用 Session 进行页面保护---login2.php

security1.php 特殊用户页面保护摸板


security2.php 一般用户页面保护摸板


login2.php 用户登陆页面


index.php 一般用户页面保护范例


backend_index.php 特殊用户页面保护范例





This file is login2.php .


<?php 


//***************************************************** 


//    Filename:    login2.php 


//    Author:        Macro Zeng 


//    Version:    1.0 


//    Date:        2000-05-14 


//    Description:    login page for frontend and backend  


//****************************************************** 


session_register("user"); 


session_register("password"); 


session_register("tmLast"); 


if ($user=="")  { 


    $error = "Choose you name and input the password please!"; 


} 


$tmLast=date("U"); 


if ($user1) 


    $user=trim($user1); 


$password=trim($password1); 


if ($user1 && $password1){ 


    if ($password1==888){ 


    $sid = "PHPSESSID=" . session_id();  


    $warning="Your password is still the default password 888,please change it."; 


    header ("Location: changePassword.php?$sid&id=$id&warning=$warning"); 


    exit(); 


    }         


    if (strtolower($user)=="root"){ 


        $fileName = "backend_index.php"; 


    } 


    else{ 


        if (!$fileName) 


            $fileName="index.php"; 


    } 


    $sid = "PHPSESSID=" . session_id();  


    header ("Location: $fileName?$sid&id=$id"); 


    exit(); 


} 


?> 


<html> 


<title></title> 


<head> 


<link rel="stylesheet" href="class/style.css"> 


<meta http-equiv="Content-Type" content="text/html; charset=gb2312"> 


</head> 


<h2>Login Page</h2> 


<?php 


echo "$error"; 


//echo "<br>fileName=$fileName sid=$sid"; 


?> 


<form action="<?php echo $PHP_SELF ?>" method=post> 


<P><b>Name：</b> 


<?php 


include ("class/dbclass.inc"); 


$q = new DB_Sql ; 


$q->connect($Host, $Database, $User, $Password) ; 


$query="select chrUserName,chrFirstName,chrLastName ". 


    "from User ". 


    "where chrFirstName!=''". 


    "order by chrFirstName"; 


$q->query($query); 


echo "<select name=user1 size=1>"; 


while ($q->next_record()){ 


    if ($user==$q->f(0)) 


        $select="selected"; 


    else 


        $select=""; 


    echo "<option value='".$q->f(0)."' $select>". 


        ucfirst($q->f(1))." ". 


        ucfirst($q->f(2))."</option>"; 


} 


echo "</select>"; 


?></P> 


<P><b>Password：</b><INPUT name=password1 type=password></P> 


<INPUT name=id type=hidden value=<?php echo $id ?>> 


<INPUT name=tmLast type=hidden value=<?php echo date("U") ?>> 


<INPUT name=fileName type=hidden value=<?php echo $fileName ?>> 


<P><INPUT name=submit type=submit value=确认></P> 


</form> 








(Application:Book-Online    Author:Macro Zeng    Homepage:http://wcid4u.yes8.com/)