下午用 PHP 写了一个登录注册的API,只需要建立数据库表,表中有 username, password, email 这几个字段即可。
支持邮箱登录,账号密码登录,邮箱注册。
代码如下:
<?php
$host="localhost";
$db_user="root"; //数据库用户
$db_pass="123"; //数据库密码
$db_name="test"; //数据库
error_reporting(E_ALL^E_NOTICE);
$conn = new mysqli($host, $db_user, $db_pass, $db_name);
if ($conn->connect_error) {
die("连接失败: " . $conn->connect_error);
}
$action = $_GET['action'];
switch ($action) {
//注册会员
case"adduserinfo";
$username = lib_replace_end_tag(trim($_GET['username']));
$password2 = lib_replace_end_tag(trim($_GET['userpassword']));
$password = @md5("$password2" . ALL_PS);
$email = lib_replace_end_tag(trim($_GET['email']));
if ($username == '' || $password2 == '' || $password == '') {
$res = urlencode("参数有误");
exit(json_encode($res)); //有空信息
}
$sql = "select username from `user` where username='$username'";
$query = mysqli_query($conn, $sql);
$count1 = mysqli_num_rows($query);
$sql = "select email from `user` where email='$email'";
$query = mysqli_query($conn, $sql);
$count2 = mysqli_num_rows($query);
if (($count1 > 0) || ($count2 > 0)) {
exit(json_encode(1)); //返回1表示注册失败
} else {
$addsql = "insert into `user` (username,password,email) values ('$username','$password','$email')";
mysqli_query($conn, $addsql);
$conn->close();
exit(json_encode(0)); //返回0表示注册成功
}
break;
//查询用户信息
case"selectuserinfo";
$username = lib_replace_end_tag($_GET['username']);
$sql = "select id, username, email from `user` where username='$username'";
$query = mysqli_query($conn, $sql);
$row = mysqli_fetch_array($query);
foreach ($row as $key => $v) {
$res[$key] = urlencode($v);
}
$conn->close();
exit(json_encode($res));
break;
//会员昵称登录
case"userlogin";
$username = lib_replace_end_tag($_GET['username']);
$password2 = lib_replace_end_tag(trim($_GET['userpassword']));
$password = @md5("$password2" . ALL_PS);
$sqluser = "select id,username,password from `user` where username='" . $username . "' and password='" . $password . "'";
$queryuser = mysqli_query($conn, $sqluser);
$rowuser = mysqli_fetch_array($queryuser);
if ($rowuser && is_array($rowuser) && !empty($rowuser)) {
if ($rowuser['username'] == $username && $rowuser['password'] == $password) {
if ($rowuser['password'] == $password) {
//$res = urlencode("登录成功");
exit(json_encode(0));
} else {
//$res = urlencode("密码错误");
exit(json_encode(1));
}
} else {
//$res = urlencode("用户名不存在");
exit(json_encode(2));
}
} else {
//$res = urlencode("用户名密码错误");
exit(json_encode(3));
}
/*
* 0:表示登录成功,1:表示密码错误,2:用户名不存在,3:用户名密码错误
*/
break;
case"userloginbyemail";
$email = lib_replace_end_tag($_GET['email']);
$password2 = lib_replace_end_tag(trim($_GET['userpassword']));
$password = @md5("$password2" . ALL_PS);
$sqluser = "select id,username,password from `user` where email='" . $email . "' and password='" . $password . "'";
$queryuser = mysqli_query($conn, $sqluser);
$rowuser = mysqli_fetch_array($queryuser);
if ($rowuser && is_array($rowuser) && !empty($rowuser)) {
if ($rowuser['email'] == $email && $rowuser['password'] == $password) {
if ($rowuser['password'] == $password) {
//$res = urlencode("登录成功");
exit(json_encode(0));
} else {
//$res = urlencode("密码错误");
exit(json_encode(1));
}
} else {
//$res = urlencode("用户名不存在");
exit(json_encode(2));
}
} else {
//$res = urlencode("用户名密码错误");
exit(json_encode(3));
}
/*
* 0:表示登录成功,1:表示密码错误,2:用户名不存在,3:用户名密码错误
*/
break;
default:
exit("error");
}
function lib_replace_end_tag($str)
{
if (empty($str)) return false;
$str = htmlspecialchars($str);
$str = str_replace( '/', "", $str);
$str = str_replace("\\", "", $str);
$str = str_replace(">", "", $str);
$str = str_replace("<", "", $str);
$str = str_replace("<SCRIPT>", "", $str);
$str = str_replace("</SCRIPT>", "", $str);
$str = str_replace("<script>", "", $str);
$str = str_replace("</script>", "", $str);
$str=str_replace("select","select",$str);
$str=str_replace("join","join",$str);
$str=str_replace("union","union",$str);
$str=str_replace("where","where",$str);
$str=str_replace("insert","insert",$str);
$str=str_replace("delete","delete",$str);
$str=str_replace("update","update",$str);
$str=str_replace("like","like",$str);
$str=str_replace("drop","drop",$str);
$str=str_replace("create","create",$str);
$str=str_replace("modify","modify",$str);
$str=str_replace("rename","rename",$str);
$str=str_replace("alter","alter",$str);
$str=str_replace("cas","cast",$str);
$str=str_replace("&","&",$str);
$str=str_replace(">",">",$str);
$str=str_replace("<","<",$str);
$str=str_replace(" ",chr(32),$str);
$str=str_replace(" ",chr(9),$str);
$str=str_replace(" ",chr(9),$str);
$str=str_replace("&",chr(34),$str);
$str=str_replace("'",chr(39),$str);
$str=str_replace("<br />",chr(13),$str);
$str=str_replace("''","'",$str);
$str=str_replace("css","'",$str);
$str=str_replace("CSS","'",$str);
return $str;
}
?>
使用方法:
登录:
文件名.php?action=userlogin&username=用户名&userpassword=密码
返回值说明
0:表示登录成功,1:表示密码错误,2:用户名不存在,3:用户名密码错误
注册:
文件名.php?action=adduserinfo&username=用户名&userpassword=密码&email=邮箱
返回值说明://返回1表示注册失败,返回0表示注册成功
查询用户信息:
文件名.php?action=selectuserinfo&username=用户名
返回值说明:为json,解析即可。