时间:2021-07-01 10:21:17 帮助过:6人阅读
display();
}
public function checkUserName(){
if(!IS_AJAX){
$data=array('errMsg' => '非法访问方式');
}
$userName=I('username','','htmlspecialchars');
$userPass=I('userpass','','htmlspecialchars');
$userInfo=D("Stuser")->getUserInfo($userName);
if($userInfo['userpass']!=handleMd5Pass($userPass)){
//echo $userInfo['userpass']."
";
//echo handleMd5Pass($userPass);
echo "用户名或密码不正确";
//var_dump(handleMd5Pass($userPass));
}
if($userInfo){
//$userInfo->where(array('id' => $userInfo['id']))->save($errMsg);
session('userId',$userInfo['id']);
$data=array(
'info' => 'ok',
'callback' => U('/stfjzd-13/index.php/Home/Index/index')
);
}
$this->ajaxReturn($data);
}
}
2.StuserModel.class.php
DB=M("Stuser");
}
//数据库中检索用户数据,find()检索一条->Index
public function getUserInfo($userName){
//$res=$this->DB->field('username','userpass')->where('username="'.$userName.'"')->find();
$userInfo=$this->DB->where('username="'.$userName.'"')->find();
echo $this->DB->getLastSql();
return $userInfo;
}
}
?>
3.Login.js
$('.search_sub').click(function(event){
event.preventDefault();
var userName=$("#username").val();
var userPass=$("#userpass").val();
if(userPass=="" || userName==""){
alert("登陆名称与密码不能为空");
$("#username").focus();
return false;
}else{
var url="/stfjzd-13/index.php/Home/Index/checkUserName";
//var url="{U('/stfjzd-13/index.php/Home/Index/checkUserName')}";
$.post(url,{username:userName,userpass:userPass},function(msg){
if(msg.errMsg=="ok"){
window.location.href=msg.callback;
}else{
alert(msg.errMsg);
}
},"JSON")
}
})
数据库保存字段是md5(密码),表单接收处理的密码是md5(密码+后缀),这两个判断返回的逻辑值是true吗?为什么我昨晚试了,返回账户密码不正确,但是ajax返回值是ok,如果全部乱输入,则ajax返回的是null。如果密码不匹配为什么ajax返回ok?如果匹配为什么返回密码不正确?问题出在哪里?
1.IndexController.class.php:
display();
}
public function checkUserName(){
if(!IS_AJAX){
$data=array('errMsg' => '非法访问方式');
}
$userName=I('username','','htmlspecialchars');
$userPass=I('userpass','','htmlspecialchars');
$userInfo=D("Stuser")->getUserInfo($userName);
if($userInfo['userpass']!=handleMd5Pass($userPass)){
//echo $userInfo['userpass']."
";
//echo handleMd5Pass($userPass);
echo "用户名或密码不正确";
//var_dump(handleMd5Pass($userPass));
}
if($userInfo){
//$userInfo->where(array('id' => $userInfo['id']))->save($errMsg);
session('userId',$userInfo['id']);
$data=array(
'info' => 'ok',
'callback' => U('/stfjzd-13/index.php/Home/Index/index')
);
}
$this->ajaxReturn($data);
}
}
2.StuserModel.class.php
DB=M("Stuser");
}
//数据库中检索用户数据,find()检索一条->Index
public function getUserInfo($userName){
//$res=$this->DB->field('username','userpass')->where('username="'.$userName.'"')->find();
$userInfo=$this->DB->where('username="'.$userName.'"')->find();
echo $this->DB->getLastSql();
return $userInfo;
}
}
?>
3.Login.js
$('.search_sub').click(function(event){
event.preventDefault();
var userName=$("#username").val();
var userPass=$("#userpass").val();
if(userPass=="" || userName==""){
alert("登陆名称与密码不能为空");
$("#username").focus();
return false;
}else{
var url="/stfjzd-13/index.php/Home/Index/checkUserName";
//var url="{U('/stfjzd-13/index.php/Home/Index/checkUserName')}";
$.post(url,{username:userName,userpass:userPass},function(msg){
if(msg.errMsg=="ok"){
window.location.href=msg.callback;
}else{
alert(msg.errMsg);
}
},"JSON")
}
})
if($userInfo['userpass']!=handleMd5Pass($userPass)){
//此处只echo了错误,但是没有返回到前端。
echo "用户名或密码不正确";
//var_dump(handleMd5Pass($userPass));
}
if($userInfo){
//你的代码运行到这里,用户名对,所以查出了userInfo,所以返回了ok。正确应该在密码验证错误的时候就返回给前端,不再往后运行
session('userId',$userInfo['id']);
$data=array(
'info' => 'ok',
'callback' => U('/stfjzd-13/index.php/Home/Index/index')
);
}
$this->ajaxReturn($data);
在注释中
echo "用户名或密码不正确";
这里 return