Register and login with links within the database

Registering and logging in is actually extracting and writing data from a table

1. (1) First set up a registration page

1<body>23<form action="chuli.php"Method="Post">4<div> User name: <input type="text"Name="ID"/></div>5<div> Password: <input type="text"Name="pwd"/></div>6<div> Name: <input type="text"Name="name"/></div>7<div>Gender:8Male <input type="Radio"Name="Sex"Value="1"/>9Female <input type="Radio"Name="Sex"Value="0"/>Ten</div> One<di><input type="Submit"Value="Register"/></div> A</form> -</body>

(2) Create a Registration processing page (also write data to a table in the database)

1<?PHP23 4 //1. Take the submitted data5$id =$_post["ID"];6$pwd =$_post["pwd"];7$name =$_post["name"];8$sex =$_post["Sex"];9 //2. Write to the database;Ten$db =NewMysqli ("localhost","Root","123456","text_0408"); One$sql ="INSERT INTO Zhuce AValue'{$id}','{$pwd}','{$name}','{$sex}')"; - //$result = $db->query ($sql); - if($dbquery ($sql)) the { -Echo"Registration Successful"; - } - Else{ +      -Echo"Registration Failed"; +     } A?>

2. Login and register almost,

(1) Create landing page

1<body>23<form action="dengluchuli.php"Method="Post">4<div> User name: <input type="text"Name="ID"/></div>5<div> Password: <input type="text"Name="pwd"/></div>6<div><input type="Submit"Value="Login"/></div>7 8</form>9</body>

(2) Landing processing page (extracting data from a table)

1<?PHP2$id =$_post["ID"];3$pwd =$_post["pwd"];4$db =NewMysqli ("localhost","Root","123456","text_0408");5$sql ="select pwd from zhuce where id= ' {$id} '";6$result = $dbquery ($sql);7$arr = $resultFetch_row ();8 if($arr [0]== $pwd &&!empty ($pwd))9 {TenEcho"Login Successful"; One } A Else{ -Echo"Logon Failure"; -      the}

SQL injection attacks
1. Filter the user's input
2. Using Preprocessing statements
3. When writing code, try to avoid

Register and login with links within the database