Correction status:Uncorrected
Teacher's comments:
目录结构如下:
此案例中cookie与session代码大同小异,下面以session代码演示
index.php:
<?php session_start(); $page_title = '首页'; //导入头部 include ('inc/header.php'); echo '<h2 style="color:red">首页</h2>'; //登录检测 if (isset($_SESSION['user_id']) && basename($_SERVER['PHP_SELF']) != 'logut.php') { echo '<a href="logout.php">退出登录</a>'; } else { echo '<a href="login.php">登录</a>'; } //导入底部 include ('inc/footer.php');
login.php:
<?php /* *登录页面 */ $page_title = '用户登录'; //导入头部 include ('inc/header.php'); // echo '<h2 style="color:red">首页</h2>'; ?> <h2 style="color: red">用户登录</h2> <form action="checklogin.php" method="post"> <p> <label for="email">邮箱: <input type="email" name="email" id="email" value=""> </label> </p> <p> <label for="password">邮箱: <input type="password" name="password" id="password" value=""> </label> </p> <p> <button type="submit" name="submit" id="submit">登录</button> </p> </form> <?php //导入底部 include ('inc/footer.php'); ?>
logout.php:
<?php session_start(); if (!isset($_SESSION['user_id'])){ require ('inc/function.php'); redirect_user(); } else { // setcookie('user_id','',time()-3600); // setcookie('user_name','',time()-3600); $_SESSION = []; session_destroy(); setcookie('PHPSESSID','',time()-3600); } $page_title = '退出成功'; //加载头部 include ('inc/header.php'); //打印欢迎信息 echo <<<"WELCOME" <h2 style="color:red">退出成功</h2> <p><a href="login.php">登录</a></p> WELCOME; //加载底部 include ('inc/footer.php');
checklogin.php
<?php session_start(); if ($_SERVER['REQUEST_METHOD'] == 'POST'){ //加载公共函数库 require('inc/function.php'); //连接数据库 require ('inc/connect.php'); //验证登录 list($check,$data) = check_login($dbc, $_POST['email'],$_POST['password']); //验证通过 if ($check) { //设置cookie // setcookie('user_id', $data['user_id']); // setcookie('user_name', $data['user_name']); $_SESSION['user_id'] = $data['user_id']; $_SESSION['user_name'] = $data['user_name']; //跳转成功页面 redirect_user('loggedin.php'); } else { $errors = $data; } //关闭连接 mysqli_close($dbc); } //加载 include ('login.php');
loggedin.php:
<?php session_start(); //用户未登录验证 if (!isset($_SESSION['user_id'])){ require ('inc/function.php'); redirect_user(); } $page_title = '已登录'; //加载头部 include ('inc/header.php'); //打印欢迎信息 echo <<<"WELCOME" <h2 style="color:red">登录成功</h2> <p>欢迎您:{$_SESSION['user_name']}</p> <p><a href="logout.php">退出登录</a></p> WELCOME; //加载底部 include ('inc/footer.php');
inc目录下文件
connect.php
<?php define('DB_HOST','localhost'); define('DB_USER','root'); define('DB_PASS','root'); define('DB_NAME','php'); define('DB_CHAR','utf8'); $dbc = @mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); if (mysqli_connect_errno($dbc)) { echo '连接失败'.mysqli_connect_error($dbc); } mysqli_select_db($dbc, DB_NAME); mysqli_set_charset($dbc, DB_CHAR);
footer.php
<h3>公共底部</h3> </body> </html>
function.php
<?php //用户自定义跳转地址 function redirect_user($page='index.php') { //默认地址 $url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); //去掉右侧的/,\ $url = rtrim($url, '/\\'); //生成自定义跳转地址 $url .= '/'.$page; //跳转自定义地址 header('Location:'. $url); exit(); } function check_login($dbc, $email='', $password='') { //创建错误信息数组 $errors = []; //验证邮箱 if (empty($email)){ $errors[] = '请输入邮箱'; } else { $e = mysqli_real_escape_string($dbc,trim($email)); } //验证密码 if (empty($password)){ $errors[] = '请输入密码'; } else { $p = mysqli_real_escape_string($dbc,trim($password)); } if (empty($errors)) { $sql = "SELECT `user_id`,`user_name` FROM `user` WHERE `email`='$e' AND `password`=sha1('$p')"; $res = mysqli_query($dbc,$sql); if (mysqli_num_rows($res) == 1) { $rows = mysqli_fetch_array($res, MYSQLI_ASSOC); // echo '<pre>'; // print_r($rows);die(); return [true, $rows]; } else { $errors[] = '邮箱或密码错误,请重新输入'; } } return [false, $errors]; }
header.php
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title> <?php echo isset($page_title) ? $page_title : '默认标题'; ?> </title> </head> <body> <h3>公共头部</h3>