码迷,mamicode.com
首页 > 其他好文 > 详细

后台登陆页面

时间:2015-05-27 00:59:24      阅读:258      评论:0      收藏:0      [点我收藏+]

标签:

sql 注入登陆
用户名为a‘ or 1=1 or 1=1 or‘‘-‘或者a‘ or 1=1 or 1=1 or ‘
密码可以随便输
验证码必须输入正确
a‘ or 1=1 or 1=1 (delete * from member where 1=1 or‘) 可以利用注入删除所有的信息
  1. <?php 
  2. 	session_start();
  3. ?>
  4. <!DOCTYPE html>
  5. <html>
  6. <head>
  7. 	<meta charset="utf-8">
  8. 	<title></title>
  9. 	<meta name="keywords" content="关键字">
  10. 	<meta name="description" content="简介">
  12. </head>
  13. <body>
  14. <h1>会员注册</h1>
  15. <form  action="reg.php" method="post" enctype="multipart/form-data">
  16. 账号:<input type="text" name="maccount"><br>
  17. 密码:<input type="password" name="mpassword"><br>
  18. 确认密码:<input type="password" name="mpassword2"><br>
  19. 真实姓名:<input type="text" name="mname"><br>
  20. <input type="submit" value="提交"><br>
  21. <a href="user1.php">会员一</a>
  22. <a href="user2.php">会员二</a>
  23. <?php
  24. if(isset($_SESSION[‘user‘])){
  25. 	echo ‘欢迎‘.$_SESSION[‘name‘];
  26. ?>
  27. <a href="tuichu.php" target="_top">安全退出</a><!-- 点击此链接时,目标网页就会在当前浏览器中打开,而框架会消失。 -->
  28. <?php 
  29. }else{
  30.  ?>
  31. <a href="denglu.html">会员登录</a>
  32. <?php 
  33. }
  34. ?>
  35. </form>
  36. </body>
  37. </html>
技术分享
login.php
  1. <?php
  2. // [maccount] => aaa
  3. // [mpassword] => a
  4. //[yzm] => 5ese
  5. // [code] => 5Ese
  6. session_start();
  7. //echo ‘<pre>‘;
  8. //print_r($_POST);
  9. //print_r($_SESSION);
  11. $yzm=$_POST[‘yzm‘];
  12. if(trim($yzm)==‘‘){
  13. 	echo ‘验证码不能为空‘;
  14. }else if(strtolower($yzm)==strtolower($_SESSION[‘code‘])){
  15. 	include ‘inc/db_mysqli.php‘;
  16. 	$aa=$_POST[‘maccount‘];
  17. 	//$pp=md5($_POST[‘mpassword‘]);
  18. 	$pp=mymd5($_POST[‘mpassword‘],$aa);
  19. 	//$result=$m->query("select count(*) from member where maccount=‘$aa‘ and mpassword=‘$pp‘");
  20. 	//$rs=$result->fetch_row();
  21. 	//如下使用预处理语句来判断防止注入
  22. 	$stmt=$m->prepare(‘select count(*),mname from member where maccount=? and mpassword=?‘);
  23. 	$stmt->bind_param(‘ss‘,$aa,$pp);
  24. 	$stmt->execute();
  25. 	$stmt->bind_result($rs,$name);
  26. 	$stmt->fetch();
  27. 	if($rs>0){
  28. 		echo ‘登录成功‘;
  29. 		$_SESSION[‘user‘]=$aa;
  30. 		$_SESSION[‘name‘]=$name;
  31. 		echo ‘<a href=./>首页</a>‘;
  32. 	}else{
  33. 		echo ‘登录失败‘;
  34. 	}
  35. }else{
  36. 	echo ‘验证码输入不正确‘;
  37. }
user1.php
  1. <?php
  2. session_start();
  3. if(!isset($_SESSION[‘user‘])){
  4. 	//header(‘location:./‘);
  5. 	echo ‘<script>‘;
  6. 	echo "alert(‘请登录‘);location.href=‘./‘";
  7. 	echo ‘</script>‘;
  8. }
  9. ?>
  10. <!doctype html>
  11. <html>
  12. <head>
  13. <meta charset="utf-8">
  14. <title>会员查看222</title>
