会话控制
COOKIE会话控制
1.index01.php
<?php
// 判断是否在登录状态
if(isset($_COOKIE[‘user’])) $user = unserialize ($_COOKIE[‘user’]);
?>
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>首页</title><link rel="stylesheet" type="text/css" href="../css/index01.css"></head><body><nav><a href="index01.php">我的论坛</a><?php if(isset($user)): ?><a href="" id="logout01"><span style="color:red"><?php echo $user['name']?></span> 退出</a><?php else: ?><a href="login01.php">登录</a><?php endif ?></nav></body><script>// 为退出按钮创建事件监听器document.querySelector('#logout01').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle01.php?action=logout01');}});</script></html>
演示效果
2.login01.php
<?php
// 判断是否在登录状态
if(isset($_COOKIE[‘user’])) $user = unserialize ($_COOKIE[‘user’]);
?>
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>首页</title><link rel="stylesheet" type="text/css" href="../css/index01.css"></head><body><nav><a href="index01.php">我的论坛</a><?php if(isset($user)): ?><a href="" id="logout01"><span style="color:red"><?php echo $user['name']?></span> 退出</a><?php else: ?><a href="login01.php">登录</a><?php endif ?></nav></body><script>// 为退出按钮创建事件监听器document.querySelector('#logout01').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle01.php?action=logout01');}});</script></html>
演示效果
3.register01.php
<?php
// 判断是否在登录状态
if(isset($_COOKIE[‘user’])) $user = unserialize ($_COOKIE[‘user’]);
?>
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>首页</title><link rel="stylesheet" type="text/css" href="../css/index01.css"></head><body><nav><a href="index01.php">我的论坛</a><?php if(isset($user)): ?><a href="" id="logout01"><span style="color:red"><?php echo $user['name']?></span> 退出</a><?php else: ?><a href="login01.php">登录</a><?php endif ?></nav></body><script>// 为退出按钮创建事件监听器document.querySelector('#logout01').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle01.php?action=logout01');}});</script></html>
演示效果
4.handle01.php
<?php
// 查询用户表中的数据
$pdo = new PDO(‘mysql:host=localhost;dbname=exe0507’,’exe’,’exE123’);
$stmt = $pdo->prepare(‘SELECT * from user1‘);
$stmt->execute();
$heros = $stmt->fetchAll(PDO::FETCH_ASSOC);
// 处理用户登录与注册$action = $_GET['action'];switch (strtolower($action)){// 正常登录case 'login01':// 判断请求是否合法if ($_SERVER['REQUEST_METHOD'] === 'POST') {// 获取需要验证的数据$email = $_POST['email'];$password = sha1($_POST['password']);$results = array_filter($heros, function($user) use ($email, $password) {return $user['email'] === $email && $user['password'] === $password;});if (count($results) === 1) {setcookie('user', serialize(array_pop($results)));exit('<script>alert("验证通过");location.href="index01.php"</script>');} else {exit('<script>alert("邮箱或密码错误,或者还没有帐号");location.href="login01.php";</script>');}} else {die('请求类型错误');}break;// 退出case 'logout01':if (isset($_COOKIE['user'])) {setcookie('user', null , time()-3600);exit('<script>alert("退出成功");location.assign("index01.php")</script>');}break;// 用户注册case 'register01':// 1. 获取到所有新用户数据$name = $_POST['name'];$email = $_POST['email'];$password = sha1($_POST['ps1']);$reg_time = time();// 2. 将新用户插入到表中$sql = "INSERT `user1` SET `name`='{$name}',`email`='{$email}',`password`='{$password}',`reg_time`={$reg_time} ";$stmt = $pdo->prepare($sql);$stmt->execute();if ($stmt->rowCount() === 1) exit('<script>alert("注册成功");location.assign("login01.php")</script>');else exit('<script>alert("注册失败");location.assign("login01.php")</script>');break;// 未定义default:exit('未定义操作');}
