每逢期末,各科专业课的课程设计相信会让许多和我一样的大学生磨破脑袋,本着与人为善,授人予鱼的思想,我决定。。。。。。好吧,你懂的,废话不多说,上菜!
特别声明一点,我写的这个留言板程序,上面存在大量的的漏洞,大家可以写完以后拿着自己写的程序进行漏洞渗透练习,然后不断的完善自己的代码,使得网站更安全。
留言板功能模块
一、注册模块
二、登陆模块
三、留言板界面
四、留言模块
五、对个人留言的编辑
六、对个人留言的删除
七、注销登陆
八、个人中心页面
九、头像上传模块
十、打开数据库模块
在查看代码之前我还是推荐你先去看看菜鸟教程上的一些基础知识(包括html,php,sql):http://www.runoob.com/html/html-tutorial.html
其实我开始写留言版的时候,是一点基础都没有的,但是写完留言板也就用了6天时间
所以我还是推荐大家如果有时间的话去菜鸟教程上学习学习,这些东西并不难。
以下是我自己总结的书写留言板各个模块所需要注意的知识点
一、书写留言板时需要注意的一些知识(注册,登陆部分) https://mp.csdn.net/postedit/80550331
二、书写留言板时需要注意的一些知识(编辑,删除部分) https://blog.csdn.net/sdb5858874/article/details/80550417
三、书写留言板时需要注意的一些知识(个人中心,上传和注销) https://blog.csdn.net/sdb5858874/article/details/80550432
四、书写留言板时需要注意的一些知识(留言板界面) https://blog.csdn.net/sdb5858874/article/details/80550450
一、注册模块
<!DOCTYPE html>
<html>
<head>
<title>传说中的注册页面
</title>
<meta charset="utf-8">
</head>
<body background="C:\Users\王超ixy\Desktop\659927.jpg" background-size: cover>
<?php
$user=$sex=$city=$mail=$phone=$passwd=$passwd1="";
$success=4;
if(isset($_POST["submit"]))
{
if (empty($_POST["username"]))
{
$user="姓名不能为空!";
$success=$success+1;
}
if (empty($_POST["sex"]))
{
$sex="性别不能为空!";# code...
}
if (empty($_POST["city"]))
{
$city="请输入您所在的城市!";# code...
}
if (empty($_POST["mail"]))
{
$mail="邮箱不能为空!";# code...
$success++;
}
if (empty($_POST["phone"]))
{
$phone="请输入你的手机!";# code...
$success++;
}
if (empty($_POST["password"]) or empty($_POST["password1"]))
{
$passwd="请输入两次密码!";
$success++;
}
else
{
if ($_POST["password1"] !== $_POST["password"])
{
$passwd1="两次输入的密码不一致";
$success++;
}
}
if($success==4)
{
echo "<center><font size='4' color='red'>注册成功,请点击返回按钮进行登陆!</font></center>";
}
else
{
echo "<center><font size='4' color='red'>注册失败,请重新尝试!</font></center>";
}
}
?>
<center>
<table border="1">
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<h2>用户注册页面</h2>
<font color="red">有*的选项为必填选项</font>
<tr>
<th><font color="red">*</font>用户名:</th>
<td><input type="text" name="username"><?php if (empty($_POST["username"])) {
echo "$user";
}
?></td>
</tr>
<tr>
<th><font color="red">*</font>密码:</th>
<td><input type="password" name="password"><?php if (empty($_POST["password"]) or empty($_POST["password1"]))
{
#echo $passwd;
}
else
{
if ($_POST["password1"] !== $_POST["password"])
{
echo $passwd1;
}
}
?></td>
</tr>
</tr>
<tr>
<th><font color="red">*</font>再次输入密码:</th>
<td><input type="password" name="password1"></td>
</tr>
<tr>
<th>性别</th>
<td>
<input type="radio" name="sex" value="man">男
                 <input type="radio" name="sex" value="women">女
</td>
</tr>
<tr>
<th>所在城市</th>
<td>
<input type="text" name="city">
</td>
</tr><tr>
<th><font color="red">*</font>常用邮箱</th>
<td>
<input type="text" name="mail"><?php if (empty($_POST["mail"])) {
echo "$mail";
}
?>
</td>
</tr>
<tr>
<th><font color="red">*</font>常用手机</th>
<td>
<input type="text" name="phone"><?php if (empty($_POST["phone"])) {
echo "$phone";
}
?>
</td>
</tr>
<tr>
<th colspan="1">
<input type="submit" name="submit" value="提交">
</th>
<th >
<input type="reset" name="reset" value="重置">
</th>
</tr>
<tr>
<th colspan="2">
<a href="login1.php">返回</a>
</th>
</tr>
</form>
</table>
</center>
<?php
if(isset($_POST["submit"]) and $success==4)
{
$dbservername = "localhost";
$dbusername = "root";
$dbpassword = "root";
// 创建连接
$conn = mysqli_connect($dbservername, $dbusername, $dbpassword);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
else{
#echo "连接成功<br>";
mysqli_select_db($conn,"liuyanban");
$sql="select * from user where username='".$_POST['username']."'";
