我是使用PHP的新手。我想爲我的網站添加一個自動登錄部分,以便用戶在我的網站上創建帳戶後自動登錄。有人可以告訴我如何在註冊後自動登錄用戶嗎?我不確定我應該從哪裏開始。我感謝你能給我的所有幫助。非常感謝! :)如何在註冊後自動登錄用戶
這裏是我的register.php腳本:
<?php
ob_start();
session_start();
if(isset($_SESSION['user'])!=""){
header("Location: /");
}
include_once 'dbconnect.php';
$error = false;
if (isset($_POST['btn-signup'])) {
$name = trim($_POST['name']);
$name = strip_tags($name);
$name = htmlspecialchars($name);
$email = trim($_POST['email']);
$email = strip_tags($email);
$email = htmlspecialchars($email);
$pass = trim($_POST['pass']);
$pass = strip_tags($pass);
$pass = htmlspecialchars($pass);
$company = trim($_POST['company']);
$pcompany = strip_tags($company);
$company = htmlspecialchars($company);
if (empty($name)) {
$error = true;
$nameError = "Please enter your full name.";
} else if (strlen($name) < 3) {
$error = true;
$nameError = "Name must have atleat 3 characters.";
} else if (!preg_match("/^[a-zA-Z ]+$/",$name)) {
$error = true;
$nameError = "Name must contain alphabets and space.";
}
if (!filter_var($email,FILTER_VALIDATE_EMAIL)) {
$error = true;
$emailError = "Please enter valid email address.";
} else {
$query = "SELECT userEmail FROM users WHERE userEmail='$email'";
$result = mysqli_query($conn,$query);
$count = mysqli_num_rows($result);
if($count!=0){
$error = true;
$emailError = "Provided Email is already in use.";
}
}
if (empty($pass)){
$error = true;
$passError = "Please enter password.";
} else if(strlen($pass) < 6) {
$error = true;
$passError = "Password must have atleast 6 characters.";
}
$password = hash('sha256', $pass);
if(!$error) {
$query = "INSERT INTO users(userName,userEmail,userPass,userCompany) VALUES('$name','$email','$password','$company')";
$res = mysqli_query($conn,$query);
if ($res) {
$errTyp = "success";
$errMSG = "Successfully registered, you may login now";
unset($name);
unset($email);
unset($pass);
unset($company);
} else {
$errTyp = "danger";
$errMSG = "Something went wrong, try again later...";
}
}
}
//include your login validation
if(empty($errors)){
//User->login(); or anything you use for validating logins
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
<title>Register | Hexa</title>
<link rel="icon" href="https://app.myhexa.co/favicon.ico" type="image/x-icon">
<link href="https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic-ext" rel="stylesheet" type="text/css">
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet" type="text/css">
<link href="plugins/bootstrap/css/bootstrap.css" rel="stylesheet">
<link href="plugins/node-waves/waves.css" rel="stylesheet" />
<link href="plugins/animate-css/animate.css" rel="stylesheet" />
<link href="css/login.css" rel="stylesheet">
</head>
<body class="signup-page bg-blue-grey">
<div class="signup-box">
<div class="logo">
<center><img src="img/logo.png" height="50" width="155"></center>
</div>
<div class="card">
<div class="body">
<form id="sign_up" method="POST">
<div class="msg"><h3 class="col-blue-grey">CREATE ACCOUNT</h3></div><br>
<?php
if (isset($errMSG)) {
?>
<span class="fa fa-exclamation-triangle"></span> <?php echo $errMSG; ?>
</div>
</div>
<?php
}
?>
<div class="input-group">
<span class="input-group-addon">
<i class="material-icons">person</i>
</span>
<div class="form-line">
<input type="text" name="name" class="form-control" placeholder="Name" maxlength="50" value="<?php echo $name ?>" /">
</div>
</div>
<span class="text-danger"><?php echo $nameError; ?></span><br>
<div class="input-group">
<span class="input-group-addon">
<i class="material-icons">email</i>
</span>
<div class="form-line">
<input type="email" name="email" class="form-control" placeholder="Email Address" maxlength="40" value="<?php echo $email ?>" />
</div>
</div>
<span class="text-danger"><?php echo $emailError; ?></span><br>
<div class="input-group">
<span class="input-group-addon">
<i class="material-icons">people</i>
</span>
<div class="form-line">
<input type="text" name="company" class="form-control" placeholder="Company" value="<?php echo $company ?>" />
</div>
</div><br>
<div class="input-group">
<span class="input-group-addon">
<i class="material-icons">lock</i>
</span>
<div class="form-line">
<input type="password" name="password" class="form-control" placeholder="Password" maxlength="15" id="password" required>
</div>
</div>
<span class="text-danger"><?php echo $passError; ?></span><br>
<div class="input-group">
<span class="input-group-addon">
<i class="material-icons">lock</i>
</span>
<div class="form-line">
<input type="password" name="pass" class="form-control" placeholder="Confirm Password" maxlength="15" id="confirm_password" required>
</div>
</div>
<div class="form-group">
<input type="checkbox" name="terms" id="terms" class="filled-in chk-col-deep-orange">
<label for="terms">I read and agree to the <a href="javascript:void(0);">terms of usage</a>.</label>
</div>
<button type="submit" class="btn btn-block btn-lg bg-deep-orange waves-effect" name="btn-signup">REGISTER</button>
<div class="m-t-25 m-b--5 align-center">
<a href="login">Have An Account?</a>
</div>
</form>
</div>
</div>
</div>
<script src="plugins/jquery/jquery.min.js"></script>
<script src="plugins/bootstrap/js/bootstrap.js"></script>
<script src="plugins/node-waves/waves.js"></script>
<script src="plugins/jquery-validation/jquery.validate.js"></script>
<script src="plugins/js/admin.js"></script>
<script>var password = document.getElementById("password")
, confirm_password = document.getElementById("confirm_password");
function validatePassword(){
if(password.value != confirm_password.value) {
confirm_password.setCustomValidity("Passwords Don't Match");
} else {
confirm_password.setCustomValidity('');
}
}
password.onchange = validatePassword;
confirm_password.onkeyup = validatePassword;
</script>
</body>
</html>
<?php ob_end_flush(); ?>
設置與登錄時相同的登錄類型,完成註冊後。 – Qirel
您已經在使用支持**準備語句的API,並且有界變量輸入,您應該使用帶佔位符(準備語句)的參數化查詢來保護數據庫免受[SQL注入](http://stackoverflow.com/q/60174 /)! 開始使用['mysqli :: prepare()'](http://php.net/mysqli.prepare)和['mysqli_stmt :: bind_param()'](http://php.net/mysqli-stmt .bind-PARAM)。 – Qirel
此外,你不應該在密碼上轉義任何東西 - 而'htmlspecialchars()'是用於輸出 - 不是輸入(進入數據庫)。 – Qirel