Correction status:qualified
Teacher's comments:
<?php $dbc=mysqli_connect('127.0.0.1','root','5201314','php'); if(mysqli_connect_error()){ die('连接失败'.mysqli_connect_error()); }
点击 "运行实例" 按钮查看在线实例
<?php function redirect_user($page='index.php'){ $url='http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); $url=trim($url,'/\\'); $url.='/'.$page; header('Location:'.$url); exit(); } function check_login($dbc,$email='',$password){ $errors=[]; if(empty($email)){ $errors[]='邮箱不能为空'; }else{ $e=mysqli_real_escape_string($dbc,trim($email)); } if(empty($password)){ $errors[]='密码不能为空'; }else{ $p=mysqli_real_escape_string($dbc,trim($password)); } if(empty($errors)){ $sql="select `user_id`,`user_name` from `user` where `email`='$e' and `password`=sha1('$p')"; $res=mysqli_query($dbc,$sql); if(mysqli_num_rows($res) == 1){ $row=mysqli_fetch_array($res,MYSQLI_ASSOC); return [true,$row]; }else{ $errors[]='邮箱或密码错误,请重新输入'; } } return [false,$errors]; }
点击 "运行实例" 按钮查看在线实例
<!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Document</title> </head> <body> <h2>公共头部</h2>
点击 "运行实例" 按钮查看在线实例
<?php include 'public/header.php'; echo '<h2>首页</h2>'; if(isset($_COOKIE['id'])&&basename($_SERVER['PHP_SELF']) !='logout.php'){ echo '<a href="logout.php">退出</a>'; }else{ echo '<a href="login.php">登录</a>'; } include 'public/footer.php'; ?>
点击 "运行实例" 按钮查看在线实例
<?php include 'public/header.php'; ?> <h2>用户登录</h2> <form action="logincheck.php" method="post"> <p> <label for="email">邮箱:</label> <input type="email" name="email" id="email" value=""> </p> <p> <label for="password">密码:</label> <input type="password" name="password" id="password" value=""> </p> <p> <button type="submit" name="submit" id="submit">登录</button> </p> </form> <?php include 'public/footer.php'; ?>
点击 "运行实例" 按钮查看在线实例
<?php if($_SERVER['REQUEST_METHOD']=='POST'){ require 'public/connect.php'; require 'public/function.php'; list($check,$data)=check_login($dbc,$_POST['email'],$_POST['password']); if($check){ setcookie('user_id',$data['user_id']); setcookie('user_name',$data['user_name']); redirect_user('logined.php'); }else{ $errors=$data; } }
点击 "运行实例" 按钮查看在线实例
<?php if(!isset($_COOKIE['user_id'])){ require 'public/function.php'; redirect_user(); } include 'public/header.php'; echo <<< "WELCOME" <h2>登录成功</h2> <p>欢迎您:亲爱的{$_COOKIE['user_name']}</p> <p><a href="logout.php">退出</a></p> WELCOME; include 'public/footer.php';
点击 "运行实例" 按钮查看在线实例
<?php if (!isset($_COOKIE['user_id'])){ require 'public/function.php'; redirect_user(); }else{ setcookie('user_id','',time()-3600); setcookie('user_name','',time()-3600); } echo <<<"WELCOME" <h2>退出成功</h2> <p><a href="login.php">登录</a></p> WELCOME; include 'public/footer.php';
点击 "运行实例" 按钮查看在线实例
session
<?php $dbc=mysqli_connect('127.0.0.1','root','5201314','php'); if(mysqli_connect_error()){ die('连接失败'.mysqli_connect_error()); }
点击 "运行实例" 按钮查看在线实例
