Community Learn Tools Library Leisure
search
English
Home > List of blog posts > PHP会话控制实战cookie、session------PHP培训十期线上班 学号:510251 01月14日作业
Blogger Information
Blog 119
fans 3
comment 1
visits 94698
Special Recommendation
More>
Related recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
PHP会话控制实战cookie、session------PHP培训十期线上班 学号:510251 01月14日作业
赵大叔
Original
782 people have browsed it

PHP会话控制实战cookie、session

1、数据保存在客户端浏览器上,如果浏览器关闭cookie,则无法使用
2、创建cookie:setcookie(名称,值,[过期时间])
3、使用cookie:$_COOKIE['名称']
4、删除cookie:为cookie设置一个已经过期的时间,如:setcookie(名称,值,time()-1)

1.index

  1. <?php
  2. //判断是否登录
  3. if(filter_has_var(INPUT_COOKIE, 'user')){
  4.     $user = unserialize(filter_input(INPUT_COOKIE, 'user'));
  5.     //print_r($user);
  6. }
  9. ?>
  11. <!doctype html>
  12. <html lang="en">
  13. <head>
  14.     <meta charset="UTF-8">
  15.     <title>首页</title>
  16.     <link rel="stylesheet" type="text/css" href="css/index.css">
  17. </head>
  18. <body>
  19. <nav>
  20.     <a href="">首页</a>
  21.     <?php if(isset($user)): ?>
  22.     <a href="" id="logout">
  23.         <span><?php echo $user['name'] ?></span>安全退出
  24.     </a>
  25.     <?php else: ?>
  26.     <a href="login.php">登录</a>
  27.     <?php endif;?>
  29. </nav>
  31. <script>
  32.     //        为退出按钮创建事件监听器
  33.     if (document.querySelector('#logout') !== null) {
  34.         document.querySelector('#logout').addEventListener('click', function(event) {
  35.             if (confirm('是否退出')) {
  36.                 // 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理
  37.                 event.preventDefault();
  38.                 // 跳转到退出事件处理器
  39.                 window.location.assign('handle.php?action=logout');
  40.             }
  41.         });
  42.     }
  43. </script>
  45. </body>
  46. </html>

2.login

  1. <?php
  2. // 判断是否已登录?
  3. if (filter_has_var(INPUT_COOKIE, 'user')) {
  4.     exit('<script>alert("请不要重复登录");location.href="index.php"</script>');
  5. }
  6. ?>
  8. <!doctype html>
  9. <html lang="en">
  10. <head>
  11.     <meta charset="UTF-8">
  12.     <title>用户登录</title>
  13.     <link rel="stylesheet" type="text/css" href="css/style.css">
  14. </head>
  15. <body>
  16. <h3>用户登录</h3>
  17. <form action="handle.php?action=login" method="post">
  18.     <div>
  19.         <label for="email">邮箱:</label>
  20.         <input type="email" name="email" id="email" placeholder="zhangsan@email.com" required autofocus>
  21.     </div>
  23.     <div>
  24.         <label for="password">密码:</label>
  25.         <input type="password" name="password" id="password" placeholder="不少于6个字符">
  26.     </div>
  28.     <div>
  29.         <button>提交</button>
  30.     </div>
  31. </form>
  32. <a href="register.php">还没有帐号,点击注册</a>
  35. </body>
  36. </html>

3.register

  1. <!doctype html>
  2. <html lang="en">
  3. <head>
  4.     <meta charset="UTF-8">
  5.     <title>用户注册</title>
  6.     <link rel="stylesheet" type="text/css" href="css/style.css">
  7. </head>
  8. <body>
  9. <h3>用户注册</h3>
  10. <form action="handle.php?action=register" method="post" onsubmit="return compare()">
  11.     <div>
  12.         <label for="name">用户名:</label>
  13.         <input type="text" name="name" id="name" placeholder="zhangsan" required autofocus>
  14.     </div>
  16.     <div>
  17.         <label for="email">邮箱:</label>
  18.         <input type="email" name="email" id="email" placeholder="zhangsan@email.com" required>
  19.     </div>
  21.     <div>
  22.         <label for="password1">密码:</label>
  23.         <input type="password" name="password1" id="password1" placeholder="不少于6个字符">
  24.     </div>
  26.     <div>
  27.         <label for="password2">重复密码:</label>
  28.         <input type="password" name="password2" id="password2" placeholder="和上面输入一致">
  29.     </div>
  31.     <div>
  32.         <button>提交</button><span id="tips" style="color: red"></span>
  33.     </div>
  34. </form>
  35. <a href="login.php">已有帐号,点击登录</a>
  37. <script>
  38.     // 验证二次密码是否相等?JS 课堂老师复制代码少button的id
  39.     function compare() {
  40.         if (document.forms[0].password1.value.trim() !== document.forms[0].password2.value.trim()) {
  41.             document.querySelector('#tips').innerText = '二次密码不相等';
  42.             return false;
  43.         }
  44.     }
  45. </script>
  47. </body>
  48. </html>

