@@ -0,0 +1,21 @@ | |||
<?php | |||
define('AJAXLOGIN', TRUE); | |||
define('DEDEADMIN', str_replace("\\", '/', dirname(__FILE__))); | |||
require_once(DEDEADMIN.'/../system/common.inc.php'); | |||
require_once(DEDEINC.'/userlogin.class.php'); | |||
AjaxHead(); | |||
$action = isset($action) && in_array($action, array('is_need_check_code'))? $action : ''; | |||
if ($action === 'is_need_check_code') { | |||
$cuserLogin = new userLogin(); | |||
$isNeed = $cuserLogin->isNeedCheckCode($userid); | |||
echo json_encode(array( | |||
"code" => 0, | |||
"msg" => "", | |||
"data" => array( | |||
"isNeed" => $isNeed, | |||
), | |||
)); | |||
exit; | |||
} |
@@ -0,0 +1,17 @@ | |||
$(document).ready(function () { | |||
$("#iptUserid").focusout(function () { | |||
let userid = $(this).val(); | |||
if (userid !== '') { | |||
$.get("api.php?action=is_need_check_code&userid=" + userid, function (data) { | |||
let rs = JSON.parse(data); | |||
if (rs.code === 0) { | |||
if (rs.data.isNeed) { | |||
$("#vdimgck").show(); | |||
} else { | |||
$("#vdimgck").hide(); | |||
} | |||
} | |||
}); | |||
} | |||
}) | |||
}) |
@@ -38,10 +38,19 @@ if (preg_match('/admin\/login/i', $cururl)) { | |||
$admindirs = explode('/', str_replace("\\", '/', dirname(__FILE__))); | |||
$admindir = $admindirs[count($admindirs) - 1]; | |||
if ($dopost == 'login') { | |||
$validate = empty($validate) ? '' : strtolower(trim($validate)); | |||
$svali = strtolower(GetCkVdValue()); | |||
$cuserLogin = new userLogin($admindir); | |||
if (!empty($userid) && !empty($pwd)) { | |||
$isNeed = $cuserLogin->isNeedCheckCode($userid); | |||
if ($isNeed) { | |||
$validate = empty($validate) ? '' : strtolower(trim($validate)); | |||
$svali = strtolower(GetCkVdValue()); | |||
if ($validate == '' || $validate != $svali) { | |||
ResetVdValue(); | |||
ShowMsg('验证码不正确', 'login.php', 0, 1000); | |||
exit; | |||
} | |||
} | |||
$res = $cuserLogin->checkUser($userid, $pwd); | |||
if ($res == 1) { | |||
$cuserLogin->keepUser(); | |||
@@ -9,6 +9,8 @@ | |||
<link rel="stylesheet" href="../static/web/css/bootstrap.min.css"> | |||
<link rel="stylesheet" href="../static/web/font/css/font-awesome.min.css"> | |||
<link rel="stylesheet" href="css/login.min.css"> | |||
<script src="../static/web/js/jquery.min.js"></script> | |||
<script src="js/login.js"></script> | |||
</head> | |||
<body> | |||
<?php if (preg_match('/MSIE/i',$_SERVER['HTTP_USER_AGENT']) || preg_match('/Trident/i',$_SERVER['HTTP_USER_AGENT'])) {?> | |||
@@ -44,6 +46,13 @@ | |||
<label for="iptPassword">密码</label> | |||
<input type="password" name="pwd" id="iptPassword" class="form-control"> | |||
</div> | |||
<div id="vdimgck" class="form-group" style="display: none;"> | |||
<label for="iptValidate">验证码</label> | |||
<div class="input-group"> | |||
<input type="text" name="validate" id="iptValidate" class="form-control text-uppercase"> | |||
<img src="../apps/vdimgck.php" onclick="this.src='../apps/vdimgck.php?'+new Date().getTime()+Math.round(Math.random() * 10000)" title="验证码" id="validateimg"> | |||
