tony1223/check.php Secret

## check.php
<?php
session_start();//初始化session,就是開始要始用session
//匯入config.php資訊
include "config/config.php";

//檢查字元長度後過長退回上一頁
chk_all($_POST['account']);
$account = $_POST['account'];
$passwd=md5($_POST['passwd']);
$arry=SoloSql("manage","`DB_Id`='1' && `DB_Account`='".$account."'");//判斷帳號是否存在

//檢查帳號密碼是否存在
if(!empty($arry['numrows'])){
	$arry=SoloSql("manage"," `DB_Account`='".$account."' && `DB_Password`='".$passwd."'");//判斷密碼是否錯誤
	if(!empty($arry['numrows'])){
			//註冊一個session名稱叫adname
			session_register("accountADM");
			$_SESSION['accountADM']=$arry['DB_Account'];//將資料庫adname的資料放入$adname這個session裡
				parent_url_msg($arry['DB_Account']."歡迎您！！","manage_sys/index.php");
	}else{
		parent_url_msg("密碼錯誤！！","login.php");
		exit;
	}
}else{
	parent_url_msg("查無此一帳號！！","login.php");
	exit;
}
?>


## login.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>xxx</title>
<style type="text/css">
<!--
body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
	background-color: #E2DFCF;}

.text_12px_01 {
	font-family: Arial, sans-serif, 新細明體;
    color: #ffffff; font-size: 12px;
	letter-spacing: 0px; text-decoration: none;}

.text_12px_02 {
	font-family: Arial, sans-serif, 新細明體;
    color: #666666; font-size: 12px;
	letter-spacing: 0px; text-decoration: none;}
-->
</style>
<script type="text/JavaScript">
<!--
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}

function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}

function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}

//檢查欄位是否空值
function checkinput(){
	var ErrString = "" ;
	if (document.form1.account.value == ""){ErrString = ErrString + "帳號" + unescape('%0D%0A')}
	if(document.form1.account.value != ""){
		if(document.form1.account.value.length < 4){ErrString = ErrString + "帳號長度必須超過4碼" + unescape('%0D%0A')}
	}
	if (document.form1.passwd.value == ""){ErrString = ErrString + "密碼" + unescape('%0D%0A')}
	if(document.form1.passwd.value != ""){
		if(document.form1.passwd.value.length < 4){ErrString = ErrString + "密碼長度必須超過4碼" + unescape('%0D%0A')}
	}
	if (ErrString != "") {
		alert("您有以下欄位未確實填寫：\n\n"+ErrString+"\n請檢查您所填寫的資料。");
	return false;
	}
	return true;
}

//-->
</script>
</head>

<body style=" padding-top: 130px;" >
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td align="left" valign="top"><img src="manage_sys/images/login_01.gif" width="760" height="52" /></td>
  </tr>
  <tr>
    <td align="left" valign="top"><img src="manage_sys/images/login_02.gif" width="760" height="144" /></td>
  </tr>
  <tr>
    <td align="left" valign="top"><img src="manage_sys/images/login_03.gif" width="760" height="75" /></td>
  </tr>
  <tr>
    <td height="43" align="left" valign="top" background="manage_sys/images/login_04.gif">
	<table width="100%" border="0" cellspacing="0" cellpadding="0">
<form action="check.php" method="POST" name="form1" id="form1" target="FormFrame">
	  <tr>
        <td width="14%" align="right" valign="middle" class="text_12px_01">帳號 / ID </td>
        <td width="19%" align="right" valign="middle"><input name="account" type="text" size="20" class="text_12px_02" /></td>
        <td width="14%" align="right" valign="middle" class="text_12px_01">密碼 / PW</td>
        <td width="19%" align="right" valign="middle"><input name="passwd" type="password" size="20" class="text_12px_02" /></td>
        <td width="34%" align="center" valign="middle"><a href="javascript:document.form1.submit();" onClick="return checkinput();" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','manage_sys/images/logon_09b.gif',1)"><img src="manage_sys/images/logon_09a.gif" name="Image5" width="124" height="25" border="0" id="Image5" /></a></td>
      </tr>
</form>
    </table>
	</td>
  </tr>
  <tr>
    <td align="left" valign="top"><img src="manage_sys/images/login_05.gif" width="760" height="100" /></td>
  </tr>
</table>
<iframe width="0" height="0" name="FormFrame" id="FormFrame"></iframe>

</body>
</html>
	<?php
	session_start();//初始化session,就是開始要始用session
	//匯入config.php資訊
	include "config/config.php";

