Community Learn Tools Library Leisure
search
English
Home > List of blog posts > 使用session完成用户跟踪
Blogger Information
Blog 13
fans 0
comment 7
visits 17258
Special Recommendation
More>
Related recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
使用session完成用户跟踪
ccc9112020
Original
863 people have browsed it

cookie,session,token,是用户认证和跟踪的三个主要工具。
cookie存储在浏览器端,安全性比较低,由用户控制。
session存储在服务器端,主要基于cookie。
而token在现在的移动端非常常见。
下面简单演示session的用户跟踪。

一个网站下面有index.php,login.php,check.php三个文件。

check.php:

  1. <?php
  3. $pdo=new PDO('mysql:host=localhost;dbname=phplesson','root','root');
  4. $stmt=$pdo->prepare('SELECT username,password,id FROM adminuser');
  5. $stmt->execute();
  6. $users=$stmt->fetchAll(PDO::FETCH_ASSOC);
  7. extract($_POST);
  9. var_dump($_POST);
  11. $users=array_filter($users,function($user) use ($username,$password){
  12.     return $username===$user['username'] && $password === $user['password'];
  13. });
  15. // die($users);
  17. // print_r($users);
  19. // print_r($user);
  20. if(count($users)===1){
  21.     echo "成功登陆";
  22.     setcookie('username','',time()-3600);
  23.     setcookie('auth','',time()-3600);
  24.     if(!empty($auto_login)){
  25.         setcookie('username',$username,strtotime("+7days"));
  26.         $salt="phplesson";
  27.         $auth=md5($username.$password.$salt).",".$users[0]['id'];
  28.         setcookie('auth',$auth,strtotime("+7days"));
  29.     }else{
  30.         setcookie('username',$username);
  31.     }
  32.     exit("
  33.         <script>
  34.             alert('登陆成功');
  35.             location.href='index.php';
  36.         </script>
  37.     ");
  38. }else{
  39.     exit("
  40.         <script>
  41.             alert('登陆不成功');
  42.             location.href='login.php';
  43.         </script>
  44.     ");
  45. }

login.php

  1. <?php
  2.     if(isset($_GET['action'])&&$_GET['action']=='logout'){
  3.         setcookie("username",);
  4.         setcookie("auth","",time()-3600);
  5.     }
  6. ?>
  8. <!DOCTYPE html>
  9. <html lang="">
  10. <head>
  11.     <meta charset="UTF-8">
  12.     <meta name="viewport" content="width=device-width, initial-scale=1.0">
  13.     <title>后台登录</title>
  14.     <style>
  15.         *{
  16.             margin:0;
  17.             padding: 0;
  18.             box-sizing: border-box;
  19.         }
  20.         h2{
  21.             margin-top: 1em;
  22.             text-align: center;
  23.         }
  24.         h2>button{
  25.             background-color: lightgreen;
  26.             padding: 3px;
  27.             border:none;
  28.             border-radius: 3px;
  29.         }
  30.         form{
  31.             display: grid;
  32.             width: 20em;
  33.             /* auto可以自动占据空间实现居中 */
  34.             margin:2em auto;
  35.             background-color: lightblue;
  36.             padding: 1em;
  37.             grid-template-columns: 5em 10em;
  38.             place-content: center;
  39.             gap:1em 0;
  40.             border:3px solid #ccc;
  41.         }
  42.         form>.auto-login{
  43.             color:#333333;
  44.             font-size: 12px;
  45.             display: flex;
  46.             justify-content: space-evenly;
  47.             padding: 0.3em;
  48.             margin-left: -1em;
  49.             align-items: center;
  50.         }
  51.         form>button{
  52.             grid-area: auto/2/auto/span 1;
  53.             background-color: lightgreen;
  54.             border:none;
  55.             font-size: 1.2em;
  56.             letter-spacing: 0.5em;
  57.         }
  58.         form>button:hover{
  59.             color:#333334;
  60.             background-color: greenyellow;
  61.         }
  62.     </style>
  63. </head>
  64. <body>
  65.         <h2>后台用户登录&nbsp;&nbsp;&nbsp;<button>我要注册</button></h2>
  66.         <form action="check.php" method="post">
  67.             <label for="username">用户名:</label>
  68.             <input type="text" name="username" id="username" placeholder="用户名">
  69.             <label for="password">密码:</label>
  70.             <input type="password" name="password" id="password">
  71.             <div class="auto-login">
  72.                 <input type="checkbox" name="auto_login" id="auto-login">
  73.                 <label for="auto-login">自动登录</label>
  74.             </div>
  75.             <button>登录</button>
  76.         </form>
  77. </body>
  78. </html>