</div> | |||
</div> | |||
<div><button type="submit" class="btn btn-success w-100">登录</button></div> | |||
<div class="login-power"><?php echo $cfg_powerby;?></div> | |||
</form> | |||
@@ -128,6 +128,7 @@ CREATE TABLE `#@__admin` ( | |||
`typeid` text, | |||
`logintime` int(10) unsigned NOT NULL default '0', | |||
`loginip` varchar(46) NOT NULL default '', | |||
`loginerr` tinyint NULL DEFAULT 0, | |||
PRIMARY KEY (`id`) | |||
) TYPE=MyISAM; | |||
@@ -503,6 +504,7 @@ CREATE TABLE `#@__member` ( | |||
`logintime` int(10) unsigned NOT NULL default '0', | |||
`loginip` char(46) NOT NULL default '', | |||
`checkmail` smallint(6) NOT NULL default '-1', | |||
`loginerr` tinyint NULL DEFAULT 0, | |||
PRIMARY KEY (`mid`), | |||
KEY `userid` (`userid`,`sex`), | |||
KEY `logintime` (`logintime`) | |||
@@ -103,4 +103,6 @@ DELETE FROM `#@__sysconfig` WHERE `#@__sysconfig`.`varname` = 'cfg_disable_tags' | |||
DELETE FROM `#@__sysconfig` WHERE `#@__sysconfig`.`varname` = 'cfg_vdcode_member'; | |||
-- 6.2.0 | |||
ALTER TABLE `#@__arctype` CHANGE COLUMN `iscross` `cross` tinyint(1) NOT NULL DEFAULT 0 AFTER `ishidden`; | |||
ALTER TABLE `#@__arctype` CHANGE COLUMN `iscross` `cross` tinyint(1) NOT NULL DEFAULT 0 AFTER `ishidden`; | |||
ALTER TABLE `#@__admin` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `loginip`; | |||
ALTER TABLE `#@__member` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `checkmail`; |
@@ -0,0 +1,17 @@ | |||
$(document).ready(function () { | |||
$("#iptUserid").focusout(function () { | |||
let userid = $(this).val(); | |||
if (userid !== '') { | |||
$.get("api.php?action=is_need_check_code&userid=" + userid, function (data) { | |||
let rs = JSON.parse(data); | |||
if (rs.code === 0) { | |||
if (rs.data.isNeed) { | |||
$("#vdimgck").show(); | |||
} else { | |||
$("#vdimgck").hide(); | |||
} | |||
} | |||
}); | |||
} | |||
}) | |||
}) |
@@ -391,8 +391,10 @@ class MemberLogin | |||
$row = $dsql->GetOne("SELECT mid,matt,pwd,pwd_new,logintime FROM `#@__member` WHERE userid LIKE '$loginuser' "); | |||
if (is_array($row)) { | |||
if (!empty($row['pwd_new']) && !password_verify($loginpwd, $row['pwd_new'])) { | |||
$this->loginError($loginuser); | |||
return -1; | |||
}else if (!empty($row['pwd']) && $this->GetShortPwd($row['pwd']) != $this->GetEncodePwd($loginpwd)) { | |||
} else if (!empty($row['pwd']) && $this->GetShortPwd($row['pwd']) != $this->GetEncodePwd($loginpwd)) { | |||
$this->loginError($loginuser); | |||
return -1; | |||
} else { | |||
if (empty($row['pwd_new']) && function_exists('password_hash')) { | |||
@@ -413,6 +415,58 @@ class MemberLogin | |||
return 0; | |||
} | |||
} | |||
/** | |||
* 是否需要验证码 | |||
* | |||
* @param mixed $loginuser | |||
* @return bool | |||
*/ | |||
function isNeedCheckCode($loginuser) | |||
{ | |||
$num = $this->getLoginError($loginuser); | |||
return $num >= 3 ? true : false; | |||
} | |||
