-1
在他/她可以登錄到他/她的帳戶之前,我一直編碼數小時試圖檢查用戶狀態(活動,非活動,暫停,禁止等),但似乎沒有任何工作。登錄之前檢查用戶狀態
下面是該代碼。
<?php
if (!defined('included')){
die('You cannot access this file directly!');
}
//log user in ---------------------------------------------------
function login($user, $pass){
//strip all tags from varible
$user = strip_tags(mysql_real_escape_string($user));
$pass = strip_tags(mysql_real_escape_string($pass));
$status = 'active';
$salt = sha1('_wchs2242%..father%/**...mygreenparrot_password&username\--\__/heelo"@@@@@@.');
$password = md5($pass.$salt);
//$pass = md5($pass);
// check if the user id and password combination exist in database
$sql = "SELECT * FROM panel_users WHERE username = '$user' AND password = '$password' ";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
if (mysql_num_rows($result) == 1) {
// the username and password match,
// set the session
$_SESSION['authorized'] = true;
$_SESSION['user'] = $user;
// direct to admin
header('Location: '.DIRADMIN);
exit();
} else {
$cs = mysql_fetch_array($result);
$sta = $cs['status'];
if($sta == 'suspended'){
$_SESSION['sus'] = 'Your account is being suspended';
}
elseif($sta == "inactive"){
$_SESSION['ina'] = 'You\'re not yet authorized.';
}else{
// define an error message
$_SESSION['error'] = 'Sorry, wrong username or password';
}
}
}
// Authentication
function logged_in() {
if($_SESSION['authorized'] == true) {
return true;
} else {
return false;
}
}
function login_required() {
if(logged_in()) {
return true;
} else {
header('Location: '.DIRADMIN.'login');
exit();
}
}
function logout(){
unset($_SESSION['authorized']);
header('Location: '.SITEDIR.'login');
exit();
}
// Render error messages
function messages() {
$message = '';
if($_SESSION['success'] != '') {
$message = '<div class="alert-success">'.$_SESSION['success'].'</div>';
$_SESSION['success'] = '';
}
if($_SESSION['error'] != '') {
$message = '<div class="alert-warning">'.$_SESSION['error'].'</div>';
$_SESSION['error'] = '';
}
if($_SESSION['sus'] != '') {
$message = '<div class="alert-warning">'.$_SESSION['sus'].'</div>';
$_SESSION['sus'] = '';
}
if($_SESSION['ina'] != '') {
$message = '<div class="alert-warning">'.$_SESSION['ina'].'</div>';
$_SESSION['ina'] = '';
}
echo "$message";
}
function errors($error){
if (!empty($error))
{
$i = 0;
while ($i < count($error)){
$showError.= "<div class=\"msg-error\">".$error[$i]."</div>";
$i ++;}
echo $showError;
}// close if empty errors
} // close function
?>
任何一個有我可能做錯什麼的想法?只有
謝謝。有效!!我感謝你的時間。 –