cookie session——2018年4月21日

php利用cookie和session 实现用户登录.使用session要在开始加session_start()

inc/connect.php

实例

<?php
define('DB_HOST', 'localhost');
define('DB_USER', 'root');
define('DB_PASS', 'root');
define('DB_NAME', 'user');
define('DB_CHAR', 'utf8');

$dbc=mysqli_connect(DB_HOST,DB_USER,DB_PASS,DB_NAME);
if (mysqli_connect_errno($dbc)) {
	echo "connect failed".mysqli_connect_errno;
}

mysqli_select_db($dbc,DB_NAME);
mysqli_set_charset($dbc,DB_CHAR);

inc/header.php

实例

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>
		<?php
			echo isset($page_title)? $page_title:'default title';
		?>
	</title>
</head>
<body>
	<h3>公共头部</h3>

inc/footer.php

实例

	<h3>公共底部</h3>
</body>
</html>

inc/function.php

实例

<?php

// 页面跳转
function redirect_user($page='index.php'){
	// url
	$url='http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
	$url=rtrim($url,'/\\');

	$url.='/'.$page;

	header('Location:'.$url);
	exit();
}

// 用户登录验证
function check_login($dbc,$email='',$password=''){
	// 记录错误信息
	$errors=[];

	if (empty($email)){
		$errors[]='邮箱不能为空';
	} else {
		$e=mysqli_real_escape_string($dbc,trim($email));
	}

	if (empty($password)) {
		$errors[]='密码不为空';
	} else {
		$p=mysqli_real_escape_string($dbc,trim($password));
	}

	if (empty($errors)) {
		// 查询
		$sql="SELECT `user_id`,`user_name` FROM `php` WHERE `email`='$e' AND `password`='$p'";
		$res=mysqli_query($dbc,$sql);
		echo mysqli_error($dbc);
		
		if (mysqli_num_rows($res) == 1) {
			$row=mysqli_fetch_array($res,MYSQLI_ASSOC);

			return [true,$row];
		} else {
			$errors[]='邮箱密码不正确';
		}
	}

	return [false,$errors];
}

index.php

实例

<?php
$page_title='首页';
include('inc/header.php');
echo '<h2 style="color:red">我是首页</h2>';

if (isset($_COOKIE['user_id']) && basename($_SERVER['PHP_SELF']) !='logout.php') {
	echo '<a href="logout.php">退出</a>';
} else {
	echo '<a href="login.php">登录</a>';
}

include('inc/footer.php');

login.php

实例

<?php

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
	require ('inc/function.php');
	require ('inc/connect.php');

	list($check,$data)=check_login($dbc,$_POST['email'],$_POST['password']);
	
	
	if ($check) {
		setcookie('user_id',$data['user_id']);
		setcookie('user_name',$data['user_name']);

		redirect_user('loginedin.php');
	} else {
		$errors=$data;
	}

	mysqli_close($dbc);
}



include('login_page.php');

login_page.php

实例

<?php

$page_title='用户登录';

include('inc/header.php');

// error msg
if (isset($errors) && !empty($errors)) {
	$errors_msg='<p style="color:red">';
	foreach ($errors as $msg) {
		$errors_msg.=$msg.'<br>';
	}
	echo $errors_msg.'</p>';
}
?>
<h2 style="color: red">用户登录</h2>
<form action="login.php" method="POST">
	<p>
		<label for="email">邮箱：</label>	
		<input type="email" name="email" id="email" value="<?php echo isset($_POST['email'])?$_POST['email']:'' ?>">
	</p>

	<p>
		<label for="password">密码：</label>
		<input type="password" name="password" id="password" value="<?php echo isset($_POST['password'])?$_POST['password']:'' ?>">
	</p>
	<p><button type="submit" name="submit" id="submit">登录</button></p>
</form>
<?php include ('inc/footer.php'); ?>

loginedin.php

实例

<?php

if (!isset($_COOKIE['user_id'])) {
	require('inc/function.php');
	echo $_COOKIE['user_id'];
	redirect_user();
}

$page_title='已经登录';
include ('inc/header.php');

echo <<<"WELCOME"
<h2 style="color:red">登录成功</h2>
<p>欢迎你：{$_COOKIE['user_name']}</p>
<p><a href="logout.php">退出</a></p>
WELCOME;

include ('inc/footer.php');

logout.php

实例

<?php

if (!isset($_COOKIE['user_id'])) {
	require ('inc/function.php');

	redirect_user();
} else {
	setcookie('user_id','',time()-3600);
	setcookie('user_name','',time()-3600);
}

$page_title='退出登录';
include('inc/header.php');

echo <<< "WELCOME"
<h2 style="color:red">退出成功</h2>
<p><a href="login.php">登录</a></p>
WELCOME;

include ('inc/footer.php');

-----------------------

session

index.php

实例

<?php
session_start();
$page_title='首页';
include('inc/header.php');
echo '<h2 style="color:red">我是首页</h2>';

if (isset($_SESSION['user_id']) && basename($_SERVER['PHP_SELF']) !='logout.php') {
	echo '<a href="logout.php">退出</a>';
} else {
	echo '<a href="login.php">登录</a>';
}

include('inc/footer.php');

login.php

实例

<?php
session_start();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
	require ('inc/function.php');
	require ('inc/connect.php');

	list($check,$data)=check_login($dbc,$_POST['email'],$_POST['password']);
	
	
	if ($check) {
		$_SESSION['user_id']=$data['user_id'];
		$_SESSION['user_name']=$data['user_name'];

		redirect_user('loginedin.php');
	} else {
		$errors=$data;
	}

	mysqli_close($dbc);
}



include('login_page.php');

loginedin.php

实例

<?php
session_start();
if (!isset($_SESSION['user_id'])) {
	require('inc/function.php');
	echo $_SESSION['user_id'];
	// redirect_user();
}

$page_title='已经登录';
include ('inc/header.php');

echo <<<"WELCOME"
<h2 style="color:red">登录成功</h2>
<p>欢迎你：{$_SESSION['user_name']}</p>
<p><a href="logout.php">退出</a></p>
WELCOME;

include ('inc/footer.php');

logout.php

实例

<?php
session_start();
if (!isset($_SESSION['user_id'])) {
	require ('inc/function.php');
	redirect_user();
} else {
	$_SESSION=[];
	session_destroy();
	setcookie('PHPSESSID','',time()-3600);
}

$page_title='退出登录';
include('inc/header.php');

echo <<< "WELCOME"
<h2 style="color:red">退出成功</h2>
<p><a href="login.php">登录</a></p>
WELCOME;

include ('inc/footer.php');