Utilisation simple de l'authentification des utilisateurs PHP et des recommandations de balises

Cet article présente principalement l'utilisation simple de la vérification des utilisateurs PHP et de la recommandation de balises. Cet article vous présente de manière très détaillée et a une valeur de référence. Les amis dans le besoin peuvent se référer au

Rendu

.

bookmark_fns.php

<?php
require_once(&#39;output_fns.php&#39;);
require_once(&#39;db_fns.php&#39;);
require_once(&#39;data_valid_fns.php&#39;);
require_once(&#39;url_fns.php&#39;);
require_once(&#39;user_auth_fns.php&#39;);
?>

data_valid_fns.php

<?php
// Test that each variable has a value
function filled_out($form_vars) {
foreach ($form_vars as $key => $value) {
if ((!isset($key)) || ($value == &#39;&#39;)) {
return false;
} 
} 
return true;
}
// Valid email
function valid_email($address) {
if (ereg(&#39;^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$&#39;, $address)) {
return true;
}else {
return false;
}
}
?>

db_fns.php

<?php
//Conncet to db 
function db_connect() {
$db = new mysqli(&#39;127.0.0.1&#39;, &#39;bm_user&#39;, &#39;password&#39;, &#39;bookmarks&#39;);
if (!$db) {
throw new Exception("Could not connect to database server", 1);
}else {
return $db;
}
}
?>

user_auth_fns.php

<?php
require_once(&#39;db_fns.php&#39;);
// register 
function register($username, $email, $password) {
$conn = db_connect();
$results = $conn -> query("select * from user where username = &#39;".$username."&#39;");
if (!$results) {
throw new Exception("Could not execute query", 1);
}
if ($results -> num_rows > 0) {
throw new Exception("That username is taken - go back and choose another one.", 1);
} 
$results = $conn -> query("insert into user values (&#39;".$username."&#39;, sha1(&#39;".$email."&#39;), &#39;".$password."&#39;)");
if (!$results) {
throw new Exception(&#39;Could not register you in database - please try again later.&#39;);
}
return true;
}
// Log in 
function login($username, $password) {
$conn = db_connect();
$results = $conn -> query("select * from user where username = &#39;".$username."&#39; and passwd = sha1(&#39;".$password."&#39;)");
if (!$results) {
throw new Exception(&#39;Could not log you in.&#39;);
}
if ($results -> num_rows > 0) {
return true;
}else {
throw new Exception(&#39;Could not log you in.&#39;);
}
}
// Check valid user 
function check_valid_user() {
if (isset($_SESSION[&#39;valid_user&#39;])) {
echo "Logged in as ".$_SESSION[&#39;valid_user&#39;].".<br />";
}else {
do_html_header(&#39;Problem:&#39;);
echo "You are not logged in.<br />";
do_html_url(&#39;login.php&#39;, &#39;Login&#39;);
do_html_foot();
exit;
}
}
// change password 
function change_password($username, $old_password, $new_password) {
login($username, $old_password);
$conn = db_connect();

$result = $conn -> query("update user set passwd = sha1(&#39;".$new_password."&#39;) where username = &#39;".$username."&#39;");
if (!$result) {
throw new Exception(&#39;Password could not be changed.&#39;);
} else {
return true; // changed successfully
}
}
function get_random_word($min_length, $max_length) {
// grab a random word from dictionary between the two lengths
// and return it
// generate a random word
$word = &#39;&#39;;
// remember to change this path to suit your system
$dictionary = &#39;/usr/dict/words&#39;; // the ispell dictionary
$fp = @fopen($dictionary, &#39;r&#39;);
if(!$fp) {
return false;
}
$size = filesize($dictionary);
// go to a random location in dictionary
$rand_location = rand(0, $size);
fseek($fp, $rand_location);
// get the next whole word of the right length in the file
while ((strlen($word) < $min_length) || (strlen($word)>$max_length) || (strstr($word, "&#39;"))) {
if (feof($fp)) {
fseek($fp, 0); // if at end, go to start
}
$word = fgets($fp, 80); // skip first word as it could be partial
$word = fgets($fp, 80); // the potential password
}
$word = trim($word); // trim the trailing \n from fgets
return $word;
}
function reset_password($username) {
// set password for username to a random value
// return the new password or false on failure
// get a random dictionary word b/w 6 and 13 chars in length
$new_password = get_random_word(6, 13);

