private static function validateUser($username, $password)
{
if (Session::get('failed_login_count') >= 3 and Session::get('last_failed_login') > time() - 30) {
Session::add(Message::get('LOGIN_FAILED'), Message::get('LOGIN_3_ATTEMPTS'));
return false;
}
$result = UserModel::checkUser($username);
if ($result) {
Session::set('failed_login_count', 0);
Session::set('last_failed_login', '');
} else {
Session::set('failed_login_count', Session::get('failed_login_count') + 1);
Session::set('last_failed_login', time());
Session::add('feedback_negative', Message::get('LOGIN_3_ATTEMPTS'));
return false;
}
if ($result['failed_login_count'] >= 3 and $result['last_failed_login'] > time() - 30) {
Session::add(Message::get('LOGIN_FAILED'), Message::get('LOGIN_3_ATTEMPTS'));
return false;
}
/*if ($result['active_user'] != 1) {
Session::add(Message::get('LOGIN_FAILED'), Message::get('ACCOUNT_NOT_ACTIVATED'));
return false;
}*/
if (!password_verify($password, $result['password'])) {
self::incrementLoginFail($result['username']);
Session::add(Message::get('LOGIN_FAILED'), Message::get('WRONG_PASSWORD'));
return false;
}
return $result;
}
/**
* user login
*/
public function loginAction()
{
parent::render('signin');
if (isset($_POST['login'])) {
$_SESSION['user'] = $_POST['user_id'];
$user = new UserModel();
if ($user->checkUser() === true) {
parent::redirect("user", "userPage");
} else {
return $user->afterUnsuccessfulLogin();
}
}
}
$name = $_POST['username'];
$passwd = $_POST['passwd'];
/*
echo '<pre>';
print_r($_POST);
echo '</pre>';
exit;
*/
//合法性检测...
$user = new UserModel();
//核对用户名,密码
$row = $user->checkUser($name, $passwd);
if(empty($row)){
$msg = '用户名密码不匹配!';
}else{
$msg = '登陆成功!';
//session_start();
$_SESSION = $row; //登陆成功设置session
//记住用户名
//remember
if(isset($_POST['remember'])){
setcookie('remuser', $name, time() + 14 * 24 * 3600); //保存2周
}else{
setcookie('remuser', '', 0);
}
/**
* 登录处理
*/
public function doLogAction()
{
$account = safe::filterPost('account');
$password = $_POST['password'];
$captcha = safe::filterPost('captcha', '/^[a-zA-Z]{4}$/');
$data = array('errorCode' => 0);
$captchaObj = new captcha();
if ($account == '') {
$data['errorCode'] = 1;
} else {
if ($password == '') {
$data['errorCode'] = 2;
} else {
if ($captcha == '') {
$data['errorCode'] = 3;
} else {
if (!$captchaObj->check($captcha)) {
//验证码是否正确
$data['errorCode'] = 4;
} else {
$userModel = new UserModel();
$userData = $userModel->checkUser($account, $password);
if (empty($userData)) {
//账户密码错误
$data['errorCode'] = 5;
} else {
//登录成功
$checkRight = new checkRight();
$checkRight->loginAfter($userData);
}
}
}
}
}
$data['returnUrl'] = isset($_POST['callback']) && $_POST['callback'] != '' ? trim($_POST['callback']) : url::createUrl('/');
echo JSON::encode($data);
return false;
}
$user = new UserModel();
/*
调用自动检验功能
检验用户名4-16字符之内
email检测
passwd不能为空
*/
if (!$user->_validate($_POST)) {
// 自动检验
$msg = implode('<br />', $user->getErr());
$url = 'login.php?pass=reg';
Header("Location: {$url}");
exit;
}
// 检验用户名是否已存在
if ($user->checkUser($_POST['username'])) {
$url = 'login.php?pass=reg';
Header("Location: {$url}");
exit;
}
/*检验验证码*/
if ($_SESSION['rand'] != $_POST['code']) {
$url = 'login.php?pass=reg';
Header("Location: {$url}");
exit;
}
$data = $user->_autoFill($_POST);
// 自动填充
$data = $user->_facade($data);
// 自动过滤
$data['nickname'] = '野人';
<?php
/***
用户登陆页面
***/
define('ACC', true);
require './include/init.php';
if (isset($_POST['act'])) {
// 这说明是点击了登陆按钮过来的
// 收用户名/密码,验证....
$u = $_POST['username'];
$p = $_POST['passwd'];
// 合法性检测,自己做...
$user = new UserModel();
// 核对用户名,密码
$row = $user->checkUser($u, $p);
if (empty($row)) {
/*登陆失败*/
$url = 'login.php?pass=fial';
Header("Location: {$url}");
exit;
} else {
$msg = '登陆成功!';
$_SESSION = $row;
if (isset($_POST['auto_login'])) {
setcookie('remuser', $u, time() + 14 * 24 * 3600);
} else {
setcookie('remuser', '', 0);
}
$url = 'index.php';
Header("Location: {$url}");
define('ACC', true);
require '../system/init.php';
if (!isset($_POST['act'])) {
if (isset($_COOKIE['keepuser'])) {
$keepuser = $_COOKIE['keepuser'];
} else {
$keepuser = '';
}
include __ROOT__ . 'view/front/denglu.html';
//第一次登陆指向登陆界面
} else {
$username = $_POST['username'];
$password = $_POST['password'];
//接受登陆界面的请求,若成功请求,将用户信息录入$_SESSION;
$user = new UserModel();
if (($res = $user->checkUser($username, $password)) == false) {
list($error) = $user->getErr();
$msg = $error;
include __ROOT__ . 'view/front/msg.html';
} else {
$_SESSION = $res;
$msg = 'login successfully';
//用户选择记住用户名,保存用户名7天
if (isset($_POST['remember'])) {
setcookie('keepuser', $username, time() + 3600 * 24 * 7);
} else {
setcookie('keepuser', '', time() - 42000);
}
include __ROOT__ . 'view/front/msg.html';
}
}
define('ACC', true);
require '../system/init.php';
//显示user注册页面
$msg = '';
//返回到前台的信息
$user = new UserModel();
$data = $user->_autofill($_POST);
//检测内容
/*
username: 4-20
password: 非空
email: 有email格式
username是否重复
*/
if (!$user->_validate($data)) {
list($error) = $user->getErr();
$msg .= $error;
} else {
$user->setField($user->showField());
$data = $user->_facade($data);
if (!$user->checkUser($data['username'])) {
list($error) = $user->getErr();
$msg = $error;
} else {
$user->reg($data);
$msg .= "Register Sucessfully!";
}
}
include '../view/front/msg.html';
//echo $user->add($data)? "s":"f";