  15. <meta name="keywords" content="关键字">
  16. <meta name="description" content="简介">
  17. <script src=""></script>
  18. </head>
  19. <body>
  20. 欢迎:<?php echo $_SESSION[‘name‘]?>
  21. <?php
  22. echo ‘会员查看一一ok‘;
  23. ?>
  24. </body>
  25. </html>
use2.php
  1. <?php
  2. session_start();
  3. if(!isset($_SESSION[‘user‘])){
  4. 	//header(‘location:./‘);
  5. 	echo ‘<script>‘;
  6. 	echo "alert(‘请登录‘);location.href=‘./‘";
  7. 	echo ‘</script>‘;
  8. }
  9. ?>
  10. <!doctype html>
  11. <html>
  12. <head>
  13. <meta charset="utf-8">
  14. <title>会员查看222</title>
  15. <meta name="keywords" content="关键字">
  16. <meta name="description" content="简介">
  17. <link rel="stylesheet" type="text/css" href="inc/index.css">
  18. <script src=""></script>
  19. </head>
  20. <body>
  21. 欢迎:<?php echo $_SESSION[‘name‘]?>
  22. <?php
  23. echo ‘会员查看二二ok‘;
  24. ?>
  25. </body>
  26. </html>
yzm.php
  1. <?php
  2. include ‘inc/i.php‘;
  3. check();
tuichu.php
  1. <?php
  2. session_start();
  3. //unset($_SESSION[‘user‘],$_SESSION[‘name‘]);
  4. session_destroy();//关闭会话
  5. header(‘location:./‘);
reg.php
  1. <?php
  2. include ‘mysqli.php‘;
  3. if(isset($_POST[‘maccount‘])){
  4. 	$a=$_POST[‘maccount‘];
  5. 	$n=$_POST[‘mname‘];
  6. 	$p=$_POST[‘mpassword‘];
  7. 	$p2=$_POST[‘mpassword2‘];
  8. 	if(trim($a)==‘‘||trim($n)==‘‘||trim($p)==‘‘){
  9. 		echo ‘注册失败,账号密码真实姓名不能为空‘;
  10. 	}else if($p!==$p2){
  11. 		echo ‘注册失败,请保证2次密码一致‘;
  12. 	}else{
  13. 	$result=$m->query("select count(*) from member where maccount=‘$a‘");
  14. 	$rs=$result->fetch_row();
  15. 	//echo $rs[0];//0代码没有找到这个账号
  16. 		if($rs[0]==0){
  17. 			//$p=md5($p);
  18. 			$p=mymd5($p,$a);
  19. 			$m->query("insert into member values(null,‘$n‘,‘$a‘,‘$p‘)");
  20. 			$m->close();
  21. 			echo ‘注册成功,你的账号是‘.$a;
  22. 		}else{
  23. 			echo ‘注册失败,此账号已经被注册不可以使用‘;
  24. 		}
  25. 	}
  26. }
db_mysqli.php
  1. <?php
  2. $host = ‘localhost‘;
  3. $user = ‘root‘;
  4. $pass = ‘‘;
  5. $dbname = ‘db‘;
  6. $charset = ‘utf8‘;
  7. $m = new mysqli($host,$user,$pass,$dbname);
  8. $m->set_charset($charset);
  10. function mymd5($p,$c=‘webrx‘){
  11.     $s1 = md5($p.$c);
  12. 	$s2 = sha1($p.$c);
  13. 	$sok = substr($s1,0,6).substr($s2,0,6);
  14. 	$sok .= substr($s1,12,5).substr($s2,22,5);
  15. 	$sok .= substr($s1,22,5).substr($s2,32,5);
  16. 	return $sok;
  17. }
  19. function pager($tn,$currpage=1,$f=‘*‘,$pagesize=3,$w=‘1=1‘){
  20. 	global $m;
  21. 	$stmt = $m->prepare("select count(*) from $tn where $w");
  22. 	$stmt->execute();
  23. 	$stmt->bind_result($recordcount);
  24. 	$stmt->fetch();
  25. 	$stmt->free_result();
  26. 	$stmt->close();
  27. 	
