标签:
sql 注入登陆
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title></title>
<meta name="keywords" content="关键字">
<meta name="description" content="简介">
</head>
<body>
<h1>会员注册</h1>
<form action="reg.php" method="post" enctype="multipart/form-data">
账号:<input type="text" name="maccount"><br>
密码:<input type="password" name="mpassword"><br>
确认密码:<input type="password" name="mpassword2"><br>
真实姓名:<input type="text" name="mname"><br>
<input type="submit" value="提交"><br>
<a href="user1.php">会员一</a>
<a href="user2.php">会员二</a>
<?php
if(isset($_SESSION[‘user‘])){
echo ‘欢迎‘.$_SESSION[‘name‘];
?>
<a href="tuichu.php" target="_top">安全退出</a><!-- 点击此链接时,目标网页就会在当前浏览器中打开,而框架会消失。 -->
<?php
}else{
?>
<a href="denglu.html">会员登录</a>
<?php
}
?>
</form>
</body>
</html>
<?php
// [maccount] => aaa
// [mpassword] => a
//[yzm] => 5ese
// [code] => 5Ese
session_start();
//echo ‘<pre>‘;
//print_r($_POST);
//print_r($_SESSION);
$yzm=$_POST[‘yzm‘];
if(trim($yzm)==‘‘){
echo ‘验证码不能为空‘;
}else if(strtolower($yzm)==strtolower($_SESSION[‘code‘])){
include ‘inc/db_mysqli.php‘;
$aa=$_POST[‘maccount‘];
//$pp=md5($_POST[‘mpassword‘]);
$pp=mymd5($_POST[‘mpassword‘],$aa);
//$result=$m->query("select count(*) from member where maccount=‘$aa‘ and mpassword=‘$pp‘");
//$rs=$result->fetch_row();
//如下使用预处理语句来判断防止注入
$stmt=$m->prepare(‘select count(*),mname from member where maccount=? and mpassword=?‘);
$stmt->bind_param(‘ss‘,$aa,$pp);
$stmt->execute();
$stmt->bind_result($rs,$name);
$stmt->fetch();
if($rs>0){
echo ‘登录成功‘;
$_SESSION[‘user‘]=$aa;
$_SESSION[‘name‘]=$name;
echo ‘<a href=./>首页</a>‘;
}else{
echo ‘登录失败‘;
}
}else{
echo ‘验证码输入不正确‘;
}
<?php
session_start();
if(!isset($_SESSION[‘user‘])){
//header(‘location:./‘);
echo ‘<script>‘;
echo "alert(‘请登录‘);location.href=‘./‘";
echo ‘</script>‘;
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>会员查看222</title>
<meta name="keywords" content="关键字">
<meta name="description" content="简介">
<script src=""></script>
</head>
<body>
欢迎:<?php echo $_SESSION[‘name‘]?>
<?php
echo ‘会员查看一一ok‘;
?>
</body>
</html>
<?php
session_start();
if(!isset($_SESSION[‘user‘])){
//header(‘location:./‘);
echo ‘<script>‘;
echo "alert(‘请登录‘);location.href=‘./‘";
echo ‘</script>‘;
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>会员查看222</title>
<meta name="keywords" content="关键字">
<meta name="description" content="简介">
<link rel="stylesheet" type="text/css" href="inc/index.css">
<script src=""></script>
</head>
<body>
欢迎:<?php echo $_SESSION[‘name‘]?>
<?php
echo ‘会员查看二二ok‘;
?>
</body>
</html>
<?php
include ‘inc/i.php‘;
check();
<?php
session_start();
//unset($_SESSION[‘user‘],$_SESSION[‘name‘]);
session_destroy();//关闭会话
header(‘location:./‘);
<?php
include ‘mysqli.php‘;
if(isset($_POST[‘maccount‘])){
$a=$_POST[‘maccount‘];
$n=$_POST[‘mname‘];
$p=$_POST[‘mpassword‘];
$p2=$_POST[‘mpassword2‘];
if(trim($a)==‘‘||trim($n)==‘‘||trim($p)==‘‘){
echo ‘注册失败,账号密码真实姓名不能为空‘;
}else if($p!==$p2){
echo ‘注册失败,请保证2次密码一致‘;
}else{
$result=$m->query("select count(*) from member where maccount=‘$a‘");
$rs=$result->fetch_row();
//echo $rs[0];//0代码没有找到这个账号
if($rs[0]==0){
//$p=md5($p);
$p=mymd5($p,$a);
$m->query("insert into member values(null,‘$n‘,‘$a‘,‘$p‘)");
$m->close();
echo ‘注册成功,你的账号是‘.$a;
