search

Home >php教程 >php手册 >PHP+MYSQL会员系统的登陆即权限判断

PHP+MYSQL会员系统的登陆即权限判断

WBOY
WBOYOriginal
2016-05-26 15:22:091247browse

含三个页面,cogfig页面是被包含页面,denglu页面负责提交,session赋值等,denglu_link页面负责权限判断的演示,本例事先已存在test数据库,user_list表,表中有uid,m_id,username,password四个字段,并且password字段已经经过md5加密,形式是:md5("用户密码".ALL_PS),即用户输入的密码加常量进行判断.

先来看配置文件,代码如下:

<?php
//启动session
session_start();
//数据库教程连接
$conn = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;******&#39;);
mysql_select_db(&#39;test&#39;, $conn);
//定义常量
define("ALL_PS", "php100");
//判断权限函数
function user_shell($uid, $shell) {
    $sql = "SELECT * FROM `user_list` WHERE `uid` = &#39;$uid&#39;";
    $query = mysql_query($sql);
    $exist = is_array($row = mysql_fetch_array($query));
    $exist2 = $exist ? $shell == md5($row[&#39;username&#39;] . $row[&#39;password&#39;] . ALL_PS) : FALSE;
    //开源代码phprm.com
    if ($exist2) {
        return $row;
    } else {
        echo "你无权限访问该页";
        exit();
    }
}
?>

PHP登录页面,代码如下:

<?php
include ("config.php");
if ($_POST[&#39;submit&#39;]) {
    $username = str_replace(" ", "", $_POST[&#39;username&#39;]); //去除空格
    $sql = "SELECT * FROM `user_list` WHERE `username` = &#39;$username&#39;";
    $query = mysql_query($sql);
    $exist = is_array($row = mysql_fetch_array($query)); //判断是否存在这样一个用户
    $exist2 = $exist ? md5($_POST[&#39;password&#39;] . ALL_PS) == $row[&#39;password&#39;] : FALSE; //判断密码
    if ($exist2) {
        $_SESSION[&#39;uid&#39;] = $row[&#39;uid&#39;]; // session赋值
        $_SESSION[&#39;user_shell&#39;] = md5($row[&#39;username&#39;] . $row[&#39;password&#39;] . ALL_PS);
        echo "登陆成功";
    } else {
        echo "不正确的用户名";
        SESSION_DESTROY();
    }
}
?>
<form action="" method="post">  
用户名:<input type="text" name="username" /><br>  
密码:<input type="password" name="password"/><br>  
验证码:<input type="code" name="code" size="10"/>  
<img  src="imgcode.php" alt="PHP+MYSQL会员系统的登陆即权限判断 " ><br><br>  
<input type="submit" name="submit" value="登陆"/>  
</form>
<a href="http://127.0.0.1/test/denglu_link.php">denglu_link</a>

PHP权限判断页面,代码如下:

<?php
include ("config.php");
$arr = user_shell($_SESSION[&#39;uid&#39;], $_SESSION[&#39;user_shell&#39;]); //以上两句即可对权限进行判断
echo $arr[&#39;username&#39;];
//权限内容


文章地址:

转载随意^^请带上本文地址!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PDO 中相关的错误处理 Next article:php导入.sql到数据库的方法

Related articles

See more