<?php function check_login($dbc,$email='',$password){ $errors=[]; if(empty($email)){ $errors[]='邮箱不能为空'; }else{ $e=mysqli_real_escape_string($dbc,trim($email)); } if(empty($password)){ $errors[]='密码不能为空'; }else{ $p=mysqli_real_escape_string($dbc,trim($password)); } if(empty($errors)){ $sql="select `user_id`,`user_name` from `user` where `email`='$e' and `password`=sha1('$p')"; $res=mysqli_query($dbc,$sql); if(mysqli_num_rows($res) == 1){ $row=mysqli_fetch_array($res,MYSQLI_ASSOC); return [true,$row]; }else{ $errors[]='邮箱或密码错误,请重新输入'; } } return [false,$errors]; } function redirect_user($page='index.php'){ $url='http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); $url=trim($url,'/\\'); $url.='/'.$page; header('Location:'.$url); exit(); }
点击 "运行实例" 按钮查看在线实例
<!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Document</title> </head> <body> <h2>公共头部</h2>
点击 "运行实例" 按钮查看在线实例
<?php //启动会话 session_start(); //导入页面的公共头部 include 'public/header.php'; echo '<h2>首页</h2>'; //判断用户是否登录? if(isset($_SESSION['id'])&&basename($_SERVER['PHP_SELF']) !='logout.php'){ echo '<a href="logout.php">退出</a>'; }else{ echo '<a href="login.php">登录</a>'; } //导入页面的公共底部 include 'public/footer.php'; ?>
点击 "运行实例" 按钮查看在线实例
<?php include 'public/header.php'; ?> <h2>用户登录</h2> <form action="logincheck.php" method="post"> <p> <label for="email">邮箱:</label> <input type="email" name="email" id="email" value=""> </p> <p> <label for="password">密码:</label> <input type="password" name="password" id="password" value=""> </p> <p> <button type="submit" name="submit" id="submit">登录</button> </p> </form> <?php include 'public/footer.php'; ?>
点击 "运行实例" 按钮查看在线实例
<?php //启动会话 session_start(); if($_SERVER['REQUEST_METHOD']=='POST'){ //加载函数库 require 'public/connect.php'; //连接数据库 require 'public/function.php'; //验证登录 list($check,$data)=check_login($dbc,$_POST['email'],$_POST['password']); //检测是否验证通过 if($check) { //设置session $_SESSION['user_id']=$data['user_id']; $_SESSION['user_name']=$data['user_name']; //跳转 redirect_user('logined.php'); }else{ $errors=$data; } //关闭 mysqli_close($dbc); }
点击 "运行实例" 按钮查看在线实例
<?php //启动会话 session_start(); //判断用户是否登录? if(!isset($_SESSION['user_id'])){ require 'public/function.php'; redirect_user(); } //导入页面的公共头部 include 'public/header.php'; echo <<< "WELCOME" <h2>登录成功</h2> <p>欢迎您:亲爱的{$_SESSION['user_name']}</p> <p><a href="logout.php">退出</a></p> WELCOME; //导入页面的公共底部 include 'public/footer.php';
点击 "运行实例" 按钮查看在线实例
<?php session_start(); //判断用户是否登录? if (!isset($_SESSION['user_id'])){ require 'public/function.php'; redirect_user(); }else{ session_destroy(); setcookie('PHPSESSID','',time()-3600); } echo <<<"WELCOME" <h2>退出成功</h2> <p><a href="login.php">登录</a></p> WELCOME; //导入页面的公共底部 include 'public/footer.php';
点击 "运行实例" 按钮查看在线实例
cookie与session优缺点
1、cookie数据存放在kehu的浏览器上,session数据放在服务器上。
2、cookie不是很安全,别人可以分析存放在本地的cookie并进行cookie欺骗,考虑到安全应当使用session。
3、session会在一定时间内保存在服务器上。当访问增多,会比较占用你服务器的性能,考虑到减轻服务器性能方面,应当使用cookie。
4、单个cookie保存的数据不能超过4K,很多浏览器都限制一个站点最多保存20个cookie。
5、可以考虑将登陆信息等重要信息存放为session,其他信息如果需要保留,可以放在cookie中。