  28. 	$stmt = $m->prepare("select $f from $tn where $w limit ?,?");
  29. 	$pagecount = ceil($recordcount/$pagesize);
  30. 	$start = $currpage*$pagesize - $pagesize;
  31. 	$stmt->bind_param(‘ii‘,$start,$pagesize);
  32. 	$stmt->execute();
  33. 	$result = $stmt->get_result();
  34. 	$row = array();
  35. 	$row[] = $result->fetch_all( MYSQLI_NUM);
  36. 	$stmt->free_result();
  37. 	$stmt->close();
  39. 	$first = 1;
  40. 	$end = 10;
  41. 	$pages = ‘<div class="page">‘;
  42. 	if($currpage>=7){
  43.     	$first = $currpage-5;
  44. 		$end = $first+$end-1;
  45. 	}
  46. 	if($currpage>1){
  47. 		$prev = $currpage-1;
  48. 		if($first>1){
  49. 			$pages.="<a href=?p=1>首页</a><a href=?p=$prev>上一页</a>";
  50. 		}else{
  51. 			$pages.="<a href=?p=$prev>上一页</a>";			
  52. 		}
  53. 	}
  54. 	for($i=$first;$i<=$end;$i++){
  55. 		if($i>$pagecount){
  56. 	    	break;	
  57. 		}
  58. 		if($i==$currpage){
  59. 	    	$pages.=‘<a class="checked">‘.$i.‘</a>‘;
  60. 			continue;	
  61. 		}
  62.         $pages.="<a href=?p=$i>$i</a>";
  63. 	}
  64. 	if($currpage<$pagecount){
  65. 		$next = $currpage+1;
  66. 		$pages.="<a href=?p=$next>下一页</a>";		
  67. 	}
  68. 	if($end<$pagecount){
  69. 		$pages.="<a href=?p=$pagecount>尾页</a>";
  70. 	}
  71. 	$row[] = $pages.‘</div>‘;
  72. 	$row[] = $pagesize;
  73. 	$row[] = $pagecount;
  74. 	$row[] = $recordcount;
  75. 	$row[] = $currpage;
  76. 	return $row;
  77. }
  79. function css1(){
  80.     $css = <<<css
  81. 	<style>
  82. 	.page{font-size:12px;height:30px;padding:15px 0;clear:both;overflow:hidden;text-align:center;}
  83. 	.page a{text-decoration:none;line-height:25px;padding:0px 10px;display:inline-block;margin-right:5px;border:solid 1px #c8c7c7;}
  84. 	.page a:hover,.page a.checked{text-decoration:none;border:solid 1px #0086d6;background:#0091e3;color:#fff;}
  85. 	.page a:visited,.page a:link{color:#333;}
  86. 	.page a:active{color:#3B3B3B;}
  87. 	</style>
  88. css;
  89.     echo $css;		
  90. }
i.php
  1. <?php
  2. function check($len=4){
  3. 	session_start();
  4. 	header(‘content-type:image/png‘);
  5. 	$fs = [‘/a.ttf‘,‘/b.ttf‘,‘/f.ttf‘];
  6. 	$font = dirname(__FILE__).$fs[mt_rand(0,1)];
  7. 	$w = 35*$len;
  8. 	$h = 50;
  9. 	$i = imagecreatetruecolor($w,$h);
  10. 	$c = imagecolorallocatealpha($i,0,0,0,127);
  11. 	//imagecolortransparent($i,$c);
  12. 	//imagefill($i,0,0,$c);
  13. 	imagefilledrectangle($i,0,0,$w,$h,gc($i,‘ffffff‘,mt_rand(0,2)));
  14. 	$sss = ‘‘;
  15. 	for($j=0;$j<$len;$j++){
  16. 		$st = gs(1);
  17. 		$sss.=$st;
  18. 	   imagettftext($i,mt_rand(15,25),mt_rand(-30,30),$j*35+10,mt_rand(28,38),gc($i),$font,$st);
  19. 	}
  20. 	$_SESSION[‘code‘] = $sss;
  21. 	imagesetthickness($i,mt_rand(2,8));
  22. 	for($j=0;$j<mt_rand(5,10);$j++){
  23. 		imagefilledarc($i,mt_rand(0,$w),mt_rand(0,$h),mt_rand(0,$w),mt_rand(0,$h),mt_rand(0,360),mt_rand(0,360),gc($i,‘rand‘,mt_rand(100,120)),IMG_ARC_NOFILL);	
  24. 	}
  25. 	for($j=0;$j<10;$j++){
  26. 	   imagettftext($i,mt_rand(10,15),mt_rand(-5,5),mt_rand(0,$w),mt_rand(0,$h),gc($i,‘rand‘,mt_rand(100,120)),$font,gs(1));
  27. 	}
