PHP to remember the password automatically login code
- 2020-03-31 21:35:50
- OfStack
PHP implementation remember password automatic login method more than one, the next two emptyempty, is actually one, that is because the code highlighted a bug. Hopefully that helped.
One, check for user login
When you visit each page in the background, do the above check first
Second, the user submits the login information
When the user fills in the username and password and submits it here,
For A brief explanation of $ref_url, if: user A visits b.user.php, but user A is not logged in, jump to login.php, fill in the user and password in the login page, and then jump to b.user.php, instead of jumping to the default page of main_user.php. Because b.hp is the page that user A wants to go to, the user experience will be better.
Three, when the user points to exit, clear the record login status
Why? Because if someone else is using your computer, they might be able to access your personal information, so it's best to cancel the log-in status when the user logs out.
One, check for user login
//Check that the user is logged in
function checklogin(){
if(emptyempty($_SESSION['user_info'])){ //Check that the session is empty
if(emptyempty($_COOKIE['username']) || emptyempty($_COOKIE['password'])){ //If the session is empty and the user has not chosen to record the login form
header( " location:login.php?req_url= " .$_SERVER['REQUEST_URI']); //Go to the login page, record the requested url, login after the jump past, good user experience.
}else{ //The user has chosen to remember the login status
$user = getUserInfo($_COOKIE['username'],$_COOKIE['password']); //Get the user's profile
if(emptyempty($user)){ //The user name and password are not correct. Please go to the login page
header( " location:login.php?req_url= " .$_SERVER['REQUEST_URI']);
}else{
$_SESSION['user_info'] = $user; //Username and password, put the user's personal information into the session
}
}
}
}
//Check that the user is logged in
function checklogin(){
if(empty($_SESSION['user_info'])){ //Check that the session is empty
if(empty($_COOKIE['username']) || empty($_COOKIE['password'])){ //If the session is empty and the user has not chosen to record the login form
header( " location:login.php?req_url= " .$_SERVER['REQUEST_URI']); //Go to the login page, record the requested url, login after the jump past, good user experience.
}else{ //The user has chosen to remember the login status
$user = getUserInfo($_COOKIE['username'],$_COOKIE['password']); //Get the user's profile
if(empty($user)){ //The user name and password are not correct. Please go to the login page
header( " location:login.php?req_url= " .$_SERVER['REQUEST_URI']);
}else{
$_SESSION['user_info'] = $user; //Username and password, put the user's personal information into the session
}
}
}
}
When you visit each page in the background, do the above check first
Second, the user submits the login information
When the user fills in the username and password and submits it here,
$username = trim($_POST['username']);
$password = md5(trim($_POST['password']));
$validatecode = $_POST['validateCode'];
$ref_url = $_GET['req_url'];
$remember = $_POST['remember'];
$err_msg = " ;
if($validatecode!=$_SESSION['checksum']){
$err_msg = "Verification code is incorrect" ;
}elseif($username== " || $password== " ){
$err_msg = "Username and password cannot be null" ;
}else{
$row = getUserInfo($username,$password);
if(emptyempty($row)){
$err_msg = "Username and password are incorrect" ;
}else{
$_SESSION['user_info'] = $row;
if(!emptyempty($remember)){ //If the user chooses to log in, the user name and the encrypted password are placed in the cookie
setcookie( " username " , $username, time()+3600*24*365);
setcookie( " password " , $password, time()+3600*24*365);
}
if(strpos($ref_url, " login.php " ) === false){
header( " location: " .$ref_url);
}else{
header( " location:main_user.php " );
}
}
}
$username = trim($_POST['username']);
$password = md5(trim($_POST['password']));
$validatecode = $_POST['validateCode'];
$ref_url = $_GET['req_url'];
$remember = $_POST['remember'];
$err_msg = " ;
if($validatecode!=$_SESSION['checksum']){
$err_msg = "Verification code is incorrect" ;
}elseif($username== " || $password== " ){
$err_msg = "Username and password cannot be null" ;
}else{
$row = getUserInfo($username,$password);
if(empty($row)){
$err_msg = "Username and password are incorrect" ;
}else{
$_SESSION['user_info'] = $row;
if(!empty($remember)){ //If the user chooses to log in, the user name and the encrypted password are placed in the cookie
setcookie( " username " , $username, time()+3600*24*365);
setcookie( " password " , $password, time()+3600*24*365);
}
if(strpos($ref_url, " login.php " ) === false){
header( " location: " .$ref_url);
}else{
header( " location:main_user.php " );
}
}
}
For A brief explanation of $ref_url, if: user A visits b.user.php, but user A is not logged in, jump to login.php, fill in the user and password in the login page, and then jump to b.user.php, instead of jumping to the default page of main_user.php. Because b.hp is the page that user A wants to go to, the user experience will be better.
Three, when the user points to exit, clear the record login status
Why? Because if someone else is using your computer, they might be able to access your personal information, so it's best to cancel the log-in status when the user logs out.
//Log out
function logout(){
unset($_SESSION['user_info']);
if(!emptyempty($_COOKIE['username']) || emptyempty($_COOKIE['password'])){
setcookie( " username " , null, time()-3600*24*365);
setcookie( " password " , null, time()-3600*24*365);
}
}