以下是要实施安全登录的登录系统/
原文链接:https://www.f2er.com/php/134583.htmlmain_login.PHP <form name="form1" method="post" action="checklogin.PHP"> Username:<input name="myusername" type="text" id="myusername" /> <br /> Password:<input name="mypassword" type="password" id="mypassword" /> <input type="submit" name="Submit" value="Login" /> </form>
Checklogin.PHP
<?PHP ob_start(); $host="localhost"; // Host name $username="root"; // MysqL username $password=""; // MysqL password $db_name="cosmos"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. MysqL_connect("$host","$username","$password")or die("cannot connect"); MysqL_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MysqL injection (more detail about MysqL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = MysqL_real_escape_string($myusername); $mypassword = MysqL_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=MysqL_query($sql); // MysqL_num_row is counting table row $count=MysqL_num_rows($result); // If result matched $myusername and $mypassword,table row must be 1 row if($count==1){ // Register $myusername,$mypassword and redirect to file "login_success.PHP" session_register("myusername"); session_register("mypassword"); header("location:login_success.PHP"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?>
login_success.PHP
<?PHP session_start(); if(isset($_SESSION['username']) && ($_SESSION['username'] == $myusername)){ header("location:main_login.PHP"); } ?> <html> <body> Login Successful. <a href="logout.PHP">logout</a> </body> </html>
<?PHP session_destroy(); header("location:main_login.PHP"); ?>