0

我有一个网站,应该限制它的访问。
因此,在进入页面时,在页面加载之前,我们应该使用三个字段来限制访问,即客户端和username该页面,这三个字段由我创建并存储在数据库中。passwordspecific password

我有 Javascript 和 PHP 的基本知识。

我的想法是在页面加载之前,Javascript 应该获取用户输入的三个字段值,通过 PHP,我们必须使用数据库进行验证,如果发生匹配,则页面应该加载,如果没有,则应该拒绝访问该页面。

简而言之,在点击 URL 和在页面加载之前必须建立与数据库的连接并输入用户/客户端 3 个字段,并通过 PHP 与 MYSQL 数据库进行验证,并显示成功的身份验证页面。

请提出代码建议。提前致谢 :)

4

1 回答 1

1

我创建了一个你可以使用的函数:

<?php
function login($username,$password,$salt,$db,$table,$usercolumn,$passwordcolumn,$con)
{
    $user=mysql_real_escape_string($username);
    $password=mysql_real_escape_string($password);
    $db=mysql_select_db($db,$con);
    if(!$db)
    {
        return "connection error";  
    }
    else
    {
        $sql="SELECT * FROM `$table` WHERE `$usercolumn`='$user';";
        $enc=$password;

    foreach($salt as $value)
    {
        if($value=="md5")
        {
            $enc=md5($enc);
        }else
        {
            $enc=crypt($enc,$value);
        }
    }
        $resource=mysql_query($sql);
        $row=mysql_fetch_array($resource);
        $passdb=$row[$passwordcolumn];
        if($passdb==$enc)
        {
            $sucess=true;
        }else
        {
            $sucess=false;
        }


    }
    return $sucess;
}
?>

你可以使用它,如果它返回true,这意味着用户名和密码是正确的,现在你必须验证你的第三个选项......
要使用这个函数,你只需要在将该函数复制到文件后像这样调用,如果它被命名为“logger.php”,

<?php
require("logger.php");
$enc=array("salt","md5","differentsalt")//your encryption such as if you have encrypted using 'salt' at first then using md5 hash and again 'differentsalt',then you need to give like i have given

if(login($username,$password,$enc,$db,$table_name,$usercolumn,$passwordcolumn,$con))//$username is the username which user supplied,$password is password user supplied,$enc is the encryption and it must be an array... which is also given above,$db is database name,$table_name is the table where username and encrypted password are stored,$usercolumn is the column name where username are stored, $passwordcolumn is the column where encrypted password are stored, and last $con is the connection identifier, you may have given, $con=mysqli_connect("username","password");
//if all the parameters are supplied correctly, it will check for the username and password matching and you will have to check the third option
{
//now validate your third option here...
//if you are here, that means password and username has matched

}
else
{
//this means username and password didnt matched... so output the error
}
?>

要接受用户名和密码,您可以创建一个表单并在那里询问密码,然后提交...

于 2012-04-04T06:57:03.540 回答