session_start();
include_once('header.php');
include_once('connect.php');
include_once('common.php');
include_once('redis.php');
try {
define("USER_LOGIN_ERROR_NUM", 'user_login_error_num');
define("ERROR_COUNT", 5);
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['username']) ? $_POST['password'] : '';
$captcha = isset($_POST['captcha']) ? $_POST['captcha'] : '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$ulen = strlen($username);
$plen = strlen($password);
if ($_SESSION ["captcha"] != $captcha) {
return error('图形验证码不正确');
}
if (!preg_match("/^[\w]+$/", $username) || $ulen < 6 || $ulen > 15) {
return error('用户名只能是字母或数字,且长度为6到15个字符');
}
if (!preg_match("/^[\w]+$/", $password) || $plen < 6 || $plen > 15) {
return error('密码只能是字母或数字,且长度为6到15个字符');
}
$sql = sprintf("SELECT id,username,password,salt FROM m_user where `username`='%s' limit 1", $username);
$result = $conn->query($sql);
$arr = [];
if ($result->num_rows <= 0) {
return error('用户名不存在,请核实后重新登陆');
}
$user = $result->fetch_assoc();
if ($redis->exists(USER_LOGIN_ERROR_NUM . '_' . $user['id'])) {
if ($redis->get(USER_LOGIN_ERROR_NUM . '_' . $user['id']) >= ERROR_COUNT) {
return error('您登陆的错误次数已超过' . ERROR_COUNT . '次,请明天再试');
}
};
$pwd = $user['password'];
$sub_time = strtotime(date('Y-m-d', strtotime('+1 day'))) - time();
if ($pwd != encryption($password, $user['salt'])) {
if ($redis->exists(USER_LOGIN_ERROR_NUM . '_' . $user['id'])) {
$redis->incr(USER_LOGIN_ERROR_NUM . '_' . $user['id']);
} else {
$redis->set(USER_LOGIN_ERROR_NUM . '_' . $user['id'], 1, $sub_time);
}
return error('用户名或密码错误');
}
$user_info = [];
$user_info['id'] = $user['id'];
$user_info['username'] = $user['username'];
$user_info['nickname'] = $user['nickname'];
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['nickname'] = $user['nickname'];
$redis->del(USER_LOGIN_ERROR_NUM . '_' . $user['id']);
$conn->close();
return success($user_info, '登录成功');
}
} catch (Exception $exception) {
echo error($exception->getMessage());
}
?>
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
redis配置文件
$redis = new Redis();
$redis->connect('127.0.0.1', 6379);
$redis->auth('123456789');
$redis->select(0);