在PHP登录脚本中使用会话和会话变量

时间:2022-06-05 01:11:21

I have just finished creating an entire login and register systsem in PHP, but my problem is I haven't used any sessions yet. I'm kind of a newbie in PHP and I've never used sessions before. What I want to do is, after the user registers and fills out the login form, they will still stay on the same page. So, there will be one part of the which will be if the session is logged_in and the other part will be else (the user is not logged in so display the login form). Can anyone tell me how to get started?

我刚刚完成了创建一个完整的登录并在PHP中注册systsem,但我的问题是我还没有使用任何会话。我是PHP的新手,我之前从未使用过会话。我想要做的是,在用户注册并填写登录表单后,他们仍将保持在同一页面上。因此,如果会话是logged_in,另一部分将是else(用户未登录,因此显示登录表单),将会有一部分。谁能告诉我如何开始?

7 个解决方案

#1

70  

Hope this helps :)

希望这可以帮助 :)

begins the session, you need to say this at the top of a page or before you call session code

开始会话,您需要在页面顶部或调用会话代码之前说出这一点

 session_start();

put a user id in the session to track who is logged in

在会话中放置用户ID以跟踪登录的用户

 $_SESSION['user'] = $user_id;

Check if someone is logged in

检查是否有人登录

 if (isset($_SESSION['user'])) {
   // logged in
 } else {
   // not logged in
 }

Find the logged in user ID

查找登录的用户ID

$_SESSION['user']

So on your page

所以在你的页面上

 <?php
 session_start();


 if (isset($_SESSION['user'])) {
 ?>
   logged in HTML and code here
 <?php

 } else {
   ?>
   Not logged in HTML and code here
   <?php
 }

#2

17  

here is the simplest session code using php. We are using 3 files.

这是使用php的最简单的会话代码。我们正在使用3个文件。

login.php

的login.php

<?php  session_start(); ?>  // session starts with the help of this function 

<?php

if(isset($_SESSION['use']))   // Checking whether the session is already there or not if 
                              // true then header redirect it to the home page directly 
 {
    header("Location:home.php"); 
 }

if(isset($_POST['login']))   // it checks whether the user clicked login button or not 
{
     $user = $_POST['user'];
     $pass = $_POST['pass'];

      if($user == "Ank" && $pass == "1234")  // username is  set to "Ank"  and Password   
         {                                   // is 1234 by default     

          $_SESSION['use']=$user;


         echo '<script type="text/javascript"> window.open("home.php","_self");</script>';            //  On Successful Login redirects to home.php

        }

        else
        {
            echo "invalid UserName or Password";        
        }
}
 ?>
<html>
<head>

<title> Login Page   </title>

</head>

<body>

<form action="" method="post">

    <table width="200" border="0">
  <tr>
    <td>  UserName</td>
    <td> <input type="text" name="user" > </td>
  </tr>
  <tr>
    <td> PassWord  </td>
    <td><input type="password" name="pass"></td>
  </tr>
  <tr>
    <td> <input type="submit" name="login" value="LOGIN"></td>
    <td></td>
  </tr>
</table>
</form>

</body>
</html>

home.php

home.php

<?php   session_start();  ?>

<html>
  <head>
       <title> Home </title>
  </head>
  <body>
<?php
      if(!isset($_SESSION['use'])) // If session is not set then redirect to Login Page
       {
           header("Location:Login.php");  
       }

          echo $_SESSION['use'];

          echo "Login Success";

          echo "<a href='logout.php'> Logout</a> "; 
?>
</body>
</html>

logout.php

logout.php

<?php
 session_start();

  echo "Logout Successfully ";
  session_destroy();   // function that Destroys Session 
  header("Location: Login.php");
?>

#3

8  

Firstly, the PHP documentation has some excellent information on sessions.

首先,PHP文档提供了一些关于会话的优秀信息。

Secondly, you will need some way to store the credentials for each user of your website (e.g. a database). It is a good idea not to store passwords as human-readable, unencrypted plain text. When storing passwords, you should use PHP's crypt() hashing function. This means that if any credentials are compromised, the passwords are not readily available.

其次,您需要一些方法来存储您网站的每个用户的凭据(例如数据库)。不要将密码存储为人类可读,未加密的纯文本,这是一个好主意。存储密码时,应使用PHP的crypt()散列函数。这意味着如果任何凭据被泄露,则密码不可用。

Most log-in systems will hash/crypt the password a user enters then compare the result to the hash in the storage system (e.g. database) for the corresponding username. If the hash of the entered password matches the stored hash, the user has entered the correct password.

大多数登录系统将对用户输入的密码进行散列/加密,然后将结果与存储系统(例如数据库)中的散列进行比较以获得相应的用户名。如果输入的密码的哈希与存储的哈希匹配,则用户输入了正确的密码。

You can use session variables to store information about the current state of the user - i.e. are they logged in or not, and if they are you can also store their unique user ID or any other information you need readily available.

