Home >Backend Development >PHP Tutorial >寻求帮助关于网站后台建设:为什么验证码错误也能登陆后台

寻求帮助关于网站后台建设:为什么验证码错误也能登陆后台

WBOY
WBOYOriginal
2016-06-23 13:56:481192browse

header ( "Content-type: text/html; charset=gb2312" ); 
 class chkinput{
   var $name;
   var $pwd;

   function chkinput($x,$y)
    {
     $this->name=$x;
     $this->pwd=$y;
    }

   function checkinput()
   {
     include("../conn/conn.php");
     $sql=mysql_query("select * from tb_admin where name='".$this->name."'",$conn);
     $info=mysql_fetch_array($sql);
     if($info==false)
       {
          echo "<script>alert('不存在此管理员!');history.back();</script>";
          exit;
       }
      else
       {
          if($info[pwd]==$this->pwd)
   {
   if($number==$_SESSION['code'])
      {
   header("location:index.php");}
   else 
      {
   echo "<script>alert('验证码输入错误!');history.back();</script>";
                   exit;}
            }
          else
           {
             echo "<script>alert('密码输入错误!');history.back();</script>";
             exit;
           }

      }    
   }
 }


    $obj=new chkinput(trim($_POST[name]),trim($_POST[pwd]));
    $obj->checkinput();

?>


回复讨论(解决方案)

$number==$_SESSION['code'];

断点调试输出验证码

如果你的$_SESSION['code']是验证码,那$number是什么,如果是验证码为什么不用POST传递过来

我想判断输入的验证码是否与图片上的验证码是否一致,$_SESSION['code']是图片的验证码,number是我文本框命名的验证码,应该如何修改?

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn