php注册界面
注册页面
zhucechuli.php文件中代码(zhucechuli.php为设定目录下)
$uid = $_POST["uid"];
$pwd = $_POST["pwd"];
$name = $_POST["name"];
//1.造连接对象
$db = new MySQLi("localhost","root","123","mydb");
//2.写SQL语句
$sql = "insert into login values(‘{$uid}‘,‘{$name}‘,‘{$pwd}‘,0)";
//3.执行
$r = $db->query($sql);
if($r)
{
echo "注册成功!";
}
else
{
echo "注册失败!";
}
结果:
php登录界面
登录页面
dengluchuli.php文件中代码(dengluchuli.php为设定目录下)
$uid = $_POST["uid"];
$pwd = $_POST["pwd"];
//1.造连接对象
$db = new MySQLi("localhost","root","","12345");
//2.写SQL语句
$sql = "select password from login where username=‘{$uid}‘";
//3.执行
$reslut = $db->query($sql);
//4.取数据
$attr = $reslut->fetch_row();
if($attr[0]==$pwd && !empty($pwd))
{
echo "登录成功!";
}
else
{
echo "登录失败!";
}
结果:
//SQL注入攻击
//1.过滤用户的输入
//2.使用预处理语句
//3.写代码的时候尽量避免
原文:http://www.cnblogs.com/cyrfr/p/6194658.html