在 php 中创建 cookie
我正在尝试学习如何使用 PHPNerds 的 cookie。我在运行他们提到的脚本时遇到了麻烦(我几乎明白代码的作用,但我无法获取哪些代码将以哪个名称存储)。它们如下,
用户登录
<html>
<head>
<title>User Logon</title>
</head>
<body>
<h2>User Login </h2>
<form name="login" method="post" action="login.php">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
Remember Me: <input type="checkbox" name="rememberme" value="1"><br>
<input type="submit" name="submit" value="Login!">
</form>
</body>
</html>
登录代码
<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';
if (isset($_POST['username']) && isset($_POST['password')) {
if (($_POST['username'] == $user) && ($_POST['password'] == $pass)) {
if (isset($_POST['rememberme'])) {
/* Set cookie to last 1 year */
setcookie('username', $_POST['username'], time()+60*60*24*365, '/account', 'www.example.com');
setcookie('password', md5($_POST['password']), time()+60*60*24*365, '/account', 'www.example.com');
} else {
/* Cookie expires when browser closes */
setcookie('username', $_POST['username'], false, '/account', 'www.example.com');
setcookie('password', md5($_POST['password']), false, '/account', 'www.example.com');
}
header('Location: index.php');
} else {
echo 'Username/Password Invalid';
}
} else {
echo 'You must supply a username and password.';
}
?>
验证
<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';
if (isset($_COOKIE[['username']) && isset($_COOKIE['password')) {
if (($_POST['username'] != $user) || ($_POST['password'] != md5($pass))) {
header('Location: login.html');
} else {
echo 'Welcome back ' . $_COOKIE['username'];
}
} else {
header('Location: login.html');
}
?>
提前致谢。
I am trying to learn how to use cookies from PHPNerds. I am having trouble in running the scripts that they have mentioned(I almost understand what the code does but I am unable to get which code will be stored with which name ). They are as below,
User Login
<html>
<head>
<title>User Logon</title>
</head>
<body>
<h2>User Login </h2>
<form name="login" method="post" action="login.php">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
Remember Me: <input type="checkbox" name="rememberme" value="1"><br>
<input type="submit" name="submit" value="Login!">
</form>
</body>
</html>
Login Code
<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';
if (isset($_POST['username']) && isset($_POST['password')) {
if (($_POST['username'] == $user) && ($_POST['password'] == $pass)) {
if (isset($_POST['rememberme'])) {
/* Set cookie to last 1 year */
setcookie('username', $_POST['username'], time()+60*60*24*365, '/account', 'www.example.com');
setcookie('password', md5($_POST['password']), time()+60*60*24*365, '/account', 'www.example.com');
} else {
/* Cookie expires when browser closes */
setcookie('username', $_POST['username'], false, '/account', 'www.example.com');
setcookie('password', md5($_POST['password']), false, '/account', 'www.example.com');
}
header('Location: index.php');
} else {
echo 'Username/Password Invalid';
}
} else {
echo 'You must supply a username and password.';
}
?>
Validating
<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';
if (isset($_COOKIE[['username']) && isset($_COOKIE['password')) {
if (($_POST['username'] != $user) || ($_POST['password'] != md5($pass))) {
header('Location: login.html');
} else {
echo 'Welcome back ' . $_COOKIE['username'];
}
} else {
header('Location: login.html');
}
?>
Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
好吧,我现在明白了,
PHP 很灵活。您可以将 html 与逻辑分开,也可以将其全部放在一个页面中。您会得到关于什么是“正确”的处理方法的争论,但最终它与您自己的偏好以及您计划将来如何处理代码有关。
就我个人而言,在一个小项目中,我会将登录页面的逻辑和 html 放在一个文件中...
login.php:
index.php:
如果你认真的话,我会研究 MVC(模型视图控制器)和 OOP(面向对象编程)看看它有多合适。但对于基本的事情来说,在视图顶部处理登录并没有什么特别的问题,就像这个例子一样。
从我在一家网络公司工作的角度来看,当我从新客户继承一个项目而老程序员将他们可能的所有内容分离到一个新文件中时,我绝对讨厌它。 “适合工作的工具”一词也适用于项目的基本方法。在某些情况下,站点非常小,通过框架来工作或建立复杂的文件系统会浪费大量时间。这完全取决于您的需求,随着经验的积累,这些需求将会变得清晰。
有一点是肯定的——每个人都说在 cookie 中存储用户名和密码是一个坏主意,这绝对是正确的。通常,您会执行一些操作,例如存储唯一 ID 并与数据库交叉引用以提取相关的用户信息。这样,您的数据就不会被任何新手黑客或白痴在桌面上打开 cookie 的情况下劫持。
Ok I get it now,
PHP is flexible. You can either separate your html from your logic or serve it all in one page. You will get arguments about what is the "proper" way to handle this, but ultimately it has to do with your own preference and how you plan on handling the code in the future.
Personally, on a tiny project I would have the logic and html for the login page in one file...
login.php:
index.php:
If you're going serious, I would look into MVC (model view controller) and OOP (object oriented programming) to see how proper it can be. But for basic things, there's nothing particularly wrong with the login being handled at the top of a view like in this example.
From my perspective - working for a web firm - I absolutely hate it when I inherit a project from a new client and the old programmer separated everything they possibly could into a new file. The term "right tool for the job" can also apply to the basic approach to a project. In some cases, a site is so small it would be a huge waste of time to work it through a framework or set up an elaborate file system. It all depends on your needs, which will become clear with experience.
One thing's for sure - everyone that said storing usernames and passwords in cookies is a bad idea is absolutely correct. Usually you do something like store a unique ID and cross reference that with a database to pull the relevant user info. That way your data can't be hijacked by any novice hack or idiot leaving their cookies open on their desktop.
验证页面时可能存在拼写错误,并将值与 cookie 进行比较,而不是与 POST 超全局变量进行比较。
May be typo in validating page and compare values against cookies not the POST superglobals.
这是另一种方法,试试这个。
This is another way of doing it, try this.