留言板个人代码展示墙

最新推荐文章于 2024-06-03 13:12:28 发布

白帽梦想家

最新推荐文章于 2024-06-03 13:12:28 发布

阅读量8k

点赞数 8

分类专栏： web安全文章标签：留言板全代码

本文链接：https://blog.csdn.net/sdb5858874/article/details/80590176

版权

web安全专栏收录该内容

21 篇文章 3 订阅

订阅专栏

每逢期末，各科专业课的课程设计相信会让许多和我一样的大学生磨破脑袋，本着与人为善，授人予鱼的思想，我决定。。。。。。好吧，你懂的，废话不多说，上菜!

特别声明一点，我写的这个留言板程序，上面存在大量的的漏洞，大家可以写完以后拿着自己写的程序进行漏洞渗透练习，然后不断的完善自己的代码，使得网站更安全。

留言板功能模块

一、注册模块
二、登陆模块
三、留言板界面
四、留言模块
五、对个人留言的编辑
六、对个人留言的删除
七、注销登陆
八、个人中心页面
九、头像上传模块

十、打开数据库模块

在查看代码之前我还是推荐你先去看看菜鸟教程上的一些基础知识（包括html,php,sql）：http://www.runoob.com/html/html-tutorial.html

其实我开始写留言版的时候，是一点基础都没有的，但是写完留言板也就用了6天时间

所以我还是推荐大家如果有时间的话去菜鸟教程上学习学习，这些东西并不难。

以下是我自己总结的书写留言板各个模块所需要注意的知识点

一、书写留言板时需要注意的一些知识(注册，登陆部分) https://mp.csdn.net/postedit/80550331

二、书写留言板时需要注意的一些知识(编辑，删除部分) https://blog.csdn.net/sdb5858874/article/details/80550417

三、书写留言板时需要注意的一些知识(个人中心，上传和注销) https://blog.csdn.net/sdb5858874/article/details/80550432

四、书写留言板时需要注意的一些知识(留言板界面) https://blog.csdn.net/sdb5858874/article/details/80550450

一、注册模块

<!DOCTYPE html>
<html>
<head>
<title>传说中的注册页面
</title>
<meta charset="utf-8">
</head>
<body background="C:\Users\王超ixy\Desktop\659927.jpg" background-size: cover>
<?php
$user=$sex=$city=$mail=$phone=$passwd=$passwd1="";
$success=4;
if(isset($_POST["submit"]))
{
if (empty($_POST["username"]))
{
$user="姓名不能为空!";
$success=$success+1;
}
if (empty($_POST["sex"]))
{
$sex="性别不能为空!";# code...
}
if (empty($_POST["city"]))
{
$city="请输入您所在的城市!";# code...
}
if (empty($_POST["mail"]))
{
$mail="邮箱不能为空!";# code...
$success++;
}
if (empty($_POST["phone"]))
{
$phone="请输入你的手机!";# code...
$success++;
}
if (empty($_POST["password"]) or empty($_POST["password1"]))
{
$passwd="请输入两次密码!";
$success++;
}
else
{
if ($_POST["password1"] !== $_POST["password"])
{
$passwd1="两次输入的密码不一致";
$success++;
}
}
if($success==4)
{
echo "<center><font size='4' color='red'>注册成功，请点击返回按钮进行登陆！</font></center>";
}
else
{
echo "<center><font size='4' color='red'>注册失败，请重新尝试！</font></center>";
}
}
?>
<center>
<table border="1">
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<h2>用户注册页面</h2>
<font color="red">有*的选项为必填选项</font>
<tr>
<th><font color="red">*</font>用户名:</th>
<td><input type="text" name="username"><?php if (empty($_POST["username"])) {
echo "$user";
}
?></td>
</tr>
<tr>
<th><font color="red">*</font>密码:</th>
<td><input type="password" name="password"><?php if (empty($_POST["password"]) or empty($_POST["password1"]))
{
#echo $passwd;
}
else
{
if ($_POST["password1"] !== $_POST["password"])
{
echo $passwd1;
}
}
?></td>
</tr>
</tr>
<tr>
<th><font color="red">*</font>再次输入密码:</th>
<td><input type="password" name="password1"></td>
</tr>
<tr>
<th>性别</th>
<td>
<input type="radio" name="sex" value="man">男
&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="radio" name="sex" value="women">女
</td>
</tr>
<tr>
<th>所在城市</th>
<td>
<input type="text" name="city">
</td>
</tr><tr>
<th><font color="red">*</font>常用邮箱</th>
<td>
<input type="text" name="mail"><?php if (empty($_POST["mail"])) {
echo "$mail";
}
?>
</td>
</tr>
<tr>
<th><font color="red">*</font>常用手机</th>
<td>
<input type="text" name="phone"><?php if (empty($_POST["phone"])) {
echo "$phone";
}
?>
</td>
</tr>
<tr>
<th colspan="1">
<input type="submit" name="submit" value="提交">
</th>
<th >
<input type="reset" name="reset" value="重置">
</th>
</tr>
<tr>
<th colspan="2">
<a href="login1.php">返回</a>
</th>
</tr>

