Php+mysql Library Management System (II)

Add database administrator data and user datait's rather boring. Use Java to stitch up SQL statements and write to the databasejust put it on the attachment and upload it.
Sixth Administrator and user login verification

1, verification code. Verification code is usually the server generates a random number, saved in session, and finally with the user's input validation. Because the verification code is graphical display, it must be manually entered by the user, to avoid automatic identification of the machine, to prevent password brute force. 2, online verification. By the user's session value, (stored in a cookie, if the user does not use a cookie, then use the Address bar get method to submit to the server), compare the user is legitimate, timeout. 3, the above two occasions is the way of passage. But there is another approach, which is now more advanced. That is to encrypt the transmission of the user's password. The user's password, if transmitted in HTTP mode, is generally transmitted in plaintext, such a password, easy to be captured by the sniffer. If you use the session, the situation is much better. Random numbers are taken at the server side, the random number is stored in the session value on the server side, and the random number is sent to the client via the HTML page JS program. As long as the client sends out the random number and the MD5 result of the password, the server calculates the result from the session and the database data, and compares the two results.

The third one should be the safest, of course, the method can be combined together with, here I just do a password once MD5 stored in the databaseThe following is the login interface to write their own more ugly directly to find an open source demo, want to use to download the good or direct access to the source code I will not post it.

and then the login verification this is relatively simple I first put the connection database code in a file, encapsulated into a function, originally wanted to encapsulate a static class, but the language is not familiar with PHP, plus the time is relatively tight so directly with the function, after all, the code is not muchpost the code:

<?phpfunction GetLink () {$link = mysql_connect (' 127.0.0.1 ', ' root ', ') or Die (' Connect data path failed, please check and try again! '); if (! $link) {echo "Connection failed 1"; return ' 0 ';} Else{return $link;}} function Getresoures ($DBName, $sql) {try{$db _select = mysql_select_db ($DBName); if (! $db _select) {echo "Connection failed 2";//return ' 0 ';} $resoures = mysql_query ($sql); return $resoures;} catch (Exception $e) {echo ' Caught Exception: ',  $e->getmessage (), "\ n";//return ' 1 '. $e->getmessage ();}} function Closeconnect ($link) {if (null! = $link) {mysql_close ($link);}}? >

And then it's easy to submit the form's data to the login verification interface.post the code:

<?php/* 0 Admin Login Success * 1 Admin password Error * 2 Admin administrator not present * * 3 User Login Success * 4 User Password Error * 5 user username does not exist */require ("mysqlutils.php ") Header (" Content-type:text/html;charset=utf-8 "), $username = $_post[" username "; $password = $_post[" Password "];$ Password = MD5 ($password); $isAdmin = $_post[' ISAdmin '];if ($isAdmin) {$r = Adminlogin ($username, $password);} else{$r = Userlogin ($username, $password);} Selectnext ($r); function Selectnext ($r) {if (! $r) {echo "<script>alert (' login success ');</script>";} else if ($r = = 1) {echo "<script>alert (' Password wrong, please re-login ');</script>"; echo "<script>window.location.href= ' login.php ' </Script> ';} else if ($r = = 2) {echo <script>alert (' No administrator, please re-login ');</script> "; echo" <Script> window.location.href= ' login.php ' </Script> ';} else if ($r = = 3) {echo "<script>alert (' login success ');</script>";} else if ($r = = 4) {echo "<script>alert (' Password wrong, please re-login ');</script>";} else {echo ' <script>alert (' does not exist for the user, please re-login ');</script> ";}} function Adminlogin ($username, $password) {$link = GetLink (); $resoures = Getresoures (' Libray ', ' select * from admin; '); $info = Mysql_fetch_array ($resoures), while ($info) {$u = $info [' Adminid ']; $p = $info [' password_md5 '];if ($username = = $u) {if ($password = = $p) {return 0;} Else{return 1;}} $info = Mysql_fetch_array ($resoures);} Closeconnect ($link); return 2;} function Userlogin ($username, $password) {$link = GetLink (); $resoures = Getresoures (' Libray ', ' select * from Card; '); $info = Mysql_fetch_array ($resoures), while ($info) {$u = $info [' CardID ']; $p = $info [' Password '];if ($username = = $u) {if ($ Password = = $p) {return 3;} Else{return 4;}} $info = Mysql_fetch_array ($resoures);} Closeconnect ($link); return 5;}? >

You can do this by logging in.I saved the code to Baidu Cloud Link: Http://pan.baidu.com/s/1kTKNBaZ Password: C0RJI'm going to update it step-by-step if this link fails, please go down to the blog to find the latest

Php+mysql Library Management System (II)