<html> <body> <h1>LOGIN</h1></br> <form action="login.php" method="post"> <b>ID </b><input type="text" name="id"></br> <b>PW</b><input type="password" name="pw"></br></br> <input type="submit" value="login"></br> </form> </body> </html> <?php @session_start(); require_once "functions.php"; if (isset($_POST['id']) && isset($_POST['pw'])) { $data = data_escape($_POST); $res = mysql_query("select id from member where id='{$data['id']}' and pw='{$data['pw']}'"); $arr = mysql_fetch_array($res); if ($arr['id']) { $_SESSION['id'] = $data['id']; echo "<script>document.location='./index.php';</script>"; } else { echo "<script>alert('user not found');</script>"; } }
public function get_comment_list() { $id = $this->metadata['id']; $res = mysql_query("select comment,time from board where id='{$id}'"); echo "<table border=1><tr><td>comment</td><td>time</td>"; while ($row = mysql_fetch_array($res)) { list($comment, $time) = self::board_unpack(array($row['comment'], $row['time'])); echo "<tr><td>"; echo $comment; echo "</td><td>"; echo $time; echo "</td></tr>"; } echo "</table>"; } } if ($_SESSION) { echo "<h2>--- WRITE YOUR COMMENT ---</h2>"; echo "<form action='' method='post'>"; echo "comment : <input type='text' name='comment'>"; echo "<input type='submit' value='add'>"; echo "</form>"; if ($_POST) { $escape_post = data_escape($_POST); $board_obj = new board($escape_post['comment'], 1); $board_obj->write_comment_board(); } $board_obj = new board("none", 1); $board_obj->displayer(); echo "<h3><a href='logout.php'>logout</a></h3>"; }