In fact, you just need to add form verification on the background logon interface. Management authentication, you should know. Local character verification, not Database verification, is the kind of movable and Empire, so SQL cannot be queried. This kind of login is the most tangled and helpless during intrusion.
First, we need to change the two files/(background path)/templets/login.htm. This is the background logon interface,/(background path)/login. php logs on to the message processing file.
---- 0x1
Let's Change the login.htm file first. You may have different templates.
This is the code that verifies whether the form is empty. It can be directly placed in HTML or linked to a JS file.
| The code is as follows: | Copy code |
| <Script language = "javascript"> <! -- Var closestr = 0; Function SetFocus (){ Var df = document. form1; If (df. userid. value = '') Df. userid. focus (); Else Df. userid. select (); } Function CheckForm (){ Var df = document. form1; If (df. userid. value = ''){ Alert ('Enter the user name! '); Df. userid. focus (); Return false; } If (df. pwd. value = ''){ Alert ('Enter your password! '); Df. pwd. focus (); Return false; } If (df. validate. value = ''){ Alert ('Enter your verification code! '); Df. validate. focus (); Return (false ); } If (df. vacodes. value = ''){ Alert ('Enter your identification code! '); Df. vacodes. focus (); Return (false ); } } // --> </Script> |
|
---- 0x2
This is my form framework and input submission. In fact, the input of the authentication code can directly copy the input of the user name or the input of the password. Change the name!
| The code is as follows: | Copy code |
| <Form name = "form1" id = "form1" method = "post" action = "login. php" onsubmit = 'return CheckForm (); '> <Input type = "hidden" name = "gotopage" value = "<? Php if (! Empty ($ gotopage) echo $ gotopage;?> "/> <Input type = "hidden" name = "dopost" value = "login"/> <Ul> <Li> <span> user name: </span> <Input type = "text" name = "userid" class = "input_out" maxlength = "20" style = "width: 148px;" onfocus = "this. className = 'input _ on'; this. onmouseout = ''" onblur = "this. className = 'input _ off'; this. onmouseout = function () {this. className = 'input _ out'}; "onmousemove =" this. className = 'input _ move '"onmouseout =" this. className = 'input _ out' "/> </Li> <Li> <span> password & nbsp; code: </span> <Input type = "password" name = "pwd" class = "input_out" maxlength = "20" style = "width: 148px;" onfocus = "this. className = 'input _ on'; this. onmouseout = ''" onblur = "this. className = 'input _ off'; this. onmouseout = function () {this. className = 'input _ out'}; "onmousemove =" this. className = 'input _ move '"onmouseout =" this. className = 'input _ out' "/> </Li> <Li> <span> verification code: </span> <Input type = "password" name = "vacodes" class = "input_out" maxlength = "20" style = "width: 148px;" onfocus = "this. className = 'input _ on'; this. onmouseout = ''" onblur = "this. className = 'input _ off'; this. onmouseout = function () {this. className = 'input _ out'}; "onmousemove =" this. className = 'input _ move '"onmouseout =" this. className = 'input _ out' "/> </Li> <Li> <span> verification code: </span> <Input name = "validate" type = "text" id = "vdcode" style = "width: 50px; text-transform: uppercase;" onfocus = "this. className = 'input _ on'; this. onmouseout = ''" onblur = "this. className = 'input _ off'; this. onmouseout = function () {this. className = 'input _ out'}; "onmousemove =" this. className = 'input _ move '"onmouseout =" this. className = 'input _ out' "class =" input_out "/> </Li> <Span> & nbsp; </span> <Input name = 'submit 'type = 'image' style = 'width: 60px; HEIGHT: 25px; 'src = 'IMG/submit.gif 'width = '60' height = '27'/> </Li> </Ul> </Form> |
|
============================================
Then I submitted the verification (/login. php! There will be comments // logon detection in line 3 of the code .. We embed verification in
| The code is as follows: | Copy code |
| If (! Empty ($ userid )&&! Empty ($ pwd )){ $ Res = $ cuserLogin-> checkUser ($ userid, $ pwd ); // Success If ($ res = 1 ){ . If (! Empty ($ userid )&&! Empty ($ pwd )){ $ Res = $ cuserLogin-> checkUser ($ userid, $ pwd ); // Success If ($ res = 1) {// nested here! $ Uservacodes = $ _ POST ['vacodes ']; // extract the vacodes content and put it in another variable If ($ uservacodes! = 'Authentication code custom') {// modify the custom content of the authentication code! ResetVdValue (); ShowMsg ('incorrect verification code! ', 'Login. Php', 0, 1000); // not equal to running here Die; www.111cn.net } Else {// you can run it here. $ CuserLogin-> keepUser (); If (! Empty ($ gotopage )){ ShowMsg ('successfully logged on, switching to the management homepage! ', $ Gotopage ); Die; } Else { $ Uservacodes = $ _ POST ['vacodes ']; ShowMsg ('successfully logged on, switching to the management homepage! ', 'Index. Php '); Die; } } |
|
Explanation: first, verify the image verification code. Then, verify the user name, password, and then verify the verification code to prevent the verification code from being cracked.
Note: The if block statement {} must correspond to each other. Otherwise, an error occurs. You can use Notepad ++ to modify it!
Ps: You can also set the verification code comparison as a variable to link to the contained file! For example, operate the config file on your own. I don't have to worry about interaction in my blog! The source code of other websites is similar. You can find the logon interface and submit page and modify it.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
