Php+ajax Authentication Code Authentication User Login _php instance

Source: Internet
Author: User
Tags rand set background

Using AJAX to verify the user login is a benefit is not to refresh the jump page, plus the use of the verification code is more secure, groping to write down. Altogether three files are used:

yz.php: generate the code of PHP file, will verify the code will be in the session, for log in compared to call
index.php: HTML file for user login
logincheck.php: Verifying files that users log on to

The following one by one resolves:
yz.php File

<?php
 session_start ();

 Generate a validation code map
 Header ("Content-type:image/png");
 Long and wide
 $im = Imagecreate (44,18);
 Set background color:
 $back = Imagecolorallocate ($im, 245,245,245);
 Fill background color:
 imagefill ($im, 0,0, $back);

 Srand (Double) microtime () *1000000);
 $vcodes;
 Generates a 4-digit number
 for ($i =0 $i <4; $i + +) {
  $font = imagecolorallocate ($im, Rand (100,255), Rand (0,100), Rand (100,255 ));
  $authnum =rand (1,9);
  $vcodes. = $authnum;
  Imagestring ($im, 5, $i *10, 1, $authnum, $font);

 Add the jamming pixel for
 ($i =0 $i <100; $i + +) {
  $randcolor = imagecolorallocate ($im, Rand (0,255), Rand (0,255), Rand ( 0,255));
  Imagesetpixel ($im, Rand ()%70, Rand ()%30, $randcolor);
  
 Imagepng ($im);
 Imagedestroy ($im);

 The four-bit verification code is saved in the session, and when you log in, compare
 $_session["Vcode"]= $vcodes;
? >

index.php: Note, do not take $_session["Vcode" in this file, or you will take a step later, refresh to display the last Captcha

It's good to be logincheck.php in the test room.

<! DOCTYPE HTML PUBLIC "-//w3c//dtd HTML 4.01 transitional//en" "Http://www.w3.org/TR/html4/loose.dtd" >  

logincheck.php verifying files that users log on to

<?php 
 session_start ();
 Include (".. /conn/conndb.php ");
 
 Get the parameters of the POST:
 $username =$_post["username"];
 $password =md5 ($_post["password"]);
 $authCode =$_post["Authcode"];       
 
 $feedback = "no";

Compare whether the ==session in the verification code, can not be placed on the client, otherwise take incorrect value
 if ($authCode ==$_session["Vcode"]) {

   $SQL = "SELECT * from Users where Username= ' $username ' and password= ' $password ';
   $result =mysql_query ($SQL);
   $rows =mysql_num_rows ($result);
  if ($rows ==1)                       //Verify success
   $feedback = "OK";
   $_session["admin"]=true;           In order to secure the background, save the session, indicating that ADMIN is logged in for later call
  }
  
 echo $feedback;
 
? >

The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.