[英]PHP - Hiding information from a user whilst logged in
I am attempting to learn php and I am at a really early stage! 我正在尝试学习php,并且我还处于早期阶段!
What I am trying to do is hide the div that contains a login form when the user is logged in, I have managed to successfully create the database connection and login form etc in order to allow a user to stay logged in and a session to stay open but not sure the next step to hide the . 我正在尝试做的是在用户登录时隐藏包含登录表单的div,我已经成功创建了数据库连接和登录表单,以便允许用户保持登录状态并保留会话打开,但不确定下一步是否隐藏该文件。
I know I need an if statement but not sure where to go! 我知道我需要一个if语句,但不确定要去哪里!
I wont include the whole code as the html is enormous but here is the form I want to hide: 我不会包含整个代码,因为html很大,但是这是我要隐藏的形式:
<form id="login" name="login" action="logincheck.php" method="post">
User Name:
<input type="text" name="username"></input>
Password:
<input type="password" name="password"></input>
<input type="submit" name="submit" value="login"></input>
<a href="javascript: void(0)" onclick="popup('register.html')" > (Register)</a>
<br /><br /><br />
</form>
not sure what elso you would need to see but here is the php in the page: 不知道您还需要看什么,但这是页面中的php:
<?php
if (isset($_GET['showerror']))
$errorcode = $_GET['showerror'];
else
$errorcode = 0;
?>
That is before the tags then before the form I have: 那是在标签之前,然后在表格之前:
<?php
if ($errorcode == 1)
{
echo "<h3>Your login has failed. Try again</h3>";
}
?>
Would you need the login check php code and the database connection php code to help advise? 您是否需要登录检查php代码和数据库连接php代码以帮助建议?
Say you have a variable called $logged_in
. 假设您有一个名为
$logged_in
的变量。 Then you could enable that form depending on whether the user is logged in or not like this. 然后,您可以根据用户是否登录来启用该表单。 Using the special control syntax for templates :
对模板使用特殊的控制语法 :
<?php if (!$logged_in): ?>
<form id="login" name="login" action="logincheck.php" method="post">
User Name:
<input type="text" name="username"></input>
Password:
<input type="password" name="password"></input>
<input type="submit" name="submit" value="login"></input>
<a href="javascript: void(0)" onclick="popup('register.html')" > (Register)</a>
<br /><br /><br />
</form>
<?php endif; ?>
As for your PHP code, I'm not sure what the meaning of that $_GET['showerror']
is, but it seems to me like you are somehow performing the authentication in Javascript and then just redirecting to your PHP or something. 至于您的PHP代码,我不确定
$_GET['showerror']
的含义是什么,但是在我看来,您好像正在以某种方式在Javascript中执行身份验证,然后仅重定向到您的PHP或其他东西。 Note that one could easily just call your script like logincheck.php?errorcode=0
and fool it into thinking that one just logged in correctly. 请注意,您可以轻松地调用您的脚本,例如
logincheck.php?errorcode=0
并以一种认为自己已正确登录的方式来欺骗它。
You should perform the authentication inside your PHP code. 您应该在PHP代码中执行身份验证。 If login was successful, just create a session and mark it as authenticated in the
$_SESSION
variable, it will then be persistent across page loads. 如果登录成功,只需创建一个会话,并在
$_SESSION
变量中将其标记为已通过身份验证,然后该会话将在页面加载期间保持不变。
Remember, PHP basically runs your script, then outputs whatever the result is. 记住,PHP基本运行您的脚本,然后输出任何结果。 (It's a bit more complicated than just that, but that's a topic for another day).
(这不仅复杂一点,但这是另一天的话题)。
So if you wrap your PHP in an if block, as below, it will only be displayed when appropriate. 因此,如果将PHP封装在if块中,如下所示,它将仅在适当的时候显示。
<?
if(!$loggedInVariable)//use whatever logic you want here,
//the key is that this should return false if you're logged in
{
?>
<form id="login" name="login" action="logincheck.php" method="post">
User Name:
<input type="text" name="username"></input>
Password:
<input type="password" name="password"></input>
<input type="submit" name="submit" value="login"></input>
<a href="javascript: void(0)" onclick="popup('register.html')" > (Register)</a>
<br /><br /><br />
</form>
<?php
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.