/** | |||
* 1分钟以内登录错误的次数 | |||
* | |||
* @param mixed $loginuser | |||
* @return int 登录错误次数 | |||
*/ | |||
function getLoginError($loginuser) | |||
{ | |||
global $dsql; | |||
$rs = CheckUserID($loginuser, '用户名', FALSE); | |||
//用户名不正确时返回验证错误,原登录名通过引用返回错误提示信息 | |||
if ($rs != 'ok') { | |||
return -1; | |||
} | |||
$row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__member` WHERE userid LIKE '$loginuser'"); | |||
if (is_array($row)) { | |||
//1分钟内如果输错3次则需要验证码 | |||
return (time() - (int)$row['logintime']) < 60 ? (int)$row['loginerr'] : 0; | |||
} else { | |||
return -1; | |||
} | |||
} | |||
/** | |||
* 记录登录错误 | |||
* | |||
* @return void | |||
*/ | |||
function loginError($loginuser) | |||
{ | |||
global $dsql; | |||
$rs = CheckUserID($loginuser, '用户名', FALSE); | |||
//用户名不正确时返回验证错误,原登录名通过引用返回错误提示信息 | |||
if ($rs != 'ok') { | |||
return; | |||
} | |||
$loginip = GetIP(); | |||
$inquery = "UPDATE `#@__member` SET loginip='$loginip',logintime='" . time() . "',loginerr=loginerr+1 WHERE userid='" . $loginuser . "'"; | |||
$dsql->ExecuteNoneQuery($inquery); | |||
} | |||
/** | |||
* 保存用户cookie | |||
* | |||
@@ -431,7 +485,7 @@ class MemberLogin | |||
$this->M_ID = $uid; | |||
$this->M_LoginTime = time(); | |||
$loginip = GetIP(); | |||
$inquery = "UPDATE `#@__member` SET loginip='$loginip',logintime='".$this->M_LoginTime."' WHERE mid='".$uid."'"; | |||
$inquery = "UPDATE `#@__member` SET loginip='$loginip',logintime='".$this->M_LoginTime."',loginerr=0 WHERE mid='".$uid."'"; | |||
$dsql->ExecuteNoneQuery($inquery); | |||
if ($this->M_KeepTime > 0) { | |||
PutCookie('DedeUserID', $uid, $this->M_KeepTime); | |||
@@ -445,7 +499,7 @@ class MemberLogin | |||
* 获得会员目前的状态 | |||
* | |||
* @access public | |||
* @param string $dsql 数据库连接 | |||
* @param object $dsql 数据库连接 | |||
* @return string | |||
*/ | |||
function GetSta($dsql) | |||
@@ -106,10 +106,10 @@ function CheckCatalog($cid, $msg) | |||
*/ | |||
function AddMyAddon($fid, $filename) | |||
{ | |||
$cacheFile = DEDEDATA.'/cache/addon-'.session_id().'.inc'; | |||
$cacheFile = DEDEDATA . '/cache/addon-' . session_id() . '.inc'; | |||
if (!file_exists($cacheFile)) { | |||
$fp = fopen($cacheFile, 'w'); | |||
fwrite($fp, '<'.'?php'."\r\n"); | |||
fwrite($fp, '<' . '?php' . "\r\n"); | |||
fwrite($fp, "\$myaddons = array();\r\n"); | |||
fwrite($fp, "\$maNum = 0;\r\n"); | |||
fclose($fp); | |||
@@ -133,7 +133,7 @@ function AddMyAddon($fid, $filename) | |||
function ClearMyAddon($aid = 0, $title = '') | |||
{ | |||
global $dsql; | |||
$cacheFile = DEDEDATA.'/cache/addon-'.session_id().'.inc'; | |||
$cacheFile = DEDEDATA . '/cache/addon-' . session_id() . '.inc'; | |||
$_SESSION['bigfile_info'] = array(); | |||
$_SESSION['file_info'] = array(); | |||
if (!file_exists($cacheFile)) { | |||
@@ -212,16 +212,18 @@ class userLogin | |||
$this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username); | |||
$this->userPwd = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $userpwd); | |||
