function loginByEmail($email, $pwd, $remember_me = false) { if (!preg_match("/^([0-9A-Za-z\\-_\\.]+)@([0-9a-z]+\\.[a-z]{2,3}(\\.[a-z]{2})?)\$/i", $email)) { return 'User not exist'; } if (mb_strlen($pwd, 'utf8') != 32) { return 'Invalid password, please refresh your browser'; } $sql = "SELECT username, password, salt, verified FROM `account` WHERE email = ? LIMIT 1"; $result = (new MysqlDAO())->executeQuery($sql, array($email), 's'); $last_time = time(); $last_ip = ip2long(get_ip()); if (count($result) != 1) { add_signin_log($email, 'f', $last_time, $last_ip); return 'User not exist'; } if ($result[0]['verified'] == 'b') { add_signin_log($username, 'b', $last_time, $last_ip); return 'Your account is blocked'; } if ($result[0]['password'] != crypt_pwd($pwd, $result[0]['salt'])) { add_signin_log($email, 'f', $last_time, $last_ip); return 'Wrong password'; } $_SESSION['username'] = $result[0]['username']; $_SESSION['loged'] = true; // sign in by password or session if (ENABLE_COOKIE && $remember_me) { setcookie('username', $result[0]['username'], time() + 604800); // 7 days setcookie('sid', crypt_pwd_client($result[0]['password']), time() + 604800); //7 days } $sql = "UPDATE `account` SET `last_time`= ?, `last_ip`=? WHERE email=? LIMIT 1"; $params = array($last_time, $last_ip, $email); $cnt = (new MysqlDAO())->execute($sql, $params, 'iis'); add_signin_log($email, 't', $last_time, $last_ip); return '1'; }
function loginByEmail($email, $pwd, $remember_me = false) { if (is_email_valid($email) != '') { return '邮箱或密码错误'; } $sql = 'SELECT `username`, `pwd`, `salt`, `verified` FROM `ewu_account` WHERE `email` = ? LIMIT 1'; $a_profile = (new MysqlPDO())->executeQuery($sql, array($email)); $last_time = time(); $last_ip = ip2long(get_ip()); if (count($a_profile) != 1) { add_signin_log($email, 'f', $last_time, $last_ip); return '邮箱或密码错误'; } if ($a_profile[0]['verified'] == 'b') { add_signin_log($email, 'b', $last_time, $last_ip); return '您的帐号已被锁定'; } if ($a_profile[0]['pwd'] != crypt_pwd($pwd, $a_profile[0]['salt'])) { add_signin_log($email, 'f', $last_time, $last_ip); return '邮箱或密码错误'; } $_SESSION['ewu_username'] = $a_profile[0]['username']; $_SESSION['ewu_loged'] = true; if (ENABLE_COOKIE && $remember_me) { setcookie('ewu_user', $profile['username'], time() + 604800); // 7 days setcookie('ewu_sid', crypt_pwd_client($profile['pwd']), time() + 604800); //7 days } $sql = 'UPDATE `ewu_account` SET `last_time`= ?, `last_ip`=? WHERE email=? LIMIT 1'; $params = array($last_time, $last_ip, $email); $cnt = (new MysqlPDO())->execute($sql, $params); add_signin_log($email, 't', $last_time, $last_ip); return '1'; }