$row=mysql_fetch_array($result);
if($row['studpassword']==$pass)
{
$_SESSION['cuser']=$user;
$_SESSION['role']=$category;
$_SESSION['sem']=$row['studsemester'];
login_log($user);
header("location: ./student/home.php");
}
else
{
header("location: ./index.php?msg=Invalid Username or Password");
}
}
else
{
$result=mysql_query("select * from staff where staffloginid='$user'");
$row=mysql_fetch_array($result);
if($row['staffpassword']==$pass)
{
$_SESSION['cuser']=$user;
chk_admin($user);
login_log($user);
header("location: ./staff/home.php");
}
else
{
header("location: ./index.php?msg=Invalid Username or Password");
}
}
?>
/**
* 取得授权信息
*/
public function get_code(){
include C('INTERFACE_PATH')."wxwappay/lib/WxPay.Api.php";
include C('INTERFACE_PATH')."wxwappay/unit/WxPay.JsApiPay.php";
//获取openid
$url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.WxPayConfig::APPID.'&secret='.WxPayConfig::APPSECRET.'&code='.$_GET['code'].'&grant_type=authorization_code';
$json = httpGet($url);
$array = json_decode($json,1);
$openid = $array['openid'];
//获取用户信息
$url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$array['access_token'].'&openid='.$openid.'&lang=zh_CN';
$msg = json_decode(httpGet($url),1);
$model = M('Member');
$time = time();
if($msg){
//记录微信注册过
cookie('wx_has',1,60*60*24*365);
//查询用户是否存在
$data['openid'] = $openid;
$member = $model->field('id,logo,email,username,nickname,realname,province,city,district,create_time,salt')->where($data)->find();
//用户存在则登录
if($member){
$sdata['last_login_time'] = time();
$sdata['last_login_ip'] = $_SERVER['REMOTE_ADDR'];
$model->where($data)->save($sdata);
$member_msg = serialize($member);
$member_msg = authcode($member_msg,'ENCODE');
session('member_msg',$member_msg);
}else{
$parent = $this->parent();
$region = $this->getcityid($msg['province'],$msg['city']);
$data['openid'] = $openid;
$data['nickname'] = $msg['nickname'];
$data['from'] = 'wap';
$salt = rand_string(6,-1);
$data['salt'] = $salt;
$data['pid'] = $parent ? $parent['id'] : 0;
$data['pv_id'] = $region['pv_id'];
$data['ct_id'] = $region['ct_id'];
$data['province'] = $msg['province'];
$data['city'] = $msg['city'];
$data['logo'] = $msg['headimgurl'];
$data['last_login_time'] = $time;
$ip = _get_ip();
$data['last_login_ip'] = $ip;
$data['create_time'] = $time;
$member_id = $model->add($data);
//用户其他信息
$model = M('Member_msg');
$data2['member_id'] = $member_id;
$data2['sex'] = $msg['sex'];
$model->add($data2);
//微信登录
$member['id'] = $member_id;
$member['logo'] = $msg['headimgurl'];
$member['salt'] = $salt;
$member['ip'] = $ip;
$member['province'] = $msg['province'];
$member['city'] = $msg['city'];
$member['district'] = '';
$member['create_time'] = $time;
$member_msg = serialize($member);
$member_msg = authcode($member_msg,'ENCODE');
session('member_msg',$member_msg);
}
login_log($member);
}
//跳转回访问页
//$origin_action = $_GET['origin_action'] ? $_GET['origin_action'] : 'index';
//$go_url = __APP__.'?wx_login=1';
$redirectURL = Cookie( '_redirectURL_');
$go_url = $redirectURL ? $redirectURL : __APP__.'?wx_login=1';
header("Location: ".$go_url);
exit;
}
function attempt_login($login, $password)
{
$db = option('db_conn');
$stmt = $db->prepare('SELECT * FROM users WHERE login = :login');
$stmt->bindValue(':login', $login);
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (ip_banned()) {
login_log(false, $login, isset($user['id']) ? $user['id'] : null);
return ['error' => 'banned'];
}
if (user_locked($user)) {
login_log(false, $login, $user['id']);
return ['error' => 'locked'];
}
if (!empty($user) && calculate_password_hash($password, $user['salt']) == $user['password_hash']) {
login_log(true, $login, $user['id']);
return ['user' => $user];
} elseif (!empty($user)) {
login_log(false, $login, $user['id']);
return ['error' => 'wrong_password'];
} else {
login_log(false, $login);
return ['error' => 'wrong_login'];
}
}
