谢谢您的阅读。我已经成功地创建了注册并签名的php文件。但是,我需要将SESSION更改为COOKIE。只是将SESSION替换为COOKIE似乎不起作用。如何将SESSION更改为COOKIE并使该功能与SESSION完全相同?php将会话更改为cookie
Register.php:
include 'config.php';
if(isset($_SESSION['username'])!="")
{
header("location: welcome.php");
}
if(isset($_POST['submit']))
{
$sql = "INSERT INTO user (username, password) VALUES ('".$_POST["username"]."','".$_POST["password"]."')";
if (mysqli_query($con, $sql))
{
$_SESSION['username'] = $_POST["username"];
header("location: login.php");
}
else
{
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
?>
的login.php:
<?php
include("config.php");
session_start();
if(isset($_SESSION['username'])!="")
{
header("location: welcome.php");
}
if (mysqli_connect_errno())
{
echo "MySQLi Connection was not established: " . mysqli_connect_error();
}
if(isset($_POST['login']))
{
$username = mysqli_real_escape_string($con,$_POST['username']);
$password = mysqli_real_escape_string($con,$_POST['password']);
$sel_user = "SELECT * FROM user WHERE username='$username' AND password='$password'";
$run_user = mysqli_query($con, $sel_user);
$check_user = mysqli_num_rows($run_user);
if($check_user>0){
$_SESSION['username']=$username;
$_SESSION['loggedIn'] = true;
echo "<script>window.open('index.php','_self')</script>";
}
else {
echo "<script>alert('username or password is not correct, try again!')</script>";
}
}
?>
这已经是可怕的不安全由于SQL注入的问题,明文密码,现在你想使事情变得更糟,使任何人谁发送了'username'和'loggedIn' cookie被自动记录在?你真的不应该这样做... – jeroen
[php更改登录后注销用户登录后可能重复](http://stackoverflow.com/questions/36943107/php-change-sign-in-to-注销后用户登录) –