在我的登录脚本中一切正常。我在div (id=login_reply( 中得到了正确的响应,会话开始了。但是每当我刷新页面时,login_reply就消失了。我如何能够保留login_reply?谢谢!
这是 php:
if (isset($_POST['username'], $_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
$check = mysql_query("SELECT * FROM `userbase` WHERE `user_name` = '$username'");
if (mysql_num_rows($check) > 0)
{
while ($row = mysql_fetch_assoc($check))
{
$user_id = $row['user_id'];
$user_name = $row['user_name'];
$user_email = $row['user_email'];
$user_password = $row['user_password'];
if ($password == $user_password)
{
$_SESSION['user_id'] = $user_id;
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != '')
echo "Welcome back '$user_name'!";
else
{
echo 'no';
}
}
else
echo 'no';
}
}
else
echo 'no';
}
这是 jQuery
$(document).ready(function()
{
$('#login').click(function()
{
var username = $('#username').val();
var password = $('#password').val();
$.ajax(
{
type: 'POST',
url: 'php/login.php',
data: 'username=' +username + '&password=' + password,
success: function(data)
{
if (data != 'no')
{
$('#logform').slideUp(function()
{
$('#login_reply').html(data).css('color', 'white');
});
}
else
$('#login_reply').html('Invalid username or password').css('color', 'red');
}
});
return false;
});
});
问题是JS只是客户端脚本语言 - 它仅在客户端浏览器上处理。
如果您想使用 AJAX 登录,好的,但您必须将登录用户的值存储到会话(或 cookie(中。然后,在每个页面加载时,您将检查该会话或cookie是否已设置和存在,如果是,您将在登录后写下与jQuery相对应的HTML...
换句话说,这是你将要做的:
- 页面加载 - 用户未登录
- 用户填写登录凭据并点击"登录">
- 您检查该用户是否存在,如果存在,则保存
$_SESSION['username']
(例如( - 在 AJAX 中,您可以填补该
$('#login_reply')
- 用户点击您网站中的某些链接
- 检查您是否在
$_SESSION['username']
中设置了值(或索引( - 如果是,通过 PHP 您将填写 #login_replydiv,如果不是,您将看到登录表单...
希望这有帮助...
EDIT1:您还应该以客户端浏览器上没有JS工作(禁用(的方式实现登录功能,因此应将正常的POST计算在内...
编辑2:我还想指出一些一般的编程错误...
这是您的代码,添加了我的注释:
if (isset($_POST['username'], $_POST['password']))
{ // <-- This is a .NET style of writing the brackets that I don't like much and I guess PHP don't like .NET either :-)
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
$check = mysql_query("SELECT * FROM `userbase` WHERE `user_name` = '$username'"); // <-- mysql_* method calls should be replaced by PDO or at least mysqli
// Also the query could be improved
if (mysql_num_rows($check) > 0)
{
while ($row = mysql_fetch_assoc($check)) // <-- why calling while when You expect ONLY one user to be found?
{
$user_id = $row['user_id'];
$user_name = $row['user_name'];
$user_email = $row['user_email'];
$user_password = $row['user_password']; // <-- What are these last 4 lines good for? This is useless...
if ($password == $user_password) // <-- this condition SHOULD be within the SQL query...
{
$_SESSION['user_id'] = $user_id;
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != '') // <-- this condition is useless as You have just set the session variable...
// ALSO, if You use brackets with else it is good to use brackets also with if
echo "Welcome back '$user_name'!";
else
{
echo 'no';
}
}
else
echo 'no';
}
}
else
echo 'no';
}
这是我重写的代码(仍在使用 mysql_*,对此表示抱歉(:
if (isset($_POST['username'], $_POST['password'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
$check = mysql_query("SELECT * FROM `userbase` WHERE `user_name` = '{$username}' AND `user_password` = '{$password}' LIMIT 1"); // <-- We check whether a user with given username AND password exists and we ONLY want to return ONE record if found...
if ($check !== false) {
$row = mysql_fetch_assoc($check);
$_SESSION['user_id'] = $row['user_id'];
echo "Welcome back '{$row['user_name']}'!";
} else {
echo 'no';
}
} else
echo 'no';
}
最简单的解决方案是使用 cookie:
在PHP端,你声明并删除cookie:
<?php
if (!isset($_COOKIE['new_one']) ) {
setcookie('new_one', "ole", 0, "/");
echo "logged in";
}
else {
setcookie('new_one', null);
echo "logged out";
}
?>
在jQuery客户端:
$(document).ready(function() {
if ($.cookie("new_one") === "ole") {
$('#login_reply').html("Show msg only when the server sets the cookie.");
}
});
您需要将登录回复数据存储在服务器上的某个位置或会话中; JavaScript 是一种客户端语言,因此在刷新之间不会保留任何实现的值。
我建议你存储结果,然后在用php生成页面时检查它是否存在;如果有,填写数据......等等。