[PHP知识库]【PHP基础】之【php搭建简易的学生管理系统，有注册登录注销功能，使用session做权限管理】

功能介绍

首页index.html：

登录login.html：

注册register.html：

当密码正确时（使用预编译查询，会做session校验）：
学生登陆成功后，会显示其分数（student.php）：


老师登录成功会显示所有学生成绩，并可以修改（teacher.php）：

当密码错误时：

注册时（使用预编译）会做密码长度和确认判断（JS）：

注册成功会跳转到登录页面：

注册成功默认为学生用户，成绩为空：

项目结构

源码

index.html

<html lang="zh">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>首页</title>
</head>
<body>
    <a href="login.html"><button type="button">登录</button></a>
    <a href="register.html"><button type="button">注册</button></a>
</body>
</html>

register.html

<html lang="zh">
  <head>
    <meta charset="UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>注册</title>
  </head>
  <script>
    function refer() {
      if (document.referrer == "http://192.168.8.46/test4/register.php") {
        document.getElementById("txtHint").innerHTML = "注册失败！";
      }
    }
    function checkPwd() {
      var name = document.getElementById("pwd").value;
      if (name.length < 6) {
        pwdSpan.innerHTML = "<font color='red'>至少6位！</font>";
      } else {
        pwdSpan.innerHTML = "<font color='green'>√</font>";
      }
    }
    function checkPwdEq() {
      var pwd1 = document.getElementById("pwd").value;
      var pwd2 = document.getElementById("pwdCK").value;
      if (pwd1 === pwd2) {
        pwdCKSpan.innerHTML = "<font color='green'>√</font>";
      } else {
        pwdCKSpan.innerHTML = "<font color='red'>密码不一致！</font>";
      }
    }
  </script>
  <body onload="refer()">
    <form action="register.php" method="post">
      账号：<input type="text" name="username" id="username" />
      
      <br />
      密码：<input
        type="password"
        name="password"
        id="pwd"
        onblur="checkPwd()"
      /><span id="pwdSpan"></span>
      <br />
      确认密码：<input
        type="password"
        name="checkpassword"
        id="pwdCK"
        onblur="checkPwdEq()"
      /><span id="pwdCKSpan"></span>
      <br />
      真实姓名：<input type="text" name="realname" id="realname" />
      <br />
      <button type="submit" onclick="sendData()">注册</button>
      <br />
      <span id="txtHint" style="color: red"></span>
    </form>
  </body>
</html>

register.php

<?php
header("content-type:text/html; charset=utf-8");
$con = mysqli_connect("localhost", "root", "123456", "test");
// 检查连接
if (!$con) {
    die("连接错误: " . mysqli_connect_error());
}

mysqli_query($con, "set names utf8");
// 解决插入中文乱码问题

// 预处理及绑定
$stmt = $con->prepare("INSERT INTO `users` (username, realname, password, role) VALUES (?, ?, ?, ?)");
// 绑定字符串
$stmt->bind_param("ssss", $username, $realname, $userpwd, $role);

$username = $_POST['username'];
$realname = $_POST['realname'];
$userpwd = $_POST['password'];
$role = 'student';
// 设置参数

// 执行语句
if ($stmt->execute()) {
    header("Location: login.html");
} else {
    echo "注册失败！";
}

// 关闭预处理及sql通道
$stmt->close();
mysqli_close($con);

login.html

<html lang="zh">
  <head>
    <meta charset="UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>登录页面</title>
  </head>
  <script>
    // 通过referrer判断是从那个页面来的，并提示相应信息
    function refer() {
        
      $ref = document.referrer;
      if ($ref == "http://192.168.8.46/test4/login.html") {
        document.getElementById("txtHint").innerHTML =
          "账号或密码错误，请重新登录！";
      } else if ($ref == "http://192.168.8.46/test4/register.html") {
        document.getElementById("txtHint").innerHTML = "注册成功！";
      } else if (
        $ref == "http://192.168.8.46/test4/student.php" ||
        $ref == "http://192.168.8.46/test4/teacher.php"
      ) {
        document.getElementById("txtHint").innerHTML = "注销成功！";
      }
    }
  </script>
  <body onload="refer()">
    <form action="login.php" method="post">
      账号：<input type="text" name="username" id="username" />
      <br />
      密码：<input type="password" name="password" id="password" />
      <br />
      <button type="submit" onclick="sendData()">登录</button>
      <br />
      <span id="txtHint" style="color: red"></span>
    </form>
  </body>
</html>

login.php

<?php session_start();
header("content-type:text/html; charset=utf-8");
// 解决插入中文乱码问题

$con = mysqli_connect("localhost", "root", "123456", "test");
// 检查连接
if (!$con) {
    die("连接错误: " . mysqli_connect_error());
}
mysqli_query($con, "set names utf8");
// 解决插入中文乱码问题

$stmt = $con->prepare("SELECT * FROM users WHERE username = ? AND password = ?");
// 预处理
$stmt->bind_param("ss", $username, $password);
// 绑定字符串
$stmt->bind_result($id, $username, $realname, $password, $role, $score);
// 绑定结果集

