<?php header('Content-Type: text/html; charset=utf-8'); session_start(); define('IN_TG', true); //定义常量 IN_TG 用来授权 includes里的文件调用 防止恶意调用 外部网站无法调用 //定义一个常量来代表本页的内容 define('script', 'register'); //引入公共文件 下面这种方法比较快 require dirname(__FILE__) . '/includes/common.php'; if ($_GET['action'] == 'register') { //get可以获取url的参数 /*验证验证码是否正确 post获取表单提交的内容 因为表单是以post形式提交的*/ _check_code($_POST['yzm'], $_SESSION['code']); //可以通过唯一标识符 来防止表单恶意注册 跨站攻击 include root . 'includes/register.php'; /*定义一个变量存放 各字段的值*/ $_clear = array(); /*字段在验证成功后 将字符串 返回出来 并赋值给 $_clear 相应的字段 -->验证并赋值*/ $_clear['uniqid'] = _check_uniqid($_POST['uniqid'], $_SESSION['uniqid']); $_clear['active'] = _sha1_uniqid(); $_clear['username'] = _check_username($_POST['username']); $_clear['password'] = _check_password($_POST['password'], $_POST['notpassword'], 6); $_clear['question'] = _check_questions($_POST['passt'], 4, 20); $_clear['anwser'] = _check_anwser($_POST['passt'], $_POST['passd'], 4, 20); $_clean['sex'] = $_POST['sex']; $_clean['face'] = $_POST['face']; $_clear['email'] = _check_email($_POST['email']); $_clear['qq'] = _check_qq($_POST['qq']); $_clear['url'] = _check_url($_POST['url']); print_r($_clear);
session_start(); } if (!isset($_SESSION)) { session_start(); } //define the constant IN_TG to include common.inc.php define('IN_TG', true); //a constant for different scripts calling define("SCRIPT", "member_modify"); //include common.inc.php require dirname(__FILE__) . '/includes/common.inc.php'; //Update information if (isset($_GET['action'])) { if ($_GET['action'] == 'modify') { //protect from illegal registration _check_code($_POST['code'], $_SESSION['RandCode']); //make sure this user does exist if (!!($_rows = _fetch_array("select \n\t\t\t\t\t\t\t\t\t\t tg_uniqid \n\t\t\t\t\t\t\t\t\t from \n\t\t\t\t\t\t\t\t\t\t tg_user \n\t\t\t\t\t\t\t\t\t where \n\t\t\t\t\t\t\t\t\t\t tg_username = '******'username']}'\n\t\t\t\t\t\t\t\t\t limit 1"))) { //Protect from faking unique identifier _uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']); //include register.func.php include ROOT_PATH . 'includes/check.func.php'; $_clean = array(); $_clean['password'] = _check_modify_password($_POST['password']); $_clean['sex'] = _check_sex($_POST['sex']); $_clean['face'] = _check_profile($_POST['face']); $_clean['email'] = _check_email($_POST['email']); $_clean['msn'] = _check_msn($_POST['msn']); $_clean['url'] = _check_url($_POST['url']); $_clean['switch'] = $_POST['switch']; $_clean['autograph'] = _check_autograph($_POST['autograph']);