1. 首頁
  2. 問答
  3. PINCODE登錄頁面

PINCODE登錄頁面

2016-08-22 299 views
0

Im堅持一個項目。這是嚴格的公司內部員工登錄頁面。不公開!對於那些可能會質疑此表單安全性的人。雖然,我願意散列密碼密碼(SHA-1)。PINCODE登錄頁面

我設置我的jsfiddle代碼PINCODE LOGIN

<body onLoad="emptyCode()" class="hold-transaction login-page"> 
    <!-- Page Content --> 
    <div class="login-box"> 
<div class="login-logo"> 
    <a href="login.php"><b>PINCODE LOGIN</b></a> 
    <p class="login-box-msg">Employee Sign-in</p> 
</div> 
<!-- /.login-logo --> 
<div class="login-box-body"> 
    <!--<form action="" method="post">--> 
    <div class="main_panel"> 
    <form action="" method="post"> 
     <div class="input-group"> 
     <input type="text" name="code" maxlength="4" readonly="readonly" class="form-control" placeholder="Enter PIN..."> 
     <span class="input-group-btn"> 
       <button class="btn btn-danger" type="reset" >X</button> 
      </span> 
     </div> 
     <!-- /input-group --> 

     <table id="keypad" cellpadding="5" cellspacing="3"> 
     <tbody> 
      <tr> 
      <td onclick="addCode('1');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>1</span> 
       </div> 
      </td> 
      <td onclick="addCode('2');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>2</span> 
       </div> 
      </td> 
      <td onclick="addCode('3');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>3</span> 
       </div> 
      </td> 
      </tr> 
      <tr> 
      <td onclick="addCode('4');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>4</span> 
       </div> 
      </td> 
      <td onclick="addCode('5');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>5</span> 
       </div> 
      </td> 
      <td onclick="addCode('6');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>6</span> 
       </div> 
      </td> 
      </tr> 
      <tr> 
      <td onclick="addCode('7');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>7</span> 
       </div> 
      </td> 
      <td onclick="addCode('8');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>8</span> 
       </div> 
      </td> 
      <td onclick="addCode('9');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>9</span> 
       </div> 
      </td> 
      </tr> 
      <tr> 
      <td> 
      </td> 
      <td onclick="addCode('0');"> 
       <div class="button raised clickable"> 
       <input type="checkbox" class="toggle" /> 
       <div class="anim"></div><span>0</span> 
       </div> 
      </td> 
      </tr> 
     </tbody> 
     </table> 

     <p id="message">ACCESSIGN...</p> 
    </form> 
    </div> 
    <!--</form>--> 
    </div> 
    <!-- /.login-box-body --> 
    </div> 
    <!-- /.login-box --> 
</body>

我爲實現這一目標是:

  1. 允許員工使用4位數的PIN碼登錄並驗證 對數據庫憑據
  2. BONUS:數據庫中的哈希密碼

不知道是否需要一個函數,如「if(isset($ _ POST ['code'])){」,作爲單獨的文件。

來源

2016-08-22 cpt-crunchy

+0

我不確定函數在哪裏去驗證數據與數據庫證書。在JavaScript?在一個單獨的PHP文件? –

+1

大部分黑客都是由員工完成 – 2016-08-22 05:27:23

回答

1

首先,您在窗體末尾關閉窗體標籤,這意味着您的整個頁面幾乎都會返回到您的服務器。你可以縮小這個:

<form action="secret.php" method="post"> 
<input name="code"> 
</form>

現在它被髮布到action標籤中指定的「secret.php」。 這應該是這樣的:

Secret.php: 
<?php 
if(isset($_POST["code"])){ 
if($_POST["code"]=="5473")){ 
echo "successfully logged in..."; 
$_SESSION["logged"]=true; 
}else{ 
echo " wrong code"; 
} 
}else{ 
echo "404: this is not accessible for you"; 
} 
?>

此檢查代碼是否貼,如果它的5473.如果正確,就設置會話至極幫助您識別用戶。 只需做:

<?php 
if(isset($_SESSION["logged"])){ 
echo " logged in user..."; 
}else{ 
echo "not for you.please log in"; 
die(); 
} 
?>

來源

2016-08-22 05:27:56

+0

感謝您的回覆。但是,我不確定在哪裏添加此代碼。我有一個隱藏的PHP文件,可以執行驗證 –

+0

請你詳細說明你的答案 –

+0

哦,我明白了。你已經在js中實現了它。我重寫它,以便處理必要的php部分 –

0

我更新了我的代碼。這個功能似乎很好用!

function loginEmployee() { 
global $connection; 
$pincode = $_POST["code"]; 

if(isset($_POST["code"])){ 
$result = mysqli_query($connection,"SELECT * FROM users WHERE user_pin = '$pincode'"); 
if(mysqli_num_rows($result) != 0) { 
echo "<p class='alert-successs'>successfully logged in...</p>"; 
header("Location: ../repairs.php"); 
die(); 
$_SESSION["logged"]=true; 
}else{ 
header("Location: ../login_fail.php"); 
die(); 
} 
}else{ 
echo "404: this is not accessible for you"; 
}

來源

2016-08-24 19:34:34

相關問題

 相關問題