PHP $_POST["密码"]答案

【问题标题】：PHP $_POST["password"]PHP $_POST["密码"]
【发布时间】：2014-11-20 18:17:40
【问题描述】：

我正在尝试构建一个登录页面，用户在其中输入密码，如果它与“秘密”字词匹配，用户可以探索 3 个选项。我已尝试使用 session_start()，并启用“身份验证”以便能够查看 3 个选项，但每次单击它们时，它们都会将我带回主页。我究竟做错了什么？ PS我希望在我成功验证后能够隐藏登录表单。非常感谢任何帮助。

<?php session_start(); ?>
<!DOCTYPE html>
<head>
    <title>
    </title>
</head>

<body>

<?php
$entries = array(
    array(
        'stage' => 'Stage One',
        'plan' => 'To begin your plan, you must first Blackmail a Town Mascot. This will cause the world to sit up and take notice, stunned by your arrival. Who is this Ripe Bastard? Where did they come from? And why do they look so good as a Dark Gunslinger?',
    ),
    array(
        'stage' => 'Stage Two',
        'plan' => 'Next, you will Desecrate the Internet. This will cause countless hordes of Computer Programmers to flock to you, begging to do your every bidding. Your name will become synonymous with Dear God No, as lesser men whisper your name in terror.',
    ),
    array(
        'stage' => 'Stage Three',
        'plan' => 'Finally, you will Reveal to the World your Needlessly Big Weather Machine, bringing about an End to Sanity. This will all be done from a Fake Mountain, an excellent choice if we might say. These three deeds will herald the end, and the citizens of this planet will have no choice but to elect you their new god.',
    ),
);
?>

<?php if (  isset($_POST["password"])==FALSE) : ?>

    <form action="wd.php" method="POST">
        <div>Please login</div>
        Password:<br>
        <input type="text" name="password"/>
        <br>
        <input type="submit" value="Submit"/>

    </form>

<?php else: ?>
<?php endif; ?>

<?php if (isset($_POST["password"])): ?>




    <?php if ($_POST["password"] == "secret"):
        ?>
        <?php $_SESSION["authenticate"] = 1; ?>
    <?php else: ?>

        <?php $_SESSION["authenticate"] = 0; ?>
        <a href="wd.php"></a>
    <?php endif; ?>


    <?php if ($_SESSION["authenticate"] == 1): ?>
        <?php foreach ($entries as $k => $v): ?>
            <a href="<?php echo $_SERVER['PHP_SELF'] . "?stage_id={$k}" ?>"><?php echo $entries[$k]['stage'] ?></a>

        <?php endforeach ?>
        <form method="POST">
            <button name ="stop"> Stop </button>

        </form>
        <?php if (isset($_GET["stage_id"])): ?>

            <p><?php echo $entries[$_GET["stage_id"]]['stage']; ?></p>
            <p><?php echo $entries[$_GET["stage_id"]]['plan']; ?></p>




        <?php endif; ?>
        <?php
        if (isset($_POST["stop"])):
            session_destroy();
            ?>  
        <?php endif; ?>
<?php else: ?> 

        <form action="wd.php" method="POST">
            <div>Please login</div>
            Password:<br>
            <input type="text" name="password"/>
            <br>
            <input type="submit" value="Submit"/>

        </form>
        <?php echo "invalid password"; ?>

<?php endif; ?>

【问题讨论】：

这与原始问题无关，但您真的不应该在您正在编写的每一行中打开和关闭那些 <?php ?> 标记，因为这会减慢执行速度。如果您之后重新打开它，请不要关闭它！
“返回主页”是指登录表单吗？
您需要在开始时检查会话变量。如果他们已经通过身份验证，则无需检查密码或显示登录表单。
@ZougenMoriver，回到登录表单。 Bartdude 10 倍的小费。到目前为止，我还在尝试理解 PHP 机制，而且有点棘手。一旦我设法使它工作，或者当我有其他问题时，我会尽快回复。

标签： php html session post

【解决方案1】：

首先，重新组织您的代码。您必须混合大量 PHP 和 HTML 以保持良好的可读性。首先，做所有的 PHP 处理。然后显示包含最少 PHP 的 HTML。

对于这个bug，了解每次页面加载时，都会测试$_POST["password"] == "secret"，所以每次都要重写$_SESSION["authenticate"]。

【讨论】：

【解决方案2】：

<?php
session_start();  //start the session

function loginForm($url) //gets back the login form
{
    $res = '<form action="'.$url.'" method="POST">
        <div>Please login</div>
        Password:<br>
        <input type="text" name="password"/>
        <br>
        <input type="submit" value="Submit"/>

    </form>';

    return $res;
}

function showError($message)
{
   echo "<p class='error'>".$message."</p>";
}

function login($password) //handles the login
{
    $_SESSION['authenticate'] = ($password == 'secret');
}

function logout() //handles the logout
{
    unset($_SESSION['authenticate']);
}

function isAuthenticated() //returns if someone is authenticated
{
    return isset($_SESSION['authenticate']) && $_SESSION['authenticate'];
}

if(isset($_POST['password']) //if there is a new password, you can try to login
    $error = login($_POST['password']);

if(!isAuthenticated()) //if someone isn't authenticated you can show the login form, else show the rest
{
    echo loginForm("wd.php");
    if($error) showError("Wrong password!");
}
else{
    echo "logged in";
}

看看这个，使用函数甚至是OOP是一个好习惯。您的代码将变得更加可重用等。

【讨论】：