我的職業(yè)生涯谁帕,先Java隘谣,再JavaScript, 業(yè)余搞了一下PHP蝉稳。最近想重新理解一下session與cookies淋纲,后臺語言還是PHP的環(huán)境最好搭建劳闹。
用戶登陸功能
- 數(shù)據(jù)庫文件
在user表里面存入三個用戶,用戶名均為"123"
drop database if exists shop;
create database shop;
use shop;
create table user(
id int primary key auto_increment,
username varchar(255),
password varchar(255)
);
/* 密碼123*/
insert into user values(null,'sam','202cb962ac59075b964b07152d234b70');
insert into user values(null,'alex','202cb962ac59075b964b07152d234b70');
insert into user values(null,'peter','202cb962ac59075b964b07152d234b70');
login.php
<?php
//如果用戶登陸,就跳轉(zhuǎn)到main.php
session_start();
if (isset($_SESSION['user_info'])) {
header("location:main.php");
}
//首次進(jìn)入頁面不檢驗結(jié)果
if (!empty($_POST)) {
$username = trim($_POST['username']);
//加密密碼
$password = md5(trim($_POST['password']));
//連結(jié)數(shù)據(jù)庫本涕,驗證用戶名密碼是否正確
$mysqli = new mysqli("localhost", "root", "", "shop");
if (mysqli_connect_errno()) {
echo "連接失敗" . mysqli_connect_error();
exit();
}
$sql = "select * from user where username ='$username' and password='$password'";
$result = $mysqli->query($sql);
//用戶存在
if ($result->num_rows > 0) {
session_start();
//在session里面存入username
$_SESSION["user_info"] = array("username"=>$username);
header("location:main.php");
} else {
header("location:login.php");
}
}
?>
main.php
<?php
//如果用戶沒有登陸儡首,跳轉(zhuǎn)login.php
session_start();
if (empty($_SESSION['user_info'])) {
header("location:login.php");
}
?>
login.php用戶輸入正確的用戶名密碼,跳轉(zhuǎn)到main.php. 服務(wù)器端開啟session偏友,生成key為"PHPSESSID"的session id,發(fā)送到客戶端对供,給cookie設(shè)置"PHPSESSID".
Paste_Image.png
登陸后位他,在main.php頁面可以看到cookies里面有sessionid
Paste_Image.png
刷新main.php,查看network, request發(fā)送cookie PHPSESSID. 服務(wù)器端會檢驗PHPSESSID产场,如果相等鹅髓,session保持。
Paste_Image.png
把cookies清空京景,再請求窿冯,跳轉(zhuǎn)login.php,PHPSESSID檢驗失敗确徙,session失效醒串,跳轉(zhuǎn)login.php
Paste_Image.png
登陸后,用戶關(guān)閉瀏覽器鄙皇,再次打開"login.php"芜赌,會跳轉(zhuǎn)main.php,session依然保持伴逸。
