原文:[url]http://tutorial.jcwcn.com/Web-Design/PHP/User-Authentication/2007-08-24/3015.html[/url]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>用户认证--注意没有加密</title>
</head>
<body>
<?php
session_start();
mysql_connect("localhost","root","123456");
mysql_select_db("test");
if(isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
echo "您已经成功退出! 单击 <a href='user.php'>这里</a> 继续!";
}else{
if(isset($_SESSION['logged'])) { //如果用户已经登录
echo "欢迎 ".$_SESSION['username']; //显示欢迎信息
?>
<form method='POST' action='user.php'>
<input type='submit' value='注销' name='logout'>
</form>
<?php
}else{ //否则没有登录
if(isset($_POST['submit'])&&isset($_POST['usr'])&&isset($_POST['pwd'])) {
if(mysql_num_rows(mysql_query("SELECT id FROM accounts WHERE username = '".$_POST['usr']."' && password = '".$_POST['pwd']."' ")) > 0 ) {
$_SESSION['logged'] = true;
$_SESSION['username'] = $_POST['usr'];
$_SESSION['password'] = $_POST['pwd'];
echo "<font color='green'>你已经成功登录!</font>";
header("refresh:3;url='user.php'");//3秒后跳转
}else{
echo "<font color='red'>登录失败.请重试!</font>";
header("refresh:1;url='user.php'");
}
}else{ //如果用户没有按下submit提交按钮,则显示此表单
?>
<form method='POST' action=''>
<b>用户名:</b> <input type='text' name='usr'><br>
<b>密码:</b> <input type='password' name='pwd'><br>
<input type='submit' value='login' name='submit'>
</form>
<?php
}
}//用户未登录
}
?>
</body>
</html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>用户认证--注意没有加密</title>
</head>
<body>
<?php
session_start();
mysql_connect("localhost","root","123456");
mysql_select_db("test");
if(isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
echo "您已经成功退出! 单击 <a href='user.php'>这里</a> 继续!";
}else{
if(isset($_SESSION['logged'])) { //如果用户已经登录
echo "欢迎 ".$_SESSION['username']; //显示欢迎信息
?>
<form method='POST' action='user.php'>
<input type='submit' value='注销' name='logout'>
</form>
<?php
}else{ //否则没有登录
if(isset($_POST['submit'])&&isset($_POST['usr'])&&isset($_POST['pwd'])) {
if(mysql_num_rows(mysql_query("SELECT id FROM accounts WHERE username = '".$_POST['usr']."' && password = '".$_POST['pwd']."' ")) > 0 ) {
$_SESSION['logged'] = true;
$_SESSION['username'] = $_POST['usr'];
$_SESSION['password'] = $_POST['pwd'];
echo "<font color='green'>你已经成功登录!</font>";
header("refresh:3;url='user.php'");//3秒后跳转
}else{
echo "<font color='red'>登录失败.请重试!</font>";
header("refresh:1;url='user.php'");
}
}else{ //如果用户没有按下submit提交按钮,则显示此表单
?>
<form method='POST' action=''>
<b>用户名:</b> <input type='text' name='usr'><br>
<b>密码:</b> <input type='password' name='pwd'><br>
<input type='submit' value='login' name='submit'>
</form>
<?php
}
}//用户未登录
}
?>
</body>
</html>