	//檢查字元長度後過長退回上一頁
	chk_all($_POST['account']);
	$account = $_POST['account'];
	$passwd=md5($_POST['passwd']);
	$arry=SoloSql("manage","`DB_Id`='1' && `DB_Account`='".$account."'");//判斷帳號是否存在

	//檢查帳號密碼是否存在
	if(!empty($arry['numrows'])){
	$arry=SoloSql("manage"," `DB_Account`='".$account."' && `DB_Password`='".$passwd."'");//判斷密碼是否錯誤
	if(!empty($arry['numrows'])){
	//註冊一個session名稱叫adname
	session_register("accountADM");
	$_SESSION['accountADM']=$arry['DB_Account'];//將資料庫adname的資料放入$adname這個session裡
	parent_url_msg($arry['DB_Account']."歡迎您！！","manage_sys/index.php");
	}else{
	parent_url_msg("密碼錯誤！！","login.php");
	exit;
	}
	}else{
	parent_url_msg("查無此一帳號！！","login.php");
	exit;
	}
	?>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<title>xxx</title>
	<style type="text/css">
	<!--
	body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
	background-color: #E2DFCF;}

	.text_12px_01 {
	font-family: Arial, sans-serif, 新細明體;
	color: #ffffff; font-size: 12px;
	letter-spacing: 0px; text-decoration: none;}

	.text_12px_02 {
	font-family: Arial, sans-serif, 新細明體;
	color: #666666; font-size: 12px;
	letter-spacing: 0px; text-decoration: none;}
	-->
	</style>
	<script type="text/JavaScript">
	<!--
	function MM_swapImgRestore() { //v3.0
	var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
	}

	function MM_preloadImages() { //v3.0
	var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
	var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
	if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
	}

	function MM_findObj(n, d) { //v4.01
	var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
	d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
	if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
	for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
	if(!x && d.getElementById) x=d.getElementById(n); return x;
	}

	function MM_swapImage() { //v3.0
	var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
	if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
	}

	//檢查欄位是否空值
	function checkinput(){
	var ErrString = "" ;
	if (document.form1.account.value == ""){ErrString = ErrString + "帳號" + unescape('%0D%0A')}
	if(document.form1.account.value != ""){
	if(document.form1.account.value.length < 4){ErrString = ErrString + "帳號長度必須超過4碼" + unescape('%0D%0A')}
	}
	if (document.form1.passwd.value == ""){ErrString = ErrString + "密碼" + unescape('%0D%0A')}
	if(document.form1.passwd.value != ""){
	if(document.form1.passwd.value.length < 4){ErrString = ErrString + "密碼長度必須超過4碼" + unescape('%0D%0A')}
	}
	if (ErrString != "") {
	alert("您有以下欄位未確實填寫：\n\n"+ErrString+"\n請檢查您所填寫的資料。");
	return false;
	}
	return true;
	}

	//-->
	</script>
	</head>

	<body style=" padding-top: 130px;" >
	<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
	<tr>
	<td align="left" valign="top"><img src="manage_sys/images/login_01.gif" width="760" height="52" /></td>
	</tr>
	<tr>
	<td align="left" valign="top"><img src="manage_sys/images/login_02.gif" width="760" height="144" /></td>
	</tr>
	<tr>
	<td align="left" valign="top"><img src="manage_sys/images/login_03.gif" width="760" height="75" /></td>
	</tr>
	<tr>
	<td height="43" align="left" valign="top" background="manage_sys/images/login_04.gif">
	<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<form action="check.php" method="POST" name="form1" id="form1" target="FormFrame">
	<tr>
	<td width="14%" align="right" valign="middle" class="text_12px_01">帳號 / ID </td>
	<td width="19%" align="right" valign="middle"><input name="account" type="text" size="20" class="text_12px_02" /></td>
	<td width="14%" align="right" valign="middle" class="text_12px_01">密碼 / PW</td>
	<td width="19%" align="right" valign="middle"><input name="passwd" type="password" size="20" class="text_12px_02" /></td>
	<td width="34%" align="center" valign="middle"><a href="javascript:document.form1.submit();" onClick="return checkinput();" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','manage_sys/images/logon_09b.gif',1)"><img src="manage_sys/images/logon_09a.gif" name="Image5" width="124" height="25" border="0" id="Image5" /></a></td>
	</tr>
	</form>
	</table>
	</td>
	</tr>
	<tr>
	<td align="left" valign="top"><img src="manage_sys/images/login_05.gif" width="760" height="100" /></td>
	</tr>
	</table>
	<iframe width="0" height="0" name="FormFrame" id="FormFrame"></iframe>

	</body>
	</html>