[英]How to make an page only accessible when logged in PHP
Currently I'm working on a little project for a dummy login/register page and now I want to add a page that is only accessible when you're logged in. So the question is how do I make a session or cookie and retrieve them? 目前我正在为虚拟登录/注册页面开发一个小项目,现在我想添加一个只有在您登录时才能访问的页面。所以问题是如何创建会话或cookie并检索它们? And how do I block not logged in users. 如何阻止未登录的用户。
I'm currently using these codes for the login.php and member_area.php: Login.php: 我目前正在使用这些代码登录login.php和member_area.php:Login.php:
<?php
session_start();
if(isSet($_POST['login'])) {
include('db.php');
$username = mysql_real_escape_string($_POST['username']);
$password = sha1($_POST['password'] );
$query = mysql_query("SELECT * FROM tab WHERE username='".addSlashes($username)."' AND password='".addSlashes($password)."'");
$res = mysql_num_rows($query);
if ($res == 1) {
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['userobj'] = mysql_fetch_assoc($query);
header('Location: http://localhost/member_area.php');
exit;
} else {
echo 'Data does not match <br /> RE-Enter Username and Password';
}
} else {
?>
<html>
<head><link rel="stylesheet" type="text/css" href="css.css"></head>
<body>
<div id="div1">
<a href="index.php" id="home">Home</a>
<a href="Login.php" id="login2">Login</a>
<a href="register.php" id="register">Register</a>
</div>
<table width="200" border="0" cellspacing="1" align="center">
<form id="form1" method="post" action="login.php">
<tr>
<td colspan="2"><h2>Members login</h2></td>
</tr>
<tr>
<td>Username: </td>
<td>
<input type="text" name="username" id="username"/>
</td>
</tr>
<tr>
<td>Password: </td>
<td><input type="password" name="password" id="password"/> </td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="login" id="login" value="login" />
</td>
</tr>
</form>
</table>
</body>
</html>
<?php
}
?>
Member_area.php: Member_area.php:
<?php
?>
<html>
<head><link rel="stylesheet" type="text/css" href="css.css"></head>
<body>
<div id="div1">
<a href="index.php" id="home">Home</a>
<a href="Login.php" id="login2">Login</a>
<a href="register.php" id="register">Register</a>
</div>
<form action="/Log_out.php" method="get">
<input type="submit" name="submit" value="Log Out." action="http://localhost/Log_out.php" id="Logout">
</form>
</body>
</html>
<?php
?>
Please note that I'm completely new to PHP so some directions where to put the code with if possible a little explanation. 请注意,我是PHP的新手,所以如果可能的话,可以在一些方向上放置代码。
Add this at the top of Member_area.php: 在Member_area.php的顶部添加:
session_start();
if(!isset($_SESSION['username'])){
header("Location:Login.php");
}
It checks whether the session is set or not, if not it will redirect the user to login page. 它会检查会话是否已设置,否则会将用户重定向到登录页面。
<?php
if(!isset($_SESSION['username'])) {
die("Please login");
}
?>
<html>
<head><link rel="stylesheet" type="text/css" href="css.css"></head>
<body>
<div id="div1">
<a href="index.php" id="home">Home</a>
<a href="Login.php" id="login2">Login</a>
<a href="register.php" id="register">Register</a>
</div>
<form action="/Log_out.php" method="get">
<input type="submit" name="submit" value="Log Out." action="http://localhost/Log_out.php" id="Logout">
</form>
</body>
</html>
<?php
?>
That should be it :) 那应该是:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.