1、会员表中新增两个字段:
err_time(上次密码错误时间)
err_num(当日密码错误次数)
2、登录代码(例TP5):
/**
* 验证登录
*/
public function check(){
$status = 0;
// 获取表单提交的数据
$AdminName = input('AdminName','','htmlspecialchars');
$PassWord = md5(input('PassWord','','htmlspecialchars'));
$yanzheng = input('yanzheng','','htmlspecialchars');
if(!captcha_check($yanzheng)){
$message = '验证错误...';
return ['status'=>$status,'message'=>$message];
}
// 在admin表中进行查询:以用户为条件
$admin = db('admin')->where(['AdminName',=>$AdminName])->find();
//判断账号
if(is_null($admin)){
$message = '用户名不正确';
return ['status'=>$status,'message'=>$message];
}elseif($admin['State']==0){
$message = '该用户已被停用';
return ['status'=>$status,'message'=>$message];
}
$err_time = $admin['err_time'];
$err_num = $admin['err_num'];
if(date('Y-m-d', $err_time)==date('Y-m-d') && $err_num>=3){ //当天密码错误次数大于3
$message = '密码错误次数已超过3次';
return ['status'=>$status,'message'=>$message];
}else{
if($PassWord!=$admin['PassWord']){
//更新密码错误时间、错误次数
db('admin')->where(['id'=>$admin['id']])->update([
'err_time'=>time(),
'err_num'=>$admin['err_num'] + 1,
]);
$message = '密码不正确';
return ['status'=>$status,'message'=>$message];
}else{
$status = 1;
$message = '正在跳转页面...';
// 更新表中最后登录时间、错误时间、错误次数
db('admin')->where(['id'=>$admin['id']])->update([
'LastTime'=>time(),
'err_time'=>null,
'err_num'=>0,
]);
// 将用户登录的信息保存到session中
session('admin_id', $admin['id']);
}
}
return ['status'=>$status,'message'=>$message];
}