4.handle

  1. <?php
  2. // 用户资料库, 实际项目中,应该用数据库
  3. $users = [
  4.     [
  5.         'id' => 1,
  6.         'name' => 'admin',
  7.         'email' => 'admin@php.cn',
  8.         //sha1()加密密码
  9.         'password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',
  10.     ],
  11.     [
  12.         'id' => 2,
  13.         'name' => 'dashu',
  14.         'email' => 'dashu@php.cn',
  15.         'password' => '7c4a8d09ca3762af61e59520943dc26494f8941b',
  16.     ],
  17. ];
  19. // 1. 验证请求来源的合法性
  20. // 设置合法请求地址的白名单
  21. $allowUrls = ['index.php', 'login.php', 'register.php'];
  23. // 获取当前的请求入口地址
  24. //basename():获取当前请求脚本名称
  25. $currentUrl = basename(filter_input(INPUT_SERVER, 'HTTP_REFERER'));
  27. //in_array(),判断当前请求在不在白名单
  28. if(!in_array($currentUrl, $allowUrls)){
  29.     echo '非法来源';
  30. }else{
  31.     //echo '合法来源';
  32. }
  34. // 2.进行请求分发处理
  36. //获取当前请求
  37. //echo $_GET['action'];
  38. //过滤处理, strtolower():字符串转为小写
  39. $action = strtolower(filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING));
  41. //switch判断当前请求
  43. switch($action){
  44.     //登录
  45.     case 'login':
  46.         //判断是否是POST请求?
  47.         if(filter_input(INPUT_SERVER, 'REQUEST_METHOD') === 'POST'){
  48.             //获取当前请求的值:+清理特殊字符
  49.             $email = filter_var(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL), FILTER_SANITIZE_EMAIL);
  50.             $password = sha1(filter_input(INPUT_POST, 'password'));
  51.             //echo $email, $password;
  53.             //array_filter从数组中获取满足条件的值
  54.             $results = array_filter($users, function ($user)use($email, $password){
  55.                 return $email === $user['email'] && $password === $user['password'];
  56.             });
  57.             //print_r($results);
  58.             if(count($results) === 1) {
  59.                 //判断满足条件的指令数量=1?设置cookie
  60.                 //array_pop()=$results[0]
  61.                 setcookie('user', serialize(array_pop($results)));
  62.                 //print_r(unserialize($_COOKIE['user']));
  63.                 exit('<script>alert("验证通过");location.href="index.php"</script>');
  64.             }else{
  65.                 exit('<script>alert("邮箱或密码错误,或没有帐号");location.href="register.php"</script>');
  66.             }
  67.         }else{
  68.             exit('非法请求。');
  69.         }
  70.         break;
  72.     //退出
  73.     case 'logout':
  74.         if(filter_input(INPUT_COOKIE,'user')){
  75.             setcookie('user',null,time()-3600);
  76.             exit('<script>alert("退出成功");location.href="index.php"</script>');
  77.         }
  78.         break;
  80.     //注册
  81.     case 'register':
  82.         $name = filter_var(filter_input(INPUT_POST, 'name'), FILTER_SANITIZE_SPECIAL_CHARS);
  83.         $email = filter_var(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL), FILTER_SANITIZE_EMAIL);
  84.         $password = sha1(filter_input(INPUT_POST, 'password1'));
  85.         $id = 3;
  86.         $data = compact('id', 'name', 'email', 'password');
  88.         //添加
  89.         //$users[] = $data;
  90.         //array_push($users,$data);
  91.         if(array_push($users, $data) === 1){
  92.             exit('<script>alert("注册成功");location.href="index.php"</script>');
  93.         }
  94.         print_r($users);
  95.         break;
  97.     //未定义操作
  98.     default:
  99.         exit('未定义操作');
  100. }

首页:

登录:

注册:

SESSION

1、数据保存在服务器上
2、启动session:session_start()
3、创建session:$_SESSION['名称']=值
4、使用session:$_SESSION['名称']
5、删除单个session:unset($_SESSION['名称'])
6、删除所有的session:session_unset()
7、销毁session:session_destory()
1.handle

  1. <?php
  3. session_start();
  5. if(count($results) === 1) {
  6.                 //判断满足条件的指令数量=1?设置cookie
  7.                 //array_pop()=$results[0]
  8.                 //setcookie('user', serialize(array_pop($results)));
  10.                 //session
  11.                 $_SESSION['user'] = array_pop($results);
  12.                 //print_r(unserialize($_COOKIE['user']));
  14. case 'logout':
  15.         if(isset($_SESSION['user'])){
  16.             //setcookie('user',null,time()-3600);
  17.             //session
  18.             session_destroy();
  19.             exit('<script>alert("退出成功");location.href="index.php"</script>');
  20.         }
  21.         break;

2.index

  1. <?php
  2. //判断是否登录
  3. /*if(filter_has_var(INPUT_COOKIE, 'user')){
  4.     $user = unserialize(filter_input(INPUT_COOKIE, 'user'));
  5.     //print_r($user);
  6. }*/
  8. //session
  9. //开启
  10. session_start();
  12. if(isset($_SESSION['user'])){
  13.     $user = $_SESSION['user'];
  14. }
  15. ?>

3.login

  1. // 判断是否已登录?
  2. /*if (filter_has_var(INPUT_COOKIE, 'user')) {
  3.     exit('<script>alert("请不要重复登录");location.href="index.php"</script>');
  4. }*/
  6. session_start();
  7. if($_SESSION['user']) {
  8.     exit('<script>alert("请不要重复登录");location.href="index.php"</script>');
  9. }
  11. ?>

登录验证流程图:

Correcting teacher:天蓬老师天蓬老师

Correction status:qualified

Teacher's comments:会话控制很有用, 咱们现在学的是底层, 不当框架做了封装,你很难看到底层实现了
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
0 comments
Author's latest blog post