$pwd = substr(md5($this->userPwd), 5, 20); | |||
$dsql->SetQuery("SELECT admin.*,atype.purviews FROM `#@__admin` admin LEFT JOIN `#@__admintype` atype ON atype.`rank`=admin.usertype WHERE admin.userid LIKE '".$this->userName."' LIMIT 0,1"); | |||
$dsql->SetQuery("SELECT admin.*,atype.purviews FROM `#@__admin` admin LEFT JOIN `#@__admintype` atype ON atype.`rank`=admin.usertype WHERE admin.userid LIKE '" . $this->userName . "' LIMIT 0,1"); | |||
$dsql->Execute(); | |||
$row = $dsql->GetObject(); | |||
if (!isset($row->pwd)) { | |||
return -1; | |||
} else if (!empty($row->pwd_new) && !password_verify($this->userPwd, $row->pwd_new)) { | |||
$this->loginError($row->id); | |||
return -2; | |||
} else if (!empty($row->pwd) && $pwd != $row->pwd) { | |||
$this->loginError($row->id); | |||
return -2; | |||
}else { | |||
} else { | |||
$upsql = ""; | |||
if (empty($row->pwd_new) && function_exists('password_hash')) { | |||
//升级密码 | |||
@@ -234,13 +236,58 @@ class userLogin | |||
$this->userChannel = $row->typeid; | |||
$this->userName = $row->uname; | |||
$this->userPurview = $row->purviews; | |||
$inquery = "UPDATE `#@__admin` SET loginip='$loginip',logintime='".time()."'{$upsql} WHERE id='".$row->id."'"; | |||
$inquery = "UPDATE `#@__admin` SET loginip='$loginip',logintime='" . time() . "'{$upsql},loginerr=0 WHERE id='" . $row->id . "'"; | |||
$dsql->ExecuteNoneQuery($inquery); | |||
$sql = "UPDATE `#@__member` SET logintime=".time().", loginip='$loginip' WHERE mid=".$row->id; | |||
$sql = "UPDATE `#@__member` SET logintime=" . time() . ", loginip='$loginip' WHERE mid=" . $row->id; | |||
$dsql->ExecuteNoneQuery($sql); | |||
return 1; | |||
} | |||
} | |||
/** | |||
* 是否需要验证码 | |||
* | |||
* @param mixed $username | |||
* @return bool | |||
*/ | |||
function isNeedCheckCode($username) | |||
{ | |||
$num = $this->getLoginError($username); | |||
return $num >= 3 ? true : false; | |||
} | |||
/** | |||
* 1分钟以内登录错误的次数 | |||
* | |||
* @param mixed $username | |||
* @return int 登录错误次数 | |||
*/ | |||
function getLoginError($username) | |||
{ | |||
global $dsql; | |||
$this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username); | |||
$row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__admin` WHERE userid LIKE '$this->userName'"); | |||
if (is_array($row)) { | |||
//1分钟内如果输错3次则需要验证码 | |||
return (time() - (int)$row['logintime']) < 60 ? (int)$row['loginerr'] : 0; | |||
} else { | |||
return -1; | |||
} | |||
} | |||
/** | |||
* 记录登录错误 | |||
* | |||
* @return void | |||
*/ | |||
function loginError($adminid) | |||
{ | |||
global $dsql; | |||
$loginip = GetIP(); | |||
$inquery = "UPDATE `#@__admin` SET loginip='$loginip',logintime='" . time() . "',loginerr=loginerr+1 WHERE id='" . $adminid . "'"; | |||
$dsql->ExecuteNoneQuery($inquery); | |||
} | |||
/** | |||
* 保持用户的会话状态 | |||
* | |||
@@ -281,7 +328,7 @@ class userLogin | |||
function ReWriteAdminChannel() | |||
{ | |||
//$this->userChannel | |||
