Exemplo n.º 1
0
        // ["email"]=> string(9) "*****@*****.**" }
        if (!isset($_POST['username'], $_POST['password1'], $_POST['password2'], $_POST['email'])) {
            header('Location: 404.html');
            exit;
        }
        if ($_POST['username'] == "" || $_POST['password1'] == "" || $_POST['password2'] == "" || $_POST['email'] == "") {
            header('Location: 404.html');
            exit;
        }
        echo '<script>alert("注册真的关了,别特么试了。。");</script>';
        header("Refresh:0.1;url=404.html");
        $username = SqlGuard($_POST['username'], $dbConn);
        $password1 = SqlGuard($_POST['password1'], $dbConn);
        $password2 = SqlGuard($_POST['password2'], $dbConn);
        $email = SqlGuard($_POST['email'], $dbConn);
        $password = md5($password1);
        $token = CreateRandomString(64);
        $sql = "SELECT * FROM mcshop_user WHERE username = '******'";
        $result = $dbConn->query($sql);
        if ($result->num_rows != 0) {
            exit;
        }
        $sql = "INSERT INTO mcshop_user VALUES ('', '{$username}', '{$password}', '{$email}', '{$token}', '0', '0')";
        //echo $sql;
        $result = $dbConn->query($sql);
        break;
    default:
        header('Location: 404.html');
        exit;
}
require_once "footer.php";
Exemplo n.º 2
0
    exit;
}
$username = SqlGuard($_POST['username'], $dbConn);
$password = SqlGuard($_POST['password'], $dbConn);
if ($username == "" || $password == "") {
    header('404.html');
    exit;
}
$password = md5($password);
$sql = "SELECT * FROM mcshop_admin WHERE username = '******' AND password = '******'";
$result = $dbConn->query($sql);
if ($result->num_rows != 1) {
    echo '<script>alert("登录失败!");</script>';
    exit;
} else {
    // check XFF
    // 验证通过则进入二次验证
    $_SESSION['auth1'] = true;
    $_SESSION['username'] = $username;
    $_SESSION['code'] = CreateRandomString(6);
    header('Location: index2.php');
}
?>
        </div>
        <div class="col-md-1 column">
        </div>
    </div>
</div>

<?php 
require_once "footer.php";