Phpsession application instance

HtmlheadtitleLogintitlemetahttp-equivContent-Typecontenttexthtml; charsetgb2312headbodyformnameform1methodpostactionlogin. phptablealigncentercellpadding2cellspacing2trtdwidth

HtmlheadtitleLogin/titlemeta http-equiv = "Content-Type" content = "text/html; charset = gb2312"/headbodyform name = "form1" method = "post" action = "login. php "table width =" 300 "border =" 0 "align =" center "cellpadding =" 2 "cellspacing =" 2 "tr td width ="

<Html> <pead> <title> Login </title> <meta http-equiv = "Content-Type" content = "text/html; charset = gb2312 "> </pead> <body> </ptml>

<? Php @ mysql_connect ("localhost", "root", "1981427") // before selecting a database, connect to the database server or die ("database server connection failed "); @ mysql_select_db ("test") // select the database mydbor die ("the database does not exist or is unavailable"); // obtain the user input $ username = $ _ POST ['username']; $ passcode = $ _ POST ['passcode']; // run the SQL statement to obtain the Session value $ query = @ mysql_query ("select username, userflag from users ". "where username = '$ username' and passcode =' $ passcode'") or die ("SQL statement execution failed"); // you can check whether a user exists, the password is correct if ($ row = Mysql_fetch_array ($ query) {session_start (); // indicates the start of the Session // checks whether the user's permission information is valid, if the value is 1 or 0, the valid if ($ row ['userflag'] = 1 or $ row ['userflag'] = 0) {$ _ SESSION ['username'] = $ row ['username']; $ _ SESSION ['userflag'] = $ row ['userflag']; echo "Welcome to log on, click here to go to the welcome page ";} else // if the permission information is invalid, the error message {echo" incorrect user permission information ";} else // if the user name and password are incorrect, the output is {echo "incorrect user name or password";}?>

<? Phpunset ($ _ SESSION ['username']); unset ($ _ SESSION ['passcode']); unset ($ _ SESSION ['userflag']); echo "logout successful";?>

<? Phpsession_start (); if (isset ($ _ SESSION ['username']) {@ mysql_connect ("localhost", "root", "1981427 ") // before selecting a database, connect to the database server or die ("database server connection failed"); @ mysql_select_db ("test ") // select the database mydbor die ("the database does not exist or is unavailable"); // obtain Session $ username =$ _ SESSION ['username']; // run the SQL statement to obtain the userflag value $ query = @ mysql_query ("select userflag from users ". "where username = '$ username'") or die ("SQL statement execution failed"); $ row = mysql_fetch_array ($ query); // determines when The permission information in the database before is compared with the information in the Session. if different, update the Session information if ($ row ['userflag']! = $ _ SESSION ['userflag']) {$ _ SESSION ['userflag'] = $ row ['userflag'];} // output different welcome information based on the Session value if ($ _ SESSION ['userflag'] = 1) echo "Welcome administrator ". $ _ SESSION ['username']. "log on to the system"; if ($ _ SESSION ['userflag'] = 0) echo "welcome ". $ _ SESSION ['username']. "log on to the system"; echo "log off";} else {echo "You are not authorized to access this page" ;}?>