登录验证核心代码validate.php

<?php
//加载初始化文件
include '../init.php';

//加载数据库
include DIR_CORE.'MYSQLDB.php';
//登录界面传送过来的数据接受数据
$username = trim($_POST['username']);
$password = trim($_POST['password']);

if(empty($username) || empty($password)){
    header("refresh:2;url=login.php");
    die("用户名或密码不能为空！请重新登录");
}

$sql = "select * from user where user_name = '$username'";
$result=my_query($sql);
if(mysql_affected_rows() == 0){
    header("refresh:2;url=login.php");
    die("用户名不存在！请重新登录");
}

$password = md5($password);

$row = mysql_fetch_assoc($result);
$user_pwd = $row['user_password'];
if($user_pwd === $password){
    echo "验证成功！";
}else{
    header("refresh:2;url=login.php");
    die("密码不正确！请重新登录");
    }