PHP native development of backend login function for news site

Our previous courses introduced you to all the preparations before making the login function, importing templates, and creating databases. Previous courses did not complete these preparations, so the next step is for us to start making the login function. !

First we need to create a login.php file. This file can be used to write the judgment and verification of the login page. It can also write the html part of the login and the php file of the login verification judgment together, because we all Know that html code can be written in php files! But we still recommend writing them separately!

After creating the login.php file, the first thing to do is to connect to the database, because subsequent verifications need to be compared with the data!

I would like to state here that if your login page has a verification code, then session_start() must be turned on at the beginning of each page; otherwise the verification code cannot be verified. We are here There is a verification code, so I turned on session_start();

The code is as follows:

<?php
session_start();
// 连接mysql数据库
$link = mysqli_connect('localhost', 'root', 'root');
if (!$link) {
    echo "connect mysql error!";
    exit();
}
// 选中数据库 news为数据库的名字
$db_selected = mysqli_select_db($link, 'news');
if (!$db_selected) {
    echo "<br>selected db error!";
    exit();
}
// 设置mysql字符集 为 utf8
$link->query("set names utf8");

The next step is to get the data passed by the form, because we We need to obtain the username and password that the user entered into the form, and then compare them with the database to see if they are completely consistent!

<?php
$username = $_POST['username'];//获取用户名
$password = $_POST['password'];//获取密码
$code = $_POST['code'];

As for whether to transmit data by post or by get, this depends on the method attribute in your form. This is our post!

The data has been obtained, then it needs to be verified to see if the data entered by the user is completely consistent with the data in the database. Only in this way can it be judged whether the user can log in and query using SQL statements. The code As follows:

<?php
if(!empty($_POST)){
    // 查询数据库中是否存在用户信息
    $sql = "select * from user where username = '{$username}' and password = '{$password}'";
    $result = mysqli_query($link,$sql);
    $user = mysqli_fetch_array($result,MYSQL_ASSOC);}

After querying the data, compare the two sets of data:

if($user){
    header("Location: index.php");
}else{
    echo "<script>alert('账户或者密码错误！重新填写')</script>";
}

So far we have verified the user name and password, so we have the verification code, so we We also need to verify the verification code. Here I use a verification code class

code.zip

here Also share it with everyone!

Then we need to verify the verification code. The code is as follows:

if(($_SESSION['authcode']) !== ($code)){               //验证码作对比，验证码页面跟输入的验证码对比
    echo "<script>alert('验证码错误！重新填写')</script>";

Explanation: $_SESSION['authcode'] here is the verification code saved in the code verification code class. We It needs to pass the verification of user input and saving. If the results are consistent, it will pass!

OK! Our login function is complete here!