刚写了一段登录的代码,求大家指点不足之处
<?php
session_start();
?>
<html>
<head>
<title>Admin - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2313">
<meta http-equiv="Pragma" content="no-cache">
</HEAD>
<body bgcolor="#FFFFFF" background="_image/bg.gif" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<center>
<br><br><br>
<?php
if ($_SERVER[REQUEST_METHOD] == "POST") {
extract($_POST, EXTR_PREFIX_ALL, "extr");
$ip = $_SERVER[REMOTE_ADDR];
$filename = "blockip.php";
include $filename;
if ($ips) {
foreach ($ips as $key => $val) {
if ($ip == $key && '3' == $val) {
die("<font color=red>This IP has be blocked.</font>");
exit;
}
}
}
if ("username" == $extr_usrname && "password" == $extr_usrpwd) {
$_SESSION[dev] = $extr_usrname;
redivert("forum.php");
exit;
} else {
if ($fp = fopen($filename, "w+")) {
$content = "<?php \n\n";
if ($ips) {
foreach ($ips as $key => $val) {
if ($ip == $key) {
$i = 1;
$val++;
}
$content .= '$ips["'. $key. '"] = "'. $val. '";'. "\n";
}
}
if (1 != $i ¦ ¦ !$ips) $content .= '$ips["'.$ip.'"] = "1";'. "\n";
$content .= "\n\n?>";
fwrite($fp, $content);
fclose($fp);
} else {
die("system error.");
}
?>
<center>
<br>
pls try again
<br>
<?php
}
}
?>
<table cellspacing=0 cellpadding=0 border=0 width=350>
<tr><form method=post action=<?$PHP_SELF?>>
<td bgcolor=black><table cellspacing=1 cellpadding=5 width=100% border=0>
<tr>
<Td bgcolor=white>username</td>
<Td bgcolor=white><input type="text" name="usrname"></td>
<tr>
<Td bgcolor=white>password</td>
<Td bgcolor=white><input type="password" name="usrpwd"></td>
<tr><td bgcolor=white> </td>
<td bgcolor=white> <input type=submit name=action value=Submit></td>
</table>
</td></form>
</table>
</body>
</html>