function checkUserPasswordByUsername($username, $password) { $user = findUserByUsername($username); if (!isset($user)) { return false; } // User not found return password_verify($password, $user['password']); }
function checkLogin($username, $password) { $res = findUserByUsername($username); if (mysql_num_rows($res) == 0) { return false; } else { $user = mysql_fetch_array($res); if ($user["password"] == $password) { return true; } else { return false; } } }
?> <!-- Page Content --> <div class="container"> <div class="row"> <!-- Blog Entries Column --> <div class="col-md-8"> <h1 class="page-header"> Author <?php if (isset($_GET['username'])) { $username = $_GET['username']; $user = findUserByUsername($username); echo "<small>" . $user['username'] . "</small>"; } ?> </h1> <!-- Blog posts --> <?php if (isset($_GET['username'])) { $username = $_GET['username']; $posts = getPublishedPostsByAuthor($username); if (count($posts) == 0) { echo "<h3>No posts for this author</h3>"; } foreach ($posts as $post) { require "includes/post_data.php";
<?php require_once "database/category_functions.php"; require_once "database/users_functions.php"; ?> <?php /** LOGIN **/ if (isset($_POST['submit_login'])) { $username = $_POST['username']; $password = $_POST['password']; if (checkUserPasswordByUsername($username, $password)) { $_SESSION['user'] = findUserByUsername($username); } else { $loginFailed = true; } } /** LOGOUT **/ if (isset($_POST['submit_logout'])) { session_unset(); } ?> <!-- Navigation --> <nav class="navbar navbar-inverse navbar-fixed-top" role="navigation"> <div class="container"> <!-- Brand and toggle get grouped for better mobile display --> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navigation-bar"> <span class="sr-only">Toggle navigation</span>
</head> <body> <form action="uploadfile.php" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> <?php ini_set('date.timezone', 'Asia/Shanghai'); //$user=new User("winter","12345","winter木风"); //$res= addUser($user); //if($res){ // echo '数据插入成功'; //} //else{ // echo '数据插入失败'; //} $res = findUserByUsername("winter"); echo mysql_num_rows($res); while ($row = mysql_fetch_array($res)) { echo $row['nicname']; } ?> </body> </html>
session_start(); require 'dao.php'; $username_error = $password_error = $repassword_error = $nicname_error = $captcha_error = $nicname = $error = null; $username = $password = $repassword = $nicname = $captcha = $msg = null; if ($_SERVER["REQUEST_METHOD"] == "POST") { $username = trim_input(filter_input(INPUT_POST, "username", FILTER_DEFAULT)); $nicname = trim_input(filter_input(INPUT_POST, "nicname", FILTER_DEFAULT)); $password = trim_input(filter_input(INPUT_POST, "password", FILTER_DEFAULT)); $repassword = trim_input(filter_input(INPUT_POST, "repassword", FILTER_DEFAULT)); $captcha = trim_input(filter_input(INPUT_POST, "Captcha", FILTER_DEFAULT)); $flag = true; if (is_null($username)) { $username_error = "用户名不能为空"; $flag = false; } else { if (mysql_num_rows(findUserByUsername($username)) > 0) { $username_error = "用户名已存在"; $flag = false; } } if (is_null($password)) { $password_error = "密码不能为空"; $flag = false; } else { if ($password != $repassword) { $repassword_error = "密码不一致"; $flag = false; } } if ($_SESSION["Checknum"] != $captcha) { $captcha_error = "验证码输入有误";
if ($_SERVER["REQUEST_METHOD"] == "POST") { if (is_null($username)) { $username_error = "用户名不能为空"; $flag = false; } if (is_null($password)) { $password_error = "密码不能为空"; $flag = false; } if (is_null($captcha) || $checkcode != strtolower($captcha)) { $captcha_error = "验证码输入有误"; $flag = false; } if ($flag) { if (checkLogin($username, md5($password))) { $user = mysql_fetch_array(findUserByUsername($username)); $_SESSION["user"] = $user; header("location:userindex.php"); } else { $username_error = "用户名或密码输入有误"; } } } $weekday = array("星期一", "星期二", "星期三", "星期四", "星期五", "星期六", "星期天"); $weekdate = $weekday[date("N") - 1]; ?> <html> <!DOCTYPE html> <html lang="en" class="no-js"> <head>
<?php require_once "database/users_functions.php"; ?> <?php if (isset($_POST['submit_register'])) { $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $password_check = $_POST['password_check']; //Error handling if (empty(trim($username))) { $username_error = "Username can not be empty"; } $userWithUsername = findUserByUsername($username); if (isset($userWithUsername)) { $username_error = "Username already taken"; } if (empty(trim($email))) { $email_error = "Email can not be empty"; } $password_errors = []; if (empty(trim($password))) { $password_errors[] = "Password can not be empty"; } if ($password != $password_check) { $password_errors[] = "Password and password confirmation don't match"; } if (!isset($username_error) && !isset($email_error) && count($password_errors) == 0) { insertUser($username, $password, "", "", $email, "", "Subscriber");
$user['username'] = $_POST['user_username']; $user['email'] = $_POST['user_email']; $user['first_name'] = $_POST['user_first_name']; $user['last_name'] = $_POST['user_last_name']; $user['role'] = $_POST['user_role']; $user_image = $_FILES['user_image']['name']; $user_image_tmp = $_FILES['user_image']['tmp_name']; move_uploaded_file($user_image_tmp, "../images/" . $user_image); $user_password = $_POST['user_password']; $user_password_check = $_POST['user_password_check']; //Error handling $error_messages = []; if (empty(trim($user['username']))) { $error_messages[] = "Username can not be empty"; } $userWithUsername = findUserByUsername($user['username']); if (isset($userWithUsername)) { $error_messages[] = "Username already taken"; } if (empty(trim($user['email']))) { $error_messages[] = "Email can not be empty"; } /*if (empty(trim($user['first_name']))) { $error_messages[] = "First name can not be empty"; } if (empty(trim($user['last_name']))) { $error_messages[] = "Last name can not be empty"; }*/ if (empty(trim($user_password))) { $error_messages[] = "Password can not be empty"; }