/** * 根据登录名和密码,验证用户 * * @param string $username * @param string $password * @param array $option = null * @return mixed 成功返回对象,失败返回 负数或FALSE */ public static function authenticate($username, $password, $option = null) { $src_id = isset($option['src_id']) ? $option['src_id'] : 0; $username = trim($username); if (!$username) { return parent::ERR_USERNAME_NOT_FOUND; } $patternMobile = Sp_Dictionary::getOtherOption('patternMobile'); $patternEmail = Sp_Dictionary::getOtherOption('patternEmail'); if (preg_match($patternMobile, $username)) { $field_name = 'mobile'; } elseif (preg_match($patternEmail, $username)) { $field_name = 'email'; } else { $field_name = 'userid'; } $user = self::load($username, $field_name, $src_id); if ($user->valid()) { $crypted_password = self::encrypt($password, $user->kid); if ($crypted_password == trim($user->pwd)) { if ($user->status == 1) { return parent::ERR_ACCOUNT_DISABLED; } return $user; } else { Sp_Log::notice('password incorrect: ' . $crypted_password . ' - ' . $user['pwd']); return parent::ERR_PASSWORD_INCORRECT; } } return parent::ERR_USERNAME_NOT_FOUND; }