/**
* 根据登录名和密码,验证用户
*
* @param string $username
* @param string $password
* @param array $option = null
* @return mixed 成功返回对象,失败返回 负数或FALSE
*/
public static function authenticate($username, $password, $option = null)
{
$src_id = isset($option['src_id']) ? $option['src_id'] : 0;
$username = trim($username);
if (!$username) {
return parent::ERR_USERNAME_NOT_FOUND;
}
$patternMobile = Sp_Dictionary::getOtherOption('patternMobile');
$patternEmail = Sp_Dictionary::getOtherOption('patternEmail');
if (preg_match($patternMobile, $username)) {
$field_name = 'mobile';
} elseif (preg_match($patternEmail, $username)) {
$field_name = 'email';
} else {
$field_name = 'userid';
}
$user = self::load($username, $field_name, $src_id);
if ($user->valid()) {
$crypted_password = self::encrypt($password, $user->kid);
if ($crypted_password == trim($user->pwd)) {
if ($user->status == 1) {
return parent::ERR_ACCOUNT_DISABLED;
}
return $user;
} else {
Sp_Log::notice('password incorrect: ' . $crypted_password . ' - ' . $user['pwd']);
return parent::ERR_PASSWORD_INCORRECT;
}
}
return parent::ERR_USERNAME_NOT_FOUND;
}
