php会话技术主要包括两个,一个是cookie,另外一个是session。写三个页面,模拟一下系统登录判断的过程
index.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>欢迎来到完美世界,请先进行登陆</title>
</head>
<body>
<form action="check.php" method="post">
用户名:<input type="text" name="name2">
密码: <input type="password" name="pass2">
<input type="submit" value="登录">
</form>
</body>
</html>
check.php
<?php
header("Content-type:text/html;charset=utf-8"); #解决php中中文乱码问题
$a = "THISISSESSID20180802";
$b = "THISISSESSIDhttponly20180802";
if(!isset($_COOKIE['SESSIONid']) and !isset($_COOKIE['test_http'])){ #如果没有携带cookie则说明没有登陆,进入如下
echo "<br/>";
if(empty($_POST)){ #如果没有点击提交
echo "<a href='index.php'>请先登录系统</a>";
}else{ #否则的话说明进行了提交
$name = $_POST["name2"];
$pass = $_POST["pass2"];
if($name == "admin" && $pass == "123456"){ #如果帐号密码正确则返回自定义cookie值
echo "用户名密码正确";
setcookie("SESSIONid",$a,0,"","",0); //设置普通Cookie
#setcookie("SESSIONid",$a,0,"","",0,1);//设置HttpOnly Cookie
#setcoookie第三个值为0时,代表浏览器退出则cookie失效,第七个值代表是否设置httponly,值为1时代表设置
header("Location: secret.php"); #直接进行一个跳转
}else{
echo "用户名或密码错误";
echo "<a href='index.php'>请登录</a>";
}
}
}else{
header("Location: secret.php");
}
?>
secret.php
<?php
header("Content-type:text/html;charset=utf-8");
if(!isset($_COOKIE['SESSIONid'])){ #如果直接访问这个则拒绝
echo "<br/>";
echo "<a href='index.php'>请先登录系统</a>";
}else{
phpinfo();
}
?>