收藏
天蓬老师批改状态:合格
老师批语:登录验证的难点在于流程控制, 这个理解了就好办了
<?php// 开启会话session_start();// 判断是否已经登录?if (isset($_SESSION['user'])) $user = unserialize($_SESSION['user']);?><!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>首页</title><style>nav {height: 40px;padding: 0 15px;background-color: black;display: flex;justify-content: space-between;align-items: center;}a {font-size: 20px;color: white;text-decoration: none;}</style></head><body><nav><a href="index.php">首页</a><?php if (isset($user)) : ?><a href="" id="logout"><span style="color:red"><?php echo $user['name']?></span> 退出</a><?php else: ?><a href="login.php">登录</a><?php endif ?></nav></body><script>// 为退出按钮创建事件监听器document.querySelector('#logout').addEventListener('click', function(event) {if (confirm('是否退出')) {// 禁用默认行为, 其实就是禁用原<a>标签的点击跳转行为,使用事件中的自定义方法处理event.preventDefault();// 跳转到退出事件处理器window.location.assign('handle.php?action=logout');}});</script></html>
<?phpsession_start();// 判断是否已登录if (isset($_SESSION['user']))exit('<script>alert("请不要重复登录");location.href="index.php";</script>');?><!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>登录</title><link rel="stylesheet" href="index.css/index.css"></head><body><h3>用户登录</h3><form action="handle.php?action=login" method="POST"><div><label for="email">邮箱:</label><input type="email" name="email" id="email" placeholder="@qq.com" require autofocus></div><div><label for="password">密码:</label><input type="password" name="password" id="password" placeholder="不小于6位"></div><div><button>登录</button></div></form><a href="register.php">注册</a></body></html>
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>用户注册</title><link rel="stylesheet" href="index.css/index.css"></head><body><h3>用户注册</h3><form action="handle.php?action=register" method="POST"><div><label for="name">昵称:</label><input type="text" name="name" id="name" require placeholder="昵称" autofocus></div><div><label for="email">邮箱:</label><input type="email" name="email" id="email" require placeholder="@qq.com"></div><div><label for="password">密码:</label><input type="password" name="password" id="password" require placeholder="不少于6位"></div><div><label for="password">重复:</label><input type="password" name="password" id="password" require placeholder="必须与上面密码一致"></div><div><button>注册</button></div></form><a href="login.php">登录</a></body></html>
<?php// 开启会话session_start();// 连接数据库$pdo = new PDO('mysql:host=php.cn;dbname=php','root','root');$stmt = $pdo->prepare("SELECT * FROM `users`");$stmt->execute();$users = $stmt->fetchAll(PDO::FETCH_ASSOC);// print_r($a);// 处理用户登录与注册$action = $_GET['action']; //获取get参数`login`或者是`register`// 判断用户是想登录(login)或者是注册(register)// strtolower:把字符串转换为小写switch(strtolower($action)){// 登录case 'login':// 判断请求是否合法// $_SERVER['REQUEST_METHOD']:请求类型if ($_SERVER['REQUEST_METHOD'] === 'POST') {// 请求正确 ,获取需要验证的数据$email = $_POST['email'];$password = sha1($_POST['password']);// 用回调函数过滤数组中的元素,返回数组中email和passeord和当前用户输入的数据相同的值// $users:数据库中的数据// $user:$users数组中的每个键值对,也叫用户的所有信息$results = array_filter($users, function($user) use ($email, $password) {return $user['email'] === $email && $user['password'] === $password;});// count:计算数组的单元数目// 如果results === 1;说明用户存在if (count($results) === 1) {// unseralize:反序列化// seralize:序列化// array_pop:删除数组中最后一个元素;出栈// user的值等于序列化后的$resylts中的最后一个元素// 设置session$_SESSION['user'] = serialize(array_pop($results));exit('<script>alert("验证通过");location.href="index.php"</script>');} else {exit('<script>alert("邮箱或密码错误,或者还没有帐号");location.href="login.php";</script>');}}else{die('请求错误');}break;// 退出case 'logout':if (isset($_SESSION['user'])) {// 注销所有session变量,并且结束session会话session_destroy();exit('<script>alert("退出成功");php.cn.assign("index.php")</script>');}break;case'register':// 注册// 获取数据$name = $_POST['name'];$email = $_POST['email'];$password = sha1($_POST['password']);$register_time =time();// 将新用户插入到表中$sql = "INSERT `users` SET `name`='{$name}', `email`='{$email}', `password`='{$password}', `register_time`={$register_time}";$stmt = $pdo->prepare($sql);$stmt->execute();// 变量不能放在数组中// $stmt->execute([$name,$email,$password,$time]);// stmt->rowcount:返回受上一个sql语句影响的行数// 如果stmt->rowcount:返回受上一个sql语句影响的行数 === 1,说明插入成功if ($stmt->rowCount() === 1) exit('<script>alert("注册成功");php.cn.assign("login.php")</script>');else exit('<script>alert("注册失败");php.cn.assign("login.php")</script>');break;// 未定义default:exit('未定义操作');}
session_strat(),cookin不需要url中action信息,判断用户想要执行的操作
1.判断数据请求是否正确2. 获取用户输入的信息与`session`中的信息匹配,成功则登录,不成功则输出错误提示。
1. session_destroy():注销所有session变量,并且结束session会话
1. 通过`$_POST`获取用户信息2.使用数据库新增的方法把用户信息添加到数据库
Copyright 2014-2025 https://www.php.cn/ All Rights Reserved | php.cn | 湘ICP备2023035733号
