## 注册功能 模板所在位置: `/theme/default/reg.html` PHP页面 `reg.php` > 需要完成的功能点: 1 对输入项要进行魔术转义,防止SQL注入; 2 验证邮箱格式; 3 验证密码:长度,并校验两次输入是否一致; 4 校验数据库中是否存在改用户名; 5 校验图片验证码输入是否正确; 6 若全部校验通过则创建用户,并自动登录,登陆状态使用`Cookie`记录; 7 注册成功,赠送积分; ~~~ <?php include './common/common.php'; $title = '用户注册 - ' . WEB_NAME; //验证是否为提交注册信息 if (!empty($_POST['regsubmit'])) { $uname = strMagic($_POST['username']); $upass = trim($_POST['password']); $urpass = trim($_POST['repassword']); $umail = $_POST['mail']; $pyzm = $_POST['yzm']; //错误跳转页默认值 $url = $_SERVER['HTTP_REFERER']; $style = 'alert_error'; $toTime = 3000; $alterNotice = false; //提示页面标记位 //验证用户名长度 if(stringLen($uname)) { $alterNotice = true; $msgArr[] = '<font color=red><b>用户名长度错误:用户名由 3 到 12 个字符组成</b></font>'; } //判断数据库里是否存在这个用户名 $exists = dbSelect('user','uid', 'username="'.$uname.'"','uid desc',1); if($exists) { $alterNotice = true; $msgArr[] = '<font color=red><b>用户名已存在</b></font>'; } //验证密码长度 if(stringLen($upass)) { $alterNotice = true; $msgArr[] = '<font color=red><b>密码长度错误:由 3 到 12 个字符组成</b></font>'; } //验证两次密码是否一致 if(str2Equal($upass, $urpass)) { $alterNotice = true; $msgArr[] = '<font color=red><b>错误:两次密码不一致</b></font>'; } //验证email if(checkEmail($umail)) { $alterNotice = true; $msgArr[] = '<font color=red><b>错误:邮箱不合法</b></font>'; } //判断验证码 if(checkVerify($pyzm, $_SESSION['code'])) { $alterNotice = true; $msgArr[] = '<font color=red><b>验证码输入错误</b></font>'; } //验证是否需要显示提示信息 if($alterNotice) { $msg = join('<br />', $msgArr); include 'notice.php'; exit; } //创建用户 $money = REWARD_REG; $n = 'username, password, email, udertype, regtime, lasttime, regip, grade'; $v = "'$uname', '".md5($upass)."', '$umail', 0, ".time().", ".time().", ".ip2long($_SERVER['REMOTE_ADDR']).", ".$money; $result = dbInsert('user', $n, $v); if(!$result) { $msg = '<font color=red><b>注册失败,请联系管理员</b></font>'; include 'notice.php'; }else{ //注册成功后自动登录 $result = dbSelect('user', 'uid,username,udertype,picture,grade', 'username="'.$uname.'" and password="'.md5($upass).'"', 'uid desc', 1); setcookie('uid',$result[0]['uid'],time()+86400); setcookie('username',$result[0]['username'],time()+2592000); setcookie('udertype',$result[0]['udertype'],time()+86400); setcookie('picture',$result[0]['picture'],time()+86400); setcookie('grade',$result[0]['grade'],time()+86400); $msg = '<font color=green><b>感谢您的注册,现在将以会员身份登录站点</b></font>'; $url = 'index.php'; $style = 'alert_right'; include 'notice.php'; $msg = '注册赠送'; include 'layer.php'; } }else{ include template("reg.html"); } ?> ~~~ ## 用户登陆 PHP页面 `login.php` > 需要完成的功能点: 1 自动登陆功能,通过设置`Cookie`的过期时间来验证是否使用了自动登陆,有效期为30天。若浏览器`Cookie`被清除则自动失效; 2 验证登陆账号是否被管理员从后台锁定; 3 记录用户最后登陆时间; ~~~ <?php include './common/common.php'; $username = strMagic($_POST['username']); $password = trim($_POST['password']); $cookietime = $_POST['cookietime']; $result = dbSelect('user','uid,username,udertype,picture,grade,allowlogin,lasttime', 'username="'.$username.'" and password="'.md5($password).'"'); //判断是否使用了自动登录 if($cookietime) { $longTime = time()+2592000; }else{ $longTime = time()+86400; } if(!$result) { $msg = '<font color=red><b>登录失败,用户名或密码错误</b></font>'; $url = $_SERVER['HTTP_REFERER']; $style = 'alert_error'; $toTime = 3000; include 'notice.php'; }else{ if($result[0]['allowlogin']) { $msg = '<font color=red><b>您的账号已经被锁定,请联系管理员</b></font>'; $url = $_SERVER['HTTP_REFERER']; $style = 'alert_error'; $toTime = 3000; include 'notice.php'; exit; } $money = REWARD_LOGIN; if(formatTime($result[0]['lasttime'])<date('Y-m-d')) { //更新最后登录时间,首次登陆还要加积分 $lasttime = dbUpdate('user', 'lasttime='.time().',grade=grade+'.(int)$money.'', 'uid='.$result[0]['uid'].''); $first = true; $grade = $result[0]['grade']+(int)$money; }else{ //更新最后登录时间 $lasttime = dbUpdate('user', 'lasttime='.time().'', 'uid='.$result[0]['uid'].''); $grade = $result[0]['grade']; } setcookie('uid',$result[0]['uid'],$longTime); setcookie('username',$result[0]['username'],time()+2592000); setcookie('udertype',$result[0]['udertype'],$longTime); setcookie('picture',$result[0]['picture'],$longTime); setcookie('grade',$grade,$longTime); $msg = '<font color=green><b>登录成功</b></font>'; $url = $_SERVER['HTTP_REFERER']; $style = 'alert_right'; $toTime = 3000; include 'notice.php'; if($first) { $msg = '每天登陆'; include 'layer.php'; } } ~~~ ## 退出登陆状态 PHP页面 `logout.php` > Cookie 时间设置为当前时间-1,视为立即失效; ~~~ <?php include './common/common.php'; setcookie('uid','',time()-1); setcookie('udertype','',time()-1); setcookie('picture','',time()-1); setcookie('grade','',time()-1); $msg = '<font color=green><b>您已退出站点,现在将以游客身份转入退出前页面</b></font>'; $url = 'index.php'; $style = 'alert_right'; $toTime = 3000; include 'notice.php'; ~~~ 退出成功后,跳转到首页。