PHP\u307b\u307c\u5fd8\u308c\u3066\u3057\u307e\u3063\u305f\u306e\u3067\u52c9\u5f37\u4e2d\u3002<\/p>\n
<?php\r\nsession_start();\r\n\r\nini_set(\"display_errors\", 1);\r\nini_set(\"error_reporting\", E_ALL);\r\n\r\n$usr = filter_input(INPUT_POST, \"usr\", FILTER_SANITIZE_FULL_SPECIAL_CHARS); \r\n$pwd = filter_input(INPUT_POST, \"pwd\", FILTER_SANITIZE_FULL_SPECIAL_CHARS); \r\n$token = filter_input(INPUT_POST, \"token\", FILTER_SANITIZE_FULL_SPECIAL_CHARS); \r\n\r\n$auth = [\r\n\t\"taro\" => [\"id\" => \"100\", \"pwd\" => password_hash(\"123\", PASSWORD_DEFAULT)],\r\n\t\"jiro\" => [\"id\" => \"200\", \"pwd\" => password_hash(\"234\", PASSWORD_DEFAULT)],\r\n];\r\n\r\nif ($_SERVER[\"REQUEST_METHOD\"] === \"POST\" && $token === $_SESSION[\"token\"]) {\r\n\r\n\tif (isset($auth[$usr]) && password_verify($pwd, $auth[$usr][\"pwd\"])) {\r\n\r\n\t\tsession_regenerate_id();\r\n\t\t$_SESSOIN[\"id\"] = $auth[$usr][\"id\"];\r\n\t\r\n\t\techo \"OK\";\r\n\r\n\t} else {\r\n\r\n\t\techo \"\u30e6\u30fc\u30b6\u30fc\u540d\u307e\u305f\u306f\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u9055\u3044\u307e\u3059\u3002\";\r\n\r\n\t}\r\n}\r\n\r\n$_SESSION[\"token\"] = md5(mt_rand());\r\n\r\n?>\r\n\r\n<!DOCTYPE html>\r\n<html lang=\"ja\">\r\n<head>\r\n<meta charset=\"UTF-8\">\r\n<\/head>\r\n<body>\r\n<form method=\"post\">\r\nusr: <input type=\"text\" name=\"usr\">\r\npwd: <input type=\"text\" name=\"pwd\">\r\n<input type=\"hidden\" name=\"token\" value=\"<?php echo $_SESSION[\"token\"]; ?>\">\r\n<input type=\"submit\">\r\n<\/form>\r\n<\/body>\r\n<\/html><\/pre>\n <\/p>\n","protected":false},"excerpt":{"rendered":"
PHP\u307b\u307c\u5fd8\u308c\u3066\u3057\u307e\u3063\u305f\u306e\u3067\u52c9\u5f37\u4e2d\u3002 <?php session_start(); ini_set(“display_errors”, 1); ini_set(“error_reporting”, E_ALL); … <\/p>\n