$username = $_POST['username'];
$password = $_POST['password'];
// 接收参数

$stmt->execute();
// 执行语句

$result = $stmt->result_metadata();
// 接收结果集

while ($stmt->fetch()) {
    // echo "$id, $username, $password, $role, $score <br>";
}
// 遍历匹配结果（否则匹配条数num_rows为0）


if ($stmt->num_rows != 0) {
    // 如果查询到数据，根据role值设置Session，并跳转到对应页面
    if ($role == 'teacher') {
        $_SESSION['id'] = $id;
        $_SESSION['role'] = 'teacher';
        // 设置session
        header("Location: teacher.php");
        // 跳转页面
    } else {
        $_SESSION['id'] = $id;
        $_SESSION['role'] = 'student';
        // 设置session
        header("Location: student.php");
        // 跳转页面
    }
} else {
    // 登陆失败跳转登录页面
    header("Location: login.html");
}

// 关闭预处理及sql通道
$stmt->close();
mysqli_close($con);

student.php

<?php session_start();
header("content-type:text/html; charset=utf-8");

// 验证Session
if (isset($_SESSION["role"]) && $_SESSION["role"] === 'student') {

    $con = mysqli_connect("localhost", "root", "123456", "test");
    // 检查连接
    if (!$con) {
        die("连接错误: " . mysqli_connect_error());
    }
    $sql = "SELECT * FROM users WHERE id = " . $_SESSION['id'];
    // 根据Session中的id查询记录
    $result = mysqli_query($con, $sql);
    // 获得结果集
    $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
    // 从结果集获得第一条关联数组

    if ($row["score"] === null) {
        // 如果score字段对应记录为空打印没有成绩
        echo "欢迎您！" . $row["username"] . "同学，你还没有成绩。";
    } else {
        // 不为空则打印成绩
        echo "欢迎您！" . $row["username"] . "同学，您的成绩为：" . $row["score"];
    }

    // 释放结果集
    mysqli_free_result($result);
    mysqli_close($con);
} else if (isset($_SESSION["role"]) && $_SESSION["role"] === 'teacher') {

    //  如果设置了session，重定向到其对应页面
    header("Location: teacher.php");
} else {
    // 如果没有Session，重定向到登录页面
    header("Location: login.html");
}
?>
<html lang="zh">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>学生页面</title>
</head>

<body>
    <form action="cancellation.php">
        <button type="submit">注销</button>
    </form>
</body>

</html>

teacher.php

<?php session_start();
header("content-type:text/html; charset=utf-8");

// 验证Session
if (isset($_SESSION["role"]) && $_SESSION["role"] === 'teacher') {
    $con = mysqli_connect("localhost", "root", "123456", "test");
    // 检查连接
    if (!$con) {
        die("连接错误: " . mysqli_connect_error());
    }
    mysqli_query($con, "set names utf8");
    // 解决插入中文乱码问题
    
    echo "欢迎您老师，学生成绩：<br>";
    $sql = "SELECT * FROM users WHERE role = 'student'";
    $result = mysqli_query($con, $sql);
    // 查询所有学生信息并返回结果集

    
    echo '<table  border="1px" width="300px"><tr><td>学号</td><td>姓名</td><td style="width:50px">成绩</td><td style="width:50px"></td></tr>';
    // 构建一个表，打印标题行
    if ($result->num_rows > 0) {
        // 输出数据
        while ($row = $result->fetch_assoc()) {
            echo "<form action='change.php' method='post'><tr><td>" . $row["id"] ."<input type='hidden' name='id' value='" . $row["id"] ."'/>". "</td><td>" . $row["realname"] . "</td><td>" . "<input name='score' style='width:50px' type='text' placeholder='" . $row["score"] . "'/>" . "</td><td><button type='submit' style='width:50px'>修改</button></td></tr></form>";
        }
    } else {
        echo "0 结果";
    }
    echo "</table>";

    // 释放结果集
    mysqli_free_result($result);
    mysqli_close($con);
} else if (isset($_SESSION["role"]) && $_SESSION["role"] === 'student') {
    //  验证失败并重定向到响应界面...
    header("Location: student.php");
} else {
    // 没有设置session跳转到登录界面
    header("Location: login.html");
}
?>
<html lang="zh">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>教师页面</title>
</head>
<body>
    <form action="cancellation.php">
        <button type="submit">注销</button>
    </form>
</body>
</html>

change.php

<?php session_start();
header("content-type:text/html; charset=utf-8");

// 验证Session
if (isset($_SESSION["role"]) && $_SESSION["role"] === 'teacher') {
    $con = mysqli_connect("localhost", "root", "123456", "test");
    // 检查连接
    if (!$con) {
        die("连接错误: " . mysqli_connect_error());
    }
    mysqli_query($con, "set names utf8");
    // 解决插入中文乱码问题
    
    $sql = "UPDATE users SET score=".$_POST['score']." WHERE id=".$_POST['id'];
    if(mysqli_query($con, $sql)){
        header("Location: teacher.php");
    }else{
        echo '修改失败！';
    }
    mysqli_close($con);
} else if (isset($_SESSION["role"]) && $_SESSION["role"] === 'student') {
    //  验证失败并重定向到响应界面...
    header("Location: stuent.php");
} else {
    // 没有设置session跳转到登录界面
    header("Location: login.html");
}
?>

cancellation.php

<?php session_start();
session_destroy();
// 销毁Session
header("Location: login.html");
// 跳转到登录页面