请原谅我这个转储问题,但我只是想知道如何在每个页面顶部添加会话代码,以防止用户每次移动到其他页面时都会登录。
这是登录表单
<?php
/**
* @author
* @copyright 2012
*/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>JQuery Form Example</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Customer Form Survey Login | Epic Pharma</title>
<link rel="stylesheet" media="screen" type="text/css" href="http://ebarea.com/test/new/style.css" />
</head>
<body>
<form name="myform" action="process.php" class="input" method="post">
<div id="wrapper">
<h1 id="create-account">EPCI Pharma Survey</h1>
<label>Name: <span>*</span></label>
<input name="username" type="text" class="username" />
<label>Password: <span>*</span></label>
<input name="password" type="password" class="Passowrd" />
<div align="center">
<input type="image" class="submit" src="http://ebarea.com/test/new/submit.png" value="Submit" />
</form>
<!-- We will output the results from process.php here -->
</body>
</html>
这里是process.php
<?php
session_start();
$host="localhost"; // Host name
$username="ebarea_epic"; // Mysql username
$password=",,,,"; // Mysql password
$db_name="ebarea_epic"; // Database name
$tbl_name="medicalrep"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$num_results = mysql_num_rows($result);
$array = mysql_fetch_array($result);
$_SESSION['username']=$array['username'];
$_SESSION['password']=$array['password'];
$_SESSION['job_title']=$array['job_title'];
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row
if($count==1){
$_SESSION['username']=$_POST['username'];
$_SESSION['password']=$_POST['password'];
if ($array['job_title']=="user")
{ header ("location: userpage.php"); }
else if ($array['job_title']=="admin")
{ header ("location: adminpage.php"); }
} else {
echo "Wrong user or password";
}
?>
因此,当用户或移动到他的页面(userpage.php)或管理员移动到他的面板(adminpage.php)时,他将不会再次登录!!
谢谢你:)
答案 0 :(得分:2)
在每个php页面的顶部op添加session_start()。然后使用if(isset($_SESSION['blabla']))检查用户ID是否已登录
使用session_destroy()将用户注销。