/
index.php
139 lines (88 loc) · 2.79 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
<?php
$conn=Mysql_connect("localhost", "root", "") or die("Íå óäàëîñü ïîäêëþ÷èòüñÿ ê ñåðâåðó");
mysql_select_db ("users") or die("Íå óäàëîñü âûáðàòü ÁÄ");
mysql_query ("ST NAMES UTF8");
session_start ();
if ($_GET['uns'])/*åñëè áûëà íàæàòà êíîïêà "âûéòè"
è ìåòîäîì GET ïåðåäàíà ïåðåìåííàÿ 'uns'*/
{unset ($_SESSION ['log']);
unset ($_GET ['uns']);}
/*òî óíè÷òîæàåòñÿ ïåðåìåííàÿ 'log',
ãîâîðÿùàÿ î òîì, àâòîðèçèðîâàí ëè ïîëüçîâàòåëü,
à òàêæå è ñàìà ïåðåìåííàÿ 'uns'*/
if ($_SESSION ['log'])
{header ("Location: page1.php");
exit;}
//åñëè ïîëüçîâàòåëü àâîðèçèðîâàí, òî ðåäèðåêò íà îñíîâíóþ ñòðàíèöó
if ($_POST['submit'])
{$login=trim(htmlspecialchars($_POST['login']));
$password=trim(htmlspecialchars($_POST['password']));
$_SESSION['login']=$login;
/*ïðè íàæàòèè 'submit' áåðóòñÿ äàííûå ñ ïîëåé, è ëîãèí
çàíîñèòñÿ â ñåññèîííóþ ïåðåìåííóþ 'login', êîòîðàÿ ïîòîì,
ïðè óñïåøíîé àâòîðèçàöèè, ïåðåõîäèò â 'log', */
if ((!empty($login))&&(!empty($password)))//åñëè ïîëÿ íå ïóñòûå
{
if ((preg_match ("/[a-zA-Z0-9-_]/", $login))&&(preg_match ("/[a-zA-Z0-9-_]/", $password)))
//è ñîäåðæàò ëàòèíñêèå ñèìâîëû, öèôðû è òèðå è ïîä÷åðêèâàíèå
{
$query="SELECT password FROM `users` WHERE login='".$login."'";
//ôîðìèðóåòñÿ çàïðîñ
$res= mysql_query ($query);
$row=mysql_fetch_assoc ($res);
//áåðóòñÿ èç ÁÄ âñå äàííûå ïî ïîëüçîâàòåëþ ñ òàêèì ëîãèíîì
if ($row['password']==$password)//è åñëè ïàðîëè ñîâïàäàþò
{header ("Location: page1.php");
$_SESSION ['log']=$login; /*òî ðåäèðåêò íà îñíîâíóþ ñòðàíèöó, è ïðèñâàèâàåòñÿ
$_SESSION ['log'], ãîâîðÿùàÿ î òîì, ÷òî ïîëüçîâàòåëü àâòîðèçèðîâëñÿ*/
exit;}
else
{header ("Location: index.php");
$_SESSION['empty']='Íåâåðíûé ëîãèí èëè ïàðîëü';
exit;}
}
else
{header ("Location: index.php");
$_SESSION['empty']='Âû ââåëè êèðèëèöó';
exit;}
}
else
{header ("Location: index.php");
$_SESSION['empty']='Íå âñå ïîëÿ çàïîëíåíû';
exit;}
}
session_destroy();
?>
<html>
<head>
<title>Ôîðóì</title>
</head>
<body>
<table border=1 width=100%>
<td valign=top width=220>
<form method="post">
Ëîãèí èëè e-mail:<br />
<input type="text" name="login" action="">
<br>
Ïàðîëü:<br />
<input type="password" name="password" action=""><br />
<input type="submit" name="submit" value="Âîéòè">
</form>
<a href="reg.php">Ðåãèñòðàöèÿ</a>
<br>
<?php
echo $_SESSION['empty'];
?>
</td>
<td>
<?php
include ("page.php");
?>
</td>
<td valign=top>
Âûéòè
</td>
</table>
<p>ûâïðàïðâàðàïðàïð</p>
</body>
</html>