我一直在开发基于PHP和mysqli的社交网络作为辅助项目。到目前为止,一切都进展顺利。每个人都可以注册,我使用crypt函数来存储密码。
我在if
函数中使用else
和password_verify
语句,我在其中设置了$_SESSION
变量和Cookie以便登录。再一次这样做,并且一旦登录系统,就会将我重定向到我的用户配置文件。
但是我的site-top.php文件不能正常工作;应该发生的是动态登录链接按钮应该从登录和注册按钮更改为注销,配置文件和通知按钮。
此外,我的个人资料上也禁用了添加为朋友按钮和阻止按钮(因为我不想阻止或亲自打电话),但是当我访问其他人的个人资料时,它们也会被禁用。
这是我网站暂时的代码。如果您希望我发布该代码或其他任何代码,我还有一个check-login-status文件:
<?php
// It is important for any file that includes this file, to have
// check_login_status.php included at its very top.
$envelope = '<img src="assets/note_dead.png" width="33" height="33" alt="Notes" title="This envelope is for logged in members">';
$loginLink = '<li><a class="tooltip-bottom" data-tooltip="Register an Account" href="signup.php">Register</a></li>
<li><a class="tooltip-bottom" data-tooltip="Login" href="login.php">Login</a></li>';
if($user_ok == true) {
$sql = "SELECT notescheck FROM users WHERE username='$log_username' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_row($query);
$notescheck = $row[0];
$sql = "SELECT id FROM notifications WHERE username='$log_username' AND date_time > '$notescheck' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if ($numrows == 0) {
$envelope = '<a href="#" title="Your Notifications & Friend Requests"><img src="assets/note_still.png" width="33" height="33" alt="Notes"></a>';
} else {
$envelope = '<a href="#" title="You have new Notifications"><img src="assets/note_flash.gif" width="33" height="33" alt="Notes"></a>';
}
$loginLink = '<li><a class="tooltip-bottom" data-tooltip="Logout" href="logout.php">Logout</a></li><li><a href="user.php?u='.$log_username.'">'.$log_username.'</a></li>';
}
?>
好的,这是我所有想要它的check-login-status.php脚本......
<?php
session_start();
include_once("db_conx.php");
// Files that inculde this file at the very top would NOT require
// connection to database or session_start(), be careful.
// Initialize some vars
$user_ok = false;
$log_id = "";
$log_username = "";
$log_password = "";
// User Verify function
function evalLoggedUser($conx,$id,$u,$p){
$sql = "SELECT ip FROM users WHERE id='$id' AND username='$u' AND password='$p' AND activated='1' LIMIT 1";
$query = mysqli_query($conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
return true;
}
}
if(isset($_SESSION["userid"]) && isset($_SESSION["username"]) && isset($_SESSION["password"])) {
$log_id = preg_replace('#[^0-9]#', '', $_SESSION['userid']);
$log_username = preg_replace('#[^a-z0-9]#i', '', $_SESSION['username']);
$log_password = preg_replace('#[^a-z0-9]#i', '', $_SESSION['password']);
// Verify the user
$user_ok = evalLoggedUser($db_conx,$log_id,$log_username,$log_password);
} else if(isset($_COOKIE["id"]) && isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){
$_SESSION['userid'] = preg_replace('#[^0-9]#', '', $_COOKIE['id']);
$_SESSION['username'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['user']);
$_SESSION['password'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['pass']);
$log_id = $_SESSION['userid'];
$log_username = $_SESSION['username'];
$log_password = $_SESSION['password'];
// Verify the user
$user_ok = evalLoggedUser($db_conx,$log_id,$log_username,$log_password);
if($user_ok == true){
// Update their lastlogin datetime field
$sql = "UPDATE users SET lastlogin=now() WHERE id='$log_id' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
}
}
?>