Professional Documents
Culture Documents
if(isset($_POST['ok']))
{
if($_POST['username'] == NULL)
{
echo "Please enter your username<br />";
}
else
{
$u=$_POST['username'];
}
if($_POST['password'] == NULL)
{
echo "Please enter your password<br />";
}
else
{
$p=$_POST['password'];
}
}
on code trn s kim tra xem ngi dng c tin hnh nhn nt ng nhp hay
khng. V nu c th chng ta s xt tip tnh trng ngi dng c trng cc
username v password hay khng. Nu c chng ta s thng bo li bn trn form,
ngi s dng tin hnh nhp liu.
K n chng ta kim tra xem c tn ti hai bin $u v $p (ch khi ngi dng ng nhp
thnh cng th mi c th to ra 2 bin ). Tip n chng ta tin hnh kt ni c s d
liu (xem li bi kt hp PHP & MYSQL trong ng dng web).
<?
$conn=mysql_connect("localhost","root","root") or die("can't connect this database");
mysql_select_db("project",$conn);
?>
V tin hnh kim tra xem username v password ngi s dng va nhp c trng khp
vi thng tin c trong c s d liu hay khng ?. Nu khng th chng ta s bo li ngay.
Ngc li s tin hnh ly d liu t bng v gn vo session. c th qun l phin
lm vic mt cch hiu qu trn mi trang ca khu vc admin (xem li bi khi nim c
bn v cookie v session).
$query=mysql_query($sql);
if(mysql_num_rows($query) == 0)
{
echo "Username or password is not correct, please try again";
}
else
{
$row=mysql_fetch_array($query);
session_start();
session_register("userid");
session_register("level");
$_SESSION['userid'] = $row[id];
$_SESSION['level'] = $row[level];
}
}
Nh vy code hon chnh cho ng dng ny l nh sau:
<?
if(isset($_POST['ok']))
{
if($_POST['username'] == NULL)
{
echo "Please enter your username<br />";
}
else
{
$u=$_POST['username'];
}
if($_POST['password'] == NULL)
{
echo "Please enter your password<br />";
}
else
{
$p=$_POST['password'];
}
if($u && $p)
{
$conn=mysql_connect("localhost","root","root") or die("can't connect this database");
mysql_select_db("project",$conn);
$sql="select * from user where username='".$u."' and password='".$p."'";
$query=mysql_query($sql);
if(mysql_num_rows($query) == 0)
{
echo "Username or password is not correct, please try again";
}
else
{
$row=mysql_fetch_array($query);
session_start();
session_register("userid");
session_register("level");
$_SESSION['userid'] = $row[id];
$_SESSION['level'] = $row[level];
}
}
}
?>
<form action=login.php method=post>
Username: <input type=text name=username size=25 /><br />
Password: <input type=password name=password size=25 /><br />
<input type=submit name=ok value="Dang Nhap" />
</form>