php - 这段代码中间的重复密码验证能否精简
本文介绍了php - 这段代码中间的重复密码验证能否精简的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
问 题
这中间密码验证重复出现了3次,我本来想用function解决,但是用function的话里面的$row数组还得要重新查询。主要我担心的时后期维护的时候3段代码都要修改,这样比较麻烦,有没有什么好的办法可以只要修改一个地方可以同时修改3个地方用function实现,或者其他功能调用验证密码那个环节。
<?php
$action = $_GET['action'];
session_start();
require_once('db_config_loverun.php');
require_once('functions.php');
if ($action == 'login') { //登录
$username = stripslashes(trim($_POST['username']));
$password = stripslashes(trim($_POST['password']));
$salt = 'shengtian';
$md5pass = md5($password.$salt);
$sql = "select Nickname, Password, LoginTimes, LastTime, LastIP, err, errTime from members where name=?";
//绑定变量并预处理
$result = $db->prepare($sql);
$result->bind_param("s", $username);
$result->execute();
//输出结果
$row = array();
$result->bind_result($row['Nickname'],$row['Password'],$row['LoginTimes'],$row['LastTime'],$row['LastIP'],$row['err'],$row['errTime']);
$result->fetch(); //获取数据
$result->close(); //释放资源占用
if($row['Nickname']!="") { //判断用户是否存在
if ($row['err']>5 and $row['err'] <20) {//判断错误次数
$errTime = floor((time()-strtotime($row['errTime']))/60);
if($errTime>60) {
//验证密码程序
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
} else {
$res['success'] = 3; //1小时内禁止登录。
}
} elseif($row['err']>=20) {
$errTime = floor((time()-strtotime($row['errTime']))/60);
if($errTime>1440) {
//验证密码程序
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
} else {
$res['success'] = 4; //24小时内禁止登录。
}
} else {
//验证密码程序
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
}
} else {
$res['success'] = 2; //用户不存在
}
echo json_encode($res);
} elseif ($action == 'logout') { //退出
unset($_SESSION);
session_destroy();
} else {
header("location: ./");
exit;
}
?>解决方案
<?php
$action = $_GET['action'];
session_start();
require_once('db_config_loverun.php');
require_once('functions.php');
if ($action == 'login') { //登录
$username = stripslashes(trim($_POST['username']));
$password = stripslashes(trim($_POST['password']));
$salt = 'shengtian';
$md5pass = md5($password.$salt);
$sql = "select Nickname, Password, LoginTimes, LastTime, LastIP, err, errTime from members where name=?";
//绑定变量并预处理
$result = $db->prepare($sql);
$result->bind_param("s", $username);
$result->execute();
//输出结果
$row = array();
$result->bind_result($row['Nickname'],$row['Password'],$row['LoginTimes'],$row['LastTime'],$row['LastIP'],$row['err'],$row['errTime']);
$result->fetch(); //获取数据
$result->close(); //释放资源占用
if($row['Nickname']!="") { //判断用户是否存在
$res = validate($md5pass,$row,$username);
} else {
$res['success'] = 2; //用户不存在
}
echo json_encode($res);
} elseif ($action == 'logout') { //退出
unset($_SESSION);
session_destroy();
} else {
header("location: ./");
exit;
}
function validate($md5pass,$row,$username){
if($row['err'] > 5){
$errTime = floor((time()-strtotime($row['errTime']))/60);
if($row['err'] <20 && $errTime < 60){
$res['success'] = 3;
return $res;
}elseif($row['err'] >=20 && $errTime < 1440){
$res['success'] = 4;
return $res;
}
}
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
return $res;
}
?>这篇关于php - 这段代码中间的重复密码验证能否精简的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
