We have introduced several PHP functional skills before. From now on, we will make full use of the combination of these skills to build a powerful website. Later, we will successively introduce how to apply some advanced and basic skills in the website.
Build a For a good website, the user login authentication function is indispensable. Likewise, here I am only introducing ideas and methods, and will not list the steps step by step.
First of all, you need a user information recorder. The content of the database should at least include name and password. Naturally, corresponding fields can be added to the database as needed.
In order for the database to have information, there must be a registration process. By registering, users can save information into the database. Register The implementation of the program is very simple. It just issues instructions to store in the database. It will not be described here. What I want to point out here is that for the sake of user data security, it is best to encrypt the user's password and the database. The same name should not appear, otherwise it will be confusing.
The focus of the following introduction is the implementation of user login and logout. The user login function can be completed using sessions and cookies. What I want to introduce here is how to use cookies. To complete this function.
In fact, the entire process of user login is very simple to understand. The program compares the name and password entered by the user with the information stored in the database. If the database has the user's information, it will be passed. If not, the user will be rejected. .
Let’s take a look at the workflow of the login program login.php:
When the user submits information to login,php,login.php, it will be processed as follows:
$passwd=md5($passwd);
$result=mysql_query("select * from user where name='$name' and passwd='$passwd'");
The reason why the password needs to be processed by md5 is because the database is stored in md5 encryption Password, determine whether the user exists. If it does not exist or the password is incorrect, some warnings will be given to the user. If the user's information exists, the user's information can be set as a cookie value, as follows:
setcookie(" cookiename",$name,time()+18000,"","/");
setcookie("cookiepasswd",$passwd,time()+18000,"","/");
if If you are worried about security issues caused by users forgetting to log out, remove the time setting:
setcookie("cookiename",$name,"","/");
setcookie("cookiepasswd",$passwd, "","/");
In this way, when the user closes the browser, the cookie setting will be invalid, which means that the user must log in again the next time he comes! Although with this, closing the browser will disable the cookie The security function has failed, but a user logout function is still needed for security. The logout function is a function that invalidates the cookies that record user information. It is very simple to complete this function. You only need to set the time to -1 and put Just leave the cookie variable blank:
logout.php:
setcookie('cookiename',"",time()-1,'/',"");
setcookie('cookiepasswd'," ",time()-1,'/',"");
$cookiename="";
$cookiepasswd="";
In this way, a complete user authentication function is completed.