使用PHP和MySQL實現了用戶的用戶的身份驗證。
用戶登錄,實現用戶輸入與MySQL數據的匹配:
<?php
$name=$_POST['username'];
$password=$_POST['password'];
if((!isset($name))||(!isset($password))){
require("login.php");
}
else{
$mysql=mysqli_connect("localhost","webauth","webauth");
if(!$mysql){
echo "Cannot connect to database.";
exit;
}
$selected=mysqli_select_db($mysql,"auth");
if(!$selected){
echo "Cannot select database.";
exit;
}
$query='select count(*) from authorized_users where
usernamesignup="'.$name.'"and
passwordsignup="'.$password.'"';
$result=mysqli_query($mysql,$query);
if(!$result){
echo "Cannot run query.";
exit;
}
$row=mysqli_fetch_row($result);
$count=$row[0];
if($count>0){
require("home.php");
}
else{
echo "<h1>Go Away!</h1>
<p>You are not authorized to use this resourse.</p>";
}
}
?>用戶註冊,實現數據插入存儲:
<?php
$usernamesignup=$_POST['usernamesignup'];
$emailsignup=$_POST['emailsignup'];
$passwordsignup=$_POST['passwordsignup'];
$passwordsignup_confirm=$_POST['passwordsignup_confirm'];
if(!get_magic_quotes_gpc()){
$usernamesignup=addslashes($usernamesignup);
$emailsignup=addslashes($emailsignup);
$passwordsignup=addslashes($passwordsignup);
$passwordsignup_confirm=addslashes($passwordsignup_confirm);
}
if($passwordsignup==$passwordsignup_confirm){
@$db=mysqli_connect("localhost","webauth","webauth");
if(!$db){
echo "Error:Could not connect to database.Please try again later.";
exit;
}
$selected=mysqli_select_db($db,"auth");
if(!$selected){
echo "Cannot select database.";
exit;
}
$query="insert into authorized_users values
('".$usernamesignup."','".$emailsignup."','".$passwordsignup."','".$passwordsignup_confirm."')";
$result=mysqli_query($db,$query);
if($result){
echo "user inserted into database.";
}
else{
echo "An error has occurred.The item was not added.";
}
$db->close();
}
else{
echo "Password doesn't match.Please enter the same values.";
exit;
}
?>
待解決問題:如果同一個用戶,多次註冊,應該有對策。登陸後的相關頁面顯示也有待改進。
