靶场实战
注册页面前端代码 register.html
<meta charset = 'UTF-8' />
<form action = 'register.php' method = 'POST'>
账户:<input type = 'text' name = 'uname'><br />
密码:<input type = 'password' name = 'pwd'><br />
<input type = 'submit' value = '注册'>
<p><a href="127.0.0.1/00/login.html">已有帐号,登录</a></p>
</form>
注册页面后端代码 register.php
<meta charset = 'UTF-8' />
<?php
//获取前端通过POST传过来的数据
$username = $_POST['uname'];
$password = $_POST['pwd'];
//连接数据库
$conn = mysqli_connect('127.0.0.1','root','root','test01');
$sql = "select *from user where uname = '$username'";
$sql2 = "insert into user values('$username','$password')";
//判断帐户是否存在
$result = mysqli_query($conn,$sql);
$a = mysqli_fetch_array($result);
if($a['uname']==$username or $a['uname']=''){
echo '对不起,账户名已存在';
}
else{
mysqli_query($conn,$sql2);
echo '注册成功!';
}
?>
登陆页面前端代码 login.html
<meta charset='UTF-8' />
<form action='login.php' method='POST'>
账户:<input type='text' name = 'uname'><br \>
密码:<input type='password' name = 'pwd'><br />
<input type='submit' value='登录'>
<p><a href="http://127.0.0.1/00/register.html">跳转注册</a></p>
</form>
注册页面后端代码 login.php
<meta charset='UTF-8' />
<?php
//获取POST传参过来的数据
$username = $_POST['uname'];
$password = $_POST['pwd'];
//连接数据库
$conn = mysqli_connect('127.0.0.1','root','root','test01');
$sql = "select *from user where uname = '$username' and pwd ='$password'";
//执行语句
$result = mysqli_query($conn,$sql);
$a = mysqli_fetch_array($result);
if($a['uname']==$username & $a['uname']!='')
{
echo '登录成功';
}else{
echo '登录失败';
}
?>
注册页面
登录页面
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
