所以,把第一章,可重用类的代码贴出来,便于以后查阅以及供给有需要的朋友。
:User类,包括读取和设置数据库,以及保存更改交互
复制代码 代码如下:
class User{
private $uid;
private $fields;
public function __construct(){
$this->uid=null;
$this->fields=array('username'=>'','password'=>'','emailAddr'=>'','isActive'=>false);
}
public function __get($field){
if($field=='userId'){
return $this->uid;
}else{
return $this->fields[$field];
}
}
public function __set($field,$value){
if(array_key_exists($field,$this->fields)){
$this->fields[$field]=$value;
}
}
//return if username is valid format
public static function validateUsername($username){
return preg_match('/^[A-Z0-9]{2,20}$/i',$username);
}
//return if email address is valid format
public static function validateEmailAddr($email){
return filter_var($email,FILTER_VALIDATE_EMAIL);
}
//return an object populated based on the record‘s user id
public static function getById($user_id){
$user=new User();
$query=sprintf('SELECT USERNAME,PASSWORD,EMAIL_ADDR,IS_ACTIVE '.
'FROM %sUSER WHERE USER_ID=%d',DB_TBL_PREFIX,$user_id);
$result=mysql_query($query,$GLOBALS['DB']);
if(mysql_num_rows($result)){
$row=mysql_fetch_assoc($result);
$user->username=$row['USERNAME'];
$user->password=$row['PASSWORD'];
$user->emailAddr=$row['EMAIL_ADDR'];
$user->isActive=$row['IS_ACTIVE'];
ChromePhp::log($user_id);
$user->uid=$user_id;
}
mysql_free_result($result);
return $user;
}
//return an object populated based on the record's username
public static function getByUsername($username){
$user=new User();
$query=sprintf('SELECT USER_ID,PASSWORD,EMAIL_ADDR,IS_ACTIVE '.
'FROM %sUSER WHERE USERNAME="%s"',DB_TBL_PREFIX,mysql_real_escape_string($username,$GLOBALS['DB']));
$result=mysql_query($query,$GLOBALS['DB']);
if(mysql_num_rows($result)){
$row=mysql_fetch_assoc($result);
$user->username=$username;
$user->password=$row['PASSWORD'];
$user->emailAddr=$row['EMAIL_ADDR'];
$user->isActive=$row['IS_ACTIVE'];
$user->uid=$row['USER_ID'];
}
mysql_free_result($result);
return $user;
}
//save the record to the database
public function save(){
//update existing user's information
if($this->uid){
$query = sprintf('UPDATE %sUSER SET USERNAME = "%s", ' .
'PASSWORD = "%s", EMAIL_ADDR = "%s", IS_ACTIVE = %d ' .
'WHERE USER_ID = %d',
DB_TBL_PREFIX,
mysql_real_escape_string($this->username, $GLOBALS['DB']),
mysql_real_escape_string($this->password, $GLOBALS['DB']),
mysql_real_escape_string($this->emailAddr, $GLOBALS['DB']),
$this->isActive,
$this->userId);
return mysql_query($query, $GLOBALS['DB']);
}else{
//create a new user
$query=sprintf('INSERT INTO %sUSER(USERNAME,PASSWORD,' .
'EMAIL_ADDR,IS_ACTIVE) VALUES ("%s","%s","%s",%d)',
DB_TBL_PREFIX,
mysql_real_escape_string($this->username,$GLOBALS['DB']),
mysql_real_escape_string($this->password,$GLOBALS['DB']),
mysql_real_escape_string($this->emailAddr,$GLOBALS['DB']),
$this->isActive);
if(mysql_query($query,$GLOBALS['DB'])){
$this->uid=mysql_insert_id($GLOBALS['DB']);
return true;
}else{
return false;
}
}
}
//set the record as inactive and return an activation token
public function setInactive(){
$this->isActive=false;
$this->save();
$token=random_text(5);
$query=sprintf('INSERT INTO %sPENDING (USER_ID,TOKEN)' .
'VALUES (%d,"%s")',DB_TBL_PREFIX,$this->uid,$token);
return (mysql_query($query,$GLOBALS['DB']))?$token:false;
}
//clear the user's pending status and set the record as active
public function setActive($token){
$query=sprintf('SELECT TOKEN FROM %sPENDING WHERE USER_ID=%d ' .
'AND TOKEN="%s"',DB_TBL_PREFIX,$this->uid,mysql_real_escape_string($token,$GLOBALS['DB']));
$result=mysql_query($query,$GLOBALS['DB']);
if(!mysql_num_rows(($result))){
mysql_free_result($result);
return false;
}else{
mysql_free_result($result);
$query=sprintf('DELETE FROM %sPENDING WHERE USER_ID=%d ' .