您可以使用会话变量来存储有关用户当前状态的信息 - 即他们是否登录,如果是,您还可以存储他们唯一的用户ID或您需要的任何其他信息。

To start a PHP session, you need to call session_start(). Similarly, to destroy a session and its data, you need to call session_destroy() (for example, when the user logs out):

要启动PHP会话,您需要调用session_start()。同样,要销毁会话及其数据,您需要调用session_destroy()(例如,当用户注销时):

// Begin the session
session_start();

// Use session variables
$_SESSION['userid'] = $userid;

// E.g. find if the user is logged in
if($_SESSION['userid']) {
    // Logged in
}
else {
    // Not logged in
}

// Destroy the session
if($log_out)
    session_destroy();

I would also recommend that you take a look at this. There's some good, easy to follow information on creating a simple log-in system there.

我还建议你看看这个。在那里创建一个简单的登录系统有一些很好的,易于遵循的信息。

#4

5  

I always do OOP and use this class to maintain the session so u can use the function is_logged_in to check if the user is logged in or not, and if not you do what you wish to.

我总是做OOP并使用这个类来维护会话,所以你可以使用函数is_logged_in来检查用户是否登录,如果没有你做你想做的事。

<?php
class Session
{
private $logged_in=false;
public $user_id;

function __construct() {
    session_start();
    $this->check_login();
if($this->logged_in) {
  // actions to take right away if user is logged in
} else {
  // actions to take right away if user is not logged in
}
}

public function is_logged_in() {
   return $this->logged_in;
}

public function login($user) {
// database should find user based on username/password
if($user){
  $this->user_id = $_SESSION['user_id'] = $user->id;
  $this->logged_in = true;
  }
}

public function logout() {
unset($_SESSION['user_id']);
unset($this->user_id);
$this->logged_in = false;
}

private function check_login() {
if(isset($_SESSION['user_id'])) {
  $this->user_id = $_SESSION['user_id'];
  $this->logged_in = true;
} else {
  unset($this->user_id);
  $this->logged_in = false;
 }
}

}

$session = new Session();
?>

#5

0  

//start use session

$session_start();

extract($_POST);         
//extract data from submit post 

if(isset($submit))  
{

if($user=="user" && $pass=="pass")

{

$_SESSION['user']= $user;   

//if correct password and name store in session 

}
else {

echo "Invalid user and password";

header("Locatin:form.php");

}

if(isset($_SESSION['user'])) 

{

//your home page code here

exit;
}

#6

0  

You need to begin the session at the top of a page or before you call session code

您需要在页面顶部或调用会话代码之前开始会话

session_start();

#7

-2  

$session_start();

extract($_POST);         
//extract data from submit post 

if(isset($submit))  
{

if($user=="user" && $pass=="pass")

{

$_SESSION['user']= $user;   

//if correct password and name store in session 

}
else {

echo "Invalid user and password";

header("Locatin:form.php");

}

if(isset($_SESSION['user'])) 

{

//your home page code here

exit;
}

#1

70  

Hope this helps :)

希望这可以帮助 :)

begins the session, you need to say this at the top of a page or before you call session code

开始会话,您需要在页面顶部或调用会话代码之前说出这一点

 session_start();

put a user id in the session to track who is logged in

在会话中放置用户ID以跟踪登录的用户

 $_SESSION['user'] = $user_id;

Check if someone is logged in

检查是否有人登录

 if (isset($_SESSION['user'])) {
   // logged in
 } else {
   // not logged in
 }

Find the logged in user ID

查找登录的用户ID

$_SESSION['user']

So on your page

所以在你的页面上

 <?php
 session_start();


 if (isset($_SESSION['user'])) {
 ?>
   logged in HTML and code here
 <?php

 } else {
   ?>
   Not logged in HTML and code here
   <?php
 }

#2

17  

here is the simplest session code using php. We are using 3 files.

这是使用php的最简单的会话代码。我们正在使用3个文件。

login.php

的login.php

<?php  session_start(); ?>  // session starts with the help of this function 

<?php

if(isset($_SESSION['use']))   // Checking whether the session is already there or not if 
                              // true then header redirect it to the home page directly 
 {
    header("Location:home.php"); 
 }

if(isset($_POST['login']))   // it checks whether the user clicked login button or not 
{
     $user = $_POST['user'];
     $pass = $_POST['pass'];

      if($user == "Ank" && $pass == "1234")  // username is  set to "Ank"  and Password   
         {                                   // is 1234 by default     

          $_SESSION['use']=$user;


         echo '<script type="text/javascript"> window.open("home.php","_self");</script>';            //  On Successful Login redirects to home.php

        }

        else
        {
            echo "invalid UserName or Password";        
        }
}
 ?>
<html>
<head>

<title> Login Page   </title>

</head>

<body>

<form action="" method="post">

    <table width="200" border="0">
  <tr>
    <td>  UserName</td>
    <td> <input type="text" name="user" > </td>
  </tr>
  <tr>
    <td> PassWord  </td>
    <td><input type="password" name="pass"></td>
  </tr>
  <tr>
    <td> <input type="submit" name="login" value="LOGIN"></td>
    <td></td>
  </tr>
</table>
</form>

