<?php
if ($deng){
if($CheckCode!= $_SESSION['SafeCode']||empty($CheckCode)){
echo "<script>alert('校验码不正确!');window.location.href='index.php';</script>";
exit;
}
if(isset($_POST['admin_user']) || isset($_POST['admin_pass'])){
$conn=mysql_connect("localhost","root","root");
mysql_query("set names 'gb2312'");
mysql_select_db("biba",$conn);
$sql=mysql_query("select * from tb_admin where admin_user='{$_POST[admin_user]}'and admin_pass='{$_POST[admin_pass]}'",$conn);
if(!$result){
$_SESSION['admin_user']=$_POST['admin_user'];
$_SESSION['admin_pass']=$_POST['admin_pass'];
echo "<script>alert('管理员登录成功!');window.location.href='indexs.php';</script>";
}else{
echo "<script>alert('管理员登录失败!');</script>";
}
}
}?>
if ($deng){
if($CheckCode!= $_SESSION['SafeCode']||empty($CheckCode)){
echo "<script>alert('校验码不正确!');window.location.href='index.php';</script>";
exit;
}
if(isset($_POST['admin_user']) || isset($_POST['admin_pass'])){
$conn=mysql_connect("localhost","root","root");
mysql_query("set names 'gb2312'");
mysql_select_db("biba",$conn);
$sql=mysql_query("select * from tb_admin where admin_user='{$_POST[admin_user]}'and admin_pass='{$_POST[admin_pass]}'",$conn);
if(!$result){
$_SESSION['admin_user']=$_POST['admin_user'];
$_SESSION['admin_pass']=$_POST['admin_pass'];
echo "<script>alert('管理员登录成功!');window.location.href='indexs.php';</script>";
}else{
echo "<script>alert('管理员登录失败!');</script>";
}
}
}?>
session_start();//开启session服务
if ($deng){
if($CheckCode!= $_SESSION['SafeCode']||empty($CheckCode)){
echo "<script>alert('校验码不正确!');window.location.href='index.php';</script>";
exit;
}
if(isset($_POST['admin_user']) && isset($_POST['admin_pass'])){//要都为存在
$conn=mysql_connect("localhost","root","root");
mysql_query("set names 'gb2312'");
mysql_select_db("biba",$conn);
$sql=mysql_query("select * from tb_admin where admin_user='{$_POST[‘admin_user’]}' and admin_pass='{$_POST[‘admin_pass’]}'",$conn);//这里的代码,$_POST中括号里没加单引号
$res=mysql_num_rows($sql);//求出结果集的行数
if(!$res){//用上一步取得的行数
$_SESSION['admin_user']=$_POST['admin_user'];
$_SESSION['admin_pass']=$_POST['admin_pass'];
echo "<script>alert('管理员登录成功!');window.location.href='indexs.php';</script>";
}else{
echo "<script>alert('管理员登录失败!');</script>";
}
}
}?>
这是接收页面的代码,1种是访问数据库 一种是直接本地的
<?php
$name = $_POST['name'];//接收用户名
$pwd = $_POST['pwd'];//接收密码
if($name==null and $pwd==null){
header("Location: login.php");
exit();
}
//通过数据库验证
include_once "conn.php";$sql = "select pwd,name from admin where name='$name'";//读取admin表,账号名字=$name的情况下读取字段pwd(密码)
$res = mysqli_query($con,$sql);//运行
if($row=mysqli_fetch_assoc($res)){
if($row['pwd']==($pwd)){
//对比数据库密码和输入密码是否一致,合法用户跳转到index.php页面
session_start();
$_SESSION['username']=$name;
header("Location: index.php");
exit();
}
//如果是非法用户,返回login.php
header("location: login.php?erron=1");
exit();
}
mysqli_close($con);
//认证用户,不通过数据库
/*if($name=='admin'&&$pwd=='123456'){
//合法用户跳转到index.php页面
header("Location: index.php");
exit();
}else{
//如果是非法用户,返回login.php
header("location: login.php?erron=1");
}
*/
?>