Implementation of session sharing and logon verification in PHP

Let's talk about using session to log on. The 05php code on the logon page is as follows: & lt ;? Phpsession_start (); initialize sessionif (isset ($ _ SESSION [& amp; 39; shili & amp; 39;

Let's talk about the use of session to log on. The Code of 05. php on the logon page is as follows:

2. If (isset ($ _ SESSION ['shili']) {
3. Header ("Location: shili. php"); // redirect to another page
4. Exit ;}?>
6. Function checklogin (){
7. If (login. username. value! = "") & (Login. password. value! = ""))
8. Return true // if the user name and password are not empty, TRUE is returned.
9. Else {alert ("nickname or password cannot be blank! ")}}
10. Script
12. . Style1 {font-size: 13px; font-family: ""; font-weight: normal; color: # 0099FF ;}
13.  
14. "Center">
16.  
17.  
18.  

This program is an administrator logon interface. First, it initializes the session and then checks whether the session variable has been registered to check whether the user has logged on. if the user has logged on, you do not need to log on again, direct to other pages. Javascript is also used to determine whether the user name and password are entered.

Verify the logon page,06. php code:

2. If (isset ($ _ SESSION ['shili']) {
3. Header ("Location: shili. php"); // redirect to another page
4. Exit;} // end immediately after logon
5. $ Shili_name = $ _ POST ['username']; // Get the parameter
6. $ Password = $ _ POST ['password'];
7. // Verify that the administrator name and password are correct. verify the password directly and no database connection is available.
8. If ($ shili_name = "mr" and $ password = "mrsoft "){
9. Session_register ("shili"); // register a new variable and save the nickname of the current session
10. $ Shili = $ shili_name;
11. Echo "logon successful! ";
12. Header ("Location: shili. php"); // redirect to the management page after successful logon
13. } Else {
14. Echo" ";
15. Echo "incorrect account or password, or not administrator account
    ";
16. Echo "logon failed!
    Enter ";
17. Echo"";}
18. ?>

The program first checks whether the user has logged on through the session variable. if not, the user name and password entered must be verified. if the user name and password are correct, the session variable is registered and the logon is successful !. If not, the system prompts logon failure.

This is a simple program for user login verification. the session variable prevents users who directly browse without logon. If you want to restrict the browsing of a page, you can use the same method, as long as you put the following code at the beginning of the page:

2. If (! Isset ($ _ SESSION ['shili']) {
3. Echo" ";
4. Echo"";
5. Echo "you have not logged on. please log on! ";
6. Echo"
   ";
7. Exit ();}
8. ?>

Share login using session_id

We should be able to understand the problem of sharing sessions among multiple servers. when the number of users on a website is too large, a server cluster will be used, for example, a dedicated login server. After a user logs on to the server, the login server saves the user's login information session, while other accessed servers, such as the movie server does not have this session, we need to share this session through a unique identifier of the session. the sharing of a specific session is beyond the scope of this article. please refer to the relevant materials on your own.

The second purpose is to verify different sessions of the same user, which is hard to understand. In this case, when a user requests data not through a browser but through a socket or other method, we must first perform user login verification on the user. after the verification is successful, send a sessionid to him, and then carry this sessionid every time he requests it. we can use this sessionid to determine whether the session already exists. if so, we can determine that the user has logged on ......

For the first problem, we can save the sessionid in the database for implementation. this method is safe and widely used, but it is not the scope of our discussion. first, a sessionid is generated during verification; the code is as follows:

2. Session_start ();
3. $ SessionId = session_id (); // Obtain the sessionid.
4. // Send the session to the client
5. .........
6. ?>

The client carries the sessionid variable to request data. the code is as follows:

2. Session_id ('$ sessionid'); // note that this function includes parameters.
3. Session_start (); // This function must be after session_id ()
4. ?>

Good, no problem. you have got a good solution. if you need to know about it, please refer to it.