$result = mysqli_query($conn,$sql);
if (mysqli_num_rows($result) > 0)
{
echo "<script>alert('用户名已存在,请重新输入!')</script>";
}
else
{
$time = date("Y-m-d");
$sql1 = "insert into user(username,email,sex,password,time) values('{$_POST['username']}','{$_POST['mail']}','{$_POST['sex']}','{$_POST['password']}','{$time}')";
$result1 = mysqli_query($conn,$sql1);
#echo $result1;
if ($result1)
{
echo "<script>alert('注册成功,请登录!')</script>";
}
else
{
echo "<script>alert('数据库错误!')</script>";
}
}
}
mysqli_close($conn);
}
?>
</body>
</html>
二、登陆模块
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
<title>傻乎乎的登陆界面</title>
<meta charset="utf-8">
</head>
<body background="image/659927.jpg" background-size: cover>
<?php
if (isset($_POST["submit"]))
{
require "mysqllogin.php";
if(empty($_POST["password"]) or empty($_POST["username"]))
{
echo "<center><font color='red'>请输入账户名和密码!</font></center>";
}
else
{
$username=$_POST["username"];
$password=$_POST["password"];
$sql="select * from user where username='$username' and password='$password'";
$resulet=mysqli_query($conn,$sql);
if(mysqli_num_rows($resulet) > 0)
{
$person=mysqli_fetch_array($resulet);
$_SESSION['username']=$person['username'];
$_SESSION['uid']=$person['uid'];
echo "<script>alert('登陆成功')</script>";
echo "<script>window.location.href=\"show.php\"</script>";
}
else
{
echo "<script>alert('用户名或密码错误,请重新登陆')</script>";
}
}
mysqli_close($conn);
}
?>
<center>
<h2>登陆页面</h2>
<table border="2">
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<tr>
<th>用户名</th>
<td><input type="text" name="username"></td>
</tr>
<tr>
<th>密码</th>
<td><input type="password" name="password"></td>
</tr>
<tr>
<th colspan="2">
<input type="submit" name="submit" value="登陆">
</th>
</tr>
<tr>
<th colspan="2">
<input type="reset" name="reset" value="重置">
</th>
<a href="8.php">注册</a>
</tr>
</form>
</table>
</center>
</body>
</html>
三、留言板界面
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
<title>留言板界面</title>
<meta charset="utf-8">
</head>
<body background="image/731440.png" >
<div align="right">
<?php
if(isset($_SESSION['uid']))
{
echo "欢迎".$_SESSION['username']."来到网四第一打野的留言板!";
echo "<a href='loginout.php'>注销</a>";
echo "<br>";
echo "<a href='personalcenter.php?uid=".$_SESSION['uid']."'>个人中心</a>";
}
else
{
die("请登录后再查看本页!"."<meta http-equiv='Refresh'content='3;url=login1.php'/>");
}
?>
</div>
<br><br>
<center>
<caption><font size="5" color="red" >欢迎来到网四第一打野的留言板!</font></caption>
<br><br><br><br>
<table border="1" >
<tr>
<th>留言者</th>
<th>内容</th>
<th>ip</th>
<th>时间</th>
<th>操作</th>
</tr>
<?php
require "mysqllogin.php";
$sql="select * from message";
$result=mysqli_query($conn,$sql);
while($message=mysqli_fetch_array($result,MYSQL_ASSOC))
{
echo "<tr>";
$sql1="select * from user where uid ='".$message["uid"]."'";
$result1=mysqli_query($conn,$sql1);
$user=mysqli_fetch_array($result1,MYSQL_ASSOC);
echo "<td>".$user['username']."</td>";
echo "<td>".$message['content']."</td>";
echo "<td>".$message['ip']."</td>";
echo "<td>".$message['time']."</td>";
$id=$message['id'];
$uid=$message['uid'];
echo "<td><a href='editor1.php?id=".$id."&uid=".$uid."'>编辑</a>   <a href='delete.php?id=".$id."&uid=".$uid."'>删除</a></td>";
echo "</tr>";
}
mysqli_close($conn);
?>
</table>
<br><br><br><br>
<form method="post" action="http://127.0.0.1/message.php">
<textarea name="content" rows="8" cols="80"></textarea>
<br>
<input type="submit" name="submit" value="添加留言">
<input type="reset" name="reset" value="重置">
</form>
</center>
</body>
</html>