public function login($username, $password, $auto) { $data = array('login_username' => $username, 'login_password' => $password); $map = array(); if ($this->create($data)) { $map['email'] = $username; //邮箱验证 } else { if ($this->getError() == 'noemail') { $map['username'] = $username; //账号验证 } else { return $this->getError(); } } //验证密码 $user = $this->field('id,password,last_login,username,face,domain')->where($map)->find(); if ($user['password'] == sha1($password)) { //登录验证后写入登录信息 $update = array('id' => $user['id'], 'last_login' => NOW_TIME, 'last_ip' => get_client_ip(1)); $this->save($update); //登陆后写入session $auth = array('username' => $user['username'], 'last_login' => NOW_TIME, 'id' => $user['id'], 'face' => json_decode($user['face']), 'domain' => $user['domain']); session('auth', $auth); //写入cookie if ($auto == 'on') { cookie('auto', encrypy($user['username']) . '|' . get_client_ip(1), 3600 * 24 * 30); } return $user['id']; } else { return -9; //账号或密码错误 } }
public function login() { if (!is_null($_COOKIE['auto']) && !session('?auth')) { $userinfo = explode('|', $_COOKIE['auto']); $userinfo[0] = encrypy($userinfo[0], 1); list($username, $ip) = $userinfo; if ($ip == get_client_ip(1)) { $User = D('User'); $userObj = $User->field('id,username,last_login,face,domain')->where(array('username' => $username))->find(); $auth = array('username' => $userObj['username'], 'last_login' => NOW_TIME, 'id' => $userObj['id'], 'face' => json_decode($userObj['face']), 'domain' => $userObj['domain']); session('auth', $auth); } } if (session('?auth')) { return 1; } else { $this->redirect('Login/index'); } }
} $msg = ''; if (isset($_POST['submit'])) { if (!isset($_POST['username'])) { $msg = 'No username entered!'; } elseif (!isset($_POST['email'])) { $msg = 'No email entered!'; } elseif (!isset($_POST['password'])) { $msg = 'No password entered!'; } elseif (!isset($_POST['repeat'])) { $msg = 'Password not repeated!'; } else { $username = security($_POST['username']); $email = security($_POST['email']); $password = encrypy(security($_POST['password'])); $repeat = encrypy(security($_POST['repeat'])); $Function_Query1 = mysql_query("SELECT email FROM {$config_db_accounts} WHERE email='{$email}'"); $Function_Query2 = mysql_query("SELECT username FROM {$config_db_accounts} WHERE username='******'"); if ($password !== $repeat) { $msg = 'Passwords did not match!'; } elseif ($config_registrations !== true) { $msg = 'Registration is disabled.'; } elseif (validate_email($email) !== true) { $msg = 'Invalid email entered!'; } elseif (validate_username($username) !== true) { $msg = 'Invalid username entered!'; } elseif (strlen($username) <= 3 && strlen($username) >= 15) { $msg = 'Usernames between 3 and 15 charecters!'; } elseif (mysql_num_rows($Function_Query1) === 1) { $msg = 'Email already has an account!'; } elseif (mysql_num_rows($Function_Query2) === 1) {
<?php $rq = true; require './system/system_config.php'; if (isUser($config_db_accounts) === true) { header("Location: live.php"); } $msg = ''; if (isset($_POST['submit'])) { if (!isset($_POST['email'])) { $msg = 'No email entered!'; } elseif (!isset($_POST['password'])) { $msg = 'No password entered!'; } else { $email = security($_POST['email']); $password = encrypy(security($_POST['password'])); $Function_Query1 = mysql_query("SELECT email, password FROM {$config_db_accounts} WHERE email='{$email}' and password='******'"); $Function_Query2 = mysql_query("SELECT email, password, status FROM {$config_db_accounts} WHERE email='{$email}' and password='******' and status='1'"); if (validate_email($email) !== true) { $msg = 'Invalid email entered!'; } elseif (mysql_num_rows($Function_Query1) !== 1) { $msg = 'Invalid login credentials!'; } elseif (mysql_num_rows($Function_Query2) !== 1) { $msg = 'Account is disabled!'; } else { $_SESSION['pu'] = $email; $msg = 'Logged in successfully. <script type="text/javascript"> window.location = "live.php"; function relayer() { window.location = "live.php";