1.cookie和session
当我们登录网站时,服务器就会给我们用户创建一个临时文件,用户存储SESSION数据,当服务器把页面传递给浏览器的时候,该SESSION数据会再浏览器中以cookie的形式存储
COOKIE
<?php
/**
* 设置cookie,
* 查看cookie
*/
//1.设置一个;
//setcookie('name','yk');
//setrawcookie('site', 'php中文网');
//echo $_COOKIE['name'];查看
//2.设置多个
setcookie('user[name]','yk');
setcookie('user[password]','yksad');
setcookie('user[email]','yksfd');
/**
* 设置多个cookie和多文件上传变量设置一样
*/
if(isset($_COOKIE['user']))
{
foreach ($_COOKIE['user'] as $key => $value)
{
printf('%s-%s<br>',$key,$value);
}
}
//3.删除cookie
setcookie('user[name]',null,time()-3600);
/**
* 将过多信息存储在客户端,并不适合
* 1. 数量受限: 30个
* 2. 空间受限: 4k
* 3. 安全隐患: 天生不可避免
*
* 所以, 会话信息推荐存储在服务器端
* 客户端只需要保存一个会话ID,用于标识访问身份即可
*/
SESSION
<?php
/**
* a.开启会话: session_start();
* 启动会话做了二件事
* 1. 浏览器: 创建会话ID: PHPSESSID, 一串md5加密的字符串
* 2. 服务器: 创建与浏览器会话ID对应的会话文件,一个会话文件对应一个用户
*
* b.设置:
*
* c.更新:
*
* d.删除:
* 1.unset()
* 2.session_unset()
* 3.session_destroy();
*/
session_start();
$_SESSION['name'] = 'yk';
$_SESSION['password'] = md5('asdj') . 'asd';
$_SESSION['name'] = 'update_yk';
unset($_SESSION['name']);
session_unset();
session_destroy();
2.登录
CSS/index.php
nav{
height: 40px;
background-color: deepskyblue;
padding: 0 20px;
display: flex;
place-content: space-between;
place-items: center;
}
nav>a{
color: white;
text-decoration: none;
}
CSS/style.php
body {
display: flex;
flex-direction: column;
text-align: center;
color: #555;
font-weight: 300;
/* background-color: lightcyan; */
background: linear-gradient(to left, lightcyan, white);
}
body h3 {
font-weight: 300;
font-size: 20px;
margin-bottom: 10px;
}
body form {
width: 240px;
padding: 20px;
box-sizing: border-box;
background: linear-gradient(to left top, lightskyblue, white);
color: white;
text-shadow: 0.5px 0.5px 0.5px #000;
margin: auto;
border-radius: 5px;
box-shadow: 0 0 5px #aaa;
}
body form > div {
height: 36px;
display: flex;
justify-content: space-between;
align-items: center;
}
body form div:last-of-type {
display: flex;
justify-content: center;
}
body form input {
border: none;
outline: none;
padding-left: 5px;
height: 20px;
}
body form input:hover {
box-shadow: 0 0 5px #aaa;
}
body form button {
flex: auto;
height: 30px;
background-color: green;
color: white;
border: none;
outline: none;
}
body form button:hover {
background-color: lightcoral;
cursor: pointer;
box-shadow: 0 0 5px #aaa;
}
body a {
color: #888;
text-decoration: none;
margin-top: 15px;
}
body a:hover {
color: lightcoral;
font-weight: bold;
}
handle.php
<?php
/**
* 1.开启会话
* 2.查看数据
*/
session_start();
$db = new PDO('mysql:host=localhost;dbname=phpedu','root','901026yk');
$stmt = $db->prepare('select * from user');
$stmt->execute();
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
$action = $_GET['action'];
/**
*
*/
switch ($action)
{
case 'login':
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$password = sha1($_POST['password']);
$email = $_POST['email'];
$result = array_filter($users, function ($user) use ($password, $email) {
return $user['password'] == $password && $user['email'] == $email;
});
if (count($result) == 1) {
$_SESSION['user'] = serialize(array_pop($result));
exit('<script>alert("登录成功");location.href="index.php"</script>');
} else {
exit('请求类型错误');
}
}
case 'logout':
if (isset($_SESSION['user'])) {
session_destroy();