if($new_password == false) {
throw new Exception(&#39;Could not generate new password.&#39;);
}
// add a number between 0 and 999 to it
// to make it a slightly better password
$rand_number = rand(0, 999);
$new_password .= $rand_number;
// set user&#39;s password to this in database or return false
$conn = db_connect();
$result = $conn->query("update user
set passwd = sha1(&#39;".$new_password."&#39;)
where username = &#39;".$username."&#39;");
if (!$result) {
throw new Exception(&#39;Could not change password.&#39;); // not changed
} else {
return $new_password; // changed successfully
}
}
function notify_password($username, $password) {
// notify the user that their password has been changed
$conn = db_connect();
$result = $conn->query("select email from user
where username=&#39;".$username."&#39;");
if (!$result) {
throw new Exception(&#39;Could not find email address.&#39;);
} else if ($result->num_rows == 0) {
throw new Exception(&#39;Could not find email address.&#39;);
// username not in db
} else {
$row = $result->fetch_object();
$email = $row->email;
$from = "From: support@phpbookmark \r\n";
$mesg = "Your PHPBookmark password has been changed to ".$password."\r\n"
."Please change it next time you log in.\r\n";
if (mail($email, &#39;PHPBookmark login information&#39;, $mesg, $from)) {
return true;
} else {
throw new Exception(&#39;Could not send email.&#39;);
}
}
}
?>

url_fns.php

<?php
require_once(&#39;db_fns.php&#39;);
// Get user urls
function get_user_urls($username) {
$conn = db_connect();
$results = $conn -> query("select bm_URL 
from bookmark 
where username = &#39;" . $username . "&#39;");
if (!$results) {
return false;
}
$url_array = array();
for ($i = 1;$row = $results -> fetch_row();++$i) {
$url_array[$i] = $row[0];
}
return $url_array;
}
// Add url to db
function add_bm($new_url) {
echo "Attempting to add ".htmlspecialchars($new_url)."<br />";
$valid_user = $_SESSION[&#39;valid_user&#39;];
$conn = db_connect();
$results = $conn -> query(" select * from bookmark 
where username = &#39;".$valid_user."&#39; 
and bm_URL = &#39;".$new_url."&#39;");
if ($results && ($results -> num_rows > 0)) {
throw new Exception("Bookmark already exists.", 1); 
}
$insert_result = $conn -> query("insert into bookmark values (&#39;".$valid_user."&#39;, &#39;".addslashes($new_url)."&#39;)");
if (!$insert_result) {
throw new Exception("Bookmark could not be inserted.", 1); 
}
return true;
}
// Delete url 
function delete_bm($user, $url) {
$conn = db_connect();
$results = $conn -> query(" delete from bookmark 
where username = &#39;".$user."&#39; 
and bm_URL = &#39;".$url."&#39;");
if (!$results) {
throw new Exception("Bookmark could not be deleted.", 1); 
}
return true; 
}
function recommend_urls($valid_user, $popularity = 1) {
$conn = db_connect();
// $query = "select bm_URL
// from bookmark
// where username in
// (select distinct(b2.username)
// from bookmark b1, bookmark b2
// where b1.username=&#39;".$valid_user."&#39;
// and b1.username != b2.username
// and b1.bm_URL = b2.bm_URL)
// and bm_URL not in
// (select bm_URL
// from bookmark
// where username=&#39;".$valid_user."&#39;)
// group by bm_url
// having count(bm_url)>".$popularity;
$query = "select bm_URL
from bookmark
where username in
(select distinct(b2.username)
from bookmark b1, bookmark b2
where b1.username=&#39;".$valid_user."&#39;
and b1.username != b2.username
and b1.bm_URL = b2.bm_URL)
and bm_URL not in
(select bm_URL
from bookmark
where username=&#39;".$valid_user."&#39;)
group by bm_url
having count(bm_url)>".$popularity;
if (!($result = $conn->query($query))) {
throw new Exception(&#39;Could not find any bookmarks to recommend.&#39;);
}
if ($result->num_rows==0) {
throw new Exception(&#39;Could not find any bookmarks to recommend.&#39;);
}
$urls = array();
// build an array of the relevant urls
for ($count=0; $row = $result->fetch_object(); $count++) {
$urls[$count] = $row->bm_URL;
}
return $urls;
}
?>

