From 1756305e42ae345745dfc6b3ab109253ca8be3ea Mon Sep 17 00:00:00 2001
From: Anyon <zoujingli@qq.com>
Date: Wed, 6 Jun 2018 15:35:46 +0800
Subject: [PATCH] =?UTF-8?q?[=E6=9B=B4=E6=96=B0]=E4=BF=AE=E6=94=B9=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E7=99=BB=E5=BD=95=EF=BC=8C=E4=BD=BF=E7=94=A8=E9=AA=8C?=
 =?UTF-8?q?=E8=AF=81=E5=99=A8=E9=AA=8C=E8=AF=81=E6=95=B0=E6=8D=AE=E8=BE=93?=
 =?UTF-8?q?=E5=85=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/admin/controller/Login.php | 33 ++++++++++++++++++--------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/application/admin/controller/Login.php b/application/admin/controller/Login.php
index 096d652ea..6e61de34d 100644
--- a/application/admin/controller/Login.php
+++ b/application/admin/controller/Login.php
@@ -18,6 +18,8 @@ use controller\BasicAdmin;
 use service\LogService;
 use service\NodeService;
 use think\Db;
+use think\facade\Validate;
+
 
 /**
  * 系统登录控制器
@@ -54,19 +56,30 @@ class Login extends BasicAdmin
             return $this->fetch('', ['title' => '用户登录']);
         }
         // 输入数据效验
-        $username = $this->request->post('username', '', 'trim');
-        $password = $this->request->post('password', '', 'trim');
-        strlen($username) < 4 && $this->error('登录账号长度不能少于4位有效字符!');
-        strlen($password) < 4 && $this->error('登录密码长度不能少于4位有效字符!');
+        $validate = Validate::make([
+            'username' => 'require|min:4',
+            'password' => 'require|min:4',
+        ], [
+            'username.require' => '登录账号不能为空！',
+            'username.min'     => '登录账号长度不能少于4位有效字符！',
+            'password.require' => '登录密码不能为空！',
+            'password.min'     => '登录密码长度不能少于4位有效字符！',
+        ]);
+        $data = [
+            'username' => $this->request->post('username', ''),
+            'password' => $this->request->post('password', ''),
+        ];
+        $validate->check($data) || $this->error($validate->getError());
         // 用户信息验证
-        $user = Db::name('SystemUser')->where('is_deleted', '0')->where('username', $username)->find();
+        $user = Db::name('SystemUser')->where(['username' => $data['username'], 'is_deleted' => '0'])->find();
         empty($user) && $this->error('登录账号不存在，请重新输入!');
-        ($user['password'] !== md5($password)) && $this->error('登录密码与账号不匹配，请重新输入!');
-        empty($user['is_deleted']) || $this->error('账号已经被删除，请联系管理！');
-        empty($user['status']) && $this->error('账号已经被禁用，请联系管理!');
+        empty($user['status']) && $this->error('账号已经被禁用，请联系管理员!');
+        $user['password'] !== md5($data['password']) && $this->error('登录密码错误，请重新输入!');
         // 更新登录信息
-        $data = ['login_at' => Db::raw('now()'), 'login_num' => Db::raw('login_num+1')];
-        Db::name('SystemUser')->where(['id' => $user['id']])->update($data);
+        Db::name('SystemUser')->where(['id' => $user['id']])->update([
+            'login_at'  => Db::raw('now()'),
+            'login_num' => Db::raw('login_num+1'),
+        ]);
         session('user', $user);
         !empty($user['authorize']) && NodeService::applyAuthNode();
         LogService::write('系统管理', '用户登录系统成功');