注册后如何自动登录

时间:2017-02-09 23:39:06

标签: php mysql

与标题一样,我想在用户成功注册后立即注册用户,并且不希望他们再次输入用户名和密码进行登录。

这是注册码

<?php 
  $name = ((isset($_POST['name']))?sanitize($_POST['name']):'');
  $email = ((isset($_POST['email']))?sanitize($_POST['email']):'');
  $password = ((isset($_POST['password']))?sanitize($_POST['password']):'');
  $confirm = ((isset($_POST['confirm']))?sanitize($_POST['confirm']):'');
  $errors = array();
  if($_POST){
    $emailQuery =$db->query("SELECT * FROM users1 WHERE email = '$email'");
    $emailCount = mysqli_num_rows($emailQuery);

        if($emailCount != 0){
          $errors[] = 'That email already exists in our database.';
        }


    $required = array('name', 'email', 'password', 'confirm');
    foreach($required as $f){
      if(empty($_POST[$f])){
        $errors[] = 'You must fill out all fields';
        break;
      }
    }
    if(strlen($password) < 6){
      $errors[] = 'Your password must be atleast 6 characterss';
    }
    if($password != $confirm){
      $errors[] = 'Your password do not match';
    }
    if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
      $errors[] = 'You must enter a valid email';
    }
    if(!empty($errors)){
      echo display_errors($errors);
    }else{
      //add user to database
    $hashed = password_hash($password,PASSWORD_DEFAULT);
      $db->query("INSERT INTO users1 (full_name,email,password) values('$name', '$email','$hashed')");

  }
?> 

以下是我的登录结构的样子

<?php
 if ($_POST) {
    //form validation
    if (empty($_POST['email']) || empty($_POST['password'])) {
        $errors[] = 'You must provide email and password.';
    }

    //Validate email
    if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
        $errors[] = 'You must enter a valid email';
    }

    //Password is more than 6 characters
    if(strlen($password) < 6) {
        $errors[] = 'Password must be at least 6 characters';
    }

    // check if email exits in the database
    $query = $db->query("SELECT * FROM users WHERE email = '$email'");
    $user = mysqli_fetch_assoc($query);
    $usercount = mysqli_num_rows($query);
    if($usercount < 1){
        $errors[] = 'That email does not exist in our database';
    }

    if (!password_verify($password, $user['password'])) {
        $errors[] = 'The password does not match our records. Please try again.';
    }

    //check for errors
    if(!empty($errors)) {
        echo display_errors($errors);
    }else {
        $user_id = $user['id'];
      login($user_id);
    }
 }
?>

这是登录功能

function login($user_id){
    $_SESSION['SBUser'] = $user_id;
    global $db;
    $date = date("y-m-d h:i:s");
    $db->query("UPDATE users SET last_login = '$date' WHERE id = '$user_id'");
    $_SESSION['success_flash'] = 'You are now logged in!';
    header('location: index.php');
}

1 个答案:

答案 0 :(得分:2)

表示用户已登录的唯一操作是设置$_SESSION['SBUser'] = $user_id;

因此,在您的注册脚本中也可以这样做。

<?php 
// new code
session_start();

$name = ((isset($_POST['name']))?sanitize($_POST['name']):'');
$email = ((isset($_POST['email']))?sanitize($_POST['email']):'');
$password = ((isset($_POST['password']))?sanitize($_POST['password']):'');
$confirm = ((isset($_POST['confirm']))?sanitize($_POST['confirm']):'');
$errors = array();
if($_POST){
    $emailQuery =$db->query("SELECT * FROM users1 WHERE email = '$email'");
    $emailCount = mysqli_num_rows($emailQuery);

    if($emailCount != 0){
        $errors[] = 'That email already exists in our database.';
    }

    $required = array('name', 'email', 'password', 'confirm');
    foreach($required as $f){
        if(empty($_POST[$f])){
            $errors[] = 'You must fill out all fields';
            break;
        }
    }
    if(strlen($password) < 6){
        $errors[] = 'Your password must be atleast 6 characterss';
    }
    if($password != $confirm){
        $errors[] = 'Your password do not match';
    }
    if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
        $errors[] = 'You must enter a valid email';
    }
    if(!empty($errors)){
        echo display_errors($errors);
    }else{
        //add user to database
        $hashed = password_hash($password,PASSWORD_DEFAULT);
        $db->query("INSERT INTO users1 
                          (full_name,email,password) 
                    values('$name', '$email','$hashed')");

        // new code
        $_SESSION['SBUser'] = $db->insert_id;
    }
?>