下面我有3个PHP脚本,从用户登录时开始,到存储的登录详细信息,然后注销。现在我正在做的是我使用$SESSION来确定登录的用户,然后使用session_gcmaxlife添加额外的时间,以便会话不会在12小时后到期。这意味着用户可以保持登录12小时,在这段时间后,用户将自动登录用户。这只是生成登录系统的一个非常基本的原因。
但我想要做的是能够让用户无限期地登录,直到他们点击退出链接或关闭浏览器。我的问题是,尽可能减少代码更改量,下面的代码如何更改以便用户在登出或关闭浏览器之前保持登录状态?
这可以通过最少的代码更改完成,我显示5个PHP脚本的原因是我可以看到需要为每个不同的脚本进行哪些更改,因此我应该能够对其他脚本进行更改在申请中。
请您展示示例代码,以便我了解如何以及在何处进行更改。
以下是php脚本,以显示当前正在发生的事情:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?php
// connect to the database
include('connect.php');
include('member.php');
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
die();
}
// required variables (make them explciit no need for foreach loop)
$teacherusername = (isset($_POST['teacherusername'])) ? $_POST['teacherusername'] : '';
$teacherpassword = (isset($_POST['teacherpassword'])) ? $_POST['teacherpassword'] : '';
$loggedIn = false;
$active = true;
if ((isset($username)) && (isset($userid))){
echo "You are already Logged In: <b>{$_SESSION['teacherforename']} {$_SESSION['teachersurname']}</b> | <a href='./menu.php'>Go to Menu</a> | <a href='./teacherlogout.php'>Logout</a>";
}
else{
if (isset($_POST['submit'])) {
$teacherpassword = md5(md5("g3f".$teacherpassword."rt4"));
// don't use $mysqli->prepare here
$query = "SELECT TeacherId, TeacherForename, TeacherSurname, TeacherUsername, TeacherPassword, Active FROM Teacher WHERE TeacherUsername = ? AND TeacherPassword = ? LIMIT 1";
// prepare query
$stmt=$mysqli->prepare($query);
// You only need to call bind_param once
$stmt->bind_param("ss",$teacherusername,$teacherpassword);
// execute query
$stmt->execute();
// get result and assign variables (prefix with db)
$stmt->bind_result($dbTeacherId, $dbTeacherForename,$dbTeacherSurname,$dbTeacherUsername,$dbTeacherPassword, $dbActive);
while($stmt->fetch()) {
if ($teacherusername == $dbTeacherUsername && $teacherpassword == $dbTeacherPassword) {
if ($dbActive == 0) {
$loggedIn = false;
$active = false;
echo "You Must Activate Your Account from Email to Login";
}else {
$loggedIn = true;
$active = true;
$_SESSION['teacherid'] = $dbTeacherId;
$_SESSION['teacherusername'] = $dbTeacherUsername;
}
}
}
if ($loggedIn == true){
$_SESSION['teacherforename'] = $dbTeacherForename;
$_SESSION['teachersurname'] = $dbTeacherSurname;
header( 'Location: menu.php' ) ;
die();
}
if (!$loggedIn && $active && isset($_POST)) {
echo "<span style='color: red'>The Username or Password that you Entered is not Valid. Try Entering it Again</span>";
}
/* close statement */
$stmt->close();
/* close connection */
$mysqli->close();
}
?>
2。 member.php (此脚本包含$SESSION变量以确定登录的用户。这是一个非常重要的脚本并包含在内(使用`include(member.php)来确定是否存在用户已登录或未登录)
<?php
if (isset($_SESSION['teacherforename'])) {
$_SESSION['teacherforename'] = $_SESSION['teacherforename'];
}
if (isset($_SESSION['teachersurname'])) {
$_SESSION['teachersurname'] = $_SESSION['teachersurname'];
}
if (isset($_SESSION['teacherid'])) {
$userid = $_SESSION['teacherid'];
}
if (isset($_SESSION['teacherusername'])) {
$username = $_SESSION['teacherusername'];
}
?>
3 teacherlogout.php (最后这是退出页面,当用户点击退出链接时(此时只显示在menu.php中)然后它将转到此页面它显示一条消息并通过销毁会话来执行注销)
<?php
ini_set('session.gc_maxlifetime',12*60*60);
ini_set('session.gc_divisor', '1');
ini_set('session.gc_probability', '1');
ini_set('session.cookie_lifetime', '0');
require_once 'init.php';
ini_set('display_errors',1);
error_reporting(E_ALL);
session_start();
?>
</head>
<?php
include('member.php');
?>
<body>
<?php
if ((isset($username)) && (isset($userid))){
session_destroy();
echo "You have been Logged Out | <a href='./home.php'>Home</a>";
}
else {
echo "You are Not Logged In";
}
?>
</body>
</html>
答案 0 :(得分:7)
不要太粗鲁,但看起来你并不理解会话和cookie如何正常工作。而不是粘贴5页代码,没有人会看,为什么不尝试自己解决问题,通过研究会话+ cookie来学习一些东西?如果有人给你答案,如果你不理解它背后的概念,你就什么都学不到。
http://us3.php.net/manual/en/session.idpassing.php