How to use PHP for basic password-free login

In web application development, password-free login (Remember Me) is a very common function. It allows users to stay logged in for a long time after logging in without having to enter their account number and password every time. As a popular web development language, PHP provides some easy ways to achieve this function. This article will introduce how to use PHP for basic password-free login.

1. Set Cookie

In PHP, we can use the setcookie() function to set a cookie. When the user chooses to log in without a password, we can set the cookie after the user logs in successfully. Then set a cookie to save the user's login status. Here is a sample code:

// 设置cookie
setcookie('remember_me', '1', time() + 86400 * 7);

In the above code, we set a cookie named 'remember_me' with a value of '1' and a validity period of 7 days. In this way, when the user visits the website next time, we can check whether 'remember_me' exists in the cookie to determine whether the user has chosen to log in without a password.

2. Checking Cookie

Every time a user visits the website, we need to check whether 'remember_me' exists in the cookie to verify whether the user is logged in. The following is a sample code:

// 检查cookie
if (isset($_COOKIE['remember_me'])) {
    // 用户已登录
} else {
    // 用户未登录
}

In the above code, we determine whether the user is logged in by checking whether $_COOKIE['remember_me'] exists, so as to display the appropriate page to the user.

3. Keep the user logged in

When the user chooses to log in without a password, we need to save the user's login status so that the user does not need to enter the account and password again for a period of time. password. Usually, we can save a 'remember_token' to the database when the user logs in and store it in a cookie. Here is a sample code:

// 生成remember_token
$remember_token = md5(uniqid(rand(), true));

// 保存remember_token到数据库
$query = "UPDATE users SET remember_token = '{$remember_token}' WHERE id = '{$user_id}'";
mysqli_query($conn, $query);

// 设置cookie
setcookie('remember_token', $remember_token, time() + 86400 * 7);

In the above code, we generate a unique remember_token and save it to the database. We then save the remembered token to the user's cookie.

4. Restore user login status

When the user visits the website again, we need to check whether remember_token exists in the cookie and find the matching user in the database. If the user is found, the user is set to logged in status. Here is a sample code:

// 检查cookie中的remember_token
if (isset($_COOKIE['remember_token'])) {
    // 查询数据库中匹配的用户
    $query = "SELECT * FROM users WHERE remember_token = '{$_COOKIE['remember_token']}'";
    $result = mysqli_query($conn, $query);
    $user = mysqli_fetch_assoc($result);

    // 如果找到用户，则将用户设置为已登录状态
    if ($user) {
        $_SESSION['user_id'] = $user['id'];
        // 更新remember_token，防止被恶意利用
        $new_remember_token = md5(uniqid(rand(), true));
        $query = "UPDATE users SET remember_token = '{$new_remember_token}' WHERE id = '{$user['id']}'";
        mysqli_query($conn, $query);
        // 更新cookie
        setcookie('remember_token', $new_remember_token, time() + 86400 * 7);
    }
}

In the above code, we check the remember_token in the cookie and find matching users from the database. If a user is found, we set the user to logged in and update the remember_token to avoid malicious use.

Summary

In this article, we introduced how to use PHP for basic password-free login. This is a very common web application feature and care should be taken to ensure security and legality when implemented. We recommend that readers refer to this article when implementing it, but should make appropriate modifications and adjustments according to the specific situation.

The above is the detailed content of How to use PHP for basic password-free login. For more information, please follow other related articles on the PHP Chinese website!