/** BEGIN function
*
* 作者:偶然
* 功能:后退
* 时间:2003.7.5
* 变量:$msg
* 返回:none
* 示例:
*
*/
function error_back($msg){
echo "<center><h2>".$msg."<hr></h2><a href=\"javascript:history.back()\">请点击此处返回!!</a></center>";
exit();
}/** BEGIN function
*
* 作者:偶然
* 功能:管理员登录验证
* 时间:2003.7.5
* 变量:
* username=用户输入的账号;
* password=用户密码;
* table =用户信息表;
* 返回:none
* 示例:
*
*/
function checkmanager($managername,$password,$table,$field_index,$field_query) {
$sql = '';
$num = '';
$array = array();
if($managername==''||$password=='') {
$msg = "You didn't input any username or password!";
error_back($msg);
}
elseif(eregi("[^0-9a-zA-Z_\-]+",$managername)) {
$msg = "Your input is not a correct format!!";
error_back($msg);
}
elseif(!eregi(".{4,}",$password)) {
$msg = "need 4 words at least!!";
error_back($msg);
}
else {
$query = @mysql_query("select * from $table where $field_index='$managername'");
$num = @mysql_num_rows($query);
if($num!='1') {
$msg = "There isn't a manager which username or password like this!!";
error_back($msg);
}
else {
$array= @mysql_fetch_array($query);
$pass_store= $array['m_psd'];
if(md5($password)==$pass_store) {
echo "<center><h2>Successful!!Thanks for your login!!</h2></center>";
session_register('managername');
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=admin.php\">";
}
}
}
}//登录
if($_POST['login']!='') {
$m_name = trim($_POST['managername']);
$m_word = trim($_POST['managerpass']);
$table = "manager";
$field_index = "m_name";
$field_query = "m_psd";
checkmanager($m_name,$m_word,$table,$field_index,$field_query);
}数据表很简单:
CREATE TABLE `manager` (
`m_id` int(10) unsigned NOT NULL auto_increment,
`m_name` varchar(25) NOT NULL default '',
`m_psd` varchar(32) NOT NULL default '',
UNIQUE KEY `m_id` (`m_id`),
KEY `m_name` (`m_name`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;其实这样的代码到处都是,完全可以自己写一份呀。
*
* 作者:偶然
* 功能:后退
* 时间:2003.7.5
* 变量:$msg
* 返回:none
* 示例:
*
*/
function error_back($msg){
echo "<center><h2>".$msg."<hr></h2><a href=\"javascript:history.back()\">请点击此处返回!!</a></center>";
exit();
}/** BEGIN function
*
* 作者:偶然
* 功能:管理员登录验证
* 时间:2003.7.5
* 变量:
* username=用户输入的账号;
* password=用户密码;
* table =用户信息表;
* 返回:none
* 示例:
*
*/
function checkmanager($managername,$password,$table,$field_index,$field_query) {
$sql = '';
$num = '';
$array = array();
if($managername==''||$password=='') {
$msg = "You didn't input any username or password!";
error_back($msg);
}
elseif(eregi("[^0-9a-zA-Z_\-]+",$managername)) {
$msg = "Your input is not a correct format!!";
error_back($msg);
}
elseif(!eregi(".{4,}",$password)) {
$msg = "need 4 words at least!!";
error_back($msg);
}
else {
$query = @mysql_query("select * from $table where $field_index='$managername'");
$num = @mysql_num_rows($query);
if($num!='1') {
$msg = "There isn't a manager which username or password like this!!";
error_back($msg);
}
else {
$array= @mysql_fetch_array($query);
$pass_store= $array['m_psd'];
if(md5($password)==$pass_store) {
echo "<center><h2>Successful!!Thanks for your login!!</h2></center>";
session_register('managername');
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=admin.php\">";
}
}
}
}//登录
if($_POST['login']!='') {
$m_name = trim($_POST['managername']);
$m_word = trim($_POST['managerpass']);
$table = "manager";
$field_index = "m_name";
$field_query = "m_psd";
checkmanager($m_name,$m_word,$table,$field_index,$field_query);
}数据表很简单:
CREATE TABLE `manager` (
`m_id` int(10) unsigned NOT NULL auto_increment,
`m_name` varchar(25) NOT NULL default '',
`m_psd` varchar(32) NOT NULL default '',
UNIQUE KEY `m_id` (`m_id`),
KEY `m_name` (`m_name`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;其实这样的代码到处都是,完全可以自己写一份呀。
解决方案 »
- php 转 java
- 调用mysqli函数出现问题,已经配置好环境
- loadHTMLFile不支持innerHTML吗?
- 怎么从表单的<TEXTAREA>中读取数据,每一行复制给一个数组变量?
- PHP数组问题 array
- 谁能设置这个Cookie?
- 关于URL转来的参数
- 国家规定,春节初一到初七放假,我离家乡数千里,初一是回不了家了,55555555555555555555555555555
- PHP能否读取其它语言创建的Cookie或Session?
- 急呀~~! 高手請進,Excel 報表出錯.``````````````````````在線等.
- 紧急求助,请大侠们帮帮忙!
- 还是有关用户身份验证的问题!!!
eregi("[^0-9a-zA-Z_\-]+",$managername)
改成
eregi("[^0-9a-zA-Z_\-]{4,25}",$managername)
也就是说把用户名限制在4-25位之间。
!eregi(".{4,}",$password)
我改成了
(eregi("[^0-9a-zA-Z_\-]{4,25}",$password)
也对密码输入加以限制。
另外在这一段之后加上出错处理
if(md5($password)==$pass_store) {
echo "<center><h2>Successful!!Thanks for your login!!</h2></center>";
session_register('managername');
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=admin.php\">";
}
else{
//如果密码与账号不符则跳转至error.htm页,并结束程序
header("location: error.htm");
exit;
}