$cacheFile = DEDEDATA.'/cache/admincat_'.$this->userID.'.inc'; | |||
$cacheFile = DEDEDATA . '/cache/admincat_' . $this->userID . '.inc'; | |||
//管理员管理的栏目列表 | |||
$typeid = trim($this->userChannel); | |||
if (empty($typeid) || $this->getUserType() >= 10) { | |||
@@ -296,7 +343,7 @@ class userLogin | |||
$typeids = explode(',', $typeid); | |||
$typeid = ''; | |||
foreach ($typeids as $tid) { | |||
$typeid .= ($typeid == '' ? GetSonIdsUL($tid) : ','.GetSonIdsUL($tid)); | |||
$typeid .= ($typeid == '' ? GetSonIdsUL($tid) : ',' . GetSonIdsUL($tid)); | |||
} | |||
$typeids = explode(',', $typeid); | |||
$typeidsnew = array_unique($typeids); | |||
@@ -443,4 +490,3 @@ function GetSonIdsLogicUL($id, $sArr, $channel = 0, $addthis = FALSE) | |||
} | |||
} | |||
} | |||
?> |
@@ -13,10 +13,10 @@ | |||
<script> | |||
//校验是否登录 | |||
function CheckLogin() { | |||
$.get("{dede:global.cfg_cmsurl/}/user/ajax_loginsta.php?format=json",function(data) { | |||
$.get("{dede:global.cfg_cmsurl/}/user/api.php?format=json",function(data) { | |||
let result = JSON.parse(data); | |||
if (result.code === 200) { | |||
$("#_login").html(`<a href="/user/edit_baseinfo.php"class="user-admin mr-3"><img src="${result.data.facepic}" alt="${result.data.username}" title="${result.data.username}">${result.data.username}</a><a href="/user" class="btn btn-primary btn-sm"><i class="fa fa-user-circle"></i></a><a href="/user/pm.php" class="btn btn-primary btn-sm"><i class="fa fa-bullhorn"></i></a><a href="/user/index_do.php?fmdo=login&dopost=exit" class="btn btn-success btn-sm"><i class="fa fa-sign-out"></i></a>`); | |||
$("#_login").html(`<a href="{dede:global.cfg_cmsurl/}/user/edit_baseinfo.php"class="user-admin mr-3"><img src="${result.data.facepic}" alt="${result.data.username}" title="${result.data.username}">${result.data.username}</a><a href="{dede:global.cfg_cmsurl/}/user" class="btn btn-primary btn-sm"><i class="fa fa-user-circle"></i></a><a href="/user/pm.php" class="btn btn-primary btn-sm"><i class="fa fa-bullhorn"></i></a><a href="{dede:global.cfg_cmsurl/}/user/index_do.php?fmdo=login&dopost=exit" class="btn btn-success btn-sm"><i class="fa fa-sign-out"></i></a>`); | |||
$("#iptUsername").val(result.data.username); | |||
$("#iptUsername").attr("disabled", "disabled"); | |||
$(".areaValidate").hide(); | |||
@@ -105,7 +105,7 @@ | |||
<button class="btn btn-success btnSend" type="button" onClick='SendReplyFeedback(${fid})'>回复</button> | |||
</div> | |||
</div>`; | |||
$.get("{dede:global.cfg_cmsurl/}/user/ajax_loginsta.php?format=json", function(data) { | |||
$.get("{dede:global.cfg_cmsurl/}/user/api.php?format=json", function(data) { | |||
let result = JSON.parse(data); | |||
if (result.code !== 200) { | |||
$(`._feedback_reply`).html(""); | |||
@@ -1,52 +0,0 @@ | |||
<?php | |||
/** | |||
* @version $id:ajax_loginsta.php 8:38 2010年7月9日 tianya $ | |||
* @package DedeBIZ.User | |||
* @copyright Copyright (c) 2022 DedeBIZ.COM | |||
