Session控制登陆
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=utf-8"/>
<script>
function on_load() {
console.log("welcome!");
}
function on_focus() {
var name = document.getElementsByName('name');
if ("请输入用户名:" === name[0].value) {
name[0].value = '';
}
console.log(name[0].value);
}
function check(){
var name = document.getElementsByName('name');
var password = document.getElementsByName('password');
if("请输入用户名:" == name[0].value.replace(/[ ]/g,'')){
alert("用户名错误!");
return false;
}
if("" == name[0].value.replace(/[ ]/g,'')){
alert("用户名不能为空");
return false;
}
if("" == password[0].value.replace(/[ ]/g,'')){
alert("密码不能为空");
return false;
}
}
</script>
</head>
<body onload="on_load()">
<div>
<form action="#" method="get" name="myForm">
<table>
<tr>
<td>用户名:</td>
<td><input id="name" name="name" type="text" value="请输入用户名:" onfocus="on_focus()"/></td>
</tr>
<tr>
<td>密码</td>
<td><input type="password" name="password" value=""/></td>
</tr>
<tr>
<td colspan="2"><input name="submit" type="submit" value="登陆" style="vertical-align: center" onclick="check()"/></td>
</tr>
</table>
</form>
</div>
</body>
</html>
<?php
$mysqli = new mysqli('localhost', 'root', '123456', 'rentalstore');
if(!isset($_GET['submit'])){
exit;
}
session_start();
$loginSession = $_COOKIE['PHPSESSID'];
if(isset($_SESSION[$_GET['name']]) and $loginSession == $_SESSION[$_GET['name']]){
header("Location:https://www.baidu.com");
}
$sql = 'select * from user where name ="'.$_GET['name'].'"';
$result = $mysqli->query($sql)->fetch_assoc();
if($_GET['password'] == $result['password']){
$_SESSION[$_GET['name']] = $loginSession;
header("Location:https://www.baidu.com");
}else{
echo "登陆失败";
}