/** * 登录限制 * @param null $rt * @param User $user * @return null */ public function message_login_restrictions($rt, $user) { try { if (!$this->notice($user->getId(), 'message', 'login_restrictions')) { return $rt; } $mt = new MailTemplate("message_notice/login_restrictions.md"); $mt->setUserInfo($user->getInfo()); c_lib()->load('input'); $input = new Input(); $mt->setValues(['login_ip' => $input->getRealIP(), 'login_ua' => $input->getUA(), 'login_count' => $user->getErrorLoginCount()]); $this->message->addNoticeMsg($mt->getTitle(), $mt->getContent(), $user->getId()); } catch (\Exception $ex) { Log::write(_("NoticeApply message_login_restrictions create a Exception.") . "EX:[" . $ex->getCode() . "]:" . $ex->getMessage(), Log::NOTICE); } return $rt; }
/** * POST登录 * @param string $account * @param string $password * @param string $captcha * @param bool $save_status */ public function PostLogin($account, $password, $captcha, $save_status) { if (empty($account) || empty($password)) { $this->throwMsg(-10); } $save_status = !empty($save_status); if (!$this->Captcha($captcha)) { //验证码检测 $this->throwMsg(-5); } $account = strtolower($account); $password = strtolower($password); $this->GetAccountUser($account); lib()->load('UserCheck'); if (!UserCheck::CheckPasswordChar($password)) { $this->throwMsg(-3); } $ip = Ip::getInstance(); $max_error_count = hook()->apply("UserLogin_max_error_count", 6); $now_ip = $ip->realip(); if ($max_error_count <= $this->user->getErrorLoginCount() && $ip->fill($now_ip) === $ip->fill($this->user->getErrorLoginIp()) && explode(" ", $this->user->getErrorLoginTime())[0] == date("Y-m-d")) { //登录被限制 $this->throwMsg(-8); } else { if (UserCheck::CreatePassword($password, $this->user->getSalt()) !== $this->user->getPassword()) { //错误登录记录 $this->user->set(array("error_login_count" => 1 + $this->user->getErrorLoginCount(), 'error_login_time' => date("Y-m-d H:i:s"), 'error_login_ip' => $now_ip)); if ($this->user->getErrorLoginCount() >= $max_error_count) { hook()->apply("UserLogin_PostLogin_restrictions", NULL, $this->user); } $this->throwMsg(-4); } else { if (in_array($this->user->getStatus(), [0, 1, 2])) { if ($this->user->getErrorLoginCount() > 0) { //错误登录清零 $this->user->set(array("error_login_count" => 0)); } } else { //登录受限制,无法登录 $this->throwMsg(-9); } } } try { //登录成功后的COOKIE设置 if (strlen($this->user->getCookieLogin()) < 10) { $this->user->set(array("cookie_login" => salt_hash(time() . $this->user->getEmail(), salt(20)))); } if ($save_status) { cookie()->set("UserLogin", $this->user->getId() . "\t" . $this->user->getCookieLogin(), hook()->apply("UserLogin_PostLogin_CookieTime", time() + 60 * 60 * 24 * 7)); } else { cookie()->set("UserLogin", $this->user->getId() . "\t" . $this->user->getCookieLogin()); } } catch (\Exception $ex) { $this->throwMsg(-6); } try { //最后登录信息 self::setLastLoginInfo($this->user); } catch (\Exception $ex) { $this->code = -7; } hook()->apply('UserLogin_PostLogin_Success', NULL, $this->user); }