php 用户cookie登录验证与mysql数据登录验证的方法
- <?php
- unset($username);
- if ($_COOKIE['login']) {
- list($c_username,$cookie_hash) = split(',',$_COOKIE['login']);
- if (md5($c_username.$secret_word) == $cookie_hash) {
- $username = $c_username;
- } else {
- print "You have sent a bad cookie.";
- }
- }
- if ($username) {
- print "Welcome, $username.";
- } else {
- print "Welcome, anonymous user.";
- }
- ?>
- <html>
- <head>
- <title>Log-In Page</title>
- </head>
- <body>
- Please enter your user details to log-in here...
- <form action = "authenticate.php" method = "post">
- Username:<br>
- <input type = "text" name = "username">
- <br><br>
- Password:<br>
- <input type = "text" name = "password">
- <br><br>
- <input type = "submit" value = "Log In">
- </form>
- </body>
- </html>
- <?php
- $username = $_POST['username'];
- $password = $_POST['password'];
- $self = $_SERVER['PHP_SELF'];
- $referer = $_SERVER['HTTP_REFERER'];
- if( ( !$username ) or ( !$password ) )
- { header( "Location:$referer" ); exit(); }
- $conn=@mysql_connect( "localhost", "userName", "password" ) or die( "Could not connect" );
- $rs = @mysql_select_db( "my_database", $conn ) or die( "Could not select database" );
- $sql = "select * from users where user_name="$username" and password = password( "$password" )";
- $rs = mysql_query( $sql, $conn ) or die( "Could not execute query" );
- $num = mysql_numrows( $rs );
- if( $num != 0 )
- {
- $msg = "<h3>Welcome $username - your log-in succeeded!</h3>";
- }
- else
- {
- header( "Location:$referer" ); exit();
- }
- ?>
- <html>
- <head>
- <title>Log-In Authenticated</title>
- </head>
- <body>
- <?php echo( $msg ); ?>
- </body>
- </html>