output_fns.php

<?php
function do_html_header($title) {
// print an HTML header
?>
<html>
<head>
<title><?php echo $title;?></title>
<style>
body { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
hr { color: #3333cc; width=300; text-align=left}
a { color: #000000 }
</style>
</head>
<body>
<img src="005.png" alt="PHPbookmark logo" border="0"
align="left" valign="bottom" height="55" width="57" />
<h1>PHPbookmark</h1>
<hr />
<?php
if($title) {
do_html_heading($title);
}
}
function do_html_footer() {
// print an HTML footer
?>
</body>
</html>
<?php
}
function do_html_heading($heading) {
// print heading
?>
<h2><?php echo $heading;?></h2>
<?php
}
function do_html_URL($url, $name) {
// output URL as link and br
?>
<br /><a href="<?php echo $url;?>"><?php echo $name;?></a><br />
<?php
}
function display_site_info() {
// display some marketing info
?>
<ul>
<li>Store your bookmarks online with us!</li>
<li>See what other users use!</li>
<li>Share your favorite links with others!</li>
</ul>
<?php
}
function display_login_form() {
?>
<p><a href="register_form.php">Not a member?</a></p>
<form method="post" action="member.php">
<table bgcolor="#cccccc">
<tr>
<td colspan="2">Members log in here:</td>
<tr>
<td>Username:</td>
<td><input type="text" name="username"/></td></tr>
<tr>
<td>Password:</td>
<td><input type="password" name="passwd"/></td></tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="Log in"/></td></tr>
<tr>
<td colspan="2"><a href="forgot_form.php">Forgot your password?</a></td>
</tr>
</table></form>
<?php
}
function display_registration_form() {
?>
<form method="post" action="register_new.php">
<table bgcolor="#cccccc">
<tr>
<td>Email address:</td>
<td><input type="text" name="email" size="30" maxlength="100"/></td></tr>
<tr>
<td>Preferred username <br />(max 16 chars):</td>
<td valign="top"><input type="text" name="username"
size="16" maxlength="16"/></td></tr>
<tr>
<td>Password <br />(between 6 and 16 chars):</td>
<td valign="top"><input type="password" name="passwd"
size="16" maxlength="16"/></td></tr>
<tr>
<td>Confirm password:</td>
<td><input type="password" name="passwd2" size="16" maxlength="16"/></td></tr>
<tr>
<td colspan=2 align="center">
<input type="submit" value="Register"></td></tr>
</table></form>
<?php
}
function display_user_urls($url_array) {
// display the table of URLs
// set global variable, so we can test later if this is on the page
global $bm_table;
$bm_table = true;
?>
<br />
<form name="bm_table" action="delete_bms.php" method="post">
<table width="300" cellpadding="2" cellspacing="0">
<?php
$color = "#cccccc";
echo "<tr bgcolor=\"".$color."\"><td><strong>Bookmark</strong></td>";
echo "<td><strong>Delete?</strong></td></tr>";
if ((is_array($url_array)) && (count($url_array) > 0)) {
foreach ($url_array as $url) {
if ($color == "#cccccc") {
$color = "#ffffff";
} else {
$color = "#cccccc";
}
//remember to call htmlspecialchars() when we are displaying user data
echo "<tr bgcolor=\"".$color."\"><td><a href=\"".$url."\">".htmlspecialchars($url)."</a></td>
<td><input type=\"checkbox\" name=\"del_me[]\"