</form>
</table>
</center>
<?php
if(isset($_POST["submit"]) and $success==4)
{

$dbservername = "localhost";
$dbusername = "root";
$dbpassword = "root";

// 创建连接
$conn = mysqli_connect($dbservername, $dbusername, $dbpassword);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
else{
#echo "连接成功<br>";
mysqli_select_db($conn,"liuyanban");
$sql="select * from user where username='".$_POST['username']."'";
$result = mysqli_query($conn,$sql);
if (mysqli_num_rows($result) > 0)
{
echo "<script>alert('用户名已存在，请重新输入！')</script>";
}
else
{
$time = date("Y-m-d");
$sql1 = "insert into user(username,email,sex,password,time) values('{$_POST['username']}','{$_POST['mail']}','{$_POST['sex']}','{$_POST['password']}','{$time}')";
$result1 = mysqli_query($conn,$sql1);
#echo $result1;
if ($result1)
{
echo "<script>alert('注册成功，请登录！')</script>";
}
else
{
echo "<script>alert('数据库错误！')</script>";
}
}

}
mysqli_close($conn);
}
?>
</body>

</html>

二、登陆模块

<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
<title>傻乎乎的登陆界面</title>
<meta charset="utf-8">
</head>
<body background="image/659927.jpg" background-size: cover>
<?php
if (isset($_POST["submit"]))
{
require "mysqllogin.php";
if(empty($_POST["password"]) or empty($_POST["username"]))
{
echo "<center><font color='red'>请输入账户名和密码！</font></center>";
}
else
{
$username=$_POST["username"];
$password=$_POST["password"];
$sql="select * from user where username='$username' and password='$password'";
$resulet=mysqli_query($conn,$sql);
if(mysqli_num_rows($resulet) > 0)
{
$person=mysqli_fetch_array($resulet);
$_SESSION['username']=$person['username'];
$_SESSION['uid']=$person['uid'];
echo "<script>alert('登陆成功')</script>";
echo "<script>window.location.href=\"show.php\"</script>";
}
else
{
echo "<script>alert('用户名或密码错误，请重新登陆')</script>";
}
}
mysqli_close($conn);
}

?>

<center>
<h2>登陆页面</h2>
<table border="2">
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<tr>
<th>用户名</th>
<td><input type="text" name="username"></td>
</tr>
<tr>
<th>密码</th>
<td><input type="password" name="password"></td>
</tr>
<tr>
<th colspan="2">
<input type="submit" name="submit" value="登陆">
</th>
</tr>
<tr>
<th colspan="2">
<input type="reset" name="reset" value="重置">
</th>
<a href="8.php">注册</a>
</tr>
</form>
</table>
</center>
</body>
</html>

三、留言板界面
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
<title>留言板界面</title>
<meta charset="utf-8">
</head>
<body background="image/731440.png" >
<div align="right">
<?php
if(isset($_SESSION['uid']))
{
echo "欢迎".$_SESSION['username']."来到网四第一打野的留言板！";
echo "<a href='loginout.php'>注销</a>";
echo "<br>";
echo "<a href='personalcenter.php?uid=".$_SESSION['uid']."'>个人中心</a>";
}
else
{
die("请登录后再查看本页！"."<meta http-equiv='Refresh'content='3;url=login1.php'/>");
}

