601
No
create table `USER` (
userID varchar(20) not null,
userPassword varchar(20) not null,
userName varchar(20) not null,
userAge int not null,
primary key (userID)
);
create table braverokmc2.`USER` ( userID varchar(20) not null, userPassword varchar(20) not null, userName varchar(20) not null, userAge int not null, primary key (userID) )
insert into braverokmc2.`USER` ( userID , userPassword , userName , userAge ) values( 'hong', '1111', '홍길동' , 39)
select * from user where userID = 'hong' and userPassword = '1111'
Login.php
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<?php
//http://braverokmc2.dothome.co.kr/Login.php?userID=hong&userPassword=1111
/* mysql_connect('localhost', 'mysql_user', 'mysql_password'); */
$con =mysql_connect("localhost", "braverokmc2", "ehtjrhks5382");
mysql_set_charset("utf8");//sql 에서 한글 깨짐
if($con==true){
// echo "yes 연결 되었습니다.";
$_POST = array_map('mysql_escape_string', $_POST);
$_GET=array_map('mysql_escape_string', $_GET);
if(isset($_GET["userID"])){
$userID =$_GET["userID"];
$userPassword =$_GET["userPassword"];
}else if(isset($_POST["userID"])){
$userID =$_POST["userID"];
$userPassword =$_POST["userPassword"];
}
if(isset($userID) && isset($userPassword)){
$stmt = "select * from braverokmc2.USER where `userID` = '$userID' and `userPassword` = '$userPassword' ";
$rs =mysql_query($stmt, $con);
if($rs === FALSE) {
die(mysql_error()); // TODO: better error handling
}
/*
echo "<table border='1' >";
echo
"<tr>
<th>번호</th>
<th>이름</th>
<th>내용</th>
<th>이메일</th>
<th>날짜</th>
</tr>
"; */
$response =array();
$response["success"]=false;
if($row=mysql_fetch_array($rs)){
$response["success"]=true;
$response["userID"]=$row[userID];
$response["userPassword"]=$row[userPassword];
$response["userName"]=$row[userName];
$response["userAge"]=$row[userAge];
/* echo "
<tr>
<td>$row[userID]</td>
<td>$row[userPassword] </td>
<td>$row[userName] </td>
<td>$row[userAge]</td>
<td></td>
</tr>"; */
}
echo json_encode($response);
mysql_close();
}
}else{
//echo "no - 연결 실패 하였습습니다.";
}
?>
</body>
</html>
=>샘플 출력
{
success: true,
userID: "hong",
userPassword: "1111",
userName: "홍길동",
userAge: "39"
}
Register.php
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<?php
/* http://braverokmc2.dothome.co.kr/Register.php?userID=q1&userPassword=1111&userName=김길&userAge=89 */
$con =mysql_connect("localhost", "braverokmc2", "ehtjrhks5382");
mysql_set_charset("utf-8");
if($con==true){
//echo "연결";
//Injection 방어
$_POST = array_map('mysql_escape_string', $_POST);
$_GET=array_map('mysql_escape_string', $_GET);
if(isset($_POST["userID"])){
$userID =$_POST["userID"];
$userPassword=$_POST["userPassword"];
$userName=$_POST["userName"];
$userAge=$_POST["userAge"];
}else if(isset($_GET["userID"]) ){
$userID =$_GET["userID"];
$userPassword=$_GET["userPassword"];
$userName=$_GET["userName"];
$userAge=$_GET["userAge"];
}
$stmt= "insert into braverokmc2.USER values ( '$userID', '$userPassword', '$userName' , $userAge ) ";
mysql_query( $stmt);
/* mysqli_stmt_bind_param($statement, "sssi", $userID, $userPassword, $userName, $userAge);
mysqli_stmt_execute($statement);
*/
$response=array();
$response["success"] =true;
echo json_encode($response);
}
?>
</body>
</html>
=>
샘플 출력
{
success: true
}
댓글 ( 4)
댓글 남기기