要让我的用户登录,我有类似的内容:
如果没问题,我创建$ _SESSION并设置一个cookie:
setcookie('test',sha1($ _ POST ['username']),time()+ 604800);
然后我插入一个cookie表:散列的用户名,IP地址和浏览器版本。
但是,为了检查用户是否已登录(并让他记录),我在 EACH 页面上有一个查询:
现在,这是代码:
FORM:
<form method="post" action="http://localhost/test/login.php">
<label for="user">Username :</label>
<input type="text" name="username" id="user" maxlength="20" placeholder="Username">
<label for="pass">Password :</label>
<input type="password" name="password" id="pass" placeholder="Password">
<br>
<input type="checkbox" name="cookie" value="cookie">Remember me ?
<input type="submit" name="login" value="ok">
</form>
功能:
function get_ip() {
if (isset($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
}
elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else {
return (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '');
}
}
function getBrowser()
{
$u_agent = $_SERVER['HTTP_USER_AGENT'];
$bname = 'Unknown';
$platform = 'Unknown';
$version= "";
if (preg_match('/linux/i', $u_agent)) {
$platform = 'linux';
}
elseif (preg_match('/macintosh|mac os x/i', $u_agent)) {
$platform = 'mac';
}
elseif (preg_match('/windows|win32/i', $u_agent)) {
$platform = 'windows';
}
if(preg_match('/MSIE/i',$u_agent) && !preg_match('/Opera/i',$u_agent))
{
$bname = 'Internet Explorer';
$ub = "MSIE";
}
elseif(preg_match('/Firefox/i',$u_agent))
{
$bname = 'Mozilla Firefox';
$ub = "Firefox";
}
elseif(preg_match('/Chrome/i',$u_agent))
{
$bname = 'Google Chrome';
$ub = "Chrome";
}
elseif(preg_match('/Safari/i',$u_agent))
{
$bname = 'Apple Safari';
$ub = "Safari";
}
elseif(preg_match('/Opera/i',$u_agent))
{
$bname = 'Opera';
$ub = "Opera";
}
elseif(preg_match('/Netscape/i',$u_agent))
{
$bname = 'Netscape';
$ub = "Netscape";
}
$known = array('Version', $ub, 'other');
$pattern = '#(?<browser>' . join('|', $known) .
')[/ ]+(?<version>[0-9.|a-zA-Z.]*)#';
if (!preg_match_all($pattern, $u_agent, $matches)) {
}
$i = count($matches['browser']);
if ($i != 1) {
if (strripos($u_agent,"Version") < strripos($u_agent,$ub)){
$version= $matches['version'][0];
}
else {
$version= $matches['version'][1];
}
}
else {
$version= $matches['version'][0];
}
if ($version==null || $version=="") {$version="?";}
return array(
'userAgent' => $u_agent,
'name' => $bname,
'version' => $version,
'platform' => $platform,
'pattern' => $pattern
);
}
ON SUBMIT:
if (!empty($_POST['pseudo']) && !empty($_POST['password']))
{
$salt = "salt_test";
$req = $bdd->prepare('SELECT * FROM users WHERE username = :username AND pass = :pass');
$req->execute(array('username' => $_POST['username'], 'pass' => md5(sha1($_POST['pass'].$salt))));
if ($data = $req->fetch())
{
if ($data['stat'] != 0)
{
$_SESSION['ID'] = $data['ID'];
$_SESSION['username'] = $data['username'];
$_SESSION['stat'] = $data['stat'];
$req = $bdd->prepare('UPDATE cookies SET last_co = CURRENT_TIMESTAMP WHERE ID_user = :ID');
$req->execute(array('ID' => $data['ID']));
$req->closeCursor();
if(!empty($_POST['cookie']))
{
setcookie ('cookie', md5($_POST['username']), time()+604800);
$ua = getBrowser();
$yourbrowser= $ua['name']. " " .$ua['version'];
$req = $bdd->prepare('UPDATE cookies SET hash_username = :hash_username, IP = :IP, browser = :browser WHERE ID_user = :ID');
$req->execute(array('hash_username' => md5($_SESSION['pseudo']), 'IP' => get_ip(), 'browser' => $yourbrowser, 'ID' => $_SESSION['ID']));
$req->closeCursor();
}
?><META HTTP-EQUIV="Refresh" CONTENT="0.1; URL=http://localhost/test/" /><?php
}
elseif ($data['stat'] == 5)
{
$error = 2;
}
}
else
{
$error = 1;
}
$req->closeCursor();
}
ON OF PARTBERS PAGE:
if (isset($_SESSION['ID']))
{
if (isset($_COOKIE['cookie'])
{
$ip = get_ip();
$yourbrowser= $ua['name']. " " .$ua['version'];
$req = $bdd->prepare('SELECT * FROM cookies WHERE hash_username = :hash, IP = :IP, browser = :browser');
$req->execute(array('hash_username' => md5($_SESSION['username']), 'IP' => $ip, 'browser' => $yourbrowser));
if ($req->fetch())
{
$_SESSION['ID'] = $data['ID'];
$_SESSION['username'] = $data['username'];
$_SESSION['stat'] = $data['stat'];
}
$req->closeCursor();
}
}
那么,这种方法是否正常,性能是否很高。难道你不认为每次查询都“无用”吗?
答案 0 :(得分:1)
使用此代码制作新页
if (isset($_SESSION['ID']))
{
if (isset($_COOKIE['cookie'])
{
$ip = get_ip();
$yourbrowser= $ua['name']. " " .$ua['version'];
$req = $bdd->prepare('SELECT * FROM cookies WHERE hash_username = :hash, IP = :IP, browser = :browser');
$req->execute(array('hash_username' => md5($_SESSION['username']), 'IP' => $ip, 'browser' => $yourbrowser));
if ($req->fetch())
{
$_SESSION['ID'] = $data['ID'];
$_SESSION['username'] = $data['username'];
$_SESSION['stat'] = $data['stat'];
}
$req->closeCursor();
}
}
并将其包含在每个页面中。之后,您将不需要一次又一次地编写代码。