测试的SQL语句
CREATE TABLE IF NOT EXISTS `tb_user` ( `id` int(11) NOT NULL AUTO_INCREMENT COMMENT '编号', `username` varchar(80) NOT NULL COMMENT '用户', `pwd` varchar(80) NOT NULL COMMENT '密码', `session_id` varchar(50) DEFAULT NULL COMMENT '一个账号只能登录一次', `create_time` datetime NOT NULL COMMENT '创建时间', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='用户表' AUTO_INCREMENT=2 ; INSERT INTO `tb_user` (`id`, `username`, `pwd`, `session_id`, `create_time`) VALUES (1, 'chaoyi', '123456', 'sab3s49pnciq6vmlqeiuc6e0g0', '2017-06-02 00:00:00');
登陆页面:
<?php header('Content-Type: text/html; charset=utf-8'); define('CHAOYI',true); require "/includes/connect.inc.php"; //判断是否是POST提交过来的数据 if($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['userForm'])){ session_start(); $username = trim($_POST["username"]); $password = trim($_POST["password"]); $sqluser = "SELECT * FROM tb_user WHERE username='$username' AND pwd='$password' ORDER BY id DESC LIMIT 1"; $result = sqlGetOne($sqluser); //如果没有取到数据,则判断账号密码不正确 if(empty($result['id'])){ session_destroy(); sqlClose(); echo "<script type='text/javascript'>alert('用户名和密码不正确,登陆失败!');window.location.href='logo.php';</script>"; exit; } //获取 session ID $session_id = session_id(); $sqlupdatauser = "UPDATE tb_user SET session_id = '$session_id' WHERE id = '{$result['id']}'"; sqlQuery($sqlupdatauser); //存在一些共享数据到 session 里 $_SESSION['id'] = $result['id']; $_SESSION['username'] = $result['username']; $_SESSION['session_id'] = $session_id; sqlClose(); echo "<script type='text/javascript'> window.location.href='admin.php';</script>"; exit; } ?> <!DOCTYPE html> <html lang="zh"> <head> <meta charset="UTF-8"> <title>登陆页面</title> </head> <body> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> <p>姓名:<input type="text" name="username"></p> <p>密码:<input type="password" name="password"></p> <input type="submit" name="userForm" value="提交" /> </form> </body> </html>
效果图:
管理页面:
<?php header('Content-Type: text/html; charset=utf-8'); define('CHAOYI',true); require "/includes/connect.inc.php"; session_start(); if(isset($_SESSION['id']) && isset($_SESSION['username']) && isset($_SESSION['session_id'])){ $session_id = session_id(); $sqluser = "SELECT id FROM tb_user WHERE id='{$_SESSION['id']}' AND session_id='$session_id' ORDER BY id DESC LIMIT 1"; $result = sqlQuery($sqluser); $resRows = mysql_num_rows($result); if($resRows == false){ sqlClose(); echo "<script type='text/javascript'> alert('对不起,你的帐号在其他地方登陆了!'); window.location.href='logout.php';</script>"; exit; } }else{ sqlClose(); echo "<script type='text/javascript'> alert('请登陆你的账号密码'); window.location.href='logo.php';</script>"; exit; } ?> <!DOCTYPE html> <html lang="zh"> <head> <meta charset="UTF-8"> <title>管理页面</title> </head> <body> <h3 style="text-align: center;">用户名:<?php echo $_SESSION['username'];?></h3> <h3 style="text-align: center;">Session ID: <?php echo $_SESSION['session_id'];?></h3> <h4 style="text-align: center;"><a href="logout.php">注销</a></h4> </body> </html>
效果图:
注销页面:
<?php header('Content-Type: text/html; charset=utf-8'); define('CHAOYI',true); require "/includes/connect.inc.php"; session_start(); //注销 session unset($_SESSION['id']); unset($_SESSION['username']); unset($_SESSION['session_id']); session_destroy(); sqlClose(); echo "<script type='text/javascript'>window.location.href='logo.php';</script>"; exit;
扫描二维码关注公众号,回复:
369004 查看本文章