/** * 验证密码是否正确 */ private function validUser($key, $name, $cipherText) { //如果是浏览器客户端,采用明文传输密码 if (MiniHttp::clientIsBrowser()) { $password = $cipherText; } else { //进行des解码解析出明文密码 $password = MSecret::decryptHex($key, $cipherText); } //进行多用户源的验证 $uerObject = new CUserValid(); $user = $uerObject->validUser($name, $password); if (!isset($user) || !$user) { return false; } return $user; }
/** * 验证自有系统中是否存在此用户 * @param string $userName * @param string $password * @return bool $use */ public function validUserSelf($userName, $password) { $user = MiniUser2::getInstance()->getUserByName2($userName); if ($user === NULL) { //用户名不存在 $this->errorCode = MConst::ERROR_USERNAME_INVALID; return false; } $signPassword = MSecret::passSign($password, $user["salt"]); if ($user["user_pass"] == $signPassword) { //密码正确的情况下再验证用户是否被冻结 if (!$user['user_status']) { //返回用户被冻结错误码 CUserValid::$userDisabled = true; $this->errorCode = MConst::ERROR_USER_DISABLED; return false; } return $user; } //返回密码不正确 代码 $this->errorCode = MConst::ERROR_PASSWORD_INVALID; return false; }