掌握cookie和session的回话流程:登录:login.php——>验证:check.php——>后台页面:admin.php——>退出登录:logout——>退出成功后返回到登录界面:login.php.
cookie(没有使用bootstrap美化):
login.php:
实例
<?php
if (isset($_COOKIE['username']) && $_COOKIE['username'] === 'admin'):
?>
<script>alert('您已经登录了,请不要重复登录');location.assign('admin.php');</script>
<?php endif; ?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>用户登录</title>
</head>
<body>
<h3>用户登录</h3>
<form action="check.php" method="post" onsubmit="return isEmpty();">
<P>
<label for="email">邮箱:</label>
<input type="email" name="email" id="email">
</P>
<P>
<label for="password">提交:</label>
<input type="password" name="password" id="password">
</P>
<p>
<button>提交</button>
</p>
</form>
<script>
// onsubmit: 表单提交前进行验证, 默认返回true
function isEmpty() {
var email = document.getElementById('email').value;
var password = document.getElementById('password').value;
// 用if 语句来做非空验证函数
// if (email.length === 0 || password.length === 0) {
// alert('邮箱或密码不能为空');
// return false;
// }
if (email.length ===0) {
alert('邮箱不能为空');
if (password.length === 0 ) {
alert('密码不能为空');
}
return false;
}
}
</script>
</body>
</html>运行实例 »
点击 "运行实例" 按钮查看在线实例
check.php:
实例
<?php
if (isset($_COOKIE['username']) && $_COOKIE['username'] === 'admin') {
echo '<script>alert(\'您已经登录了,请不要重复登录\');location.assign("admin.php");</script>';
}
//j检查是否获得提交数据
//print_r($_POST);
//连接数据库
require __DIR__ . '/inc/connect.php';
//var_dump($pdo);
//获取数据,并创建新变量
$email = $_POST['email'];
$password = sha1($_POST['password']);
//var_dump($email,$password);
//用user表进行验证
$sql = 'SELECT * FROM `user` WHERE `email`=:email AND `password`=:password LIMIT 1';
//创建SQL语句模板对象,预处理对象
$stmt = $pdo->prepare($sql);
//执行,execute()内为数据绑定
$stmt->execute(['email'=>$email, 'password'=>$password]);
//fetch(): 成功返回数组,失败返回false
$user = $stmt->fetch(PDO::FETCH_ASSOC);
//var_dump($user);
if (false === $user) {
//登录失败
echo '<script>alert("登录失败,请检查"); location.href="login.php";</script>';
//终止当前脚本
die; //exit; exit();
}
//登录成功,将用户信息写入cookie
setcookie('username',$user['username']);
echo '<script>alert(\'登录成功\'); location.assign("admin.php");</script>';运行实例 »
点击 "运行实例" 按钮查看在线实例
admin.php:
实例
<?php
if (isset($_COOKIE['username']) && $_COOKIE['username'] === 'admin'):
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>后台首页</title>
</head>
<body>
<h1>后天首页</h1>
<p>
<?php echo $_COOKIE['username'] ?>
</p>
<p>
<a href="logout.php">退出</a>
</p>
</body>
</html>
<?php else: ?>
<script>alert('请先登录');location.assign('login.php');</script>;
<?php endif ?>运行实例 »
点击 "运行实例" 按钮查看在线实例
logout.php:
实例
<?php
//必须在已经登录的情况下,才能进行退出登录的操作.
