Php 使用会话进行基本登录
我在使用php和mysql进行简单登录时遇到问题 这是我的密码: LOGIN.PHPPhp 使用会话进行基本登录,php,mysql,session,cookies,Php,Mysql,Session,Cookies,我在使用php和mysql进行简单登录时遇到问题 这是我的密码: LOGIN.PHP <?php //include 'core/init.php'; include 'functions.php'; //JH check if user is logged in already if (loggedin()) { header("location: userarea.php"); exit(); }
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (loggedin()) {
header("location: userarea.php");
exit();
}
if ($_POST['login']) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$remember = $_POST['remember'];
$password_encrip = hash('md5', $pass);
if ($user&&$pass) {
$login = mysql_query("SELECT * FROM users WHERE user='$user'");
while ($row = mysql_fetch_assoc($login))
$db_pass = $row['pass']; {
if ($password_encrip==$db_pass)
$login_ok = TRUE;
else
$login_ok = FALSE;
}
if ($login_ok==TRUE) {
if ($remember=="on")
setcookie("user", $user, time()+7200);
else if ($remember=="")
$_SESSION['user']=$user;
header("Location: userarea.php");
exit();
} else
echo "ERROR: Username/Password combination incorrect!";
} else
die("ERROR: Hit back and enter username and password!");
}
?>
<form action="login.php" method="POST">
<b style="font-size:150%;">Log in</b><br/>
Username: <input type="text" name="user"/><br/>
Password: <input type="password" name="pass"/><br/>
<input type="checkbox" name="remember" />Remember me<br/>
<input type="submit" name="login" value="Log in"/>
</form>
在PHP的顶部,放置会话_start()(您发布的第一页)。试一试一件大事是,在添加到查询之前,您始终希望清理用户输入,并且如果未设置$\u post值,则不会返回false,如果($\u post['something')将返回错误,则会返回false
----------------------------------- LOGIN.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (loggedin()) {
header("location: userarea.php");
exit();
}
if ($_POST['login']) {
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$remember = mysql_real_escape_string($_POST['remember']);
$password_encrip = hash('md5', $pass);
if (!empty($user) && !empty($pass)) {
$login = mysql_query("SELECT * FROM users WHERE user='$user' AND pass = '$password_encrip'");
while ($row = mysql_fetch_assoc($login)) {
if (count($row) > 0) {
$login_ok = TRUE;
} else {
$login_ok = FALSE;
}
}
if ($login_ok) {
if ($remember == "on") {
setcookie("user", $user, time() + 7200);
} else if ($remember == "") $_SESSION['user'] = $user;
header("Location: userarea.php");
exit();
} else {
echo "ERROR: Username/Password combination incorrect!";
}
} else {
die("ERROR: Hit back and enter username and password!");
}
}
?>
<form action="login.php" method="POST">
<b style="font-size:150%;">Log in</b><br/>
Username: <input type="text" name="user"/><br/>
Password: <input type="password" name="pass"/><br/>
<input type="checkbox" name="remember"/>Remember me<br/>
<input type="submit" name="login" value="Log in"/>
</form>
------------------------------------------ FUNCTIONS.PHP
<?php
// REPORT ERRORS?
//error_reporting(E_ALL);
// SESSIONS CHECK
session_start();
//CONNECT TO DATABASE/CONNECT
mysql_connect("localhost", "MYSQL", "PASS") or die();
mysql_select_db('DB') or die();
// LOGIN CHECK FUNCTION
function loggedin() {
if (isset($_SESSION['$user']) || isset($_COOKIE['$user'])) {
$loggedin = TRUE;
return $loggedin;
}
}
?>
---------------------------------------------- USERAREA.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (!loggedin()) {
header("location: login.php");
exit();
}
?>
<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>
<?php
echo "Welcome SESS: " . $_SESSION['user'] . "<br/>";
echo "Welcome Cookie: " . $_COOKIE['user'] . "<br/>";
?>
------------------------------------LOGIN.PHP
有什么问题吗?什么不起作用?托兹球??真正地TOTZBALLS???基本上它会将我转发到userarea.php,但这会将我踢回login.php,然后我会得到错误的密码/组合错误。耶**托茨鲍尔斯-亚马泽巴尔兹**有人会来说的,所以还是我来吧。考虑一个框架——Kohana、CooDigiTor、CaKEPHP和交响乐都有自己的替代AUTH结构的伟大选择。如果这是一个练习,那么我认为没有必要,但是如果它打算以功能性的方式部署,您将省去很多麻烦。感谢您的输入,我确信这不会有任何区别,因为它是通过functions.php添加到会话的?还是加上去了!我已经取消了MD5密码,现在它正在设置会话/COOKIE,但只是刷新页面,没有将我发送到userarea.php并回显会话和COOKIE='admin'。非常奇怪,有人能测试一下吗?哎呀,在functions.php中,loggedin函数不正确,“if(isset($\u SESSION['$user']))| | isset($\u COOKIE['$user']))”-删除了$,效果很好。很抱歉我永远不会注意到这一点。
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (!loggedin())
{
header("location: login.php");
exit();
}
?>
<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>
<?php
echo "Welcome SESS: ".$_SESSION['user']. "<br/>";
echo "Welcome Cookie: ".$_COOKIE['user']. "<br/>";
?>
----------------------------------- LOGIN.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (loggedin()) {
header("location: userarea.php");
exit();
}
if ($_POST['login']) {
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$remember = mysql_real_escape_string($_POST['remember']);
$password_encrip = hash('md5', $pass);
if (!empty($user) && !empty($pass)) {
$login = mysql_query("SELECT * FROM users WHERE user='$user' AND pass = '$password_encrip'");
while ($row = mysql_fetch_assoc($login)) {
if (count($row) > 0) {
$login_ok = TRUE;
} else {
$login_ok = FALSE;
}
}
if ($login_ok) {
if ($remember == "on") {
setcookie("user", $user, time() + 7200);
} else if ($remember == "") $_SESSION['user'] = $user;
header("Location: userarea.php");
exit();
} else {
echo "ERROR: Username/Password combination incorrect!";
}
} else {
die("ERROR: Hit back and enter username and password!");
}
}
?>
<form action="login.php" method="POST">
<b style="font-size:150%;">Log in</b><br/>
Username: <input type="text" name="user"/><br/>
Password: <input type="password" name="pass"/><br/>
<input type="checkbox" name="remember"/>Remember me<br/>
<input type="submit" name="login" value="Log in"/>
</form>
------------------------------------------ FUNCTIONS.PHP
<?php
// REPORT ERRORS?
//error_reporting(E_ALL);
// SESSIONS CHECK
session_start();
//CONNECT TO DATABASE/CONNECT
mysql_connect("localhost", "MYSQL", "PASS") or die();
mysql_select_db('DB') or die();
// LOGIN CHECK FUNCTION
function loggedin() {
if (isset($_SESSION['$user']) || isset($_COOKIE['$user'])) {
$loggedin = TRUE;
return $loggedin;
}
}
?>
---------------------------------------------- USERAREA.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (!loggedin()) {
header("location: login.php");
exit();
}
?>
<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>
<?php
echo "Welcome SESS: " . $_SESSION['user'] . "<br/>";
echo "Welcome Cookie: " . $_COOKIE['user'] . "<br/>";
?>