添加注销到密码保护页面

时间:2012-08-01 14:56:52

标签: php password-protection

我有一个我想要密码保护的页面。我已经尝试了下面的代码,但我无法将注销退出到页面。还有其他快速(简单)方法吗?谢谢!

如何将注销添加到此受密码保护的页面,如下所述

$username = "the_username_here";
$password = "the_password_here";
$nonsense = "supercalifragilisticexpialidocious";

if (isset($_COOKIE['PrivatePageLogin'])) {
if ($_COOKIE['PrivatePageLogin'] == md5($password.$nonsense)) {


LOGGED IN CONTENT HERE

  exit;
} else {
  echo "Bad Cookie.";
  exit;
}
}

if (isset($_GET['p']) && $_GET['p'] == "login") {
if ($_POST['user'] != $username) {
  echo "Sorry, that username does not match.";
  exit;
 } else if ($_POST['keypass'] != $password) {
  echo "Sorry, that password does not match.";
  exit;
 } else if ($_POST['user'] == $username && $_POST['keypass'] == $password) {
  setcookie('PrivatePageLogin', md5($_POST['keypass'].$nonsense));
  header("Location: $_SERVER[PHP_SELF]");
 } else {
  echo "Sorry, you could not be logged in at this time.";
}
}

页面上的登录表单...... 

<form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post">
<label><input type="text" name="user" id="user" /> Name</label><br />
<label><input type="password" name="keypass" id="keypass" /> Password</label><br />
<input type="submit" id="submit" value="Login" />
</form>

关于如何解决这个问题的任何线索?

3 个答案:

答案 0 :(得分:4)

在任何页面上

<?php if(isset($_COOKIE['PrivatePageLogin'])):?>
   <a href="logout.php">Logout</a>
<?php endif?>

logout.php 

if(isset($_COOKIE['PrivatePageLogin'])){
    // delete cookie
    setcookie('PrivatePageLogin', null, time() - 1);
    // if you use sessions delete session variables as well
}
header('Location: index.php');

答案 1 :(得分:0)

只需提供指向清除您设置的Cookie的页面的链接。

作为旁注,在客户端单独md5保存密码并不安全。

答案 2 :(得分:0)

这不回答user1561466的问题。通过这个答案,我向您展示了如何使用WP的密码保护功能和一个注销按钮(没有插件):

logout.php: 

<?php

if (isset($_SERVER['HTTP_COOKIE'])) {
    $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
    foreach($cookies as $cookie) {
        $parts = explode('=', $cookie);
        $name = trim($parts[0]);
        setcookie($name, '', time()-1000);
        setcookie($name, '', time()-1000, '/');
    }
}
header('Location: index.php');

?>

也许你只能删除一个cookie,但这就是我可以独立于WP删除cookie的方式。

page.php我有这个:

<?php if (have_posts()) : while (have_posts()) : the_post(); ?>

    <?php
        if (!empty($post->post_password)) { // if there's a password

            if (isset($_COOKIE['wp-postpass_' . COOKIEHASH]) && wp_check_password( $post->post_password, $_COOKIE['wp-postpass_' . COOKIEHASH])) {
                echo '<a href="/logout.php">Logout</a><br /><br />';
            }
        }
    ?>

来源:how to delete all cookies of my website in phphttp://wordpress.org/support/topic/check-in-the-loop-if-a-post-is-password-protected

相关问题
最新问题