PHP和MySQL Web开发从新手到高手,第5天-添加辅助函数

于 2015-11-03 20:03:00 发布
阅读量132 收藏
点赞数
文章标签: 数据库 php
原文链接:http://www.cnblogs.com/BigBigLiang/p/4934231.html
版权
本文详细介绍了用户登录、角色验证及数据库操作等关键函数的实现,包括检查用户是否登录、验证用户凭据、获取MD5密码及判断用户角色。通过这些函数,可以有效地进行用户权限管理和身份验证。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

1. 用户权限相关的函数.

  这些函数在接下来的页面设计中会用到.

  主要包括:

  function user_is_login()

  function database_contains_author($email, $password)

  function get_md5_password($password)

  function user_has_role($role)

1.1 user_is_login() 

function user_is_login(){
    if (isset($_POST['action']) and $_POST['action'] == 'login'){
        if (!isset($_POST['email']) or $_POST['password'] == '' or !isset($_POST['password']) or $_POST['password'] == ''){
            $GLOBALS['loginError'] = 'Please fill in user name and password.';
            return false;
        }
        if (database_contains_author($_POST['email'], $_POST['password'])){
            session_start();
            $_SESSION['loggedin'] = true;
            $_SESSION['email'] = $_POST['email'];
            $_SESSION['password'] = $_POST['password'];
            return true;
        } else {
            session_start();
            unset($_SESSION['loggedin']);
            unset($_SESSION['email']);
            unset($_SESSION['password']);
            return false;
        }
    }
    
    if (isset($_POST['action']) and $_POST['action'] == 'logout'){
        session_start();
        unset($_SESSION['loggedin']);
        unset($_SESSION['email']);
        unset($_SESSION['password']);
        header('Location:  '.$_POST['goto']);
        exit();
    }
    
    session_start();
    if (isset($_SESSION['loggedin'])){
        return database_contains_author($_SESSION['email'], $_SESSION['password']);
    }
    
    return false;
}

1.2 database_contains_author($email, $password) 

function database_contains_author($email, $password) {
    $password = get_md5_password($password);
    include 'db.inc.php';
    
    try {
        $sql = 'select count(*) from author where email = :email and password = :password';
        $s = $pdo->prepare($sql);
        $s->bindValue(':email', $email);
        $s->bindValue(':password', $password);
        $s->execute();
        
    } catch (PDOException $e) {
        $error = 'Query author faild...'.$e->getMessage();
        include 'error.html.php';
        exit();
    }
    
    $row = $s->fetch();
    return  $row[0] > 0;
}

1.3 get_md5_password($password) 

function get_md5_password($password){
    return md5($password.'ijdb');
}

1.4 user_has_role($role) 

function user_has_role($role) {
    include 'db.inc.php';
    
    try {
        $sql = 'SELECT * FROM authorrole 
            INNER JOIN author ON author.id = authorrole.authorid 
            INNER JOIN role ON authorrole.roleid = role.id 
            WHERE author.email = :email AND role.id = :roleid';
    
        $s = $pdo->prepare($sql);
        $s->bindValue(':email',$_SESSION['email']);
        $s->bindValue(':roleid', $role);
        
        $s->execute();    
    } catch (PDOException $e) {
        $error = 'Query authorrole faild...does not have right...'.$e->getMessage();
        include 'error.html.php';
        exit();
    }
    
    $row = $s->fetch();
    
    return $row[0] > 0;
}

转载于:https://www.cnblogs.com/BigBigLiang/p/4934231.html

Jeff1215
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值