exit('<script>alert("退出成功");location.href="index.php"</script>');
}
case 'register':
$email= $_POST['email'];
$name= $_POST['name'];
$password= sha1($_POST['p2']);
$register_time = time();
// 2. sql
$sql = <<<SQL
INSERT `user`
SET `name`= ?,
`email`= ?,
`password`= ?,
`register_time`= ?;
SQL;
$stmt = $db->prepare($sql);
$data = [$name,$email,$password, $register_time];
if ($stmt->execute($data)) {
if ($stmt->rowCount() > 0) {
// 注册成功之后,让用户自动登录
$sql='SELECT * FROM `user` WHERE `id` = ' . $db->lastInsertId();
$stmt = $db->prepare($sql);
$stmt->execute();
$newUser =$stmt->fetch(PDO::FETCH_ASSOC);
$_SESSION['user'] = serialize($newUser);
exit('<script>alert("注册成功");location.href="index.php"</script>');
} else {
exit('<script>alert("注册失败");location.href="register.php"</script>');
}
} else {
print_r($stmt->errorInfo());
}
// no break
default:
exit('参数非法或未定义操作');
}
/**
* serialize:序列化数据
*/
index.php
<?php
namespace _0822;
session_start();
// 判断是否已登录?
if (isset($_SESSION['user'])) {
$user = unserialize($_SESSION['user']);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>用户页面</title>
<link rel="stylesheet" href="CSS/index.css">
<style>
</style>
</head>
<body>
<nav>
<a href="index.php">我的博客</a>
<?php if (isset($user)) : ?>
<span style="margin-left: 300px"><?=$user['name']?></span>
<a id="logout">退出</a>
<?php else: ?>
<a href="login.php">登录</a>
<?php endif ?>
</nav>
<script>
// 为退出按钮创建事件监听器
document.querySelector('#logout').addEventListener('click', function(event) {
if (confirm('是否退出')) {
// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理
event.preventDefault();
// 跳转到退出事件处理器
window.location.assign('handle.php?action=logout');
}
},true);
</script>
</body>
</html>
login.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>用户登录</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
</head>
<body>
<h3>用户登录</h3>
<form action="handle.php?action=login" method="post">
<div>
<label for="email">邮箱:</label>
<input type="email" name="email" id="email" placeholder="demo@email.com" required autofocus>
</div>
<div>
<label for="password">密码:</label>
<input type="password" name="password" id="password" placeholder="不少于6位" required>
</div>
<div>
<button>提交</button>
</div>
</form>
<a href="register.php">还没有帐号, 注册一个吧</a>
</body>
</html>
register.php
```php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" type="text/css" href="CSS/style.css">
<title>注册用户</title>
</head>
<body>
<h3>用户注册</h3>
<form action="handle.php?action=register" method="post" onsubmit="return compare()">
<div>
<label for="name">呢称:</label>
<input type="text" name="name" id="name" placeholder="不少于3个字符" required autofocus>
</div>
<div>
<label for="email">邮箱:</label>
<input type="email" name="email" id="email" placeholder="demo@email.com" required>
</div>
<div>
<label for="p1">密码:</label>
<input type="password" name="p1" id="p1" placeholder="不少于6位" required>
</div>
<div>
<label for="p2">重复:</label>
<input type="password" name="p2" id="p2" placeholder="必须与上面一致" required>
</div>
<div>
<button>提交</button><span id="tips" style="color: red"></span>
</div>
</form>
<a href="login.php">我有帐号,直接登录</a>
<script>
// 验证二次密码是否相等?
function compare() {
if (document.forms[0].p1.value.trim() !== document.forms[0].p2.value.trim()) {
document.querySelector(‘#tips’).innerText = ‘二次密码不相等’;
return false;
}
}
</script>
</body>
</html>