PHP和MySQL Web開發從新手到高手,第5天-添加輔助函數

標籤：

1. 使用者權限相關的函數.

  這些函數在接下來的頁面設計中會用到.

  主要包括:

  function user_is_login()

  function database_contains_author($email, $password)

  function get_md5_password($password)

  function user_has_role($role)

1.1 user_is_login()

function user_is_login(){    if (isset($_POST[‘action‘]) and $_POST[‘action‘] == ‘login‘){        if (!isset($_POST[‘email‘]) or $_POST[‘password‘] == ‘‘ or !isset($_POST[‘password‘]) or $_POST[‘password‘] == ‘‘){            $GLOBALS[‘loginError‘] = ‘Please fill in user name and password.‘;            return false;        }        if (database_contains_author($_POST[‘email‘], $_POST[‘password‘])){            session_start();            $_SESSION[‘loggedin‘] = true;            $_SESSION[‘email‘] = $_POST[‘email‘];            $_SESSION[‘password‘] = $_POST[‘password‘];            return true;        } else {            session_start();            unset($_SESSION[‘loggedin‘]);            unset($_SESSION[‘email‘]);            unset($_SESSION[‘password‘]);            return false;        }    }        if (isset($_POST[‘action‘]) and $_POST[‘action‘] == ‘logout‘){        session_start();        unset($_SESSION[‘loggedin‘]);        unset($_SESSION[‘email‘]);        unset($_SESSION[‘password‘]);        header(‘Location:  ‘.$_POST[‘goto‘]);        exit();    }        session_start();    if (isset($_SESSION[‘loggedin‘])){        return database_contains_author($_SESSION[‘email‘], $_SESSION[‘password‘]);    }        return false;}

1.2 database_contains_author($email, $password)

function database_contains_author($email, $password) {    $password = get_md5_password($password);    include ‘db.inc.php‘;        try {        $sql = ‘select count(*) from author where email = :email and password = :password‘;        $s = $pdo->prepare($sql);        $s->bindValue(‘:email‘, $email);        $s->bindValue(‘:password‘, $password);        $s->execute();            } catch (PDOException $e) {        $error = ‘Query author faild...‘.$e->getMessage();        include ‘error.html.php‘;        exit();    }        $row = $s->fetch();    return  $row[0] > 0;}

1.3 get_md5_password($password)

function get_md5_password($password){    return md5($password.‘ijdb‘);}

1.4 user_has_role($role)

function user_has_role($role) {    include ‘db.inc.php‘;        try {        $sql = ‘SELECT * FROM authorrole             INNER JOIN author ON author.id = authorrole.authorid             INNER JOIN role ON authorrole.roleid = role.id             WHERE author.email = :email AND role.id = :roleid‘;            $s = $pdo->prepare($sql);        $s->bindValue(‘:email‘,$_SESSION[‘email‘]);        $s->bindValue(‘:roleid‘, $role);                $s->execute();        } catch (PDOException $e) {        $error = ‘Query authorrole faild...does not have right...‘.$e->getMessage();        include ‘error.html.php‘;        exit();    }        $row = $s->fetch();        return $row[0] > 0;}

PHP和MySQL Web開發從新手到高手,第5天-添加輔助函數