/** BEGIN function
*
* 作者:偶然
* 功能:用户登录
* 时间:2003.7.5
* 变量:
* username=用户输入的账号;
* password=用户密码;
* table =用户信息表;
* 返回:none
* 示例:
*
*/
function checkmanager($managername,$password,$table,$field_index,$field_query) {
$sql = '';
$num = '';
$array = array();
if($managername==''||$password=='') {
$msg = "You didn't input any username or password!";
error_back($msg);
}
elseif(eregi("[^0-9a-zA-Z_\-]+",$managername)) {
$msg = "Your input is not a correct format!!";
error_back($msg);
}
elseif(!eregi(".{4,}",$password)) {
$msg = "need 4 words at least!!";
error_back($msg);
}
else {
$query = @mysql_query("select * from $table where $field_index='$managername'");
$num = @mysql_num_rows($query);
if($num!='1') {
$msg = "There isn't a manager which username or password like this!!";
error_back($msg);
}
else {
$array= @mysql_fetch_array($query);
$pass_store= $array['m_psd'];
if(md5($password)==$pass_store) {
echo "<center><h2>Successful!!Thanks for your login!!</h2></center>";
session_register('managername');
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=admin.php\">";
}
}
}
}//登录
if($_POST['login']!='') {
$m_name = trim($_POST['managername']);
$m_word = trim($_POST['managerpass']);
$table = "manager";
$field_index = "m_name";
$field_query = "m_psd";
checkmanager($m_name,$m_word,$table,$field_index,$field_query);
}
注册实际上就一个sql
insert into $tablename (XXX,XXX……) values (XXX,XXX……);注销就是把session清掉
session_destroy();
*
* 作者:偶然
* 功能:用户登录
* 时间:2003.7.5
* 变量:
* username=用户输入的账号;
* password=用户密码;
* table =用户信息表;
* 返回:none
* 示例:
*
*/
function checkmanager($managername,$password,$table,$field_index,$field_query) {
$sql = '';
$num = '';
$array = array();
if($managername==''||$password=='') {
$msg = "You didn't input any username or password!";
error_back($msg);
}
elseif(eregi("[^0-9a-zA-Z_\-]+",$managername)) {
$msg = "Your input is not a correct format!!";
error_back($msg);
}
elseif(!eregi(".{4,}",$password)) {
$msg = "need 4 words at least!!";
error_back($msg);
}
else {
$query = @mysql_query("select * from $table where $field_index='$managername'");
$num = @mysql_num_rows($query);
if($num!='1') {
$msg = "There isn't a manager which username or password like this!!";
error_back($msg);
}
else {
$array= @mysql_fetch_array($query);
$pass_store= $array['m_psd'];
if(md5($password)==$pass_store) {
echo "<center><h2>Successful!!Thanks for your login!!</h2></center>";
session_register('managername');
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=admin.php\">";
}
}
}
}//登录
if($_POST['login']!='') {
$m_name = trim($_POST['managername']);
$m_word = trim($_POST['managerpass']);
$table = "manager";
$field_index = "m_name";
$field_query = "m_psd";
checkmanager($m_name,$m_word,$table,$field_index,$field_query);
}
注册实际上就一个sql
insert into $tablename (XXX,XXX……) values (XXX,XXX……);注销就是把session清掉
session_destroy();
error_back()
/** BEGIN function
*
* 作者:偶然
* 功能:后退
* 时间:2003.7.5
* 变量:$msg
* 返回:none
* 示例:
*
*/
function error_back($msg){
echo "<center><h2>".$msg."<hr></h2><a href=\"javascript:history.back()\">请点击此处返回!!</a></center>";
exit();
}
好象回答了不少问题啊
怎么现在还只有3角
/********************/
/* 身份验证文件 */
/********************/
require('mana/conn.php'); //包含一个数据库连接文件
require('mana/function.php');//包含一个函数库文件
require('lang/lang.php');
$ip = getenv ("REMOTE_ADDR");
/*************非法字符串的检查*****************/
$m_notchar="$#@!%&*?";
if(strlen("$user_id")>strlen("$pass_word")){
$c_len=strlen("$user_id");
}else{
$c_len=strlen("$password");
}
for($i=0;$i<$c_len;$i++){
$m_chk=substr("$user_id",$i,1);
$m_chk_pass=substr("$pass_word",$i,1);
for($k=0;$k<strlen($m_notchar);$k++){
$m_not_chk=substr("$m_notchar",$k,1);
if($m_chk==$m_not_chk){ //用户名判断
header("location:index.php");
exit;
}
if($m_chk_pass==$m_not_chk){ //密码判断
header("location:index.php");
exit;
}
}
}
/*************非法字符串的检查*****************/
//
$m_sql = "SELECT *
FROM t500
WHERE user_id='$user_id' and pass_word='$pass_word'";//进行表单验证
$m_result = sql_query($m_sql,$link)
or die (L_err_data);//发送请求到SQL中$m_num = sql_num_rows($m_result);//返回结果$m_row=sql_fetch_array($m_result);
if ($m_num == 1) {
$user_name=$m_row["user_name"];
setcookie("m_user_id","$user_id");
setcookie("m_user_pass","$pass_word");
setcookie("ip","$ip");
setcookie("m_user_name","$user_name");
$sql="insert into t530 values ('$m_user_name','$intime','','$ip')";
sql_query($sql,$link);
header("location:p_ap/index2.php");
}else{
echo F_errmsg();
exit;
}
?>