SkyD Posted July 15, 2005 Report Posted July 15, 2005 Ir shitas kods, kursh ieraksta iekshaa Loginu un paroli: <? $hostname="localhost"; $mysql_login="root"; $mysql_password=""; if ($db = mysql_connect("$hostname", "$mysql_login" , "$mysql_password")) { echo "<br>"; } else { echo "<br>"; } $q = mysql_query("create database admin"); if($q){ echo "<br>"; } if (!(mysql_select_db("admin",$db))) { echo "nav kaartiibaa ar DB<br>"; } else { $q= mysql_query("create table admini ( `logins` varchar (250) NULL , `parole` varchar (250) NULL )")or die(mysql_error()); if($q){ echo "<br>";} $q == mysql_query("INSERT INTO admini (logins,parole) VALUES ('$logins','$parole')")or die(mysql_error()); if($q) { echo "Pievienots!"; } } ?> Šitas kods ir pareizs??? Nu tag man ir http://localhost/admin un ieksh tur ir divi lauki, loginam un parolei.. Vajag taa, nospiezhot uz pogas "Pievienoties", lai kods no MySQL izvelk loginu un paroli un pasaka vai tam lietotaajam ir pareiza vai nepareiza .. Ja nepareiza izmet: "Nepareizi", ja pareiza iet uz main.php ... Plss, paliidzat!
bubu Posted July 15, 2005 Report Posted July 15, 2005 Ieteikums: neglabāt paroles atklātā veidā: INSERT INTO admini (logins,parole) VALUES ('$logins',MD5('$parole')) Nu a pārbaudīt vai ir pareiz logins un parole vari kautvai šādi: SELECT COUNT(*) FROM admini WHERE logins='$logins' AND parole=MD5('$parole') un tad salīdzini vai vērtība == 0, ja jā tad neļauj logoties, citādi ļauj.
Delfins Posted July 15, 2005 Report Posted July 15, 2005 Šitas kods ir pareizs??? bez mums tu viņu baidies palaist un pārbaudīt ?
SkyD Posted July 15, 2005 Author Report Posted July 15, 2005 (edited) Forma: <form name="adm_forma" action="add.php" method="post"> <input name="logins" type="text" value=""> <input name="parole" type="text" value=""> <input type="submit" value="Pievienot"> </form> Un tag šitāds kods.. add.php <? $hostname="localhost"; $mysql_login="root"; $mysql_password=""; if ($db = mysql_connect("$hostname", "$mysql_login" , "$mysql_password")) { echo "<br>"; } else { echo "<br>"; } $q = mysql_query("create database admin"); if($q){ echo "<br>"; } if (!(mysql_select_db("admin",$db))) { echo "nav kaartiibaa ar DB<br>"; } else { $q == mysql_query("INSERT INTO admini (logins,parole) VALUES ('$logins',MD5('$parole'))") or die(mysql_error()); if($q) { echo "Pievienots!"; } } ?> Nospiežot uz pogas "Pievienot" man atveras balta lapa, un nepasaka ka useris ir pievienots.. Kas pa štellēm?? Edited July 15, 2005 by SkyD
bubu Posted July 15, 2005 Report Posted July 15, 2005 (edited) Nesapratu? Viss kārtībā taču. Tā pēc koda iznāk, ka jābūt. Ko tad citu gaidīji... Edited July 15, 2005 by bubu
SkyD Posted July 15, 2005 Author Report Posted July 15, 2005 Nesapratu? Viss kārtībā taču. Tā pēc koda iznāk, ka jābūt. Ko tad citu gaidīji... 19404[/snapback] Reku rindinja: if($q) { echo "Pievienots!"; } Ja jau viss buutu ok, tad pateiktu ka "PIEVIENOTS!"..
SkyD Posted July 15, 2005 Author Report Posted July 15, 2005 ieliku un reku šeku izmet: Notice: Undefined variable: logins in d:\lapa\adm\add.php on line 24 Notice: Undefined variable: parole in d:\lapa\adm\add.php on line 24 Nu bet es takš ierakstiju abos laukos iekšā gan loginu, gan paroli... HMmm.. where is the problem???
bubu Posted July 15, 2005 Report Posted July 15, 2005 Ja jau viss buutu ok, tad pateiktu ka "PIEVIENOTS!".. 19405[/snapback] Ā, sorr, tavu "nepasaka" izlasīju kā "pasaka". Tev gadījumā nav tā, ka register_globals = off ?
SkyD Posted July 15, 2005 Author Report Posted July 15, 2005 Iesleedzu uz ON, bet vienalga: Notice: Undefined variable: logins in d:\lapa\adm\add.php on line 24 Notice: Undefined variable: parole in d:\lapa\adm\add.php on line 24
bubu Posted July 15, 2005 Report Posted July 15, 2005 Slikti darīji. Vajag off atstāt. Un lietot $_GET['logins'], $_GET['parole']
SkyD Posted July 15, 2005 Author Report Posted July 15, 2005 Slikti darīji. Vajag off atstāt. Un lietot $_GET['logins'], $_GET['parole'] 19410[/snapback] $q == mysql_query("INSERT INTO admini (logins,parole) VALUES ('.$_GET['logins'].',MD5('.$_GET['parole'].'))") or die(mysql_error()); if($q) { echo "Pievienots!"; } Tur laikam ir kļūda ar šitiem: '." .. nemaaku pielietot viņus.. Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in d:\lapa\adm\add.php on line 23 .. 23Line: $q == mysql_query....
bubu Posted July 15, 2005 Report Posted July 15, 2005 Pamēģini: echo "INSERT INTO admini (logins,parole) VALUES ('.$_GET['logins'].',MD5('.$_GET['parole'].'))" Un padomā, kur likt ' un kur ".
hmnc Posted July 15, 2005 Report Posted July 15, 2005 iesaku labāk izmantot šādu variantu ar paroļu ievietošanu/labošanu iekš mysql: // labāk $mdpass = md5($pass); $query = "INSERT INTO table VALUES('$mdpass');"; nevis: // sliktāk $query = "INSERT INTO table VALUES(MD5('$pass'));";
Recommended Posts