PHP uses session to save user login information

PHP uses session to save user login information

Use session to save page login information

1. Database Connection Configuration page: connectvars.php

<?php
Location of the database
Define (' db_host ', ' localhost ');
User name
Define (' Db_user ', ' root ');
Password
Define (' Db_password ', ' 19900101 ');
Database name
Define (' db_name ', ' test ');
?>

2. Login page: login.php

<?php
Inserting information about a connected database
Require_once ' connectvars.php ';

Open a session
Session_Start ();

$error _msg = "";
If the user is not logged in, that is, $_session[' user_id ' is not set, execute the following code
if (!isset ($_session[' user_id ')) {
if (Isset ($_post[' submit ')) {//The following code is executed when the user submits the login form
$DBC = Mysqli_connect (db_host,db_user,db_password,db_name);
$user _username = mysqli_real_escape_string ($dbc, trim ($_post[' username '));
$user _password = mysqli_real_escape_string ($dbc, trim ($_post[' password '));

if (!empty ($user _username) &&!empty ($user _password)) {
The SHA () function in MySQL is used for one-way encryption of strings
$query = "Select user_id, username from mismatch_user WHERE username = ' $user _username ' and '." Password = SHA (' $user _password ') ";
Querying with a user name and password
$data = Mysqli_query ($dbc, $query);
If the record is exactly one, set the session and redirect the page
if (Mysqli_num_rows ($data) ==1) {
$row = Mysqli_fetch_array ($data);
$_session[' user_id ']= $row [' user_id '];
$_session[' username ']= $row [' username '];
$home _url = ' loged.php ';
Header (' Location: '. $home _url);
}else{//If the record is incorrect, set the error message
$error _msg = ' Sorry, you must enter a valid username and password to log in. ';
}
}else{
$error _msg = ' Sorry, you must enter a valid username and password to log in. ';
}
}
}else{//If the user is already logged in, jump directly to the already logged in page
$home _url = ' loged.php ';
Header (' Location: '. $home _url);
}
?>
<title>mismatch-log in</title>
<link rel= "stylesheet" type= "Text/css" href= "Style.css"/>
<body>
<!--is judged by $_session[' user_id '), if the user is not logged in, a login form is displayed, allowing the user to enter a user name and password--
<?php
if (!isset ($_session[' user_id ')) {
Echo ' <p class= ' Error > '. $error _msg. ' </p> ';
?>
<!--$_server[' php_self ') when submitting a form on behalf of a user, call its own PHP file--
<form method = "Post" action= "<?php echo $_server[' php_self '];? > ">
<fieldset>
<legend>log in</legend>

<label for= "username" >Username:</label>
<!--If the user has lost a user name, echo the user name--
<input type= "text" id= "username" name= "username"
Value= "<?php if (!empty ($user _username)) echo $user _username;?>"/>

<br/>

<label for= "Password" >Password:</label>
<input type= "password" id= "password" name= "password"/>

</fieldset>
<input type= "Submit" value= "Log in" name= "Submit"/>
</form>
<?php
}
?>
</body>
：
3. Login page: loged.php
<?php
Session must be started before using variable values stored in the session
Session_Start ();
Check login status with a session variable
if (isset ($_session[' username ')) {
Echo ' You are logged as '. $_session[' username '. ' <br/> ';
Click "Log Out" to go to the logout page to sign out
Echo ' <a href= ' logout.php ' > Log out ('. $_session[' username ']. ') </a> ';
}
/** in the login page, you can take advantage of the user's SESSION such as $_session[' username '],
* $_session[' user_id '] query the database, you can do a lot of things * *
?>
：
4. Logout Session page: logout.php (redirected to lonin.php after logout)
<?php
Even when you log off, you must start the session first to access the session variable
Session_Start ();
Check login status with a session variable
if (Isset ($_session[' user_id ')) {
To clear a session variable, set the $_session Super global variable to an empty array
$_session = Array ();
If there is a session cookie, delete it by setting the expiration time to 1 hours before
if (Isset ($_cookie[session_name ())) {
Setcookie (Session_name (), ", Time ()-3600);
    }
Use the built-in Session_destroy () function to invoke the undo session
Session_destroy ();
}
Location header redirects the browser to another page
$home _url = ' login.php ';
Header (' Location: '. $home _url);
?>
PHP uses session to save user login information