value=\"".$url."\"/></td>
</tr>";
}
} else {
echo "<tr><td>No bookmarks on record</td></tr>";
}
?>
</table>
</form>
<?php
}
function display_user_menu() {
// display the menu options on this page
?>
<hr />
<a href="member.php">Home</a>  | 
<a href="add_bm_form.php">Add BM</a>  | 
<?php
// only offer the delete option if bookmark table is on this page
global $bm_table;
if ($bm_table == true) {
echo "<a href=\"#\" onClick=\"bm_table.submit();\">Delete BM</a>  | ";
} else {
echo "<span style=\"color: #cccccc\">Delete BM</span>  | ";
}
?>
<a href="change_passwd_form.php">Change password</a>
<br />
<a href="recommend.php">Recommend URLs to me</a>  | 
<a href="logout.php">Logout</a>
<hr />
<?php
}
function display_add_bm_form() {
// display the form for people to ener a new bookmark in
?>
<form name="bm_table" action="add_bms.php" method="post">
<table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
<tr><td>New BM:</td>
<td><input type="text" name="new_url" value="http://"
size="30" maxlength="255"/></td></tr>
<tr><td colspan="2" align="center">
<input type="submit" value="Add bookmark"/></td></tr>
</table>
</form>
<?php
}
function display_password_form() {
// display html change password form
?>
<br />
<form action="change_passwd.php" method="post">
<table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
<tr><td>Old password:</td>
<td><input type="password" name="old_passwd"
size="16" maxlength="16"/></td>
</tr>
<tr><td>New password:</td>
<td><input type="password" name="new_passwd"
size="16" maxlength="16"/></td>
</tr>
<tr><td>Repeat new password:</td>
<td><input type="password" name="new_passwd2"
size="16" maxlength="16"/></td>
</tr>
<tr><td colspan="2" align="center">
<input type="submit" value="Change password"/>
</td></tr>
</table>
<br />
<?php
}
function display_forgot_form() {
// display HTML form to reset and email password
?>
<br />
<form action="forgot_passwd.php" method="post">
<table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
<tr><td>Enter your username</td>
<td><input type="text" name="username" size="16" maxlength="16"/></td>
</tr>
<tr><td colspan=2 align="center">
<input type="submit" value="Change password"/>
</td></tr>
</table>
<br />
<?php
}
function display_recommended_urls($url_array) {
// similar output to display_user_urls
// instead of displaying the users bookmarks, display recomendation
?>
<br />
<table width="300" cellpadding="2" cellspacing="0">
<?php
$color = "#cccccc";
echo "<tr bgcolor=\"".$color."\">
<td><strong>Recommendations</strong></td></tr>";
if ((is_array($url_array)) && (count($url_array)>0)) {
foreach ($url_array as $url) {
if ($color == "#cccccc") {
$color = "#ffffff";
} else {
$color = "#cccccc";
}
echo "<tr bgcolor=\"".$color."\">
<td><a href=\"".$url."\">".htmlspecialchars($url)."</a></td></tr>";
}
} else {
echo "<tr><td>No recommendations for you today.</td></tr>";
}
?>
</table>
<?php
}
?>
login.php
<?php
require_once(&#39;bookmark_fns.php&#39;);
do_html_header(&#39;&#39;);
display_site_info();
display_login_form();
do_html_footer();
?>
logout.php
<?php

require_once('bookmark_fns.php');

