confirm2.php

网上书店网站系统

<?php
session_start();
if(isset($reply))
{
	if(!strcmp($answer,$reply))
	{
			print "<html><head><title>Forgotten password</title></head><body>";
			print "<form action=\"\" method=post>";
			echo  "<table align=center border=0 cellpadding=1";
		echo  "cellspacing=1 bgcolor=\"#000000\">";
			print "<tr><td align=center colspan=3 bgcolor=\"#afea83\">";
		print "答案</td></tr>";
			print "<tr><td bgcolor=\"#9999cc\">忘记密码提示问题</td>";
		print "<td align=center width=90 bgcolor=\"#9999cc\">";
		print "$question</td></tr>";
			print "<tr><td align=center bgcolor=\"#9999cc\">问题答案</td>";
		print "<td align=center width=90 bgcolor=\"#9999cc\">";
		print "$reply</td></tr>";
			print "<tr><td align=center bgcolor=\"#9999cc\">你的密码是</td>";
		print "<td align=center width=90 bgcolor=\"#9999cc\">";
		print "$password</td></tr>";
			print "</table></form></body></html>";
				exit();
	}
	else
	{
		echo "Sorry!<br>";
		print "Your answer is not right!";
		exit();
	}
}
else if(!strcmp($button,"注册"))
{
	header("Location:http://localhost/book/personelinfo.html");
	exit();
}
else if(!strcmp($button,"登录"))
{
	if($login==""||$password=="")
	{
		print "Please input login or password correctly!";
		exit();
	}
	$handler=@mysql_connect("localhost","root","307910");
	if($handler==false)
	{
		print " Connect to Mysql failed!";
		exit();
	}
	$query=@mysql_select_db("bookseller",$handler);#$query="use bookseller";
	$res=@mysql_query($query,$handler);
	if(res==false)
	{
		print "Switch to \"bookseller\"database failed";
		exit();
	}
	$query="select password from register where login='$login';";
	$res=@mysql_query($query,$handler);
	$num=@mysql_num_rows($res);
	if($num==1)
	{
		$user=mysql_fetch_row($res);
		if(!strcmp($password,$user[0]))
		{
			print $login." you are welcome!";
			exit();
		}
		else
		{
			print "Please inpput login or password correctly!";
			exit();
		}
	}
	print "Please inpput login or password correctly!";
}
else if(!strcmp($button,"忘记密码"))
{
	if($login=="")
	{
		print "Please tell me your login name!";
		exit();
	}
	$handler=@mysql_pconnect("localhost","root","307910");
	if($handler==false)
	{
		print " Connect to Mysql failed!";
		exit();
	}
	$query=@mysql_select_db("bookseller",$handler);#$query="use bookseller";
	$res=@mysql_query($query,$handler);
	if(res==false)
	{
		print "Switch to \"bookseller\"database failed";
		exit();
	}
	$query="select question,answer,password from register where login='$login';";
//	$query=$query."login=\"login\";";
	$res=@mysql_query($query,$handler);
	$num=@mysql_num_rows($res);
	if($num==0)
	{
		print "I can not find $login's information in the system.<br>";
		print "Your login name may be wrong!<br>";
		exit();
	}
	else
	{
		$res=mysql_fetch_row($res);
		print "<html><head><title>Forgotten password</title></head>";
		print "<body>";
		print "<form action=\"\" method=post>";
		echo  "<table align=center border=0 cellpadding=1";
		echo  "cellspacing=1 bgcolor=\"#000000\">";
		print "<tr><td align=center colspan=3 bgcolor=\"#afea83\">";
		print "请你回答</td></tr>";
		print "<tr><td bgcolor=\"#9999cc\">忘记密码提示问题</td>";
		print "<td bgcolor=\"#9999cc\">$res[0]</td></tr>";

		print "<tr><td align=center bgcolor=\"#9999cc\">问题答案</td>";
		print "<td bgcolor=\"#9999cc\"><input type=text name=reply>";
		print "</td></tr>";
		print "<tr><td align=center colspan=3 bgcolor=\"#9999cc\">
			
			
			<input type=hidden name=question value=\"$res[0]\">
			<input type=hidden name=answer value=\"$res[1]\">
			<input type=hidden name=password value=\"$res[2]\">
			<input type=submit name=submit value=\"确定\">";
		print "</td></tr>";
		print "</table></form></body></html>";
	}

}
?>