<?php $name = $_POST['user_name']; $password = $_POST['password']; include "../frame.php"; $suess_url = $_POST['last_url'] ? $_POST['last_url'] : '/user/'; $fail_url = $_POST['last_url'] ? "index.php?last_url=" . $_POST['last_url'] : "index.php"; if (strlen($name) > 20 || strlen($password) > 20) { die("alert('用户名或密码错误');"); } $cache_name = front_login($name, $password); if ($cache_name === false) { echo "alert('用户名或密码错误');"; } else { #echo '$.cookie("cache_name","' .$cache_name .'",{path:"/"});'; echo "refresh_login_box();"; }
die; } if (preg_match("/^[\\w.!@#\$%^&*]+\$/", $_POST['password']) == 0) { alert('密码包含特殊字符!请重新输入!'); redirect('/login/'); die; } $name = $_POST['name']; $password = $_POST['password']; $suess_url = $_POST['last_url'] ? $_POST['last_url'] : '/'; $fail_url = $_POST['last_url'] ? "index.php?last_url=" . $_POST['last_url'] : "/login/"; if (strlen($name) > 20 || strlen($password) > 20) { $err = "用户名或密码错误"; $last_url = $fail_url; } if (front_login($name, $password)) { $last_url = $suess_url; } else { $err = "用户名或密码错误"; $last_url = $fail_url; } /* $password = md5($password); $db = get_db(); $sql = "select * from fb_yh where name = '{$name}' and password = '******' and authenticated=1"; $record = $db->query($sql); if($db->record_count==1) { $user_id = $db->field_by_name('id'); $cache_name = sprintf('%06s',$user_id) .rand_str(24); $db->execute("update fb_yh set cache_name='{$cache_name}' where id={$user_id}");