PHP users cannot access the page without logging in
No matter which page link address is entered before logging in, you will be prompted to please Log in first. After successful login, every page can be accessed. How to implement such a function? We can use session and cookie to achieve it.
1. session
a) login.php
<?php
header("content-type:text/html;charset=utf-8");
if(!isset($_POST['submit'])){
exit("非法登录");
}
$name=trim($_POST['username']);
//echo $name;
$pwd=md5(trim($_POST['pwd']));
$pdo=new PDO("mysql:dbname=shixun1;host=127.0.0.1","root","123456");
if(preg_match('/^1[3,5,8]\d{9}$/',$name)) {
$sql=$pdo->query("select phone,pwd from user where phone='$name'");
}elseif(preg_match('/^[\w-]+(\.[\w-]+)*@[\w-]+(\.[\w-]+)+$/',$name)){
$sql=$pdo->query("select email,pwd from user where email='$name'");
}else{
$sql=$pdo->query("select name,pwd from user where name='$name'");
}
//$sql=$pdo->query("select * from user where name='$name'");
$res=$sql->fetch(PDO::FETCH_ASSOC);
if($res){
if($res['pwd']==$pwd){
ini_set("session.save_handler", "memcache");
ini_set("session.save_path", "tcp://127.0.0.1:11211");
session_start();
$_SESSION['username'] = $name;
$_SESSION['password'] = $pwd;
echo "<script>alert('登录成功');location.href='success.php'</script>";
}else{
echo "<script>alert('密码错误');location.href='login.html'</script>";
}
}else{
echo "<script>alert('用户名错误');location.href='login.html'</script>";
}
?>b) checklogin.php
<?php
if(!empty($_SESSION['username'])){
// 不存在session用户id,退出
echo "用户未登录,前往登录页面登录";
header("Location: login.php");
exit;
}
?>Each This file must be loaded at the beginning of the page, so that you must log in to access
2. Cookie
is made with cookies. The idea is to check the cookie if the cookie record is If you log in, you will not be redirected, otherwise you will be redirected to the login interface:
[This is the information to be included on each page]
<?php
namespace PenguinStudio/PenguinCode/STDCode;
if($_COOKIE['login_session'] !== "islogin"){
header("Location: login.php");
}[This is the information for the login interface]
<?php
namespace PenguinStudio/PenguinCode/STDCode;
if(.../* 判断登陆正确 */){
setcookie("login_session","islogin", time()+3600*24);//一天过期的cookie
}
else{
echo "<script>alert('wrong');</script>";
}For more PHP related knowledge, please visit PHP Chinese website!
The above is the detailed content of PHP users cannot access the page without logging in. For more information, please follow other related articles on the PHP Chinese website!
ACID vs BASE Database: Differences and when to use each.Mar 26, 2025 pm 04:19 PMThe article compares ACID and BASE database models, detailing their characteristics and appropriate use cases. ACID prioritizes data integrity and consistency, suitable for financial and e-commerce applications, while BASE focuses on availability and
PHP Secure File Uploads: Preventing file-related vulnerabilities.Mar 26, 2025 pm 04:18 PMThe article discusses securing PHP file uploads to prevent vulnerabilities like code injection. It focuses on file type validation, secure storage, and error handling to enhance application security.
PHP Input Validation: Best practices.Mar 26, 2025 pm 04:17 PMArticle discusses best practices for PHP input validation to enhance security, focusing on techniques like using built-in functions, whitelist approach, and server-side validation.
PHP API Rate Limiting: Implementation strategies.Mar 26, 2025 pm 04:16 PMThe article discusses strategies for implementing API rate limiting in PHP, including algorithms like Token Bucket and Leaky Bucket, and using libraries like symfony/rate-limiter. It also covers monitoring, dynamically adjusting rate limits, and hand
PHP Password Hashing: password_hash and password_verify.Mar 26, 2025 pm 04:15 PMThe article discusses the benefits of using password_hash and password_verify in PHP for securing passwords. The main argument is that these functions enhance password protection through automatic salt generation, strong hashing algorithms, and secur
OWASP Top 10 PHP: Describe and mitigate common vulnerabilities.Mar 26, 2025 pm 04:13 PMThe article discusses OWASP Top 10 vulnerabilities in PHP and mitigation strategies. Key issues include injection, broken authentication, and XSS, with recommended tools for monitoring and securing PHP applications.
PHP XSS Prevention: How to protect against XSS.Mar 26, 2025 pm 04:12 PMThe article discusses strategies to prevent XSS attacks in PHP, focusing on input sanitization, output encoding, and using security-enhancing libraries and frameworks.
PHP Interface vs Abstract Class: When to use each.Mar 26, 2025 pm 04:11 PMThe article discusses the use of interfaces and abstract classes in PHP, focusing on when to use each. Interfaces define a contract without implementation, suitable for unrelated classes and multiple inheritance. Abstract classes provide common funct
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
SublimeText3 Linux new version
SublimeText3 Linux latest version
Dreamweaver CS6
Visual web development tools
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
