gpt4 book ai didi

php - 迁移到 mysqli

转载 作者:行者123 更新时间:2023-11-29 03:39:00 24 4
gpt4 key购买 nike

<分区>

我已经决定转移到 mysqli,因为当人们发现我的 mysql 代码时,我总是被激怒:-)

有人可以验证以下内容是否正确,一切正常,但我只是想确保在进入网站的其余部分之前我没有做愚蠢的事情或存在安全风险。这是用于在登录时检查用户名/密码的 php。

<?php
//Start session
session_start();

//Include database connection details
require_once('db_connect.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;


// cleanup POST variables
$username = mysqli_real_escape_string($mysqli, stripslashes(trim($_POST['username'])));
$password = mysqli_real_escape_string($mysqli, stripslashes(trim($_POST['password'])));

//Input Validations
if($username == '') {
$errmsg_arr[] = 'Username required';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password required';
$errflag = true;
}

//If there are input validations, redirect back to the login form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: logon.php");
exit();
}

//Load and run query
$result = mysqli_query($mysqli, "SELECT * FROM auth WHERE username='$username' AND password='$password'");

if ($result->num_rows) {
//Login Successful
session_regenerate_id();
//Set session variables
$member = $result->fetch_assoc();
$_SESSION['SESS_MEMBER_ID'] = $member['ID'];
$_SESSION['SESS_USERNAME'] = $member['username'];
$_SESSION['SESS_FIRST_NAME'] = $member['fname'];
$_SESSION['SESS_PASSWORD'] = $member['password'];
$_SESSION['SESS_AUTH_LEVEL'] = $member['auth_level'];
session_write_close();
header("location: index");
exit();
}else {
//Login failed
$errmsg_arr[] = 'user name or password not found';
$errflag = true;
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: logon.php");
exit();
}
}
mysqli_close($mysqli);
?>

非常感谢!

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com