* @package Login
* @author zhaoyan <*****@*****.**>
* @license https://github.com/3032441712/person/blob/master/LICENSE GNU License
* @version GIT: $Id$
* @link http://www.168helps.com/blog
*/
use Model\User;
use Util\Token;
use Form\Response;
if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
$userPostData = isset($_POST['user']) && is_array($_POST['user']) ? $_POST['user'] : array();
$userPostData = array_map('trim', $userPostData);
$username = isset($userPostData['name']) ? $userPostData['name'] : '';
$password = isset($userPostData['pass']) ? $userPostData['pass'] : '';
//进行表单令牌验证
if (Token::validate($_POST['token']) === false) {
Response::json(array('msg' => '非法访问,请刷新表单'), 1);
}
if (User::isUsername($username) == false) {
Response::json(array('msg' => '账号不符合规则,请重新输入'), 1);
}
if (User::isPassword($password) == false) {
Response::json(array('msg' => '密码不符合规则,请重新输入'), 1);
}
$userData = User::getUserDataByUsername('user_id,user_pass', $username);
if (isset($userData['user_id']) == false) {
Response::json(array('msg' => '您输入的帐号不存在,请重新输入'), 1);
}
if (md5($password) != $userData['user_pass']) {
Response::json(array('msg' => '您输入的密码有误,请重新输入'), 1);
}