}else{
echo ‘注册失败,此账号已经被注册不可以使用‘;
}
}
}
<?php
$host = ‘localhost‘;
$user = ‘root‘;
$pass = ‘‘;
$dbname = ‘db‘;
$charset = ‘utf8‘;
$m = new mysqli($host,$user,$pass,$dbname);
$m->set_charset($charset);
function mymd5($p,$c=‘webrx‘){
$s1 = md5($p.$c);
$s2 = sha1($p.$c);
$sok = substr($s1,0,6).substr($s2,0,6);
$sok .= substr($s1,12,5).substr($s2,22,5);
$sok .= substr($s1,22,5).substr($s2,32,5);
return $sok;
}
function pager($tn,$currpage=1,$f=‘*‘,$pagesize=3,$w=‘1=1‘){
global $m;
$stmt = $m->prepare("select count(*) from $tn where $w");
$stmt->execute();
$stmt->bind_result($recordcount);
$stmt->fetch();
$stmt->free_result();
$stmt->close();
$stmt = $m->prepare("select $f from $tn where $w limit ?,?");
$pagecount = ceil($recordcount/$pagesize);
$start = $currpage*$pagesize - $pagesize;
$stmt->bind_param(‘ii‘,$start,$pagesize);
$stmt->execute();
$result = $stmt->get_result();
$row = array();
$row[] = $result->fetch_all( MYSQLI_NUM);
$stmt->free_result();
$stmt->close();
$first = 1;
$end = 10;
$pages = ‘<div class="page">‘;
if($currpage>=7){
$first = $currpage-5;
$end = $first+$end-1;
}
if($currpage>1){
$prev = $currpage-1;
if($first>1){
$pages.="<a href=?p=1>首页</a><a href=?p=$prev>上一页</a>";
}else{
$pages.="<a href=?p=$prev>上一页</a>";
}
}
for($i=$first;$i<=$end;$i++){
if($i>$pagecount){
break;
}
if($i==$currpage){
$pages.=‘<a class="checked">‘.$i.‘</a>‘;
continue;
}
$pages.="<a href=?p=$i>$i</a>";
}
if($currpage<$pagecount){
$next = $currpage+1;
$pages.="<a href=?p=$next>下一页</a>";
}
if($end<$pagecount){
$pages.="<a href=?p=$pagecount>尾页</a>";
}
$row[] = $pages.‘</div>‘;
$row[] = $pagesize;
$row[] = $pagecount;
$row[] = $recordcount;
$row[] = $currpage;
return $row;
}
function css1(){
$css = <<<css
<style>
.page{font-size:12px;height:30px;padding:15px 0;clear:both;overflow:hidden;text-align:center;}
.page a{text-decoration:none;line-height:25px;padding:0px 10px;display:inline-block;margin-right:5px;border:solid 1px #c8c7c7;}
.page a:hover,.page a.checked{text-decoration:none;border:solid 1px #0086d6;background:#0091e3;color:#fff;}
.page a:visited,.page a:link{color:#333;}
.page a:active{color:#3B3B3B;}
</style>
css;
echo $css;
}
<?php
function check($len=4){
session_start();
header(‘content-type:image/png‘);
$fs = [‘/a.ttf‘,‘/b.ttf‘,‘/f.ttf‘];
$font = dirname(__FILE__).$fs[mt_rand(0,1)];
$w = 35*$len;
$h = 50;
$i = imagecreatetruecolor($w,$h);
$c = imagecolorallocatealpha($i,0,0,0,127);
//imagecolortransparent($i,$c);
//imagefill($i,0,0,$c);
imagefilledrectangle($i,0,0,$w,$h,gc($i,‘ffffff‘,mt_rand(0,2)));
$sss = ‘‘;
for($j=0;$j<$len;$j++){
$st = gs(1);
$sss.=$st;
imagettftext($i,mt_rand(15,25),mt_rand(-30,30),$j*35+10,mt_rand(28,38),gc($i),$font,$st);
}
$_SESSION[‘code‘] = $sss;
imagesetthickness($i,mt_rand(2,8));
for($j=0;$j<mt_rand(5,10);$j++){
imagefilledarc($i,mt_rand(0,$w),mt_rand(0,$h),mt_rand(0,$w),mt_rand(0,$h),mt_rand(0,360),mt_rand(0,360),gc($i,‘rand‘,mt_rand(100,120)),IMG_ARC_NOFILL);
}
for($j=0;$j<10;$j++){
imagettftext($i,mt_rand(10,15),mt_rand(-5,5),mt_rand(0,$w),mt_rand(0,$h),gc($i,‘rand‘,mt_rand(100,120)),$font,gs(1));
}
imagepng($i);
imagedestroy($i);
}
function gs($n=4){
$s = ‘abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789‘;
