handle.php
namespace _0822;use PDO;session_start();$db = new PDO('mysql:dbname=phpedu','root','root');$stmt = $db->prepare('SELECT * FROM `user`;');if (stmt->execute()){$users = $stmt->fetchAll(PDO::FECTH_ASSOC);}else{ printf_r($stmt->errorInfo());}// 获取用户操作数据$action = strtolower($_GET['action']);switch($action){ //登录 case 'login': if($_SERVER['REQUEST_METHOD']==='POST'){ //获取登录用户的数据:邮箱和密码 $email = $_POST['email']; $password = sha1($_POST['password']); $result = array_filter($users,function($user) use($email,$password){ return $user['email'] === $email && $user['password'] === $password; }); if(count($result)===1){// 登录成功,写入session$_SESSION['user'] = serialize(array_pop($result)); exit('<script>alert("验证通过"),location.href="index.php"</script>'); } print_r($result); } else{ // echo '请求类型错误'; die; exit('请求类型错误'); }// 退出case 'logout': if(isset($_SESSION['user'])){ session_destroy(); exit('<script>alert("退出成功"),location.href="index.php"</script>'); }// 注册case 'register':// 1. 获取登录用户的数据$email = $_POST['email'];$name = $_POST['name'];$password = sha1($_POST['p2']); $register_time = time(); // 2. SQL $sql = <<< SQL INSERT `user` SET `name`= ?, `email`= ?, `password`= ?, `register_time`= ?; SQL;$stmt = $db->prepare($sql);$data = [$name,$email,$password,$register_time]; if ($stmt->execute($data)) { if($stmt->rowCount() > 0){// 注册成功之后,让用户自动登录$sql = 'SELECT * FROM `user` WHERE `id`= ' . $db->lastInsertId();$stmt = $db->prepare($sql);$stmt->execute();$newUser = $stmt->fetch(PDO::FETCH_ASSOC);$_SESSION['user'] = serialize($newUser); exit('<script>alert("注册成功"),location.href="index.php"</script>'); } else{ exit('<script>alert("注册失败"),location.href="register.php"</script>'); } } else { print_r($stmt->errorInfo()); }// no breakdefault: exit('参数非法或未定义操作'); }) }}