演示效果
session会话
1.index01.php
<?php
// 开启会话
session_start();
// 判断是否在登录状态if(isset($_SESSION['user'])) $user = unserialize ($_SESSION['user']);?><!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>首页</title><link rel="stylesheet" type="text/css" href="../css/index01.css"></head><body><nav><a href="index01.php">我的论坛</a><?php if(isset($user)): ?><a href="" id="logout01"><span style="color:red"><?php echo $user['name']?></span> 退出</a><?php else: ?><a href="login01.php">登录</a><?php endif ?></nav></body><script>// 为退出按钮创建事件监听器document.querySelector('#logout01').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle01.php?action=logout01');}});</script></html>
2.login01.php
<?php
// 开启会话
session_start();
// 判断是否在登录状态if(isset($_SESSION['user']))exit('<script>alert("请不要重复登录");location.href="index01.php";</script>');?><!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><link rel="stylesheet" type="text/css" href="../css/login01.css"><title>用户登录</title></head><body><h3>用户登录</h3><form action="handle01.php?action=login01" method="post"><div><label for="">邮箱:</label><input type="email" name="email" id="email" ></div><div><label for="">密码:</label><input type="password" name="password" id="password" pla ></div><div><button type="submit">提交</button></div></form><a href="register01.php">没注册的请点击这里注册吧</a></body></html>
3.handle01.php
<?php
// 开启会话
session_start();
// 查询用户表中的数据$pdo = new PDO('mysql:host=localhost;dbname=exe0507','exe','exE123');$stmt = $pdo->prepare('SELECT * from `user1`');$stmt->execute();$heros = $stmt->fetchAll(PDO::FETCH_ASSOC);// 处理用户登录与注册$action = $_GET['action'];switch (strtolower($action)){// 正常登录case 'login01':// 判断请求是否合法if ($_SERVER['REQUEST_METHOD'] === 'POST') {// 获取需要验证的数据$email = $_POST['email'];$password = sha1($_POST['password']);$results = array_filter($heros, function($user) use ($email, $password) {return $user['email'] === $email && $user['password'] === $password;});if (count($results) === 1) {$_SESSION['user'] = serialize(array_pop($results));exit('<script>alert("验证通过");location.href="index01.php"</script>');} else {exit('<script>alert("邮箱或密码错误,或者还没有帐号");location.href="login01.php";</script>');}} else {die('请求类型错误');}break;// 退出case 'logout01':if (isset($_SESSION['user'])) {session_destroy();exit('<script>alert("退出成功");location.assign("index01.php")</script>');}break;// 用户注册case 'register01':// 1. 获取到所有新用户数据$name = $_POST['name'];$email = $_POST['email'];$password = sha1($_POST['ps1']);$reg_time = time();// 2. 将新用户插入到表中$sql = "INSERT `user1` SET `name`='{$name}',`email`='{$email}',`password`='{$password}',`reg_time`={$reg_time} ";$stmt = $pdo->prepare($sql);$stmt->execute();if ($stmt->rowCount() === 1) exit('<script>alert("注册成功");location.assign("login01.php")</script>');else exit('<script>alert("注册失败");location.assign("login01.php")</script>');break;// 未定义default:exit('未定义操作');}
register01.php没改动就不贴出代码了。
演示效果
总结:
1.第一次尝试前后台数据传输,心情激动,期待顺利通过!
理想与现实的差别:经过一星期的仿照编码和查错,今天才通过cookie会话整个流程。期间出现编码写错、数据库password选择sha1加密输入出错、数据库重装、phpstudy重装等种种折腾。
2.session会话于cookie会话的区别:
—首先要启动会话session_start();
—变量$_COOKIE改为$_SESSION
—setcookie改为$_SESSION[..]=
—setcookie(‘user’, null , time()-3600);改为session_destroy();
—所以只改动了index01.php、login01.php、handle01.php三个文件。