php会员管理系统

config.php

<?php
session_start();
$conn=mysql_connect('localhost','root','');
mysql_select_db('member',$conn);
define(ALL_PS,"IPHP");
function user_shell($uid,$shell,$m_id){
    $sql="select * from user_list where `uid`='$uid'";
    $query=mysql_query($sql);
    $us=is_array($row=mysql_fetch_array($query));
    $shell=$us ? $shell==md5($row[username].$row[password].ALL_PS):FALSE;
    if ($shell){
        if($row[m_id]<=$m_id){
            return $row;
        }
        else{
        echo"你的权限不足";
        exit();
        }
    }
    else{
        echo"你无权限查看该页面";
        exit();
    }
}

login.php

<?php
include('config.php');
 //echo md5("admin2".ALL_PS);
  if($_POST[submit]){
    $username=str_replace(" ","","$_POST[username]");
    $sql="select * from user_list where `username`='$username'";
    $query=mysql_query($sql);
    $us=is_array($row=mysql_fetch_array($query));
     echo $ps=$us ? md5($_POST[password].ALL_PS)==$row[password] : FALSE;
    if($ps){
        $_SESSION[uid]=$row[uid];
        $_SESSION[user_shell]=md5($row[username].$row[password].ALL_PS);
        $_SESSION[times]=mktime();//取得登录时忘该的时间
        echo "登录成功";
    }else{
        echo "用户名或密码错误";
        session_destroy();//密码错误时消除所有的session
    }
  }
?>

  <form action="" method="post" >

  用户名：<input type="text" name="username" style="height=23px"/><br/>
  密  码：<input type="password" name="password" style="height=23px"/><br/>
        <input type="submit" name="submit" value="提交"/>
  </form>

user.php

<?php
include("config.php");
$arr=user_shell($_SESSION[uid],$_SESSION[user_shell],2);
echo $row[username];
?>
权限内容