Php+ajax Verification Code Verification user Login _php instance

One of the benefits of using AJAX to authenticate a user's login is not to refresh the jump page, and to use the verification code to be more secure, groping to write down. Altogether three files are used:

yz.php: The PHP file that generated the verification code will be in the session for the comparison call when you log in
index.php: HTML file for user login
logincheck.php: Verifying user logged-on files

The following one by one resolves:
yz.php file

<?php session_start (); Generate Captcha Map Header ("Content-type:image/png"); Length and width $im = imagecreate (44,18); Set background color: $back = Imagecolorallocate ($im, 245,245,245); Fill background color: Imagefill ($im, 0,0, $back); Srand (Double) microtime () *1000000); $vcodes; Generate 4 digits for ($i =0; $i <4; $i + +) {  $font = imagecolorallocate ($im, Rand (100,255), Rand (0,100), Rand (100,255));  $authnum =rand (1,9);  $vcodes. = $authnum;  Imagestring ($im, 5, $i *10, 1, $authnum, $font); }//Add interference pixel for ($i =0; $i <100; $i + +) {  $randcolor = imagecolorallocate ($im, Rand (0,255), Rand (0,255), Rand (0,255));  Imagesetpixel ($im, Rand ()%70, Rand ()%30, $randcolor); }   imagepng ($im); Imagedestroy ($im); The four-bit verification code is saved in the SESSION, the login call contrast $_session["Vcode"]= $vcodes;? >

index.php: Note, do not take $_session["Vcode" in this file, otherwise you will take a later step, refresh to display the previous verification code

Just check it out in logincheck.php.

 
 
  
 <title>Management Background | Please login</title>
 
  
     
 
 
     
 
  
  
 
   
 
    
User name:
 
    
Password
 
    
Verification Code:
 
    
 
    
 
   
 
  

 
 
 

logincheck.php Verify the files that the user is logged on

<?php  session_start (); Include (".. /conn/conndb.php ");  Get POST parameters: $username =$_post["username"]; $password =md5 ($_post["password"]); $authCode =$_post["Authcode"];         $feedback = "no";//Compare whether ==session in the verification code, can not be placed on the client do, otherwise take incorrect value if ($authCode ==$_session["Vcode"]) {   $SQL = "SELECT * FROM Users where Username= ' $username ' and password= ' $password ' ";   $result =mysql_query ($SQL);   $rows =mysql_num_rows ($result);  if ($rows ==1)                       //Verify success   $feedback = "OK";   $_session["admin"]=true;           For background security, save the session, indicating that ADMIN is logged in for later call  }   echo $feedback;?>

The above is the whole content of this article, I hope that everyone's learning has helped, but also hope that we support the script home.