// start session
session_start();
$old_user = $_SESSION['valid_user'];
unset($_SESSION['valid_user']);
$result_dest = session_destroy();
do_html_header('Logging out');
if (!empty($old_user)) {
if ($result_dest) {
echo &#39;Logged out.<br />&#39;;
do_html_url(&#39;login.php&#39;, &#39;Login&#39;);
}else {
echo &#39;Could not log you out.<br />&#39;;
}
}else {
echo &#39;You are not logged in ,so have not been logged out.<br />&#39;;
do_html_url(&#39;login.php&#39;, &#39;Login&#39;);
}
do_html_footer();
?>

register_form .php

<?php
require_once(&#39;bookmark_fns.php&#39;);
do_html_header(&#39;User Registration&#39;);
display_registration_form();
do_html_footer();
?>
register_new.php
<?php
require_once(&#39;bookmark_fns.php&#39;);
// vars
$email = $_POST[&#39;email&#39;];
$username = $_POST[&#39;username&#39;];
$passwd = $_POST[&#39;passwd&#39;];
$passwd2 = $_POST[&#39;passwd2&#39;];
// start session
session_start();
// valid data 
try {
if (!filled_out($_POST)) {
throw new Exception("You have not filled the form out correctly - please go back and try again.", 1);
}
if (!valid_email($email)) { 
throw new Exception("That is not a valid email address - please go back and try again.", 1);
}
if ($passwd != $passwd2) { 
throw new Exception("The passwords you entered do not match - please go back and try again.", 1);
}
if ((strlen($passwd) < 6) || (strlen($passwd) > 16)) { 
throw new Exception("Your password must be between 6 and 16 characters - please go back and try again.", 1);
}
register($username, $passwd, $email);
$_SESSION[&#39;valid_user&#39;] = $username;
do_html_header(&#39;Rigistration successful&#39;);
do_html_url(&#39;member.php&#39;, &#39;Go to members page&#39;);
do_html_footer();
} catch (Exception $e) {
do_html_header(&#39;Problem: &#39;);
echo $e -> getMessage();
do_html_footer();
exit();
}
?>

forgot_form.php

<?php
require_once(&#39;bookmark_fns.php&#39;);
do_html_header(&#39;Reset password&#39;);
display_forgot_form();
do_html_footer();
?>
forgot_passwd.php
<?php
require_once(&#39;bookmark_fns.php&#39;);
do_html_header(&#39;Resetting password&#39;);
$username = $_POST[&#39;username&#39;];
try {
// get random password 
$password = reset_password($username);
notify_password($username, $password);
echo "Your new password has been emailed to you.<br />";
}catch(Exception $e){
echo "Your password could not be reset - please try again later.";
}
do_html_url(&#39;login.php&#39;, &#39;Login&#39;);
do_html_footer();
?>
change_passwd_form.php
<?php
require_once(&#39;bookmark_fns.php&#39;);
session_start();
do_html_header(&#39;Change password&#39;);
check_valid_user();
display_password_form();
display_user_menu(); 
do_html_footer();
?>
change_passed.php
<?php
require_once(&#39;bookmark_fns.php&#39;);
session_start();
do_html_header(&#39;Changing password&#39;);
$old_passwd = $_POST[&#39;old_passwd&#39;];
$new_passwd = $_POST[&#39;new_passwd&#39;];
$new_passwd2 = $_POST[&#39;new_passwd2&#39;];
try {
check_valid_user();
if (!filled_out($_POST)) {
throw new Exception("You have not filled the form out correctly - please go back and try again.", 1);
}
if ($new_passwd != $new_passwd2) { 
throw new Exception("The passwords you entered do not match - please go back and try again.", 1);
}
if ((strlen($new_passwd) < 6) || (strlen($new_passwd) > 16)) { 
throw new Exception("Your password must be between 6 and 16 characters - please go back and try again.", 1);
}
change_password($_SESSION[&#39;valid_user&#39;], $old_passwd, $new_passwd2);
echo &#39;Password changed.&#39;;
}catch(Exception $e) {
echo $e -> getMessage();
}
display_user_menu(); 
do_html_footer();
?>
add_bm_form.php
<?php
// include function files for this application
require_once(&#39;bookmark_fns.php&#39;);
session_start();
// start output html
do_html_header(&#39;Add Bookmarks&#39;);
check_valid_user();
display_add_bm_form();
display_user_menu();
do_html_footer();
?>