?>
</div>
<br><br>
<center>
<caption><font size="5" color="red" >欢迎来到网四第一打野的留言板！</font></caption>
<br><br><br><br>
<table border="1" >
<tr>
<th>留言者</th>
<th>内容</th>
<th>ip</th>
<th>时间</th>
<th>操作</th>

</tr>
<?php
require "mysqllogin.php";
$sql="select * from message";
$result=mysqli_query($conn,$sql);
while($message=mysqli_fetch_array($result,MYSQL_ASSOC))
{
echo "<tr>";
$sql1="select * from user where uid ='".$message["uid"]."'";
$result1=mysqli_query($conn,$sql1);
$user=mysqli_fetch_array($result1,MYSQL_ASSOC);
echo "<td>".$user['username']."</td>";
echo "<td>".$message['content']."</td>";
echo "<td>".$message['ip']."</td>";
echo "<td>".$message['time']."</td>";
$id=$message['id'];
$uid=$message['uid'];
echo "<td><a href='editor1.php?id=".$id."&uid=".$uid."'>编辑</a>&nbsp&nbsp&nbsp<a href='delete.php?id=".$id."&uid=".$uid."'>删除</a></td>";
echo "</tr>";
}
mysqli_close($conn);
?>
</table>
<br><br><br><br>
<form method="post" action="http://127.0.0.1/message.php">
<textarea name="content" rows="8" cols="80"></textarea>
<br>
<input type="submit" name="submit" value="添加留言">
<input type="reset" name="reset" value="重置">
</form>
</center>
</body>

</html>

四、留言模块

<?php session_start() ?>
<!DOCTYPE html>
<html>
<head>
<title>欢迎来到王超的留言插入界面</title>
<meta charset="utf-8">
</head>
<body>
<?php
if (isset($_POST['submit']) and !empty($_POST['content']))
{
$time = date("Y-m-d G:i:s");
#echo $time."<br>";
require "mysqllogin.php";
$content=$_POST['content'];
$ip=$_SERVER['REMOTE_ADDR'];
$uid=$_SESSION['uid'];
$include=" insert into message(uid,content,ip,time) value('{$uid}','{$content}','{$ip}','{$time}')";
$result=mysqli_query($conn,$include);
if ($result)
{
echo "<script>alert('留言成功！')</script>";
echo "<script>window.location.href=\"show.php\"</script>";

}
mysqli_close($conn);
}
if (isset($_POST['submit']) and empty($_POST['content']))
{
echo "<script>alert('请输入留言内容！')</script>";
echo "<script>window.location.href=\"show.php\"</script>";
}

?>
</body>
</html>

五、对个人留言的编辑

<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
<title>欢迎来到编辑页面</title>
<meta charset="utf-8">
</head>
<body>
<?php
if($_GET['uid'] == $_SESSION['uid'])
{
if(!empty($_GET))
{
$id=$_GET['id'];
}
if (isset($_POST["submit"]))
{
#$id=$_GET['id'];
$content1=$_POST['content'];
require "mysqllogin.php";
# $sql="select * from message where id=$id";
#$result=mysqli_query($conn,$sql);
# $mecontent=mysqli_fetch_array($result);
#$sql1="update message set content='{$content1}' where id='{$id}'";
#$result1=mysqli_query($conn,$sql1);
if(empty($content1))
{
$sql="select * from message where id=$id";
$result=mysqli_query($conn,$sql);
$mecontent=mysqli_fetch_array($result);
mysqli_close($conn);
echo "<script>alert('留言不能为空')</script>";
}
else
{
#echo $_POST['cmid'];
$sql1="update message set content='{$content1}' where id='{$id}'";
$result1=mysqli_query($conn,$sql1);
mysqli_close($conn);
echo "<script>alert('修改成功，王超NB！')</script>";
echo "<script>window.location.href=\"show.php\"</script>";
}

}
else
{
require "mysqllogin.php";
$sql="select * from message where id=$id";
$result=mysqli_query($conn,$sql);
$mecontent=mysqli_fetch_array($result);
mysqli_close($conn);
}
}
else
{
echo "<script>alert('您无法修改他人的留言！')</script>";
echo "<script> window.location.href=\"show.php\"</script>";

