| Код |
class mysql
{
var $sql_login="XXXXX";
var $sql_passwd="XXXXXX";
var $sql_database="XXXX";
var $sql_host="localhost";
var $conn_id;
var $sql_query;
var $sql_err;
var $sql_res;
function sql_connect()
{
$this->conn_id=mysql_connect($this->sql_host,$this->sql_login,$this->sql_passwd);
$this->conn_log_id=mysql_connect($this->sql_host,$this->sql_login,$this->sql_passwd);
mysql_select_db($this->sql_database);
}
function sql_close()
{
mysql_close($this->conn_id);
}
function sql_execute()
{
$this->sql_res=mysql_query($this->sql_query,$this->conn_id);
$this->sql_err=mysql_error();
}
}
session_start();
$ct=new mysql;
$login=$_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}
//tut uwe nacenajem konkretnij vvod POST s formi
if (isset($_POST['name'])) {
$loginUsername=$_POST['name'];
$password=$_POST['pass'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "insert.php"; //eto kuda budet napravlatj posle logina
$MM_redirectLoginFailed = "index.php";
$MM_redirecttoReferrer = false;
//zaprosi na konnekt s saytom
$ct->sql_connect();
$LoginRS__query=sprintf("SELECT name, pass FROM users WHERE name='%s' AND pass='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$ct->sql_query=$LoginRS__query;
//$LoginRS = mysql_query($LoginRS__query, $dbmanagement) or die(mysql_error());
$ct->sql_execute();
$LoginRS=$ct->sql_res;
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//Deklarirujem dve peremennije
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;
//zaregestrirovatj dvce sistemnije peremennije v sessiju
session_register("MM_Username");
session_register("MM_UserGroup");
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
if (isset($ct->conn_id))
{
$ct->sql_close();
}
|
Эт для logina
| Код |
session_start();
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
$isValid = False;
if (!empty($UserName)) {
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
|
А эт уже на страницу для проверки...
Просто если всё на одной странице ,надо подогнать |