$t = ‘‘;
for($i=0;$i<$n;$i++){
$t.=substr($s,mt_rand(0,strlen($s)-1),1);
}
return $t;
}
/**
* 生成缩略
*/
function thumb($i,$f=false,$w=220,$h=0,$fn=‘s_‘){
$ii = getimagesize($i);
if($ii[2]==2){
if($ii[0]>$w){
$src = imagecreatefromjpeg($i);
$sw = $ii[0];
$sh = $ii[1];
$h = $h==0 ? $w/$sw*$sh : $h;
//建立新的缩略图
$dst = imagecreatetruecolor($w,$h);
imagecopyresampled($dst,$src,0,0,0,0,$w,$h,$sw,$sh);
if($f){
imagejpeg($dst,$i);
}else{
$path = dirname($i).‘/‘;
$name = $fn.substr($i,strrpos($i,‘/‘)+1);
imagejpeg($dst,$path.$name);
}
imagedestroy($dst);
imagedestroy($src);
}
}
}
/**
* 功能:生成水银图标,水银图标文件在inc目录中 名称 logo.png
*/
function logo($i,$p=5,$f=true,$fn=‘logo_‘){
$ii = getimagesize($i);
if($ii[2]==2){
if($ii[0]>300){
$ni = imagecreatefromjpeg($i);
$w = $ii[0];
$h = $ii[1];
//水银图标 logo.png 格式
$logo = dirname(__FILE__).‘/logo.png‘;
$li = imagecreatefrompng($logo);
$liw = imagesx($li);
$lih = imagesy($li);
$x = ($w-$liw)/2;
$y = ($h-$lih)/2;
$pad = 35;
switch($p){
case 1:
$x = 0+$pad;
$y = 0+$pad;
break;
case 2:
$y = 0+$pad;
break;
case 3:
$x = $w-$liw-$pad;
$y = 0+$pad;
break;
case 4:
$x = 0+$pad;
break;
case 6:
$x = $w-$liw-$pad;
break;
case 7:
$x = 0+$pad;
$y = $h-$lih-$pad;
break;
case 8:
$y = $h-$lih-$pad;
break;
case 9:
$x = $w-$liw-$pad;
$y = $h-$lih-$pad;
break;
}
imagecopy($ni,$li,$x,$y,0,0,$liw,$lih);
if($f){
imagejpeg($ni,$i);
}else{
$path = dirname($i).‘/‘;
$name = $fn.substr($i,strrpos($i,‘/‘)+1);
imagejpeg($ni,$path.$name);
}
imagedestroy($ni);
imagedestroy($li);
}
}
}
function txt($i,$s=30,$t=‘版权所有‘,$c=‘rand‘,$a=0,$p=5,$f=true,$fn=‘t_‘){
$font = dirname(__FILE__).‘/f.ttf‘;
$ii = getimagesize($i);
if($ii[2]==2){
if($ii[0]>300){
$ni = imagecreatefromjpeg($i);
$pos = imagettfbbox($s,0,$font,$t);
$pad = 30;
switch($p){
case 1://左上角
$x = 0-$pos[0]+$pad;
$y = 0-$pos[7]+$pad;
break;
case 2://上边 水平中央
$x = ($ii[0]-$pos[2])/2;
$y = 0-$pos[7]+$pad;
break;
case 3:
$x = $ii[0]-$pos[2]-$pad;
$y = 0-$pos[7]+$pad;
break;
case 4:
$x = 0-$pos[0]+$pad;
$y = ($ii[1]-$pos[6])/2;
break;
case 5:
$x = ($ii[0]-$pos[2])/2;
$y = ($ii[1]-$pos[6])/2;
break;
case 6:
$x = $ii[0]-$pos[2]-$pad;
$y = ($ii[1]-$pos[6])/2;
break;
case 7:
$x = 0-$pos[0]+$pad;
$y = $ii[1]-$pos[6]-$pad;
break;
case 8:
$x = ($ii[0]-$pos[2])/2;
$y = $ii[1]-$pos[6]-$pad;
break;
case 9:
$x = $ii[0]-$pos[2]-$pad;
$y = $ii[1]-$pos[6]-$pad;
break;
}
imagettftext($ni,$s,0,$x,$y,gc($ni,$c,$a),$font,$t);
if($f){
imagejpeg($ni,$i);
}else{
$path = dirname($i).‘/‘;
$name = $fn.substr($i,strrpos($i,‘/‘)+1);
imagejpeg($ni,$path.$name);
}
imagedestroy($ni);
}
}
}
function gc($i,$c=‘rand‘,$a=0){
$color = ‘‘;
switch($c){
case ‘white‘:
$color = imagecolorallocatealpha($i,255,255,255,$a);
break;
case ‘black‘:
$color = imagecolorallocatealpha($i,0,0,0,$a);
break;
case ‘red‘:
$color = imagecolorallocatealpha($i,255,0,0,$a);
break;
case ‘green‘:
$color = imagecolorallocatealpha($i,0,255,0,$a);
break;
case ‘rand‘:
$color = imagecolorallocatealpha($i,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255),$a);
break;
default:
$cc = str_split($c,2);
$color = imagecolorallocatealpha($i,hexdec($cc[0]),hexdec($cc[1]),hexdec($cc[2]),$a);
break;
}
return $color;
}
标签:
原文地址:http://www.cnblogs.com/lsr111/p/4532177.html