1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | <?php $savePath = './session_save_dir/'; session_save_path($savePath); session_start(); //打开session include("config.inc.php"); //config.inc.php 数据库帐号密码 include("db.php"); //db.php 与数据库建立连接 if ($_GET["admin"]=="exit") { //如果连接login.php?admin=exit 就是退出session session_unset(); header("Location:index.php"); } if ($_GET["admin"]=="login") { $username = mysql_real_escape_string($_POST["username"]); $password = $_POST["password"]; $message = ""; if ($username=="") { $message .= "用户名不能为空<br>"; } if ($password=="") { $message .= "密码不能为空<br>"; } if ($message=="") { $sql = "select * from user where username='{$username}' and userad='admin' limit 1"; if($res=mysql_query($sql)) { $row = mysql_fetch_array($res); if(md5($password) == $row["password"]) { $_SESSION["admin"]=1; $_SESSION["username"]=$username; header("Location:index.php"); exit; } $message = "用户名密码错误 请点<a href=\"login.php\">返回登陆</a>"; } else { $message = "验证失败,数据库连接错误"; } } } ?> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>后台管理员登陆</title> </head> <body> <table width="778" border="0" cellpadding="0" cellspacing="6"> <tr> <td valign="top" width="100%" class="listcontent" align="center"><font color="Green"><b><?Php echo $message; ?></b></font></td> </tr> <tr> <td>管理员登陆</td> </tr> <tr> <td><form action="login.php?admin=login" method="post"> 用户名:<input type="text" name="username" size="25" /><br /> 密 码:<input type="password" name="password" size="25" /><br /> <input type="submit" value="登 陆" /> </form></td> </tr> </table> </body> </html> |
验证:
1 2 3 4 | <?php session_start(); if( !$_SESSION["admin"] ) die("未授权"); ?> |
会员登录关闭
注册会员关闭