* @license https://www.dedebiz.com/license | |||
* @link https://www.dedebiz.com | |||
*/ | |||
define('AJAXLOGIN', TRUE); | |||
require_once(dirname(__FILE__)."/config.php"); | |||
AjaxHead(); | |||
$format = isset($format) ? "json" : ""; | |||
if (!$cfg_ml->IsLogin()) { | |||
if ($format === 'json') { | |||
echo json_encode(array( | |||
"code" => -1, | |||
"msg" => "尚未登录", | |||
"data" => null, | |||
)); | |||
} else { | |||
echo ""; | |||
} | |||
exit; | |||
} | |||
$uid = $cfg_ml->M_LoginID; | |||
!$cfg_ml->fields['face'] && $face = ($cfg_ml->fields['sex'] == '女') ? 'dfgirl' : 'dfboy'; | |||
$facepic = empty($face) ? $cfg_ml->fields['face'] : $GLOBALS['cfg_memberurl'].'/templets/images/'.$face.'.png'; | |||
if ($format === 'json') { | |||
echo json_encode(array( | |||
"code" => 200, | |||
"msg" => "", | |||
"data" => array( | |||
"username" => $cfg_ml->M_UserName, | |||
"myurl" => $myurl, | |||
"facepic" => $facepic, | |||
"memberurl" => $cfg_memberurl, | |||
), | |||
)); | |||
exit; | |||
} | |||
?> | |||
<div class="userinfo"> | |||
<div class="welcome">您好:<?php echo $cfg_ml->M_UserName;?>,欢迎登录 </div> | |||
<div class="userface"> | |||
<a href="<?php echo $cfg_memberurl;?>/index.php"><img src="<?php echo $facepic;?>" width="52" height="52" /></a> | |||
</div> | |||
<div class="uclink"> | |||
<a href="<?php echo $cfg_memberurl;?>/index.php">会员中心</a> | | |||
<a href="<?php echo $cfg_memberurl;?>/edit_baseinfo.php">资料</a> | | |||
<a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=login&dopost=exit">退出登录</a> | |||
</div> | |||
</div> |
@@ -0,0 +1,68 @@ | |||
<?php | |||
/** | |||
* @version $id:api.php 8:38 2010年7月9日 tianya $ | |||
* @package DedeBIZ.User | |||
* @copyright Copyright (c) 2022 DedeBIZ.COM | |||
* @license https://www.dedebiz.com/license | |||
* @link https://www.dedebiz.com | |||
*/ | |||
define('AJAXLOGIN', TRUE); | |||
require_once(dirname(__FILE__)."/config.php"); | |||
AjaxHead(); | |||
$action = isset($action)? $action : ''; | |||
if ($action === 'is_need_check_code') { | |||
$isNeed = $cfg_ml->isNeedCheckCode($userid); | |||
echo json_encode(array( | |||
"code" => 0, | |||
"msg" => "", | |||
"data" => array( | |||
"isNeed" => $isNeed, | |||
), | |||
)); | |||
exit; | |||
} else { | |||
$format = isset($format) ? "json" : ""; | |||
if (!$cfg_ml->IsLogin()) { | |||
if ($format === 'json') { | |||
echo json_encode(array( | |||
"code" => -1, | |||
"msg" => "尚未登录", | |||
"data" => null, | |||
)); | |||
} else { | |||
echo ""; | |||
} | |||
exit; | |||
} | |||
$uid = $cfg_ml->M_LoginID; | |||
!$cfg_ml->fields['face'] && $face = ($cfg_ml->fields['sex'] == '女') ? 'dfgirl' : 'dfboy'; | |||
$facepic = empty($face) ? $cfg_ml->fields['face'] : $GLOBALS['cfg_memberurl'].'/templets/images/'.$face.'.png'; | |||
if ($format === 'json') { | |||
echo json_encode(array( | |||
"code" => 200, | |||
"msg" => "", | |||
"data" => array( | |||
"username" => $cfg_ml->M_UserName, | |||
"myurl" => $myurl, | |||