  28. 	imagepng($i);
  29. 	imagedestroy($i);	
  30. }
  32. function gs($n=4){
  33.     $s = ‘abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789‘;	
  34. 	$t = ‘‘;
  35. 	for($i=0;$i<$n;$i++){
  36. 		$t.=substr($s,mt_rand(0,strlen($s)-1),1);
  37. 	}
  38. 	return $t;
  39. }
  41. /**
  42.  *  生成缩略
  43.  */
  44. function thumb($i,$f=false,$w=220,$h=0,$fn=‘s_‘){
  45. 	$ii = getimagesize($i);
  46. 	if($ii[2]==2){
  47. 		if($ii[0]>$w){
  48. 		    $src = imagecreatefromjpeg($i);
  49. 			$sw = $ii[0];
  50. 			$sh = $ii[1];
  52. 			$h = $h==0 ? $w/$sw*$sh : $h;
  53. 			//建立新的缩略图
  54. 			$dst = imagecreatetruecolor($w,$h);
  55. 			imagecopyresampled($dst,$src,0,0,0,0,$w,$h,$sw,$sh);
  56. 			if($f){
  57. 				imagejpeg($dst,$i);
  58. 			}else{
  59. 				$path = dirname($i).‘/‘;
  60. 				$name = $fn.substr($i,strrpos($i,‘/‘)+1);
  61. 				imagejpeg($dst,$path.$name);			
  62. 			}
  63. 			imagedestroy($dst);
  64. 			imagedestroy($src);
  65. 		}
  66. 	}
  67. }
  69. /**
  70.  * 功能:生成水银图标,水银图标文件在inc目录中 名称 logo.png
  71.  */
  72. function logo($i,$p=5,$f=true,$fn=‘logo_‘){
  73. 	$ii = getimagesize($i);
  74. 	if($ii[2]==2){
  75. 		if($ii[0]>300){
  76. 		    $ni = imagecreatefromjpeg($i);
  77. 			$w = $ii[0];
  78. 			$h = $ii[1];
  79. 			
  80. 			//水银图标 logo.png 格式
  81. 			$logo = dirname(__FILE__).‘/logo.png‘;
  82. 			$li = imagecreatefrompng($logo);
  83. 			$liw = imagesx($li);
  84. 			$lih = imagesy($li);
  85. 			
  86. 			$x = ($w-$liw)/2;
  87. 			$y = ($h-$lih)/2;
  88. 			
  89. 			$pad = 35;
  90. 			switch($p){
  91. 			    case 1:
  92. 					$x = 0+$pad;
  93. 					$y = 0+$pad;
  94. 				break;
  95. 				
  96. 				case 2:
  97. 					$y = 0+$pad;				
  98. 				break;
  99. 				
  100. 				case 3:
  101. 					$x = $w-$liw-$pad;
  102. 					$y = 0+$pad;
  103. 				break;
  104. 				
  105. 				case 4:
  106. 					$x = 0+$pad;
  107. 				break;
  108. 				
  109. 				case 6:
  110. 					$x = $w-$liw-$pad;
  111. 				break;
  112. 				
  113. 				case 7:
  114. 					$x = 0+$pad;
  115. 					$y = $h-$lih-$pad;
  116. 				break;
  117. 				
  118. 				case 8:
  119. 					$y = $h-$lih-$pad;
  120. 				break;
  121. 				
  122. 				case 9:
  123. 					$x = $w-$liw-$pad;
  124. 					$y = $h-$lih-$pad;
  125. 				break;	
  126. 			}
  127. 			imagecopy($ni,$li,$x,$y,0,0,$liw,$lih);
  128. 			if($f){
  129. 				imagejpeg($ni,$i);
  130. 			}else{
  131. 				$path = dirname($i).‘/‘;
  132. 				$name = $fn.substr($i,strrpos($i,‘/‘)+1);
  133. 				imagejpeg($ni,$path.$name);			
  134. 			}
  135. 			imagedestroy($ni);
  136. 			imagedestroy($li);
  137. 		}
  138. 	}
  139. }
  141. function txt($i,$s=30,$t=‘版权所有‘,$c=‘rand‘,$a=0,$p=5,$f=true,$fn=‘t_‘){
  142. 	$font = dirname(__FILE__).‘/f.ttf‘;
  143. 	$ii = getimagesize($i);
  144. 	if($ii[2]==2){
  145. 		if($ii[0]>300){
  146. 		    $ni = imagecreatefromjpeg($i);
  147. 			$pos = imagettfbbox($s,0,$font,$t);
  148. 			$pad = 30;
  149. 			switch($p){
  150. 				case 1://左上角
  151. 					$x = 0-$pos[0]+$pad;
  152. 					$y = 0-$pos[7]+$pad;
  153. 				break;
  154. 				