//isset():判断当前变量是否存在
if (isset($_COOKIE['username']) && $_COOKIE['username'] === 'admin') {
//退出
setcookie('username',null,time()-3600);
echo '<script> alert(\'退出成功\');location.assign("login.php");</script>';
} else {
echo '<script> alert(\'请先登录\');location.assign("login.php");</script>';
}运行实例 »
点击 "运行实例" 按钮查看在线实例
session改写:
实例
<?php
//开启回话
session_start(); //向cookie中写入session_id:PHPSESSID
if (isset($_SESSION['username']) && $_SESSION['username'] === 'admin'):
?>
<script>alert('您已经登录了,请不要重复登录');location.assign('admin.php');</script>
<?php endif; ?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<link rel="stylesheet" href="static/css/bootstrap.css">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>用户登录</title>
</head>
<body>
<h3>用户登录</h3>
<form action="check.php" method="post" onsubmit="return isEmpty();">
<!-- <P>-->
<!-- <label for="email">邮箱:</label>-->
<!-- <input type="email" name="email" id="email">-->
<!-- </P>-->
<!-- <P>-->
<!-- <label for="password">密码:</label>-->
<!-- <input type="password" name="password" id="password">-->
<!-- </P>-->
<p>
<label class="input-group">
<span class="input-group-addon" id="basic-addon1">邮 箱:</span>
<input id="email" name="email" type="text" placeholder="请您输入邮箱地址" aria-describedby="basic-addon1">
</label>
</p>
<p>
<label class="input-group">
<span class="input-group-addon" id="basic-addon1">密 码:</span>
<input id="password" name="password" type="text" placeholder="请输入您的秘密" aria-describedby="basic-addon1">
</label>
</p>
<!-- <P>-->
<!-- <label for="password">提交:</label>-->
<!-- <input type="password" name="password" id="password">-->
<!-- </P>-->
<p>
<button class="btn btn-success">提交</button>
</p>
</form>
<script>
// onsubmit: 表单提交前进行验证, 默认返回true
function isEmpty() {
var email = document.getElementById('email').value;
var password = document.getElementById('password').value;
// 用if 语句来做非空验证函数
// if (email.length === 0 || password.length === 0) {
// alert('邮箱或密码不能为空');
// return false;
// }
if (email.length ===0) {
alert('邮箱不能为空');
if (password.length === 0 ) {
alert('密码不能为空');
}
return false;
}
}
</script>
</body>
</html>运行实例 »
点击 "运行实例" 按钮查看在线实例
页面显示效果:
check.php:
实例
<?php
//开启回话
session_start(); //向cookie中写入session_id:PHPSESSID
if (isset($_SESSION['username']) && $_SESSION['username'] === 'admin') {
echo '<script>alert(\'您已经登录了,请不要重复登录\');location.assign("admin.php");</script>';
}
//j检查是否获得提交数据
//print_r($_POST);
//连接数据库
require __DIR__ . '/inc/connect.php';
//var_dump($pdo);
//获取数据,并创建新变量
$email = $_POST['email'];
$password = sha1($_POST['password']);
//var_dump($email,$password);
//用user表进行验证
$sql = 'SELECT * FROM `user` WHERE `email`=:email AND `password`=:password LIMIT 1';
//创建SQL语句模板对象,预处理对象
$stmt = $pdo->prepare($sql);
//执行,execute()内为数据绑定
$stmt->execute(['email'=>$email, 'password'=>$password]);
//fetch(): 成功返回数组,失败返回false
$user = $stmt->fetch(PDO::FETCH_ASSOC);
//var_dump($user);
if (false === $user) {
//登录失败
echo '<script>alert("登录失败,请检查"); location.href="login.php";</script>';
//终止当前脚本
die; //exit; exit();
}
//登录成功,将用户信息写入cookie
//setcookie('username',$user['username']);
$_SESSION['username'] = $user['username'];
//session文件中的值:username|s:5:"admin";
echo '<script>alert(\'登录成功\'); location.assign("admin.php");</script>';运行实例 »
点击 "运行实例" 按钮查看在线实例
弹窗显示效果:
admin.php:
实例
<?php
//开启回话
session_start();
if (isset($_SESSION['username']) && $_SESSION['username'] === 'admin'):
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>后台首页</title>
</head>
<body>
<h1>后天首页</h1>
<p>
<?php echo $_SESSION['username'] ?>
</p>
<p class="btn btn-success">
<a href="logout.php">退出</a>
</p>
</body>
</html>
<?php else: ?>
<script>alert('请先登录');location.assign('login.php');</script>;
<?php endif ?>运行实例 »
点击 "运行实例" 按钮查看在线实例
后台页面的显示效果:
logout.php:
实例
<?php
//开启回话
session_start();
//必须在已经登录的情况下,才能进行退出登录的操作.
//isset():判断当前变量是否存在
if (isset($_SESSION['username']) && $_SESSION['username'] === 'admin') {
//退出
//将服务器中对应的session文件删除
session_destroy();
setcookie('username',null,time()-3600);
echo '<script> alert(\'退出成功\');location.assign("login.php");</script>';
} else {
echo '<script> alert(\'请先登录\');location.assign("login.php");</script>';
}运行实例 »
点击 "运行实例" 按钮查看在线实例
退出的弹窗效果:
