-
-
/** - * Validator for Login.
- */
- final class LoginValidator {
private function __construct() { -
- }
/** - * Validate the given username and password.
- * @param $username and $password to be validated
- * @return array array of {@link Error} s
- */
- public static function validate($username, $password) {
- $errors = array();
- $username = trim($username);
- if (!$username) {
- $errors[] = new Error('username', '用户名不能为空。');
- } elseif (strlen($username) $errors[] = new Error('username', '用户名长度不能小于3个字符。');
- } elseif (strlen($username)>30) {
- $errors[] = new Error('username', '用户名长度不能超过30个字符。');
- } elseif (!preg_match('/^[A-Za-z]+$/',substr($username, 0, 1))) {
- $errors[] = new Error('username', '用户名必须以字母开头。');
- } elseif (!preg_match('/^[A-Za-z0-9_]+$/', $username)) {
- $errors[] = new Error('username', '用户名只能是字母、数字以及下划线( _ )的组合。');
- } elseif (!trim($password)) {
- $errors[] = new Error('password', '密码不能为空。');
- } else {
- // check whether use exists or not
- $dao = new UserDao();
- $user = $dao->findByName($username);
if ($user) { - if (!($user->getPassword() == sha1($user->getSalt() . $password))) {
- $errors[] = new Error('password', '用户名或密码错误。');
- }
- } else {
- $errors[] = new Error('username', '用户名不存在。');
- }
- }
- return $errors;
- }
- }
- ?>
-
Error是自己写的一个类:
-
-
/** - * Validation error.
- */
- final class Error {
private $source; - private $message;
- /**
- * Create new error.
- * @param mixed $source source of the error
- * @param string $message error message
- */
- function __construct($source, $message) {
- $this->source = $source;
- $this->message = $message;
- }
/** - * Get source of the error.
- * @return mixed source of the error
- */
- public function getSource() {
- return $this->source;
- }
/** - * Get error message.
- * @return string error message
- */
- public function getMessage() {
- return $this->message;
- }
- }
- ?>
-
2、调用验证器进行验证
-
-
$username = null; - $password = null;
$msg = ""; if (isset($_POST['username']) && isset($_POST['password'])) { - $username = addslashes(trim(stripslashes($_POST ['username'])));
- $password = addslashes(trim(stripslashes($_POST ['password'])));
- // validate
- $errors = LoginValidator::validate($username, $password);
-
- if (empty($errors)) {
- // save the latest ip or login time into database, then processing page forwarding
- $dao = new UserDao();
- $user = $dao->findByName($username);
- $last_login_ip = Utils::getIpAddress();
- $user->setLastLoginIp($last_login_ip);
- $now = new DateTime();
- $user->setLastLoginTime($now);
- $dao->save($user);
- UserLogin::setUserInfo($user);
- Flash::addFlash('登录成功!');
- Utils::redirect('welcome');
- }
-
- foreach ($errors as $e) {
- $msg .= $e->getMessage()."
";
- }
- ?>
-
|