<?php // Plug-in 63: Verify User In DB
/*
* 插件说明:
* 插件把用户提供的用户名和口令与保存在数据库里的用户名和口令进行比较。如果两者一致,则返回TRUE,否则返回FALSE。
* 它需要以下参数:
* $table 数据库中的表名
* $salt1 提供给PIPHP_AddUserToDB()的第一个salt
* $salt2 第二个salt
* $handle 输入的用户名。
* $pass 用户的口令。
*/
// This is an executable example with additional code supplied
// To obtain just the plug-ins please click on the Download link
$dbhost = 'localhost'; // Normally no need to change this
$dbname = 'piphp'; // Change to your database name
$dbuser = 'testing'; // Change to your database user name
$dbpass = 'testing'; // Change to your database password
mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());
$table = 'Users';
$salt1 = "F^&";
$salt2 = "9*hz!";
$handle = 'firstprez';
$pass = 'GW022231';
$result = PIPHP_VerifyUserInDB($table, $salt1, $salt2,
$handle, $pass);
if ($result) echo "Login details $handle/$pass verified.";
else echo "Login details $handle/$pass could not be verified.";
$pass = 'GW022232';
echo "<br /><br />";
$result = PIPHP_VerifyUserInDB($table, $salt1, $salt2,
$handle, $pass);
if ($result) echo "Login details $handle/$pass verified.";
else echo "Login details $handle/$pass could not be verified.";
function PIPHP_VerifyUserInDB($table, $salt1, $salt2,
$handle, $pass)
{
// Plug-in 63: Verify User In DB
//
// This plug-in accepts a handle and password and then
// verifies whether they are correct. It expects these
// arguments:
//
// $table: The table name within $dbname
// $salt1: A salt as used when adding a user
// $salt2: The second salt used
// $handle: The handle as input by a user
// $pass: The password entered by the user
$result = PIPHP_GetUserFromDB($table, $handle);
if ($result[0] == FALSE) return FALSE;
elseif ($result[1][2] == md5($salt1 . $pass . $salt2))
return TRUE;
else return FALSE;
}
// The plug-in below is included here to ensure that it is
// available to the main plug-in which relies on it
function PIPHP_GetUserFromDB($table, $handle)
{
// Plug-in 62: Get User From DB
//
// This plug-in accepts a username in $handle and then
// returns all details (if any) held for that handle.
// On success it returns a two element array with the
// first element being TRUE and the second the array of
// user details. On failure it returns a single element
// array with the value FALSE. It expects these
// arguments:
//
// $table: The table name within $dbname
// $handle: The user's handle or username
$query = "SELECT * FROM $table WHERE handle='$handle'";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) return array(FALSE);
else return array(TRUE, mysql_fetch_array($result, MYSQL_NUM));
}
?>
插件63:验证数据库中的用户信息
最新推荐文章于 2024-04-27 23:54:59 发布