Example #1
0
 private static function validateUser($username, $password)
 {
     if (Session::get('failed_login_count') >= 3 and Session::get('last_failed_login') > time() - 30) {
         Session::add(Message::get('LOGIN_FAILED'), Message::get('LOGIN_3_ATTEMPTS'));
         return false;
     }
     $result = UserModel::checkUser($username);
     if ($result) {
         Session::set('failed_login_count', 0);
         Session::set('last_failed_login', '');
     } else {
         Session::set('failed_login_count', Session::get('failed_login_count') + 1);
         Session::set('last_failed_login', time());
         Session::add('feedback_negative', Message::get('LOGIN_3_ATTEMPTS'));
         return false;
     }
     if ($result['failed_login_count'] >= 3 and $result['last_failed_login'] > time() - 30) {
         Session::add(Message::get('LOGIN_FAILED'), Message::get('LOGIN_3_ATTEMPTS'));
         return false;
     }
     /*if ($result['active_user'] != 1) {
           Session::add(Message::get('LOGIN_FAILED'), Message::get('ACCOUNT_NOT_ACTIVATED'));
           return false;
       }*/
     if (!password_verify($password, $result['password'])) {
         self::incrementLoginFail($result['username']);
         Session::add(Message::get('LOGIN_FAILED'), Message::get('WRONG_PASSWORD'));
         return false;
     }
     return $result;
 }
Example #2
0
 /**
  * user login
  */
 public function loginAction()
 {
     parent::render('signin');
     if (isset($_POST['login'])) {
         $_SESSION['user'] = $_POST['user_id'];
         $user = new UserModel();
         if ($user->checkUser() === true) {
             parent::redirect("user", "userPage");
         } else {
             return $user->afterUnsuccessfulLogin();
         }
     }
 }
Example #3
0
	$name = $_POST['username'];
	$passwd = $_POST['passwd'];

	/*
	echo '<pre>';
	print_r($_POST);
	echo '</pre>';
	exit;
	*/

	//合法性检测...

	$user = new UserModel();

	//核对用户名,密码
	$row = $user->checkUser($name, $passwd);

	if(empty($row)){
		$msg = '用户名密码不匹配!';
	}else{
		$msg = '登陆成功!';	
		//session_start();
		$_SESSION = $row; //登陆成功设置session

		//记住用户名
		//remember
		if(isset($_POST['remember'])){
			setcookie('remuser', $name, time() + 14 * 24 * 3600); //保存2周
		}else{
			setcookie('remuser', '', 0);
		}
Example #4
0
 /**
  * 登录处理
  */
 public function doLogAction()
 {
     $account = safe::filterPost('account');
     $password = $_POST['password'];
     $captcha = safe::filterPost('captcha', '/^[a-zA-Z]{4}$/');
     $data = array('errorCode' => 0);
     $captchaObj = new captcha();
     if ($account == '') {
         $data['errorCode'] = 1;
     } else {
         if ($password == '') {
             $data['errorCode'] = 2;
         } else {
             if ($captcha == '') {
                 $data['errorCode'] = 3;
             } else {
                 if (!$captchaObj->check($captcha)) {
                     //验证码是否正确
                     $data['errorCode'] = 4;
                 } else {
                     $userModel = new UserModel();
                     $userData = $userModel->checkUser($account, $password);
                     if (empty($userData)) {
                         //账户密码错误
                         $data['errorCode'] = 5;
                     } else {
                         //登录成功
                         $checkRight = new checkRight();
                         $checkRight->loginAfter($userData);
                     }
                 }
             }
         }
     }
     $data['returnUrl'] = isset($_POST['callback']) && $_POST['callback'] != '' ? trim($_POST['callback']) : url::createUrl('/');
     echo JSON::encode($data);
     return false;
 }
Example #5
0
$user = new UserModel();
/*
调用自动检验功能
检验用户名4-16字符之内
email检测
passwd不能为空
*/
if (!$user->_validate($_POST)) {
    // 自动检验
    $msg = implode('<br />', $user->getErr());
    $url = 'login.php?pass=reg';
    Header("Location: {$url}");
    exit;
}
// 检验用户名是否已存在
if ($user->checkUser($_POST['username'])) {
    $url = 'login.php?pass=reg';
    Header("Location: {$url}");
    exit;
}
/*检验验证码*/
if ($_SESSION['rand'] != $_POST['code']) {
    $url = 'login.php?pass=reg';
    Header("Location: {$url}");
    exit;
}
$data = $user->_autoFill($_POST);
// 自动填充
$data = $user->_facade($data);
// 自动过滤
$data['nickname'] = '野人';
Example #6
0
<?php

/***
用户登陆页面
***/
define('ACC', true);
require './include/init.php';
if (isset($_POST['act'])) {
    // 这说明是点击了登陆按钮过来的
    // 收用户名/密码,验证....
    $u = $_POST['username'];
    $p = $_POST['passwd'];
    // 合法性检测,自己做...
    $user = new UserModel();
    // 核对用户名,密码
    $row = $user->checkUser($u, $p);
    if (empty($row)) {
        /*登陆失败*/
        $url = 'login.php?pass=fial';
        Header("Location: {$url}");
        exit;
    } else {
        $msg = '登陆成功!';
        $_SESSION = $row;
        if (isset($_POST['auto_login'])) {
            setcookie('remuser', $u, time() + 14 * 24 * 3600);
        } else {
            setcookie('remuser', '', 0);
        }
        $url = 'index.php';
        Header("Location: {$url}");
Example #7
0
define('ACC', true);
require '../system/init.php';
if (!isset($_POST['act'])) {
    if (isset($_COOKIE['keepuser'])) {
        $keepuser = $_COOKIE['keepuser'];
    } else {
        $keepuser = '';
    }
    include __ROOT__ . 'view/front/denglu.html';
    //第一次登陆指向登陆界面
} else {
    $username = $_POST['username'];
    $password = $_POST['password'];
    //接受登陆界面的请求,若成功请求,将用户信息录入$_SESSION;
    $user = new UserModel();
    if (($res = $user->checkUser($username, $password)) == false) {
        list($error) = $user->getErr();
        $msg = $error;
        include __ROOT__ . 'view/front/msg.html';
    } else {
        $_SESSION = $res;
        $msg = 'login successfully';
        //用户选择记住用户名,保存用户名7天
        if (isset($_POST['remember'])) {
            setcookie('keepuser', $username, time() + 3600 * 24 * 7);
        } else {
            setcookie('keepuser', '', time() - 42000);
        }
        include __ROOT__ . 'view/front/msg.html';
    }
}
Example #8
0
define('ACC', true);
require '../system/init.php';
//显示user注册页面
$msg = '';
//返回到前台的信息
$user = new UserModel();
$data = $user->_autofill($_POST);
//检测内容
/*
username: 4-20
password: 非空
email: 有email格式
username是否重复
*/
if (!$user->_validate($data)) {
    list($error) = $user->getErr();
    $msg .= $error;
} else {
    $user->setField($user->showField());
    $data = $user->_facade($data);
    if (!$user->checkUser($data['username'])) {
        list($error) = $user->getErr();
        $msg = $error;
    } else {
        $user->reg($data);
        $msg .= "Register Sucessfully!";
    }
}
include '../view/front/msg.html';
//echo $user->add($data)? "s":"f";