}
?>
<br><br><br>
<center>
<h2><font color="red">请输入您要修改的留言</font></h1>
<br>
<form method="post" action="editor.php?id=<?php echo $id; ?>">
<textarea name="content" rows="8" cols="60" ><?php echo $mecontent['content']; ?></textarea>
<br>
<input type="submit" name="submit" value="修改留言">
<input type="reset" name="reset" value="重置">
<input type="hidden" name="cmid" value="<?php echo $id; ?>">
</form>
</center>
</html>

六、对个人留言的删除
<?php session_start(); ?>
<meta charset="utf-8">
<?php
if($_GET['uid'] == $_SESSION['uid'])
{
require "mysqllogin.php";
$id=$_GET['id'];
$sql="delete from message where id='{$id}'";
$result=mysqli_query($conn,$sql);
echo "<script>alert('删除留言成功！')</script>";
echo "<script>window.location.href=\"show.php\"</script>";
mysqli_close($conn);
}
else
{
echo "<script>alert('您无法删除他人的留言！')</script>";
echo "<script> window.location.href=\"show.php\"</script>";

}
?>

七、注销登陆

<!DOCTYPE html>
<html>
<head>
<title>伟大的个人中心界面</title>
<meta charset="utf-8">
</head>
<body >
<?php
require "mysqllogin.php";
$uid=$_GET['uid'];
$sql="select * from user where uid=$uid";
$result3=mysqli_query($conn,$sql);
$person=mysqli_fetch_array($result3,MYSQL_ASSOC);
?>
<center>
<form method="post" action="upload.php?uid=<?php echo $uid; ?>" enctype="multipart/form-data">
<table border="1" cellpadding="4">
<h1>个人中心</h1>
<tr>
<td colspan="2" align="center"><img src="<?php echo $person['picture']; ?>" width="80" high="80"></td>
</tr>
<td align="right" colspan="2"><input type="file" name="picture" value="选择文件"></td>

<tr>
<td align="right">用户名：</td>
<td><?php echo $person['username']; ?></td>
</tr>
<tr>
<td align="right">邮箱：</td>
<td><?php echo $person['email']; ?></td>
</tr>
<tr>
<td align="right">性别：</td>
<td><?php echo $person['sex']; ?></td>
</tr>
<tr>
<td align="right">注册时间：</td>
<td><?php echo $person['time']; ?></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="submit" name="submit" value="提交"></td>
</tr>
<tr>
<td align="center" colspan="2"> <a href="show.php?uid=<?php echo $uid; ?>">返回</a></td>
</tr>
</table>
</form>
</center>
</body>
</html>

九、头像上传模块
<meta charset="utf-8">
<?php
require "mysqllogin.php";
$uid=$_GET['uid'];
$path = "./image/";
if(!is_dir($path))
{
mkdir($path);
}
$mime=$_FILES['picture']['type'];
if(($mime == "image/jpeg") || ($mime == "image/gif") || $mime == "image/png" && ($_FILES['picture']['error'] == 0))
{
$filename=$path.$_FILES['picture']['name'];
move_uploaded_file($_FILES['picture']['tmp_name'], $filename);
$sql="update user set picture = '$filename' where uid = $uid";
$result=mysqli_query($conn,$sql);
if ($result)
{
echo "<script> alert('头像上传成功')</script>";
echo "<script> window.location.href=\"personalcenter.php?uid=$uid\" </script>";
}
}
else
{
echo "<script> alert('上传出现错误，请重新尝试！')</script>";
echo "<script> window.location.href=\"personalcenter.php?uid=$uid\"</script>";
}

?>

十、打开数据库模块
<?php
$dbservername = "localhost";
$dbusername = "root";
$dbpassword = "root";
$dbname = "liuyanban";

// 创建连接
$conn = mysqli_connect($dbservername, $dbusername, $dbpassword,$dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
?>

白帽梦想家

关注

8
点赞
踩
41

收藏

觉得还不错? 一键收藏
0
评论
留言板个人代码展示墙

每逢期末，各科专业课的课程设计相信会让许多和我一样的大学生磨破脑袋，本着与人为善，授人予鱼的思想，我决定。。。。。。好吧，你懂的，废话不多说，上菜! 留言板功能模块一、注册模块二、登陆模块三、留言板界面四、留言模块五、对个人留言的...
复制链接

扫一扫