检查cookie是否已设置

时间:2015-03-16 22:20:31

标签: php mysql session cookies

要让我的用户登录,我有类似的内容:

  • 用户登录

  • 如果没问题,我创建$ _SESSION并设置一个cookie:

    setcookie('test',sha1($ _ POST ['username']),time()+ 604800);

  • 然后我插入一个cookie表:散列的用户名,IP地址和浏览器版本。

但是,为了检查用户是否已登录(并让他记录),我在 EACH 页面上有一个查询:

  • 我检查$ _SESSION ['ID']是否存在(主要是用户登录的这个变量)
  • 如果存在,则没有任何反应。
  • 如果没有,我会检查$ _COOKIE ['cookie']是否存在
  • 如果是,我会获得用户的IP地址和浏览器版本
  • 使用SELECT查询,我检查实际的IP地址和浏览器是否与表中的相同。
  • 如果相同,我重置$ _SESSION(因此他已登录)

现在,这是代码:

FORM: 

    <form method="post" action="http://localhost/test/login.php">
        <label for="user">Username :</label>
        <input type="text" name="username" id="user" maxlength="20" placeholder="Username">

        <label for="pass">Password :</label>
        <input type="password" name="password" id="pass" placeholder="Password">
        <br>

        <input type="checkbox" name="cookie" value="cookie">Remember me ? 
        <input type="submit" name="login" value="ok">           
    </form>

功能: 

function get_ip() {
    if (isset($_SERVER['HTTP_CLIENT_IP'])) {
    return $_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    return $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else {
    return (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '');
    }
}


function getBrowser() 
{
$u_agent = $_SERVER['HTTP_USER_AGENT']; 
$bname = 'Unknown';
$platform = 'Unknown';
$version= "";

if (preg_match('/linux/i', $u_agent)) {
    $platform = 'linux';
}
elseif (preg_match('/macintosh|mac os x/i', $u_agent)) {
    $platform = 'mac';
}
elseif (preg_match('/windows|win32/i', $u_agent)) {
    $platform = 'windows';
}

if(preg_match('/MSIE/i',$u_agent) && !preg_match('/Opera/i',$u_agent)) 
{ 
    $bname = 'Internet Explorer'; 
    $ub = "MSIE"; 
} 
elseif(preg_match('/Firefox/i',$u_agent)) 
{ 
    $bname = 'Mozilla Firefox'; 
    $ub = "Firefox"; 
} 
elseif(preg_match('/Chrome/i',$u_agent)) 
{ 
    $bname = 'Google Chrome'; 
    $ub = "Chrome"; 
} 
elseif(preg_match('/Safari/i',$u_agent)) 
{ 
    $bname = 'Apple Safari'; 
    $ub = "Safari"; 
} 
elseif(preg_match('/Opera/i',$u_agent)) 
{ 
    $bname = 'Opera'; 
    $ub = "Opera"; 
} 
elseif(preg_match('/Netscape/i',$u_agent)) 
{ 
    $bname = 'Netscape'; 
    $ub = "Netscape"; 
} 

$known = array('Version', $ub, 'other');
$pattern = '#(?<browser>' . join('|', $known) .
')[/ ]+(?<version>[0-9.|a-zA-Z.]*)#';
if (!preg_match_all($pattern, $u_agent, $matches)) {
}

$i = count($matches['browser']);
if ($i != 1) {
    if (strripos($u_agent,"Version") < strripos($u_agent,$ub)){
        $version= $matches['version'][0];
    }
    else {
        $version= $matches['version'][1];
    }
}
else {
    $version= $matches['version'][0];
}

if ($version==null || $version=="") {$version="?";}

return array(
    'userAgent' => $u_agent,
    'name'      => $bname,
    'version'   => $version,
    'platform'  => $platform,
    'pattern'    => $pattern
);
}

ON SUBMIT: 

if (!empty($_POST['pseudo']) && !empty($_POST['password']))
{
$salt = "salt_test";

$req = $bdd->prepare('SELECT * FROM users WHERE username = :username AND pass = :pass');
$req->execute(array('username' => $_POST['username'], 'pass' => md5(sha1($_POST['pass'].$salt))));
    if ($data = $req->fetch())
    {
        if ($data['stat'] != 0)
        {
        $_SESSION['ID'] = $data['ID'];
        $_SESSION['username'] = $data['username'];
        $_SESSION['stat'] = $data['stat'];

        $req = $bdd->prepare('UPDATE cookies SET last_co = CURRENT_TIMESTAMP WHERE ID_user = :ID');
        $req->execute(array('ID' => $data['ID']));
        $req->closeCursor();

            if(!empty($_POST['cookie']))
            {
            setcookie ('cookie', md5($_POST['username']), time()+604800);

            $ua = getBrowser();
            $yourbrowser= $ua['name']. " " .$ua['version'];

            $req = $bdd->prepare('UPDATE cookies SET hash_username = :hash_username, IP = :IP, browser = :browser WHERE ID_user = :ID');
            $req->execute(array('hash_username' => md5($_SESSION['pseudo']), 'IP' => get_ip(), 'browser' => $yourbrowser, 'ID' => $_SESSION['ID']));
            $req->closeCursor();
            }

        ?><META HTTP-EQUIV="Refresh" CONTENT="0.1; URL=http://localhost/test/" /><?php
        }
        elseif ($data['stat'] == 5)
        {
        $error = 2;
        }
    }
    else
    {
        $error = 1;
    }
$req->closeCursor();
}

ON OF PARTBERS PAGE: 

if (isset($_SESSION['ID']))
{
        if (isset($_COOKIE['cookie'])
        {
        $ip = get_ip();
        $yourbrowser= $ua['name']. " " .$ua['version'];

        $req = $bdd->prepare('SELECT * FROM cookies WHERE hash_username = :hash, IP = :IP, browser = :browser');
        $req->execute(array('hash_username' => md5($_SESSION['username']), 'IP' => $ip, 'browser' => $yourbrowser));
            if ($req->fetch())
        {
            $_SESSION['ID'] = $data['ID'];
            $_SESSION['username'] = $data['username'];
            $_SESSION['stat'] = $data['stat'];
        }
        $req->closeCursor();
    }
}

那么,这种方法是否正常,性能是否很高。难道你不认为每次查询都“无用”吗?

1 个答案:

答案 0 :(得分:1)

使用此代码制作新页

    if (isset($_SESSION['ID']))
{
        if (isset($_COOKIE['cookie'])
        {
        $ip = get_ip();
        $yourbrowser= $ua['name']. " " .$ua['version'];

        $req = $bdd->prepare('SELECT * FROM cookies WHERE hash_username = :hash, IP = :IP, browser = :browser');
        $req->execute(array('hash_username' => md5($_SESSION['username']), 'IP' => $ip, 'browser' => $yourbrowser));
            if ($req->fetch())
        {
            $_SESSION['ID'] = $data['ID'];
            $_SESSION['username'] = $data['username'];
            $_SESSION['stat'] = $data['stat'];
        }
        $req->closeCursor();
    }
}

并将其包含在每个页面中。之后,您将不需要一次又一次地编写代码。

相关问题
最新问题