$row=mysql_fetch_array($result); if($row['studpassword']==$pass) { $_SESSION['cuser']=$user; $_SESSION['role']=$category; $_SESSION['sem']=$row['studsemester']; login_log($user); header("location: ./student/home.php"); } else { header("location: ./index.php?msg=Invalid Username or Password"); } } else { $result=mysql_query("select * from staff where staffloginid='$user'"); $row=mysql_fetch_array($result); if($row['staffpassword']==$pass) { $_SESSION['cuser']=$user; chk_admin($user); login_log($user); header("location: ./staff/home.php"); } else { header("location: ./index.php?msg=Invalid Username or Password"); } } ?>
/** * 取得授权信息 */ public function get_code(){ include C('INTERFACE_PATH')."wxwappay/lib/WxPay.Api.php"; include C('INTERFACE_PATH')."wxwappay/unit/WxPay.JsApiPay.php"; //获取openid $url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.WxPayConfig::APPID.'&secret='.WxPayConfig::APPSECRET.'&code='.$_GET['code'].'&grant_type=authorization_code'; $json = httpGet($url); $array = json_decode($json,1); $openid = $array['openid']; //获取用户信息 $url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$array['access_token'].'&openid='.$openid.'&lang=zh_CN'; $msg = json_decode(httpGet($url),1); $model = M('Member'); $time = time(); if($msg){ //记录微信注册过 cookie('wx_has',1,60*60*24*365); //查询用户是否存在 $data['openid'] = $openid; $member = $model->field('id,logo,email,username,nickname,realname,province,city,district,create_time,salt')->where($data)->find(); //用户存在则登录 if($member){ $sdata['last_login_time'] = time(); $sdata['last_login_ip'] = $_SERVER['REMOTE_ADDR']; $model->where($data)->save($sdata); $member_msg = serialize($member); $member_msg = authcode($member_msg,'ENCODE'); session('member_msg',$member_msg); }else{ $parent = $this->parent(); $region = $this->getcityid($msg['province'],$msg['city']); $data['openid'] = $openid; $data['nickname'] = $msg['nickname']; $data['from'] = 'wap'; $salt = rand_string(6,-1); $data['salt'] = $salt; $data['pid'] = $parent ? $parent['id'] : 0; $data['pv_id'] = $region['pv_id']; $data['ct_id'] = $region['ct_id']; $data['province'] = $msg['province']; $data['city'] = $msg['city']; $data['logo'] = $msg['headimgurl']; $data['last_login_time'] = $time; $ip = _get_ip(); $data['last_login_ip'] = $ip; $data['create_time'] = $time; $member_id = $model->add($data); //用户其他信息 $model = M('Member_msg'); $data2['member_id'] = $member_id; $data2['sex'] = $msg['sex']; $model->add($data2); //微信登录 $member['id'] = $member_id; $member['logo'] = $msg['headimgurl']; $member['salt'] = $salt; $member['ip'] = $ip; $member['province'] = $msg['province']; $member['city'] = $msg['city']; $member['district'] = ''; $member['create_time'] = $time; $member_msg = serialize($member); $member_msg = authcode($member_msg,'ENCODE'); session('member_msg',$member_msg); } login_log($member); } //跳转回访问页 //$origin_action = $_GET['origin_action'] ? $_GET['origin_action'] : 'index'; //$go_url = __APP__.'?wx_login=1'; $redirectURL = Cookie( '_redirectURL_'); $go_url = $redirectURL ? $redirectURL : __APP__.'?wx_login=1'; header("Location: ".$go_url); exit; }
function attempt_login($login, $password) { $db = option('db_conn'); $stmt = $db->prepare('SELECT * FROM users WHERE login = :login'); $stmt->bindValue(':login', $login); $stmt->execute(); $user = $stmt->fetch(PDO::FETCH_ASSOC); if (ip_banned()) { login_log(false, $login, isset($user['id']) ? $user['id'] : null); return ['error' => 'banned']; } if (user_locked($user)) { login_log(false, $login, $user['id']); return ['error' => 'locked']; } if (!empty($user) && calculate_password_hash($password, $user['salt']) == $user['password_hash']) { login_log(true, $login, $user['id']); return ['user' => $user]; } elseif (!empty($user)) { login_log(false, $login, $user['id']); return ['error' => 'wrong_password']; } else { login_log(false, $login); return ['error' => 'wrong_login']; } }