index.php

  1. <?php
  3. if(!isset($_COOKIE['username'])){
  4.     exit("
  5.     <Script>
  6.         alert('请先登录');
  7.         location.href='login.php';
  8.     </Script>
  9.     ");
  10. }
  12. if(isset($_COOKIE['auth'])){
  13.    $auth=$_COOKIE['auth'];
  14.    $authArr=explode(",",$auth);
  15.    $is_auth=$authArr[0];
  16.    $id=end($authArr);
  18.    $pdo=new PDO('mysql:host=localhost;dbname=phplesson','root','root');
  19.    $stmt=$pdo->prepare('SELECT username,password,id FROM adminuser WHERE id=?');
  20.    $stmt->execute([$id]);
  21.    $user=$stmt->fetch(PDO::FETCH_ASSOC);
  22.    if($stmt->rowCount()==1){
  23.         $username=$user['username'];
  24.         $password=$user['password'];
  25.         $salt='phplesson';
  26.         $auth=md5($username.$password.$salt);
  28.         if($auth!=$is_auth){
  29.             exit("
  30.             <Script>
  31.                 alert('请您先登录');
  32.                 location.href='login.php';
  33.             </Script>
  34.             ");
  35.         }
  37.    }else{
  38.         exit("
  39.         <Script>
  40.             alert('请您先登录');
  41.             location.href='login.php';
  42.         </Script>
  43.         ");
  44.    }
  45. }
  47. ?>
  49. <!DOCTYPE html>
  50. <html lang="">
  51. <head>
  52.     <meta charset="UTF-8">
  53.     <meta name="viewport" content="width=device-width, initial-scale=1.0">
  54.     <title>后台管理系统</title>
  55.     <style>
  56.         header{
  57.             width: 100%;
  58.             height: 4em;
  59.             display: flex;
  60.             justify-content: space-between;
  61.             background-color: lightblue;
  62.             padding-right:1em;
  63.         }
  64.         header>.logo{
  65.             padding: 1em 1em;
  66.         }
  68.         header>.user-status{
  69.             width: 6em;
  70.             padding: 1em;
  71.             position: relative;
  72.         }
  73.         header>.user-status>.islogin{
  74.             position: absolute;
  75.             width: 100%;
  76.             height: 100%;
  77.         }
  78.         header>.user-status>.unlogin{
  79.             width: 100%;
  80.             height: 100%;
  81.             position: absolute;
  82.         }
  83.         header>.user-status>*{
  84.             display: flex;
  85.             justify-content: space-evenly;
  86.         }
  87.         header>.user-status>*.unactive{
  88.             display: none;
  89.         }
  90.         .container{
  91.             text-align: center;
  92.             margin:2em;
  93.             font-size: 3em;
  94.         }
  95.     </style>
  96. </head>
  97. <body>
  98.     <header class="header">
  99.         <div class="logo">
  100.             简书后台
  101.         </div>
  102.         <div class="user-status">
  104.             <div class="islogin">
  105.                 <div class="username">
  106.                 <?php  echo $_COOKIE['username']; ?>
  107.                 </div>
  108.                 <div class="logout" id="logout">
  109.                     退出
  110.                 </div>  
  111.             </div>
  112.         </div>
  113.     </header>
  115.     <div class="container">
  116.         hello,欢迎你啊,<?php  echo $_COOKIE['username']; ?>同学!   
  117.     </div>
  119.     <script>
  120.     document.querySelector('#logout').addEventListener('click',(ev)=>{
  121.         if(confirm('是否退出')){
  122.             window.location.assign("login.php?action=logout");
  123.         }
  124.     },false);
  125.     </script>
  126. </body>
  127. </html>

效果图:

但是并没有看到老师界面的PHPSESSID,这不是很明白。当然了,基本功能并没有受影响。

Correcting teacher:灭绝师太灭绝师太

Correction status:qualified

Teacher's comments:
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
1 comments
灭绝师太 2020-12-04 14:29:05
1. isset($_COOKIE['auth'])&&!empty($_COOKIE['auth']),这样判断auth是否存在就更严谨了,有且不为空 2. PHPSESSID需要启用session才有~
1 floor
Author's latest blog post