【www.bbyears.com--php常用代码】
、登录时对用户输入的用户名、密码进行验证
代码如下
/**
* Validator for Login.
*/
final class LoginValidator {
private function __construct() {
}
/**
* Validate the given username and password.
* @param $username and $password to be validated
* @return array array of {@link Error} s
*/
public static function validate($username, $password) {
$errors = array();
$username = trim($username);
if (!$username) {
$errors[] = new Error("username", "用户名不能为空。");
} elseif (strlen($username)<3) {
$errors[] = new Error("username", "用户名长度不能小于3个字符。");
} elseif (strlen($username)>30) {
$errors[] = new Error("username", "用户名长度不能超过30个字符。");
} elseif (!preg_match("/^[A-Za-z]+$/",substr($username, 0, 1))) {
$errors[] = new Error("username", "用户名必须以字母开头。");
} elseif (!preg_match("/^[A-Za-z0-9_]+$/", $username)) {
$errors[] = new Error("username", "用户名只能是字母、数字以及下划线( _ )的组合。");
} elseif (!trim($password)) {
$errors[] = new Error("password", "密码不能为空。");
} else {
// check whether use exists or not
$dao = new UserDao();
$user = $dao->findByName($username);
if ($user) {
if (!($user->getPassword() == sha1($user->getSalt() . $password))) {
$errors[] = new Error("password", "用户名或密码错误。");
}
} else {
$errors[] = new Error("username", "用户名不存在。");
}
}
return $errors;
}
}
?>
2、调用验证器进行验证
代码如下
$username = null;
$password = null;
$msg = "";
if (isset($_POST["username"]) && isset($_POST["password"])) {
$username = addslashes(trim(stripslashes($_POST ["username"])));
$password = addslashes(trim(stripslashes($_POST ["password"])));
// validate
$errors = LoginValidator::validate($username, $password);
if (empty($errors)) {
// save the latest ip or login time into database, then processing page forwarding
$dao = new UserDao();
$user = $dao->findByName($username);
$last_login_ip = Utils::getIpAddress();
$user->setLastLoginIp($last_login_ip);
$now = new DateTime();
$user->setLastLoginTime($now);
$dao->save($user);
UserLogin::setUserInfo($user);
Flash::addFlash("登录成功!");
Utils::redirect("welcome");
}
foreach ($errors as $e) {
$msg .= $e->getMessage()."
";
}