currentUrl = basename(filter_input(INPUT_SERVER, 'HTTP_REFERER'));//echo $currentUrl;//验证来源合法性if (!in_array($currentUrl, $allowUrls)) {exit('非法来源');}//2、请求的分发处理//获取到当前请求类型$action = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING);$action = strtolower($action);//echo $action;//分发处理switch ($action) {//登录case 'login'://(1)验证登录请求合法性if (filter_input(INPUT_SERVER, 'REQUEST_METHOD') === 'POST') {//(2)获取当前请求数据$email = filter_var(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL), FILTER_SANITIZE_EMAIL);$password = sha1(filter_input(INPUT_POST, 'password'));// echo $email, $password;$results = array_filter($users, function ($user) use ($email, $password) {return $email === $user['email'] && $password === $user['password'];});// print_r($results);if (count($results) === 1) {$_SESSION['user'] = array_pop($results);exit('<script>alert("登录成功");location.href="index.php"</script>');} else {exit('<script>alert("邮箱或密码错误,或没有账号!");location.href="register.php"</script>');}} else {exit('请求非法');}break;//退出case 'logout'://检查是否有该用户,有则删除if (isset($_SESSION['user'])) {session_destroy();exit('<script>alert("退出成功");location.href="index.php"</script>');}break;//注册case 'register'://处理注册信息if (filter_input(INPUT_SERVER, 'REQUEST_METHOD') === 'POST') {//获取注册信息$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);$email = filter_var(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL), FILTER_SANITIZE_EMAIL);$password = sha1(filter_input(INPUT_POST, 'password'));$id = 3;//打包注册信息$data = compact($name, $email, $password, $id);//注册信息写入资料库并提示if (array_push($users, $data)) {exit('<script>alert("注册成功");location.assign("index.php")</script>');}}break;//未定义操作default:exit('未定义的操作');}
天蓬老师