"facepic" => $facepic, | |||
"memberurl" => $cfg_memberurl, | |||
), | |||
)); | |||
exit; | |||
} | |||
?> | |||
<div class="userinfo"> | |||
<div class="welcome">您好:<?php echo $cfg_ml->M_UserName;?>,欢迎登录 </div> | |||
<div class="userface"> | |||
<a href="<?php echo $cfg_memberurl;?>/index.php"><img src="<?php echo $facepic;?>" width="52" height="52" /></a> | |||
</div> | |||
<div class="uclink"> | |||
<a href="<?php echo $cfg_memberurl;?>/index.php">会员中心</a> | | |||
<a href="<?php echo $cfg_memberurl;?>/edit_baseinfo.php">资料</a> | | |||
<a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=login&dopost=exit">退出登录</a> | |||
</div> | |||
</div> | |||
<?php | |||
} | |||
?> |
@@ -180,6 +180,15 @@ else if ($fmdo == 'login') { | |||
ShowMsg("密码不能为空", "-1", 0, 2000); | |||
exit(); | |||
} | |||
$isNeed = $cfg_ml->isNeedCheckCode($userid); | |||
if ($isNeed) { | |||
$svali = GetCkVdValue(); | |||
if (strtolower($vdcode) != $svali || $svali == '') { | |||
ResetVdValue(); | |||
ShowMsg('验证码错误', 'index.php'); | |||
exit(); | |||
} | |||
} | |||
//检查帐号 | |||
$rs = $cfg_ml->CheckUser($userid, $pwd); | |||
if ($rs == 0) { | |||
@@ -9,6 +9,7 @@ | |||
<link rel="stylesheet" href="<?php echo $cfg_cmsurl;?>/static/web/css/style.css"> | |||
<link rel="stylesheet" href="<?php echo $cfg_cmsurl;?>/static/web/css/user.css"> | |||
<script src="<?php echo $cfg_cmsurl;?>/static/web/js/jquery.min.js"></script> | |||
<script src="<?php echo $cfg_cmsurl;?>/static/web/js/login.js"></script> | |||
</head> | |||
<body class="body-bg"> | |||
<?php pasterTempletDiy('top.htm');?> | |||
@@ -23,8 +24,14 @@ | |||
<input type="hidden" name="dopost" value="login"> | |||
<input type="hidden" name="keeptime" value="604800"> | |||
<input type="hidden" name="gourl" value="<?php if (!empty($gourl)) echo $gourl;?>"> | |||
<div class="form-group"><input name="userid" type="text" class="form-control" placeholder="输入用户名"></div> | |||
<div class="form-group"><input id="iptUserid" name="userid" type="text" class="form-control" placeholder="输入用户名"></div> | |||
<div class="form-group"><input name="pwd" type="password" class="form-control" id="iptPwd" placeholder="输入密码"></div> | |||
<div class="form-group" id="vdimgck" style="display: none;"> | |||
<div class="input-group"> | |||
<input name="vdcode" type="text" class="form-control text-uppercase" id="iptValidate" placeholder="请输入验证码"> | |||
<img src="<?php echo $cfg_cmsurl;?>/apps/vdimgck.php" id="validateimg" onclick="this.src='<?php echo $cfg_cmsurl;?>/apps/vdimgck.php?'+new Date().getTime()+Math.round(Math.random() * 10000)" title="验证码"> | |||
</div> | |||
</div> | |||
<div class="form-group"><button type="submit" class="btn btn-success w-100">登录</button></div> | |||
<div class="form-group"><a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=user&dopost=regnew" class="btn btn-outline-success w-100">注册</a></div> | |||
<div><a href="<?php echo $cfg_memberurl;?>/resetpassword.php" class="text-dark">忘记密码</a></div> | |||