首先是用户登录时的简单的用户登陆页面(html)
<meta charset='utf-8'>
<form method="post" action="register.php">
用户名:<input type="text" name="username"><br>
密 码:<input type="password" name="pwd"><span id="sppwd"></span><br>
<input type="submit" name="submit" value="登陆">
</form>
表单提交后,php验证登陆的用户名可以为用户名、手机号、邮箱、密码为MD5加密后的密码,判断用户名,密码是否正确,去除用户名、密码登录时的空白字符,用pdo实现。
register.php
<?php
header("content-type:text/html;charset=utf-8");
if(!isset($_POST['submit'])){
exit("非法登录");
}
$name=trim($_POST['username']);
//echo $name;
$pwd=md5(trim($_POST['pwd']));
$pdo=new PDO("mysql:dbname=shixun1;host=127.0.0.1","root","123456");
if(preg_match('/^1[3,5,8]\d{9}$/',$name)) {
$sql=$pdo->query("select phone,pwd from user where phone='$name'");
}elseif(preg_match('/^[\w-]+(\.[\w-]+)*@[\w-]+(\.[\w-]+)+$/',$name)){
$sql=$pdo->query("select email,pwd from user where email='$name'");
}else{
$sql=$pdo->query("select name,pwd from user where name='$name'");
}
//$sql=$pdo->query("select * from user where name='$name'");
$res=$sql->fetch(PDO::FETCH_ASSOC);
if($res){
if($res['pwd']==$pwd){
ini_set("session.save_handler", "memcache");
ini_set("session.save_path", "tcp://127.0.0.1:11211");
session_start();
$_SESSION['username'] = $name;
$_SESSION['password'] = $pwd;
echo "<script>alert('登录成功');location.href='success.php'</script>";
}else{
echo "<script>alert('密码错误');location.href='login.html'</script>";
}
}else{
echo "<script>alert('用户名错误');location.href='login.html'</script>";
}
?>
登陆成功后判断用后是否登录,不登录不允许访问列表页面(php验证)。
<?php
header("content-type:text/html;charset=utf-8");
ini_set("session.save_handler", "memcache");
ini_set("session.save_path", "tcp://127.0.0.1:11211");
session_start();
if(isset($_SESSION['username'])){
print_r($_SESSION);
}else{
echo "<script>alert('请先登录');location.href='login.html';</script>";
}
?>