Creating cookies in php

夙愿已清 提交于 2019-12-25 05:16:32

问题


I am trying to learn how to use cookies from PHPNerds. I am having trouble in running the scripts that they have mentioned(I almost understand what the code does but I am unable to get which code will be stored with which name ). They are as below,

User Login

<html>
<head>
<title>User Logon</title>
</head>
<body>
  <h2>User Login </h2>
  <form name="login" method="post" action="login.php">
   Username: <input type="text" name="username"><br>
   Password: <input type="password" name="password"><br>
   Remember Me: <input type="checkbox" name="rememberme" value="1"><br>
   <input type="submit" name="submit" value="Login!">
  </form>
</body>
</html>

Login Code

<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';

if (isset($_POST['username']) && isset($_POST['password')) {

    if (($_POST['username'] == $user) && ($_POST['password'] == $pass)) {    

        if (isset($_POST['rememberme'])) {
            /* Set cookie to last 1 year */
            setcookie('username', $_POST['username'], time()+60*60*24*365, '/account', 'www.example.com');
            setcookie('password', md5($_POST['password']), time()+60*60*24*365, '/account', 'www.example.com');

        } else {
            /* Cookie expires when browser closes */
            setcookie('username', $_POST['username'], false, '/account', 'www.example.com');
            setcookie('password', md5($_POST['password']), false, '/account', 'www.example.com');
        }
        header('Location: index.php');

    } else {
        echo 'Username/Password Invalid';
    }

} else {
    echo 'You must supply a username and password.';
}
?>

Validating

<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';

if (isset($_COOKIE[['username']) && isset($_COOKIE['password')) {

    if (($_POST['username'] != $user) || ($_POST['password'] != md5($pass))) {    
        header('Location: login.html');
    } else {
        echo 'Welcome back ' . $_COOKIE['username'];
    }

} else {
    header('Location: login.html');
}
?>

Thanks in advance.


回答1:


Ok I get it now,

PHP is flexible. You can either separate your html from your logic or serve it all in one page. You will get arguments about what is the "proper" way to handle this, but ultimately it has to do with your own preference and how you plan on handling the code in the future.

Personally, on a tiny project I would have the logic and html for the login page in one file...

login.php:

<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';
$error = null;

if (isset($_POST['username']) && isset($_POST['password')) {

    if (($_POST['username'] == $user) && ($_POST['password'] == $pass)) {    

        if (isset($_POST['rememberme'])) {
            /* Set cookie to last 1 year */
            setcookie('username', $_POST['username'], time()+60*60*24*365, '/account', 'www.example.com');
            setcookie('password', md5($_POST['password']), time()+60*60*24*365, '/account', 'www.example.com');

        } else {
            /* Cookie expires when browser closes */
            setcookie('username', $_POST['username'], false, '/account', 'www.example.com');
            setcookie('password', md5($_POST['password']), false, '/account', 'www.example.com');
        }
        header('Location: index.php');
        exit;
    } else {
        $error = 'Username/Password Invalid';
    }

} else {
    $error = 'You must supply a username and password.';
}
?>
<html>
<head>
<title>User Logon</title>
</head>
<body>
  <h2>User Login </h2>
  <?php echo $error ? $error.'<br>' : ''; ?>
  <form name="login" method="post" action="login.php">
   Username: <input type="text" name="username"><br>
   Password: <input type="password" name="password"><br>
   Remember Me: <input type="checkbox" name="rememberme" value="1"><br>
   <input type="submit" name="submit" value="Login!">
  </form>
</body>
</html>

index.php:

<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';

if (isset($_COOKIE[['username']) && isset($_COOKIE['password')) {

    if (($_POST['username'] != $user) || ($_POST['password'] != md5($pass))) {    
        header('Location: login.php');
        exit;
    } else {
        echo 'Welcome back ' . $_COOKIE['username'];
    }

} else {
    header('Location: login.php');
    exit;
}
?>

If you're going serious, I would look into MVC (model view controller) and OOP (object oriented programming) to see how proper it can be. But for basic things, there's nothing particularly wrong with the login being handled at the top of a view like in this example.

From my perspective - working for a web firm - I absolutely hate it when I inherit a project from a new client and the old programmer separated everything they possibly could into a new file. The term "right tool for the job" can also apply to the basic approach to a project. In some cases, a site is so small it would be a huge waste of time to work it through a framework or set up an elaborate file system. It all depends on your needs, which will become clear with experience.

One thing's for sure - everyone that said storing usernames and passwords in cookies is a bad idea is absolutely correct. Usually you do something like store a unique ID and cross reference that with a database to pull the relevant user info. That way your data can't be hijacked by any novice hack or idiot leaving their cookies open on their desktop.




回答2:


May be typo in validating page and compare values against cookies not the POST superglobals.

if (isset($_COOKIE['username'],$_COOKIE['password'])) {

    if ($_COOKIE['username'] == $user && $_COOKIE['password'] == md5($pass)) {    
        echo 'Welcome back ' . $_COOKIE['username'];
    } else {
         header('Location: login.html');        
    }
} else {
    header('Location: login.html');
}



回答3:


This is another way of doing it, try this.

<?php
/* These are our valid username and passwords */
$user = 'jonny4';
$pass = 'delafoo';

if (isset($_COOKIE[['username']) && isset($_COOKIE['password')) {

   if (($_POST['username'] != $user) || ($_POST['password'] != md5($pass))) {    
    header('Location: login.php');
    exit;
   } else {
    echo 'Welcome back ' . $_COOKIE['username'];
  }

 } else {
   header('Location: login.php');
   exit;
   }
  ?>


来源:https://stackoverflow.com/questions/8830132/creating-cookies-in-php

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!