📄 login.php
字号:
<?php
set_time_limit(3600);
session_start();
$_SESSION["num"]=1;
include("../inc/conn.php");
$sqls=mysql_query("select * from results order by dates desc",$conn);
$_SESSION["downdate"]=mysql_result($sqls,0,"dates");
if(isset($_POST['login'])&&isset($_POST['pass'])&&isset($_POST['code']))
{ $username=chop($_POST['login']);
$password=md5(chop($_POST['pass']));
$yzcode=$_SESSION["yzcode"];
char($username);
char($password);
char($yzcode);
if(isset($yzcode)&&isset($_POST["code"]))
{
if($_POST["code"]==$yzcode)
{
$sql=mysql_query("select * from son_manage where account='$username'",$conn);
if(mysql_num_rows($sql)==0)
{
checkuser($username,$password);
}else
{
checkuserson($username,$password);
}
}else
{
outscript("alert('验证码错误,请重新输入!');history.back(1);");
}
}else outscript("alert('发生异常错误码!');history.back(1);");
}else
{
outscript("alert('请输入完整的信息!');history.back(1);");
}
function checkuser($username,$password)
{ global $conn;
$sql=mysql_query("select * from admin where username='$username'",$conn);
if(mysql_num_rows($sql)==0)
{
outscript("alert('该账号不存在!');history.back(1);");
}else
{
$sqls=mysql_query("select * from admin where username='$username' and password='$password'",$conn);
if(mysql_num_rows($sqls)==0)
{
mysql_query("update admin set login_err=login_err+1 where username='$username'",$conn);
outscript("alert('密码错误,请重新输入!');history.back(1);");
}else
{ $users=mysql_result($sqls,0,"username");
$userf="admin_".$users;
$_SESSION["adminuser"]=$users;
$_SESSION["aduser"]=$userf;
$_SESSION["sign"]=1;
mysql_query("update admin set sign='0' where username='$users'");
$sqlf=mysql_query("select * from online where user_account='$userf'",$conn);
$have=mysql_num_rows($sqlf);
$ip=$_SERVER['REMOTE_ADDR'];
$tm=date(YmdHis);
if($have==0) mysql_query("insert into online(user_type,user_name,user_account,ip,login_time,active_time)values('8','$users','$userf','$ip','$tm','$tm')",$conn);
if($have>0)
{ $_SESSION["onyes"]=8;
mysql_query("insert into onuser(user_account,sign)values('$userf','8')",$conn);
}
echo "<script language='javascript'>window.location.href='manage.php'</script>";
}
}
}
function checkuserson($username,$password)
{ global $conn;
$sql=mysql_query("select * from son_manage where account='$username'",$conn);
if(mysql_num_rows($sql)==0)
{
outscript("alert('该账号不存在!');history.back(1);");
}else
{
$sqls=mysql_query("select * from son_manage where account='$username' and password='$password'",$conn);
if(mysql_num_rows($sqls)==0)
{
outscript("alert('密码错误,请重新输入!');history.back(1);");
}else
{
$users=mysql_result($sqls,0,"account");
$userf="adminson_".$users;
$_SESSION["adminuser"]=$users;
$_SESSION["aduser"]=$userf;
$_SESSION["sign"]=1;
$_SESSION["son"]="yes";
$sqlf=mysql_query("select * from online where user_account='$userf'",$conn);
$have=mysql_num_rows($sqlf);
$ip=$_SERVER['REMOTE_ADDR'];
$tm=date(YmdHis);
if($have==0) mysql_query("insert into online(user_type,user_name,user_account,ip,login_time,active_time)values('9','$users','$userf','$ip','$tm','$tm')",$conn);
if($have>0)
{ $_SESSION["onyes"]=9;
mysql_query("insert into onuser(user_account,sign)values('$userf','9')",$conn);
}
echo "<script language='javascript'>window.location.href='manage.php'</script>";
}
}
}
function char($arr)
{
$ay="<,>,?,/,\,$,@,',*,!,#,%,^,&,(,),;,~,],[";
$sa=split(",",$ay);
for($i=1;$i<count($sa)-1;$i++)
{
if(strstr($arr,$sa[$i])) outscript("alert('请不要输入非法字符!');history.back(1);");
}
}
function outscript($arr)
{
echo "<script language='javascript'>".$arr."</script>";
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -