目录结构如下:
此案例中cookie与session代码大同小异,下面以session代码演示
index.php:
<?php
session_start();
$page_title = '首页';
//导入头部
include ('inc/header.php');
echo '<h2 style="color:red">首页</h2>';
//登录检测
if (isset($_SESSION['user_id']) && basename($_SERVER['PHP_SELF']) != 'logut.php') {
echo '<a href="logout.php">退出登录</a>';
} else {
echo '<a href="login.php">登录</a>';
}
//导入底部
include ('inc/footer.php');login.php:
<?php
/*
*登录页面
*/
$page_title = '用户登录';
//导入头部
include ('inc/header.php');
// echo '<h2 style="color:red">首页</h2>';
?>
<h2 style="color: red">用户登录</h2>
<form action="checklogin.php" method="post">
<p>
<label for="email">邮箱:
<input type="email" name="email" id="email" value="">
</label>
</p>
<p>
<label for="password">邮箱:
<input type="password" name="password" id="password" value="">
</label>
</p>
<p>
<button type="submit" name="submit" id="submit">登录</button>
</p>
</form>
<?php
//导入底部
include ('inc/footer.php');
?>logout.php:
<?php
session_start();
if (!isset($_SESSION['user_id'])){
require ('inc/function.php');
redirect_user();
} else {
// setcookie('user_id','',time()-3600);
// setcookie('user_name','',time()-3600);
$_SESSION = [];
session_destroy();
setcookie('PHPSESSID','',time()-3600);
}
$page_title = '退出成功';
//加载头部
include ('inc/header.php');
//打印欢迎信息
echo <<<"WELCOME"
<h2 style="color:red">退出成功</h2>
<p><a href="login.php">登录</a></p>
WELCOME;
//加载底部
include ('inc/footer.php');checklogin.php
<?php
session_start();
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
//加载公共函数库
require('inc/function.php');
//连接数据库
require ('inc/connect.php');
//验证登录
list($check,$data) = check_login($dbc, $_POST['email'],$_POST['password']);
//验证通过
if ($check) {
//设置cookie
// setcookie('user_id', $data['user_id']);
// setcookie('user_name', $data['user_name']);
$_SESSION['user_id'] = $data['user_id'];
$_SESSION['user_name'] = $data['user_name'];
//跳转成功页面
redirect_user('loggedin.php');
} else {
$errors = $data;
}
//关闭连接
mysqli_close($dbc);
}
//加载
include ('login.php');loggedin.php:
<?php
session_start();
//用户未登录验证
if (!isset($_SESSION['user_id'])){
require ('inc/function.php');
redirect_user();
}
$page_title = '已登录';
//加载头部
include ('inc/header.php');
//打印欢迎信息
echo <<<"WELCOME"
<h2 style="color:red">登录成功</h2>
<p>欢迎您:{$_SESSION['user_name']}</p>
<p><a href="logout.php">退出登录</a></p>
WELCOME;
//加载底部
include ('inc/footer.php');inc目录下文件
connect.php
<?php
define('DB_HOST','localhost');
define('DB_USER','root');
define('DB_PASS','root');
define('DB_NAME','php');
define('DB_CHAR','utf8');
$dbc = @mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (mysqli_connect_errno($dbc)) {
echo '连接失败'.mysqli_connect_error($dbc);
}
mysqli_select_db($dbc, DB_NAME);
mysqli_set_charset($dbc, DB_CHAR);footer.php
<h3>公共底部</h3> </body> </html>
function.php
<?php
//用户自定义跳转地址
function redirect_user($page='index.php')
{
//默认地址
$url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
//去掉右侧的/,\
$url = rtrim($url, '/\\');
//生成自定义跳转地址
$url .= '/'.$page;
//跳转自定义地址
header('Location:'. $url);
exit();
}
function check_login($dbc, $email='', $password='')
{
//创建错误信息数组
$errors = [];
//验证邮箱
if (empty($email)){
$errors[] = '请输入邮箱';
} else {
$e = mysqli_real_escape_string($dbc,trim($email));
}
//验证密码
if (empty($password)){
$errors[] = '请输入密码';
} else {
$p = mysqli_real_escape_string($dbc,trim($password));
}
if (empty($errors)) {
$sql = "SELECT `user_id`,`user_name` FROM `user` WHERE `email`='$e' AND `password`=sha1('$p')";
$res = mysqli_query($dbc,$sql);
if (mysqli_num_rows($res) == 1) {
$rows = mysqli_fetch_array($res, MYSQLI_ASSOC);
// echo '<pre>';
// print_r($rows);die();
return [true, $rows];
} else {
$errors[] = '邮箱或密码错误,请重新输入';
}
}
return [false, $errors];
}header.php
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title> <?php echo isset($page_title) ? $page_title : '默认标题'; ?> </title> </head> <body> <h3>公共头部</h3>