</body>
</html>

home.php

home.php

<?php   session_start();  ?>

<html>
  <head>
       <title> Home </title>
  </head>
  <body>
<?php
      if(!isset($_SESSION['use'])) // If session is not set then redirect to Login Page
       {
           header("Location:Login.php");  
       }

          echo $_SESSION['use'];

          echo "Login Success";

          echo "<a href='logout.php'> Logout</a> "; 
?>
</body>
</html>

logout.php

logout.php

<?php
 session_start();

  echo "Logout Successfully ";
  session_destroy();   // function that Destroys Session 
  header("Location: Login.php");
?>

#3

8  

Firstly, the PHP documentation has some excellent information on sessions.

首先,PHP文档提供了一些关于会话的优秀信息。

Secondly, you will need some way to store the credentials for each user of your website (e.g. a database). It is a good idea not to store passwords as human-readable, unencrypted plain text. When storing passwords, you should use PHP's crypt() hashing function. This means that if any credentials are compromised, the passwords are not readily available.

其次,您需要一些方法来存储您网站的每个用户的凭据(例如数据库)。不要将密码存储为人类可读,未加密的纯文本,这是一个好主意。存储密码时,应使用PHP的crypt()散列函数。这意味着如果任何凭据被泄露,则密码不可用。

Most log-in systems will hash/crypt the password a user enters then compare the result to the hash in the storage system (e.g. database) for the corresponding username. If the hash of the entered password matches the stored hash, the user has entered the correct password.

大多数登录系统将对用户输入的密码进行散列/加密,然后将结果与存储系统(例如数据库)中的散列进行比较以获得相应的用户名。如果输入的密码的哈希与存储的哈希匹配,则用户输入了正确的密码。

You can use session variables to store information about the current state of the user - i.e. are they logged in or not, and if they are you can also store their unique user ID or any other information you need readily available.

您可以使用会话变量来存储有关用户当前状态的信息 - 即他们是否登录,如果是,您还可以存储他们唯一的用户ID或您需要的任何其他信息。

To start a PHP session, you need to call session_start(). Similarly, to destroy a session and its data, you need to call session_destroy() (for example, when the user logs out):

要启动PHP会话,您需要调用session_start()。同样,要销毁会话及其数据,您需要调用session_destroy()(例如,当用户注销时):

// Begin the session
session_start();

// Use session variables
$_SESSION['userid'] = $userid;

// E.g. find if the user is logged in
if($_SESSION['userid']) {
    // Logged in
}
else {
    // Not logged in
}

// Destroy the session
if($log_out)
    session_destroy();

I would also recommend that you take a look at this. There's some good, easy to follow information on creating a simple log-in system there.

我还建议你看看这个。在那里创建一个简单的登录系统有一些很好的,易于遵循的信息。

#4

5  

I always do OOP and use this class to maintain the session so u can use the function is_logged_in to check if the user is logged in or not, and if not you do what you wish to.

我总是做OOP并使用这个类来维护会话,所以你可以使用函数is_logged_in来检查用户是否登录,如果没有你做你想做的事。

<?php
class Session
{
private $logged_in=false;
public $user_id;

function __construct() {
    session_start();
    $this->check_login();
if($this->logged_in) {
  // actions to take right away if user is logged in
} else {
  // actions to take right away if user is not logged in
}
}

public function is_logged_in() {
   return $this->logged_in;
}

public function login($user) {
// database should find user based on username/password
if($user){
  $this->user_id = $_SESSION['user_id'] = $user->id;
  $this->logged_in = true;
  }
}

public function logout() {
unset($_SESSION['user_id']);
unset($this->user_id);
$this->logged_in = false;
}

private function check_login() {
if(isset($_SESSION['user_id'])) {
  $this->user_id = $_SESSION['user_id'];
  $this->logged_in = true;
} else {
  unset($this->user_id);
  $this->logged_in = false;
 }
}

}

$session = new Session();
?>

#5

0  

//start use session

$session_start();

extract($_POST);         
//extract data from submit post 

if(isset($submit))  
{

if($user=="user" && $pass=="pass")

{

$_SESSION['user']= $user;   

//if correct password and name store in session 

}
else {

echo "Invalid user and password";

header("Locatin:form.php");

}

if(isset($_SESSION['user'])) 

{

//your home page code here

exit;
}

#6

0  

You need to begin the session at the top of a page or before you call session code

您需要在页面顶部或调用会话代码之前开始会话

session_start();

#7

-2  

$session_start();

extract($_POST);         
//extract data from submit post 

if(isset($submit))  
{

if($user=="user" && $pass=="pass")

{

$_SESSION['user']= $user;   

//if correct password and name store in session 

}
else {

echo "Invalid user and password";

header("Locatin:form.php");

}

if(isset($_SESSION['user'])) 

{

//your home page code here

exit;
}
标签:

相关文章