'AND TOKEN="%s"',DB_TBL_PREFIX,$this->uid,mysql_real_escape_string($token,$GLOBALS['DB']));
if(!mysql_query($query,$GLOBALS['DB'])){
return false;
}else{
$this->isActive=true;
return $this->save();
}
}
}
}
?>
如何使用:
复制代码 代码如下:
//create user instance
$u=new User();
$u->username='jack';
$u->password=sha1('gogo');
$u->emailAddr='zjczoo@gmail.com';
$u->save();//save this user
?>
复制代码 代码如下:
$u=User::getByUsername('jack');//update user('jack')
$u->password=sha1('newgogo');
$u->save();//save new jack
?>
:验证码类:这个比较简单,你可以自己加个图片==
复制代码 代码如下:
//must start or continue session and save CAPTCHA string in $_SESSION for
//it to be available to other requests
if(!isset($_SESSION)){
session_start();
header('Cache-control:private');
}
//create a 65*20 pixel image
$width=65;
$height=20;
$image=imagecreate(65,20);
//fill the image background color
$bg_color=imagecolorallocate($image,0x33,0x66,0xFF);
imagefilledrectangle($image,0,0,$width,$height,$bg_color);
//fetch random text
$text=random_text(5);
//determine x and y coordinates for centering text
$font=5;
$x=imagesx($image)/2-strlen($text)*imagefontwidth($font)/2;
$y=imagesy($image)/2-imagefontheight($font)/2;
//write text on image
$fg_color=imagecolorallocate($image,0xFF,0xFF,0xFF);
imagestring($image,$font,$x,$y,$text,$fg_color);
//save the CAPTCHA string for later comparison
$_SESSION['captcha']=$text;
//output the image
header('Content-type:image/png');
imagepng($image);
imagedestroy($image);
?>
另外,该类用到了random_text()函数,代码如下:
复制代码 代码如下:
function random_text($count,$rm_similar=false){
$chars=array_flip(array_merge(range(0,9),range('A','Z')));
if($rm_similar){
unset($chars[0],$chars[1],$chars[2],$chars[5],$chars[8],$chars['B'],$chars['I'],$chars['O'],$chars['Q'],$chars['S'],$chars['V'],$chars['Z']);
}
for($i=0,$text='';$i$text.=array_rand($chars);
}
return $text;
}
?>
连接数据库类:
复制代码 代码如下:
// database connection and schema constants
define('DB_HOST', 'localhost');
define('DB_USER', 'username');
define('DB_PASSWORD', 'yourpassword');
define('DB_SCHEMA', 'WROX_DATABASE');
define('DB_TBL_PREFIX', 'WROX_');
// establish a connection to the database server
if (!$GLOBALS['DB'] = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD))
{
die('Error: Unable to connect to database server.');
}
if (!mysql_select_db(DB_SCHEMA, $GLOBALS['DB']))
{
mysql_close($GLOBALS['DB']);
die('Error: Unable to select database schema.');
}
?>
sql语句:
复制代码 代码如下:
DROP TABLE IF EXISTS WROX_PENDING;
DROP TABLE IF EXISTS WROX_USER;
CREATE TABLE WROX_USER (
USER_ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
USERNAME VARCHAR(20) NOT NULL,
PASSWORD CHAR(40) NOT NULL,
EMAIL_ADDR VARCHAR(100) NOT NULL,
IS_ACTIVE TINYINT(1) DEFAULT 0,
PRIMARY KEY (USER_ID)
)
ENGINE=MyISAM DEFAULT CHARACTER SET gb2312
COLLATE gb2312_chinese_ci AUTO_INCREMENT=0;
CREATE TABLE WROX_PENDING (
USER_ID INTEGER UNSIGNED PRIMARY KEY NOT NULL,
TOKEN CHAR(10) NOT NULL,
CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (USER_ID)
REFERENCES WROX_USER(USER_ID)
)
ENGINE=MyISAM DEFAULT CHARACTER SET gb2312
COLLATE gb2312_chinese_ci;
热AI工具
Undresser.AI Undress
人工智能驱动的应用程序,用于创建逼真的裸体照片
AI Clothes Remover
用于从照片中去除衣服的在线人工智能工具。
Undress AI Tool
免费脱衣服图片
Clothoff.io
AI脱衣机
Video Face Swap
使用我们完全免费的人工智能换脸工具轻松在任何视频中换脸!
热门文章
热工具
EditPlus 中文破解版
体积小,语法高亮,不支持代码提示功能
SublimeText3汉化版
中文版,非常好用
MinGW - 适用于 Windows 的极简 GNU
这个项目正在迁移到osdn.net/projects/mingw的过程中,你可以继续在那里关注我们。MinGW:GNU编译器集合(GCC)的本地Windows移植版本,可自由分发的导入库和用于构建本地Windows应用程序的头文件;包括对MSVC运行时的扩展,以支持C99功能。MinGW的所有软件都可以在64位Windows平台上运行。
mPDF
mPDF是一个PHP库,可以从UTF-8编码的HTML生成PDF文件。原作者Ian Back编写mPDF以从他的网站上“即时”输出PDF文件,并处理不同的语言。与原始脚本如HTML2FPDF相比,它的速度较慢,并且在使用Unicode字体时生成的文件较大,但支持CSS样式等,并进行了大量增强。支持几乎所有语言,包括RTL(阿拉伯语和希伯来语)和CJK(中日韩)。支持嵌套的块级元素(如P、DIV),
DVWA
Damn Vulnerable Web App (DVWA) 是一个PHP/MySQL的Web应用程序,非常容易受到攻击。它的主要目标是成为安全专业人员在合法环境中测试自己的技能和工具的辅助工具,帮助Web开发人员更好地理解保护Web应用程序的过程,并帮助教师/学生在课堂环境中教授/学习Web应用程序安全。DVWA的目标是通过简单直接的界面练习一些最常见的Web漏洞,难度各不相同。请注意,该软件中
