PHP+MYSQL membership system login and permission judgment implementation code_PHP tutorial

Copy code The code is as follows:

error_reporting(0);
session_start();
//Database connection
$conn = mysql_connect('localhost', 'root', '');
mysql_select_db('chenkun', $conn);
mysql_query('SET NAMES UTF-8' );
//Define constants
define('ALL_PS', 'PHP');
function user_shell($uid, $shell, $m_id) {
$sql = "select * from admin where uid='$uid'";
$query = mysql_query($sql);
$row = mysql_fetch_array($query);
$shell = is_array($row) ? $shell == md5 ($row['username'] . $row['password'] . ALL_PS) : FALSE;
if ($shell) {
if ($row['m_id'] <= $m_id) {
return $row;
}
echo "You have insufficient permissions";
exit ();
} else {
echo "You do not have permission to access this page";
exit ();
}
}
function user_mktime($onlinetime) {
$new_time = mktime();
if (($new_time - $onlinetime) > '900' ) {
session_destroy();
echo "Login timeout";
exit ();
} else {
$_SESSION['times'] = mktime();
}
}
?>

The login of the PHP+MYSQL membership system is the authority judgment
contains three pages, and the cogfig page is the included page. The denglu page is responsible for submission, session assignment, etc., and the denglu_link page is responsible for the demonstration of permission judgment.
In this example, the test database and user_list table already exist. The table has four fields: uid, m_id, username, and password. And the password field has been encrypted by md5, in the form: md5 ("user password".ALL_PS), that is, the password entered by the user is encrypted by adding a constant.
config.php page:

Copy code The code is as follows:

//Start session
session_start();
//Database connection
$conn=mysql_connect('localhost','root','******');
mysql_select_db('test', $conn);
//Define constants
define("ALL_PS","php100");
//Judge permission function
function user_shell($uid,$shell){
$ sql="SELECT * FROM `user_list` WHERE `uid` = '$uid'";
$query=mysql_query($sql);
$exist=is_array($row=mysql_fetch_array($query));
$exist2=$exist?$shell==md5($row['username'].$row['password'].ALL_PS):FALSE;
if($exist2){
return $ row;
}else{
echo "You do not have permission to access this page";
exit();
}
}
?>

denglu.php page:

Copy code The code is as follows:

include("config.php ");
if($_POST['submit']){
$username=str_replace(" ","",$_POST['username']); //Remove spaces
$sql= "SELECT * FROM `user_list` WHERE `username` = '$username'";
$query=mysql_query($sql);
$exist=is_array($row=mysql_fetch_array($query)); // Determine whether such a user exists
$exist2=$exist?md5($_POST['password'].ALL_PS)==$row['password']:FALSE;//Determine the password
if($exist2 ){
$_SESSION['uid']=$row['uid']; // session assignment
$_SESSION['user_shell']=md5($row['username'].$row[' password'].ALL_PS);
echo "Login successful";
}else{
echo "Incorrect username";
SESSION_DESTROY();
}
}
?>

Username:

Password:

Verification code:

denglu_link

denglu_link.php page:

Copy code The code is as follows:

include("config.php");
$ arr=user_shell($_SESSION['uid'],$_SESSION['user_shell']);//The above two sentences can determine the permissions
echo $arr['username'];
?>
Permission content

http://www.bkjia.com/PHPjc/324418.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/324418.htmlTechArticleCopy the code as follows: ?php error_reporting(0); session_start(); //Database connection $conn = mysql_connect ('localhost', 'root', ''); mysql_select_db('chenkun', $conn); mysql_quer...