admin的验证和从数据库中检索指定的文件名

时间:2015-04-01 05:48:46

标签: php html mysql apache

我想要一个用于验证管理员的代码,然后如果成功,管理员必须输入文件名,以便从数据库中检索文件ID等文件内容

1 个答案:

答案 0 :(得分:0)

THE HTML CODE:
<html>
    <head>
        <title>Login page</title>

<style>
body{ background-image: url("wall0003.png");
width: 200%;
height: 200%;
background-position: top;
background-repeat: no-repeat;}

</style>
</head>
 <body text="black" align="left">
        <form action="connectivity.php" onsubmit="post">
<br/>
<br/> <br/>
<br/> <br/> <br/> <br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
            User 
        <input type="text" name="userid"/>  <br/><br/>
            Pswd<input type="password" name="pswrd"/> <br/><br/>
            <input type="submit" value="Login" name="Login"/>
            <input type="reset" value="Cancel"/> 
        </form>
 <script language="javascript">
           function check(form) {
 /*function to check userid & password
                the following code checkes whether the entered userid and password are matching*/
                if(form.userid.value == "myuserid" && form.pswrd.value == "mypswrd")
 {
                    window.open('target.html')     //opens the target page while Id & password matches
                }
                else {
                    alert("Error Password or Username")  // displays error message
                }
            }
        </script>
    </body>
</html>

PHP CODE:
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'practice');
define('DB_USER','root');
define('DB_PASSWORD','admin');

$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error()); //connect to mysql
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error()); //select a mysql database
/*
$ID = $_POST['user'];
$Password = $_POST['pass'];
*/
function SignIn()
{
session_start();   //starting the session for user profile page
if(!empty($_POST['user']))   //checking the 'user' name which is from login.html...is it empty or has some text?
{
    $query = mysql_query("SELECT *  FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());//send mysql query to the database
    $row = mysql_fetch_array($query) or die(mysql_error()); //fetch a row result
    if(!empty($row['userName']) AND !empty($row['pass']))
    {
        $_SESSION['userName'] = $row['pass'];
        echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";

    }
    else
    {
        echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
    }
}
}
if(isset($_POST['submit']))
{
    SignIn();
}

?>
相关问题
最新问题