$xajax = new xajax();
$xajax->registerFunction("processForm");
function processForm($aFormValues)
{
$objResponse = new xajaxResponse();
require_once("conn.php");
$usr=$aFormValues['usr'];
$email=$aFormValues['email'];
$pwd=$aFormValues['pwd'];
$pw=Md5($pwd);
$errmsg="";
//要过滤的非法字符
$ArrFiltrate=array("'",";","union");
foreach($aFormValues as $key=>$value){
if (FunStringExist($value,$ArrFiltrate)){
$objResponse->addAlert("输入的信息含有非法字符"' ; union!"");
$objResponse->addAssign("submitButton","value","继续");
$objResponse->addAssign("submitButton","disabled",false);
return $objResponse;
}
}
if (trim($usr) == "")
{
$errmsg.="请输入用户名!n";
}
if (trim($pwd) == "")
{
$errmsg.="请输入密码!n";
}
$sql="select * from zl_usr where zl_usr='$usr' and zl_pwd='$pw'";
$result=mysql_query($sql,$db);
if(!$myrow=mysql_fetch_array($result)){
$errmsg.="用户名不存在,或密码错误!n";
}
if ($errmsg=="")
{
$sForm = "登陆成功";
$objResponse->addAssign("formDiv","innerHTML",$sForm);
}
else
{
$objResponse->addAlert($errmsg);
$objResponse->addAssign("submitButton","value","继续");
$objResponse->addAssign("submitButton","disabled",false);
}
return $objResponse;
}
$xajax->processRequests();
?>
登陆于注册原理差不多,就不废话了:)
另外下面是两个用到的文件代码 conn.php function.php
conn.php
<?php
$database="zl";//MYSQL数据库名
$db = mysql_connect("127.0.0.1", "root","123456");//MYSQL数据库用户名和密码
mysql_select_db($database,$db);
?>
function.php
<?php
function CheckEmailAddr($C_mailaddr)
{
if (!eregi("^[_a-z0-9-] (.[_a-z0-9-] )*@[a-z0-9-] (.[a-z0-9-] )*$",
$C_mailaddr))
{
return false;
}
return true;
}
//是否存在数组中的值
function FunStringExist($StrFiltrate,$ArrFiltrate){
foreach ($ArrFiltrate as $key=>$value){
if (eregi($value,$StrFiltrate)){
return true;
}
}
return false;
}
?>
