function make_safe($variable) {
$variable = addslashes(trim($variable));
return $variable;
}
$user=make_safe($_REQUEST["user"]);
$pass=make_safe($_REQUEST["pass"]);
$yz=make_safe($_REQUEST["yz"]);
$yzma=make_safe($_REQUEST["hiddenField"]);
if ($yz == $yzma)
{
if ($user=="" or $pass=="" or $yz =="")
{
echo"你输入的信息有空,请
"."返回"."重新输入";
}
else
{
mysql_connect("localhost","root","12345") /*请修改用户名和密码*/
or die("无法连接数据库,请重来");
mysql_select_db("user")
or die("无法选择数据库,请重来");
mysql_query("SET NAMES 'gbk'");/*解决汉字*/
$row = mysql_fetch_assoc(mysql_query(" SELECT pass,xh FROM yh where name = '$user' and password = '$pass'"));
$mima=$row[password];
if($pass == $mima)
{
session_start();
$_SESSION['yhm']=$user;
echo "";
echo "";
}
else
{
echo"你的用户名或者密码输入错误,请
"."返回"."";
}
}
}
else
{
echo"您输入的验证码不正确!请
"."返回"."";
}
?>