[英]create login and logout session
我想創建登錄和注銷會話
我在MySQL數據庫中的表如下所示
CREATE TABLE `login` (
`id` int(10) NOT NULL auto_increment,
`username` varchar(20) NOT NULL,
`password` varchar(20) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
和MySQL連接名為config.inc
<?php
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = ''; // Your database name.
$username = ''; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.
// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');
?>
我的index.php
頁面看起來像這樣
<?php
// Inialize session
session_start();
// Check, if user is already login, then jump to secured page
if (isset($_SESSION['username'])) {
header('Location: securedpage.php');
}
?>
<html>
<head>
<title>PHPMySimpleLogin 0.3</title>
</head>
<body>
<h3>User Login</h3>
<table border="0">
<form method="POST" action="loginproc.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"> </td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"> </td></tr>
<tr><td> </td><td> </td><td><input type="submit" value="Login"></td></tr>
</form>
</table>
</body>
</html>
檢查名為loginproc.php
用戶名和密碼文件
<?php
// Inialize session
session_start();
// Include database connection settings
include('config.inc');
// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");
// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: index.php');
}
?>
我的安全頁面代碼名為securedpage.php
<?php
// Inialize session
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.php');
}
?>
<html>
<head>
<title>Secured Page</title>
</head>
<body>
<p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>
</body>
</html>
最后將注銷頁面命名為logout.php
<?php
// Inialize session
session_start();
// Delete certain session
unset($_SESSION['username']);
// Delete all session variables
// session_destroy();
// Jump to login page
header('Location: index.php');
?>
現在我的問題是,當我輸入用戶名和密碼時,它將僅保留在index.php
,而不會轉到另一頁。 請查看此代碼,並告訴我我做錯了什么。
謝謝。
根據PHP 5.5,不建議使用所有mysql_ *函數。 嘗試使用抽象層或mysqli。
在您的loginproc.php文件中,您應該在成功驗證用戶名和密碼后開始會話,因此在有條件的情況下使用session_start()
if (mysql_num_rows($login) == 1)
首先,您可能有多個具有相同憑據的用戶。
其次,您可能沒有用戶輸入用戶名或密碼。
第三,在SQL Query password = '" . mysql_real_escape_string(md5($_POST['password']))
變成
password = '" . md5(mysql_real_escape_string($_POST['password']))
並檢查表名“ login”或“ user”?
嘗試這個
在securedpage.php
使用:
...
if (!isset($_SESSION['username'])==null)
{
header('Location: index.php');
}
...
代替:
...
if (!isset($_SESSION['username']))
{
header('Location: index.php');
}
...
在index.php
做同樣的事情
session_start();
error_reporting(E_ALL ^ (E_NOTICE | E_WARNING));
if(session_is_registered['username']){
unset($_SESSION['username']);
session_destroy($_SESSION['username']);
print "<script>alert('Anda berhasil logout'); location = '/'; </script>";
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.