Download presentation
Presentation is loading. Please wait.
1
修改前
2
修改後
3
<?php //initialize the session if (!isset($_SESSION)) { session_start(); } // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction.="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles $_SESSION['MM_Username'] = NULL; $_SESSION['MM_UserGroup'] = NULL; $_SESSION['PrevUrl'] = NULL; unset($_SESSION['MM_Username']); unset($_SESSION['MM_UserGroup']); unset($_SESSION['PrevUrl']); $logoutGoTo = "index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } return $isValid; } $MM_restrictGoTo = "index.php?errMsg=2"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer.= "?". $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar. "accesscheck=". urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'". $theValue. "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'". $theValue. "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction.= "?". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) { $passwd=$_POST['m_passwd']; if($_POST["new_passwd"]!=""){ $passwd= md5($_POST['new_passwd']); } $updateSQL = sprintf("UPDATE memberdata SET m_name=%s, m_nick=%s, m_passwd=%s, m_sex=%s, m_birthday=%s, m_email=%s, m_url=%s, m_phone=%s, m_cellphone=%s, m_address=%s WHERE m_id=%s", GetSQLValueString($_POST['m_name'], "text"), GetSQLValueString($_POST['m_nick'], "text"), GetSQLValueString($passwd, "text"), GetSQLValueString($_POST['m_sex'], "text"), GetSQLValueString($_POST['m_birthday'], "date"), GetSQLValueString($_POST['m_email'], "text"), GetSQLValueString($_POST['m_url'], "text"), GetSQLValueString($_POST['m_phone'], "text"), GetSQLValueString($_POST['m_cellphone'], "text"), GetSQLValueString($_POST['m_address'], "text"), GetSQLValueString($_POST['m_id'], "int")); mysql_select_db($database_aa, $aa); $Result1 = mysql_query($updateSQL, $aa) or die(mysql_error()); $updateGoTo = "memberzone.php"; if (isset($_SERVER['QUERY_STRING'])) { $updateGoTo.= (strpos($updateGoTo, '?')) ? "&" : "?"; $updateGoTo.= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $updateGoTo)); } $colname_Recordset1 = "-1"; if (isset($_SESSION['MM_Username'])) { $colname_Recordset1 = $_SESSION['MM_Username']; } mysql_select_db($database_aa, $aa); $query_Recordset1 = sprintf("SELECT * FROM memberdata WHERE m_username = %s", GetSQLValueString($colname_Recordset1, "text")); $Recordset1 = mysql_query($query_Recordset1, $aa) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?> 網站會員系統 會員資料修改 " name="form1" id="form1"> 帳號資料 使用帳號 "> 密碼 "> 需要修改密碼才填寫此欄。 個人資料 真實姓名 "> * 暱稱 "> * 性別 name="m_sex" type="radio" value="w" checked> 女 name="m_sex" type="radio" value="m"> 男 * 生日 "> * 為西元格式 (YYYY - MM - DD) 電子郵件 "> * 請確定此電子郵件為可使用狀態,以方便未來系統使用,如補寄會員密碼信。 個人網頁 "> 請以 「 http:// 」 為開頭。 電話 "> 行動電話 "> 住址 " size="40"> * 表示為必填的欄位 會員資料 您好, "> 登出系統 eHappy 網站會員系統 版權所有 © 2009 eHappy MemberSystem All Rights Reserved. <?php mysql_free_result($Recordset1); ?>
Similar presentations
![1 IE 瀏覽器操作環境設定 請下載並安裝 Adobe Acrobat Reader 中文版。 建議使用 MS office XP or 2002 以上。 瀏覽器版本建議使用 IE 6.0 以上版本。 建議瀏覽解析度為 1024 × 768 。 在 IE 的功能表列 [ 工具 ] [ 網際網路選.](/16/4924865/big_thumb.jpg "1 IE 瀏覽器操作環境設定 請下載並安裝 Adobe Acrobat Reader 中文版。 建議使用 MS office XP or 2002 以上。 瀏覽器版本建議使用 IE 6.0 以上版本。 建議瀏覽解析度為 1024 × 768 。 在 IE 的功能表列 [ 工具 ] [ 網際網路選.>")