  155. 				case 2://上边 水平中央
  156. 					$x = ($ii[0]-$pos[2])/2;
  157. 					$y = 0-$pos[7]+$pad;
  158. 				break;
  159. 				
  160. 				case 3:
  161. 					$x = $ii[0]-$pos[2]-$pad;
  162. 					$y = 0-$pos[7]+$pad;
  163. 				break;
  164. 				
  165. 				case 4:
  166. 					$x = 0-$pos[0]+$pad;
  167. 					$y = ($ii[1]-$pos[6])/2;
  168. 				break;
  169. 				
  170. 				case 5:
  171. 					$x = ($ii[0]-$pos[2])/2;
  172. 					$y = ($ii[1]-$pos[6])/2;
  173. 				break;
  174. 				
  175. 				case 6:
  176. 					$x = $ii[0]-$pos[2]-$pad;
  177. 					$y = ($ii[1]-$pos[6])/2;
  178. 				break;
  179. 				
  180. 				case 7:
  181. 					$x = 0-$pos[0]+$pad;
  182. 					$y = $ii[1]-$pos[6]-$pad;
  183. 				break;
  184. 				
  185. 				case 8:
  186. 					$x = ($ii[0]-$pos[2])/2;
  187. 					$y = $ii[1]-$pos[6]-$pad;
  188. 				break;
  189. 				
  190. 				case 9:
  191. 				 	$x = $ii[0]-$pos[2]-$pad;
  192. 					$y = $ii[1]-$pos[6]-$pad;
  193. 				break;
  194. 			}
  195. 			imagettftext($ni,$s,0,$x,$y,gc($ni,$c,$a),$font,$t);
  197. 			if($f){
  198. 				imagejpeg($ni,$i);
  199. 			}else{
  200. 				$path = dirname($i).‘/‘;
  201. 				$name = $fn.substr($i,strrpos($i,‘/‘)+1);
  202. 				imagejpeg($ni,$path.$name);			
  203. 			}
  204. 			imagedestroy($ni);
  205. 		}
  206. 	}
  207. }
  209. function gc($i,$c=‘rand‘,$a=0){
  210. 	$color = ‘‘;
  211. 	switch($c){
  212. 	    case ‘white‘:
  213. 			$color = imagecolorallocatealpha($i,255,255,255,$a);
  214. 		break;
  215. 	    case ‘black‘:
  216. 			$color = imagecolorallocatealpha($i,0,0,0,$a);
  217. 		break;
  218. 		case ‘red‘:
  219. 			$color = imagecolorallocatealpha($i,255,0,0,$a);
  220. 		break;
  221. 		case ‘green‘:
  222. 			$color = imagecolorallocatealpha($i,0,255,0,$a);
  223. 		break;
  224. 		case ‘rand‘:
  225. 			$color = imagecolorallocatealpha($i,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255),$a);
  226. 		break;
  227. 		default:
  228. 		    $cc = str_split($c,2);
  229. 			$color = imagecolorallocatealpha($i,hexdec($cc[0]),hexdec($cc[1]),hexdec($cc[2]),$a);
  230. 		break;
  231. 	}
  232. 	return $color;
  233. }









后台登陆页面

标签:

原文地址:http://www.cnblogs.com/lsr111/p/4532177.html
(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
分享档案
更多>
2021年07月29日 (22)
2021年07月28日 (40)
2021年07月27日 (32)
2021年07月26日 (79)
2021年07月23日 (29)
2021年07月22日 (30)
2021年07月21日 (42)
2021年07月20日 (16)
2021年07月19日 (90)
2021年07月16日 (35)
周排行
mamicode.com排行更多图片
更多
友情链接
兰亭集智   国之画   百度统计   站长统计   阿里云   chrome插件   新版天听网
关于我们 - 联系我们 - 留言反馈
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!