1. 首页
  2. 问答
  3. PHP 2人在同一时间在同一台计算机pt.02

PHP 2人在同一时间在同一台计算机pt.02

2010-12-01 33 views
0

登录这是否看起来好了的登录脚本PHP 2人在同一时间在同一台计算机pt.02

//Player 1 Login username and password 
$p1name = $_POST['p1name']; 
$p1pass = $_POST['p1pass']; 

//player 2 Login username and password 
$p2name = $_POST['p2name']; 
$p2pass = $_POST['p2pass']; 

$connection = mysql_connect("db_host", "db_user", "db_pass"); 
mysql_select_db("db_name", $connection); 

get_user($p1name, $p1pass); 
get_user($p2name, $p2pass); 

$row = $result; 
$found = false; 

if(($row["username"] == $p1name && $row["password"] == sha1("$p1pass")) 
    && ($row["username"] == $p2name && $row["password"] == sha1("$p2pass"))) 
{ 
    $found = true; 
    break; 
} 

function get_user($username, $password) 
{ 
    $query = 'SELECT * FROM users'; 
    $query .= ' WHERE username = ' . mysql_real_escape_string($username); 
    $query .= ' AND password = ' . mysql_real_escape_string(sha1($password)); 
    $result = mysql_query($query); 
    return mysql_fetch_assoc($result); 
}

来源

2010-12-01 hgbso

+0

您需要将`get_user()`的返回值赋给某个​​东西。你还需要两个独立的$ row行 - “$ row [”username“] == $ p1name`和`$ row [”username“] == $ p2name`是互斥的条件。 – 2010-12-01 20:00:44

+0

我在这里有点困惑......你为什么要在同一个会话中登录2个人工智能?您的代码一次只能用于1人(= Session)。如果打开新会话,则应为该会话创建新用户。还总是盐你的密码。由于存在彩虹表,简单地对它们进行散列已经不再安全。 – 2010-12-01 20:01:50

+0

一个if语句用于第一行,然后一个elseif语句用于$ row的第二个实例,并且不能使用两个用户的会话ID从同一台计算机播放 – hgbso 2010-12-01 20:12:40

回答

1

这是一个稍微有点清洁的想法。我建议得到使用,以例外,他们是伟大的:)

function Login($uname, $passwd) { 
     $uname = mysql_real_escape_string($uname); 
     $passwd = mysql_real_escape_string($passwd); 

     // we are using sha encryption for user passwords 
     $passwd = sha1($passwd); 

     // lookup the user information they specified 
     $sql = mysql_query("SELECT * FROM `users` WHERE uname='$uname' && passwd='$passwd'"); 

     try { 
      // if the username/password combo doesnt work/exist then tell them 
      if(!mysql_fetch_assoc($sql)) { 
       $error = new Error(); 
       throw new Exception($error->Login(1)); 

      // if the password DOES work, then continue the login 
      } else { 

       $_SESSION['login'] = 'true'; 
       $_SESSION['uname'] = $uname; 
       redirect(); 
      } 
     } catch (Exception $e) { 
      echo $e->GetMessage(); 
     } 
    }

至于的评论“你不能存储两个用户!!! ZOMG会话值!”以及..如果你必须这样做,只需将它们存储在这样的东西。$ _SESSION ['user1'] $ _SESSION ['user2']。这只是一个想法 - 我不是在宽恕这个。

来源

2010-12-01 20:22:54

2 
<?php  
// Player 1 Login Information 
$p1name = $_POST['p1name']; 
$p1pass = $_POST['p1pass']; 

// Player 1 Login Information 
$p2name = $_POST['p2name']; 
$p2pass = $_POST['p2pass']; 

// Check user information 
$player1 = get_user($p1name, $p1pass); 
$player2 = get_user($p2name, $p2pass); 

// Has any user been found? 
$found = array(
'player1' => false, 
'player2' => false 
); 

// Check if use information matches 
if($player1['username'] == $p1name && $player1['password'] == $p1pass) { 
$found['player1'] = true; 
} 
if($player2['username'] == $p2name && $player2['password'] == $p2pass) { 
$found['player2'] = true; 
} 

function connect($db_host, $db_name, $db_pass, $db_table) { 
    $connection = mysql_connect($db_host, $db_name, $db_pass); 
    mysql_select_db($db_table, $connection); 
} 

function get_user($username, $password) { 
$query = 'SELECT * FROM users'; 
$query .= ' WHERE username = ' . mysql_real_escape_string($username); 
$query .= ' AND password = ' . mysql_real_escape_string(sha1($password)); 
$result = mysql_query($query); 
return mysql_fetch_assoc($result); 
}

您需要创建返回的用户信息的实例,以检查每个玩家对他们自己。

来源

2010-12-01 21:27:02 CodyRob

相关问题

 相关问题