我有一个问题,我一直试图解决很长一段时间。我已经阅读了有关PHP会话的课程,我有建议使用localstorage但无济于事
问题:
我正在使用angularJS和PHP后端,我有2个视图,一个是'login.html',另一个是'info.html',2个控制器(一个用于登录功能,另一个用于选择用户的数据)。我设法进行了身份验证阶段,但是对于第二步,我希望在用户进行身份验证时,它会被重定向到其他视图(info.html),其中将显示该用户的所有信息。如何存储登录功能中的数据并将其用于第二个控制器(第二个Web服务)
的login.php
<?php
session_start();
$data = json_decode(file_get_contents("php://input"));
$connect = mysqli_connect("localhost", "root", "", "test");
if(count($data) > 0)
{
$Email=mysqli_real_escape_string($connect, $data->Email);
$password=mysqli_real_escape_string($connect, $data->password);
$query = 'SELECT * FROM `client` WHERE (EmailClient = "'.$Email.'" AND password= "'.$password.'")';
$q = mysqli_query($connect , $query);
if(mysqli_num_rows($q) > 0 )
{
$_SESSION["logged_in"] = true;
$_SESSION["naam"] = $Email;
$result['email'] =$Email;
$resultstring=json_encode($result);
$resultstring=str_replace("null", '""', $resultstring);
echo $resultstring;
exit;
}
$result['code'] = 603;
$result['message'] ='The username or password are incorrect!';
$resultstring = json_encode($result);
$resultstring = str_replace("null",'""',$resultstring);
echo $resultstring;
exit;
}
?>
loginCtrl
app.controller('loginCtrl', function($scope, $location,$state,$http,$window){
$scope.submit = function()
{
data = {
'Email' : $scope.Email,
'password' : $scope.password
};
$http.post('http://localhost/deb/login.php', data)
.success(function(data, status, headers, config,result)
{
console.log(data);
$state.go('info');
}
})
.error(function(data, status, headers, config, result)
{
console.log('error');
});
}
});
infoCtrl:
app.controller('infoCtrl', function($scope, $http,$state,$filter){
$scope.loadColis = function(){
$http.get("http://localhost/deb/info.php")
.success(function(data){
$scope.names = data;
});
}
info.php的
...
$query = "SELECT * FROM client where ???" ;
....
我不知道如何获取用户身份验证的数据,我该怎么办?
提前致谢
答案 0 :(得分:0)
您可以生成“令牌”并将其保存在服务器端(数据库)和$ _SESSION或cookie(客户端)
这样,每次执行php请求时都可以检查会话/ cookie。
<强> info.php的强>
$query = "SELECT * FROM client WHERE token = '".$_SESSION['token']."'";
<强>的login.php 强>
每次客户登录时,令牌都应该是唯一且不同的。
$token = md5($Email.time()."51395+81519851");
$query = "UPDATE client SET token = '".$token."' WHERE email = '".$Email."'";
mysqli_query($connect , $query);
所以你的login.php可能看起来像这样..
<?php
session_start();
$data = json_decode(file_get_contents("php://input"));
$connect = mysqli_connect("localhost", "root", "", "test");
if(count($data) > 0)
{
$Email=mysqli_real_escape_string($connect, $data->Email);
$password=mysqli_real_escape_string($connect, $data->password);
$query = 'SELECT * FROM `client` WHERE (EmailClient = "'.$Email.'" AND password= "'.$password.'")';
$q = mysqli_query($connect , $query);
if(mysqli_num_rows($q) > 0 )
{
$token = md5($Email.time()."51395+81519851");
$query = "UPDATE client SET token = '".$token."' WHERE email = '".$Email."'";
mysqli_query($connect , $query);
$_SESSION["logged_in"] = true;
$_SESSION["token"] = $token;
$_SESSION["naam"] = $Email;
$result['email'] =$Email;
$resultstring=json_encode($result);
$resultstring=str_replace("null", '""', $resultstring);
echo $resultstring;
exit;
}
$result['code'] = 603;
$result['message'] ='The username or password are incorrect!';
$resultstring = json_encode($result);
$resultstring = str_replace("null",'""',$resultstring);
echo $resultstring;
exit;
}
?>
我希望我没有错过任何东西。 :)
答案 1 :(得分:0)
作为良好做法,您可以创建令牌:
if(mysqli_num_rows($q) > 0 )
...
$result['token'] = ...Generate some random string...
$result['token'] = $token;
mysqli_query($connect , "INSERT INTO tokens set token = $token and email = $Email");
...
之后,您将此令牌保存在cookie中,在info.php中,您可以执行以下操作:
...
$query = "SELECT email FROM tokens WHERE token = $_COOKIE['token']"
...
如果需要,您也可以通过电子邮件从客户表中获取信息。