[更新]修改用户登录，使用验证器验证数据输入

2025-04-06 03:58:04 +08:00 · 2018-06-06 15:35:46 +08:00 · 2018-06-06 15:35:46 +08:00 · 1756305e42
commit 1756305e42
parent f2580af374
1 changed files with 23 additions and 10 deletions
--- a/application/admin/controller/Login.php
+++ b/application/admin/controller/Login.php
@ -18,6 +18,8 @@ use controller\BasicAdmin;
 use service\LogService;
 use service\NodeService;
 use think\Db;
+use think\facade\Validate;
+

 /**
 * 系统登录控制器
@ -54,19 +56,30 @@ class Login extends BasicAdmin
            return $this->fetch('', ['title' => '用户登录']);
        }
        // 输入数据效验
-        $username = $this->request->post('username', '', 'trim');
-        $password = $this->request->post('password', '', 'trim');
-        strlen($username) < 4 && $this->error('登录账号长度不能少于4位有效字符!');
-        strlen($password) < 4 && $this->error('登录密码长度不能少于4位有效字符!');
+        $validate = Validate::make([
+            'username' => 'require|min:4',
+            'password' => 'require|min:4',
+        ], [
+            'username.require' => '登录账号不能为空！',
+            'username.min'     => '登录账号长度不能少于4位有效字符！',
+            'password.require' => '登录密码不能为空！',
+            'password.min'     => '登录密码长度不能少于4位有效字符！',
+        ]);
+        $data = [
+            'username' => $this->request->post('username', ''),
+            'password' => $this->request->post('password', ''),
+        ];
+        $validate->check($data) || $this->error($validate->getError());
        // 用户信息验证
-        $user = Db::name('SystemUser')->where('is_deleted', '0')->where('username', $username)->find();
+        $user = Db::name('SystemUser')->where(['username' => $data['username'], 'is_deleted' => '0'])->find();
        empty($user) && $this->error('登录账号不存在，请重新输入!');
-        ($user['password'] !== md5($password)) && $this->error('登录密码与账号不匹配，请重新输入!');
-        empty($user['is_deleted']) || $this->error('账号已经被删除，请联系管理！');
-        empty($user['status']) && $this->error('账号已经被禁用，请联系管理!');
+        empty($user['status']) && $this->error('账号已经被禁用，请联系管理员!');
+        $user['password'] !== md5($data['password']) && $this->error('登录密码错误，请重新输入!');
        // 更新登录信息
-        $data = ['login_at' => Db::raw('now()'), 'login_num' => Db::raw('login_num+1')];
-        Db::name('SystemUser')->where(['id' => $user['id']])->update($data);
+        Db::name('SystemUser')->where(['id' => $user['id']])->update([
+            'login_at'  => Db::raw('now()'),
+            'login_num' => Db::raw('login_num+1'),
+        ]);
        session('user', $user);
        !empty($user['authorize']) && NodeService::applyAuthNode();
        LogService::write('系统管理', '用户登录系统成功');