第二十七章 建立用户身份验证机制和个性化设置
实现数据库
一个用户有许多书签,许多用户可能注册了同一个书签
表字段一览
bookmark表
username
bm_URL
user表
username
passwd
email
实现数据库
create database bookmarks;
use bookmarks;
create table user (
username varchar(16) primary key,
passwd char(40) not null,
email varchar(100) not null
);
create table bookmark (
username varchar(16) not null,
bm_URL varchar(255) not null,
index (username),
index (bm_URL)
);
grant select, insert, update, delete
on bookmarks.*
to bm_user@localhost identified by 'password';
实现基本的网站
login.php
<?php
require_once('bookmark_fns.php');
//绘制html标题
do_html_header('');
//显示内容
display_site_info();
display_login_form();
//绘制页脚
do_html_footer();
?>
系统中的函数都包含在bookmark_fns.php文件中,创建这个文件是因为在大部分脚本里都要用到这5个函数文件,在每个脚本里包含这一个文件而不是使用5个require语句会更简洁
bookmark_fns.php
<?php
// We can include this file in all our files
// this way, every file will contain all our functions and exceptions
require_once('data_valid_fns.php');
require_once('db_fns.php');
require_once('user_auth_fns.php');
require_once('output_fns.php');
require_once('url_fns.php');
?>
output_fns.php文件包含了在login.php中使用的4个函数,拿do_html_header来说,这个函数输出在本应用程序的每个页面中都将出现的标准标题
function do_html_header($title) {
// print an HTML header
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title><?php echo $title;?></title>
<style>
body { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
hr { color: #3333cc;}
a { color: #000 }
div.formblock
{ background: #ccc; width: 300px; padding: 6px; border: 1px solid #000;}
</style>
</head>
<body>
<div>
<img src="bookmark.gif" alt="PHPbookmark logo" height="55" width="57"
style="float: left; padding-right: 6px;" />
<h1>PHPbookmark</h1>
</div>
<hr />
<?php
if($title) {
do_html_heading($title);
}
}
login.php中使用的其他函数与该函数类似。display_site_info()函数添加一此关于网站的文本;display_site_info()函数添加一此关于网站的文本;display_login_form()显示灰色表单;do_html_footer()为页面添加一个标准的html页脚
用户在这个页面可以注册、登录、修改密码
实现用户身份验证
注册用户
注册一个用户,需要一个表单
当用户点击login.php页面上的not a member链接时,就会出现一个由register_form.php产生的注册表单
register_form.php
<?php
require_once('bookmark_fns.php');
do_html_header('User Registration');
display_registration_form();
do_html_footer();
?>
该页的灰色表单是由display_registration_form()函数输出的,该函数也包含在output_fns.php中,当用户点击register按键时,register_new.php 脚本将运行
register_new.php
<?php
require_once('bookmark_fns.php');
$email=$_POST['email'];
$username=$_POST['username'];
$passwd=$_POST['passwd'];
$passwd2=$_POST['passwd2'];
session_start();
//脚本的主体有一个try语句块,因为需要检查许多条件,如果什么样一个条件失败,执行将进catch语句块
try {
//检查表单是否完全填写
if (!filled_out($_POST)) {
throw new Exception('You have not filled the form out correctly - please go back and try again.');
}
// 检查邮件地址是否有效,位于data_valid_fns.php函数库
if (!valid_email($email)) {
throw new Exception('That is not a valid email address. Please go back and try again.');
}
// 验证用户两次输入的密码 是否一致
if ($passwd != $passwd2) {
throw new Exception('The passwords you entered do not match - please go back and try again.');
}
//验证密码长度是否在规定范围之内
if ((strlen($passwd) < 6) || (strlen($passwd) > 16)) {
throw new Exception('Your password must be between 6 and 16 characters. Please go back and try again.');
}
register($username, $email, $passwd);
$_SESSION['valid_user'] = $username;
do_html_header('Registration successful');
echo 'Your registration was successful. Go to the members page to start setting up your bookmarks!';
do_html_url('member.php', 'Go to members page');
do_html_footer();
}
catch (Exception $e) {
do_html_header('Problem:');
echo $e->getMessage();
do_html_footer();
exit;
}
?>
data_valid_fns.php
<?php
function filled_out($form_vars) {
// test that each variable has a value
foreach ($form_vars as $key => $value) {
if ((!isset($key)) || ($value == '')) {
return false;
}
}
return true;
}
function valid_email($address) {
// check an email address is possibly valid
if (preg_match('/^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$/', $address)) {
return true;
} else {
return false;
}
}
?>