php入门教程之用户认证

原文:[url]http://tutorial.jcwcn.com/Web-Design/PHP/User-Authentication/2007-08-24/3015.html[/url]

 

< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
< html xmlns ="http://www.w3.org/1999/xhtml" >
< head >
< meta http-equiv ="Content-Type" content ="text/html; charset=utf-8" />
< title >用户认证--注意没有加密 </title>
</head>
< body >
<?php
session_start();
mysql_connect("localhost","root","123456");
mysql_select_db("test");
if(isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
echo "您已经成功退出! 单击 < a href ='user.php' >这里 </a> 继续!";
}else{
  if(isset($_SESSION['logged'])) { //如果用户已经登录
  echo "欢迎 ".$_SESSION['username']; //显示欢迎信息
?>
< form method ='POST' action ='user.php' >
< input type ='submit' value ='注销' name ='logout' >
</form>
<?php    
  }else{ //否则没有登录
    if(isset($_POST['submit'])&&isset($_POST['usr'])&&isset($_POST['pwd'])) {
             if(mysql_num_rows(mysql_query("SELECT id FROM accounts WHERE username = '".$_POST['usr']."' && password = '".$_POST['pwd']."' ")) > 0 ) {
                        $_SESSION['logged'] = true;
                        $_SESSION['username'] = $_POST['usr'];
                        $_SESSION['password'] = $_POST['pwd'];
                        echo " < font color ='green' >你已经成功登录! </font>";
                        header("refresh:3;url='user.php'");//3秒后跳转
            }else{    
                        echo " < font color ='red' >登录失败.请重试! </font>";
                        header("refresh:1;url='user.php'");
            }
    }else{ //如果用户没有按下submit提交按钮，则显示此表单
?>    
< form method ='POST' action ='' >
< b >用户名: </b> < input type ='text' name ='usr' > < br >
< b >密码: </b> < input type ='password' name ='pwd' > < br >
< input type ='submit' value ='login' name ='submit' >
</form>    
<?php
    }
  }//用户未登录
}
?>
</body>
</html>