Esempio n. 1
0
 public function login($username, $password, $auto)
 {
     $data = array('login_username' => $username, 'login_password' => $password);
     $map = array();
     if ($this->create($data)) {
         $map['email'] = $username;
         //邮箱验证
     } else {
         if ($this->getError() == 'noemail') {
             $map['username'] = $username;
             //账号验证
         } else {
             return $this->getError();
         }
     }
     //验证密码
     $user = $this->field('id,password,last_login,username,face,domain')->where($map)->find();
     if ($user['password'] == sha1($password)) {
         //登录验证后写入登录信息
         $update = array('id' => $user['id'], 'last_login' => NOW_TIME, 'last_ip' => get_client_ip(1));
         $this->save($update);
         //登陆后写入session
         $auth = array('username' => $user['username'], 'last_login' => NOW_TIME, 'id' => $user['id'], 'face' => json_decode($user['face']), 'domain' => $user['domain']);
         session('auth', $auth);
         //写入cookie
         if ($auto == 'on') {
             cookie('auto', encrypy($user['username']) . '|' . get_client_ip(1), 3600 * 24 * 30);
         }
         return $user['id'];
     } else {
         return -9;
         //账号或密码错误
     }
 }
Esempio n. 2
0
 public function login()
 {
     if (!is_null($_COOKIE['auto']) && !session('?auth')) {
         $userinfo = explode('|', $_COOKIE['auto']);
         $userinfo[0] = encrypy($userinfo[0], 1);
         list($username, $ip) = $userinfo;
         if ($ip == get_client_ip(1)) {
             $User = D('User');
             $userObj = $User->field('id,username,last_login,face,domain')->where(array('username' => $username))->find();
             $auth = array('username' => $userObj['username'], 'last_login' => NOW_TIME, 'id' => $userObj['id'], 'face' => json_decode($userObj['face']), 'domain' => $userObj['domain']);
             session('auth', $auth);
         }
     }
     if (session('?auth')) {
         return 1;
     } else {
         $this->redirect('Login/index');
     }
 }
}
$msg = '';
if (isset($_POST['submit'])) {
    if (!isset($_POST['username'])) {
        $msg = 'No username entered!';
    } elseif (!isset($_POST['email'])) {
        $msg = 'No email entered!';
    } elseif (!isset($_POST['password'])) {
        $msg = 'No password entered!';
    } elseif (!isset($_POST['repeat'])) {
        $msg = 'Password not repeated!';
    } else {
        $username = security($_POST['username']);
        $email = security($_POST['email']);
        $password = encrypy(security($_POST['password']));
        $repeat = encrypy(security($_POST['repeat']));
        $Function_Query1 = mysql_query("SELECT email FROM {$config_db_accounts} WHERE email='{$email}'");
        $Function_Query2 = mysql_query("SELECT username FROM {$config_db_accounts} WHERE username='******'");
        if ($password !== $repeat) {
            $msg = 'Passwords did not match!';
        } elseif ($config_registrations !== true) {
            $msg = 'Registration is disabled.';
        } elseif (validate_email($email) !== true) {
            $msg = 'Invalid email entered!';
        } elseif (validate_username($username) !== true) {
            $msg = 'Invalid username entered!';
        } elseif (strlen($username) <= 3 && strlen($username) >= 15) {
            $msg = 'Usernames between 3 and 15 charecters!';
        } elseif (mysql_num_rows($Function_Query1) === 1) {
            $msg = 'Email already has an account!';
        } elseif (mysql_num_rows($Function_Query2) === 1) {
<?php

$rq = true;
require './system/system_config.php';
if (isUser($config_db_accounts) === true) {
    header("Location: live.php");
}
$msg = '';
if (isset($_POST['submit'])) {
    if (!isset($_POST['email'])) {
        $msg = 'No email entered!';
    } elseif (!isset($_POST['password'])) {
        $msg = 'No password entered!';
    } else {
        $email = security($_POST['email']);
        $password = encrypy(security($_POST['password']));
        $Function_Query1 = mysql_query("SELECT email, password FROM {$config_db_accounts} WHERE email='{$email}' and password='******'");
        $Function_Query2 = mysql_query("SELECT email, password, status FROM {$config_db_accounts} WHERE email='{$email}' and password='******' and status='1'");
        if (validate_email($email) !== true) {
            $msg = 'Invalid email entered!';
        } elseif (mysql_num_rows($Function_Query1) !== 1) {
            $msg = 'Invalid login credentials!';
        } elseif (mysql_num_rows($Function_Query2) !== 1) {
            $msg = 'Account is disabled!';
        } else {
            $_SESSION['pu'] = $email;
            $msg = 'Logged in successfully.
                 <script type="text/javascript">
                    window.location = "live.php";
                    function relayer() {
                       window.location = "live.php";