日期:2014-05-17  浏览次数:20510 次

PHP的一段登陆代码
现在有段PHP代码, 我要把登陆密码设为指定的数字, 不从数据库里面取, 大家给我看看改如何修改?


<?php
/**
 **============================================================================
 * ============================================================================
*/

$dir_name=str_replace('\\','/',dirname(__FILE__));
$admindir=substr($dir_name,strrpos($dir_name,'/')+1);
define('CMS_PATH',str_replace($admindir,'',$dir_name));
define('INC_PATH',CMS_PATH.'includes/');
define('DATA_PATH',CMS_PATH.'data/');
include(INC_PATH.'fun.php');
include(DATA_PATH.'confing.php');
include(INC_PATH.'mysql.class.php');
if(file_exists(DATA_PATH.'sys_info.php')){
include(DATA_PATH.'sys_info.php');
}
$mysql=new mysql(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME,DB_CHARSET,DB_PCONNECT);
session_start();
$_SESSION['login_in']=empty($_SESSION['login_in'])?'':$_SESSION['login_in'];
$_SESSION['admin']=empty($_SESSION['admin'])?'':$_SESSION['admin'];
if($_SESSION['login_in']&&$_SESSION['admin']){header("location:admin.php");}
$action=empty($_GET['action'])?'login':$_GET['action'];
$password=empty($_POST['password'])?'':$_POST['password'];
$user=empty($_POST["user"])?'':$_POST['password'];
$code=empty($_POST['code'])?'':$_POST['code'];
$submit=empty($_POST['submit'])?'':$_POST['submit'];
go_url($action);

function login(){
global $_sys;
include('template/admin_login.html');
}
function ck_login(){
global $submit,$user,$password,$_sys,$code;
$submit=$_POST['submit'];
$user=fl_html(fl_value($_POST['user']));
$password=fl_html(fl_value($_POST['password']));
$code=$_POST['code'];
if(!isset($submit)){
msg('请从登陆页面进入');
}
if(empty($user)||empty($password)){
msg("密码或用户名不能为空");
}
if(!empty($_sys['safe_open'])){
foreach($_sys['safe_open'] as $k=>$v){
if($v=='3'){
if($code!=$_SESSION['code']){msg("验证码不正确!");}
}
}
}
check_login($user,$password);

}

function out(){
login_out();
}
?>


------解决方案--------------------
那你将你的check_login($user,$password);
方法的$password变量直接设置为数字就可。在方法里面就将你传递的数字在你的方法里面进行比对。
------解决方案--------------------
fun.php 贴出这个文件的代码
------解决方案--------------------
PHP code
check_login($user,$password) {
 ($password == '12345') ? $_SESSION['login_in'] = yes : die("error");
}

------解决方案--------------------
有几个注释的地方自己看看 因为不知道你其他代码是否有用到那些变量处理.

PHP code

function check_login($user, $password) {
    /*
    $rel=$GLOBALS['mysql']->fetch_asc("select id,admin_name,admin_password,admin_purview,is_disable from ".DB_PRE."admin where admin_name='".$user."' limit 0,1");
    $rel=empty($rel)?'':$rel[0];
    if(empty($rel)){
        msg('不存在该管理用户','login.php');
    }
    $password=md5($password);

    if($rel['is_disable']){
        msg('该账号已经被锁定,无法登陆');
    }
      */
    $oldPassword = '12345'; //默认固定密码
    if ($password != $oldPassword) {
        msg("输入的密码不正确");
    }

    if (!isset($_SESSION)) {
        session_start();
    }
    $_SESSION['admin'] = $rel['admin_name'];
    //$_SESSION['admin_purview'] = $rel['admin_purview']; //这里需要根据车给你需代码进行处理
    //$_SESSION['admin_id'] = $rel['id']; 这里id 需要根据程序代码进行处理
    $_SESSION['admin_time'] = time();
    $_SESSION['login_in'] = 1;
    $_SESSION['login_time'] = mktime();
    $ip = fl_value(get_ip());
    $ip = fl_html($ip);
    $_SESSION['admin_ip'] = $ip;
    //unset($rel);
    header("location:admin.php");
}