php 创建登录和注销会话
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17167870/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
create login and logout session
提问by user2481198
I want to create login and logout session
我想创建登录和注销会话
My table in MySQL database is looking like this
我在 MySQL 数据库中的表看起来像这样
CREATE TABLE `login` (
`id` int(10) NOT NULL auto_increment,
`username` varchar(20) NOT NULL,
`password` varchar(20) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
and MySQL connection named as config.inc
和 MySQL 连接命名为 config.inc
<?php
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = ''; // Your database name.
$username = ''; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.
// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');
?>
My index.phppage looking like this
我的index.php页面看起来像这样
<?php
// Inialize session
session_start();
// Check, if user is already login, then jump to secured page
if (isset($_SESSION['username'])) {
header('Location: securedpage.php');
}
?>
<html>
<head>
<title>PHPMySimpleLogin 0.3</title>
</head>
<body>
<h3>User Login</h3>
<table border="0">
<form method="POST" action="loginproc.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"> </td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"> </td></tr>
<tr><td> </td><td> </td><td><input type="submit" value="Login"></td></tr>
</form>
</table>
</body>
</html>
Checking username and password file named as loginproc.php
检查名为的用户名和密码文件 loginproc.php
<?php
// Inialize session
session_start();
// Include database connection settings
include('config.inc');
// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");
// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['username'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location: index.php');
}
?>
My secure page code named as securedpage.php
我的安全页面代码命名为 securedpage.php
<?php
// Inialize session
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.php');
}
?>
<html>
<head>
<title>Secured Page</title>
</head>
<body>
<p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>
</body>
</html>
And finally logout page named as logout.php
最后注销页面命名为 logout.php
<?php
// Inialize session
session_start();
// Delete certain session
unset($_SESSION['username']);
// Delete all session variables
// session_destroy();
// Jump to login page
header('Location: index.php');
?>
Now my problem is when I am entering username and password it will stay only at index.php, it is not going to another page. Please see this code and tell me when I am doing wrong.
现在我的问题是当我输入用户名和密码时,它只会停留在index.php,它不会转到另一个页面。请查看此代码并在我做错时告诉我。
Thanks.
谢谢。
回答by Karo
Firstof all, the regular mysql functionswill be deprecated in PHP 5.5.0.
首先,常规的 mysql 函数将在 PHP 5.5.0 中被弃用。
Secondly, you're searching inside a table called userwhile you named yours login.
其次,您正在一个user名为 yours的表中进行搜索login。
And ... you don't need to filter md5.
而且......你不需要过滤md5。
Good luck.
祝你好运。
回答by venkatesh
As per PHP 5.5 All the mysql_ * functions are deprecated. Try to use abstraction layers or mysqli.
根据 PHP 5.5 不推荐使用所有 mysql_ * 函数。尝试使用抽象层或 mysqli。
In your loginproc.php You should start your session after successful validation of username and password so use session_start() in if condition
在您的 loginproc.php 您应该在成功验证用户名和密码后开始您的会话,因此在 if 条件下使用 session_start()
if (mysql_num_rows($login) == 1)
回答by Akilan
First, You may have more than one users with the same credentials.
首先,您可能有多个具有相同凭据的用户。
Second, you may have no users with the entered username or password.
其次,您可能没有输入用户名或密码的用户。
Third, in SQL Query password = '" . mysql_real_escape_string(md5($_POST['password']))
三、在SQL查询中 password = '" . mysql_real_escape_string(md5($_POST['password']))
change into
变成
password = '" . md5(mysql_real_escape_string($_POST['password']))
And check the table name "login" or "user" ??
并检查表名“登录”或“用户”??
try this
尝试这个
回答by prathic
In securedpage.phpuse:
在securedpage.php使用:
...
if (!isset($_SESSION['username'])==null)
{
header('Location: index.php');
}
...
instead of:
代替:
...
if (!isset($_SESSION['username']))
{
header('Location: index.php');
}
...
Do the same in index.php
做同样的 index.php
回答by Syafiq Muhammad
session_start();
error_reporting(E_ALL ^ (E_NOTICE | E_WARNING));
if(session_is_registered['username']){
unset($_SESSION['username']);
session_destroy($_SESSION['username']);
print "<script>alert('Anda berhasil logout'); location = '/'; </script>";
}
