- <?php
- session_start(); //啟動SESSION
- include_once('./conn.inc.php'); //引入資料庫連線檔案
- switch($_POST['page']){ //判斷由哪一頁傳入
- case 'login': //登入
- $ud_account = $_POST['ud_account']; //接收帳號
- $ud_password = $_POST['ud_password']; //接收密碼
- //查詢帳號
- $sql = "SELECT * FROM `userdata_tab`
- WHERE `ud_account` = '{$ud_account}'";
- $result = mysqli_query($conn, $sql); //執行(查詢)SQL碼
- $result_num = mysqli_num_rows($result); //查詢資料筆數
- if($result_num==1){ //若等於 1 時, 代表有該帳號
- $single_user = mysqli_fetch_assoc($result); //取得該筆資料陣列
- if($ud_password == $single_user['ud_password']){ //判斷密碼是否符合
- unset($single_user['ud_password']); //將密碼移除
- $_SESSION['user'] = $single_user; //將使用者資料的陣列全部指派給 $_SESSION['user']
- echo '<script type="text/javascript">
- alert("登入成功");
- window.location.href="./index.php";
- </script>';
- }else{
- echo '<script type="text/javascript">
- alert("密碼錯誤");
- window.history.back();
- </script>';
- }
- }else{
-
- }
-
- //echo $ud_account.'<br />';
- //echo $ud_password.'<br />';
- break;
- case 'user_edit': //修改使用者資料
- $ud_name = $_POST['ud_name']; //接收使用者
- $ud_password = $_POST['ud_password']; //接收密碼
- if($ud_name==""){ //若使用者空值
- echo '<script type="text/javascript">
- alert("請輸入使用者名稱");
- window.history.back();
- </script>';
- }elseif(empty($ud_password)){ //若密碼空值
- echo '<script type="text/javascript">
- alert("請輸入密碼");
- window.history.back();
- </script>';
- }else{
- $sql = "UPDATE `userdata_tab` SET
- `ud_name` = '{$ud_name}',
- `ud_password` = '{$ud_password}'
- WHERE `ud_id` = '{$_SESSION['user']['ud_id']}'
- ";
- $result = mysqli_query($conn, $sql);
- if($result){ //判斷SQL語法是否執行成功
- $_SESSION['user']['ud_name'] = $ud_name; //重新指派使用者名稱
- echo '<script type="text/javascript">
- alert("修改成功");
- window.location.href="./index.php";
- </script>';
- }else{
- echo '<script type="text/javascript">
- alert("修改失敗");
- window.history.back();
- </script>';
- }
- }
- break;
- case 'register': //會員註冊
- $sql = "INSERT INTO `userdata_tab`(`ud_name`, `ud_account`, `ud_password`, `ud_datetime`)
- VALUES('{$_POST['ud_name']}', '{$_POST['ud_account']}', '{$_POST['ud_password']}', NOW())";
- $result = mysqli_query($conn, $sql);
- if($result){ //判斷SQL語法是否執行成功
- //homework: 註冊SESSION
- echo '<script type="text/javascript">
- alert("註冊成功");
- window.location.href="./index.php";
- </script>';
- }else{
- echo '<script type="text/javascript">
- alert("註冊失敗");
- window.history.back();
- </script>';
- }
- break;
- default:
- echo '你是偷渡客吼!!';
- break;
- }
- ?>
複製代碼 |