add_bms.php

<?php
require_once(&#39;bookmark_fns.php&#39;);
session_start();
$new_url = $_POST[&#39;new_url&#39;];
do_html_header(&#39;Adding bookmarks&#39;);
try {
check_valid_user();
if (!filled_out($_POST)) {
throw new Exception(&#39;Form not completely filled out.&#39;);
} 
if (strstr($new_url, &#39;http://&#39;) === false) {
$new_url = &#39;http://&#39;.$new_url;
} 
// check url is valid
if (!@fopen($new_url, &#39;r&#39;)) {
throw new Exception(&#39;Not a valid URL.&#39;);
} 
add_bm($new_url);
echo "Bookmark added";
if ($mks = get_user_urls($_SESSION[&#39;valid_user&#39;])) {
display_user_urls($mks);
}
}catch(Exception $e) {
echo $e -> getMessage();
}
display_user_menu();
do_html_footer();
?>

delete_bms.php

<?php
require_once(&#39;bookmark_fns.php&#39;);
session_start();
$del_me = $_POST[&#39;del_me&#39;];
$valid_user = $_SESSION[&#39;valid_user&#39;];
do_html_header(&#39;Deleting bookmarks&#39;);
check_valid_user();
if (!filled_out($_POST)) {
echo "<p>You have not chosen any bookmarks to delete.<br />
Please try again.</p>";
display_user_menu();
do_html_footer();
exit;
}else {
if (count($del_me) > 0) {
foreach ($del_me as $url) {
if (delete_bm($valid_user, $url)) {
echo "Deleted ".htmlspecialchars($url)."<br />";
}else {
echo "Could not deleted ".htmlspecialchars($url)."<br />";
}
}
}else {
echo "No bookmarks selected for deletion.";
}
}
if ($mks = get_user_urls($_SESSION[&#39;valid_user&#39;])) {
display_user_urls($mks);
}
display_user_menu();
do_html_footer();
?>

recommend.php

<?php
require_once(&#39;bookmark_fns.php&#39;);

session_start();
do_html_header(&#39;Recommending URLS&#39;);
try {
check_valid_user();
$urls = recommend_urls($_SESSION[&#39;valid_user&#39;], 1);
display_recommended_urls($urls);
}catch(Exception $e) {
echo $e -> getMessage();
}
display_user_menu();
do_html_footer();
?>

member.php

<?php
require_once(&#39;bookmark_fns.php&#39;);
session_start();
@$username = $_POST[&#39;username&#39;];
@$passwd = $_POST[&#39;passwd&#39;];
if ($username && $passwd) {
try {
// Log in 
login($username, $passwd);
$_SESSION[&#39;valid_user&#39;] = $username;
}catch(Exception $e) {
do_html_header(&#39;Problem: &#39;);
echo "You could not be logged in. You must be logged in to view this page.";
do_html_url(&#39;login.php&#39;, &#39;Login&#39;);
do_html_footer();
exit;
}
}
do_html_header(&#39;Home&#39;);
check_valid_user();
if ($url_array = get_user_urls($_SESSION[&#39;valid_user&#39;])) {
display_user_urls($url_array);
}
display_user_menu();
do_html_footer();
?>

Ce qui précède représente l'intégralité du contenu de cet article, j'espère qu'il sera utile à l'étude de chacun.

Recommandations associées :

phpExplication détaillée des étapes pour remplacer le chemin de l'image de l'article vers le serveur local

Résumé PHP des méthodes de cryptage du code source

phpExplication détaillée des étapes pour transmettre les paramètres lors de l'ouverture d'une application exe locale avec js

Ce qui précède est le contenu détaillé de. pour plus d'informations, suivez d'autres articles connexes sur le site Web de PHP en chinois!