登陆组件修改

This commit is contained in:
筱锋xiao_lfeng 2022-09-10 17:21:49 +08:00
parent a888c83871
commit 58fe50a7b7

View File

@ -14,33 +14,58 @@ $studentID = $_POST['studentID'];
$password = $_POST['password']; $password = $_POST['password'];
$callback = htmlspecialchars($_GET['callback']); $callback = htmlspecialchars($_GET['callback']);
// 注册函数
// 发送POST
function http_post_json($url, $jsonStr) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonStr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json; charset=utf-8',
'Content-Length: ' . strlen($jsonStr)
)
);
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
// 函数构建 // 函数构建
// 检查数据是否为空 // 检查数据是否为空
if (!empty($studentID) and !empty($password)) { if (!empty($studentID) and !empty($password)) {
// 检查用户 // 发送用户信息
if ($result_person = mysqli_query($conn,"SELECT * FROM ".$setting['SQL_DATA']['info']." WHERE studentID='$studentID'")) { $url = $setting['API']['Domain']."/auth/login.php?key=".$setting['Key']; //请求地址
$result_person_object = mysqli_fetch_object($result_person); $arr = array(
if ($password == $result_person_object->password) { 'studentID'=>$studentID,
$keyID = $result_person_object->studentID; 'password'=>$password,
setcookie( 'studentID' , $keyID , time()+2678400 , '/' , ''); ); //请求参数(数组)
$jsonStr = json_encode($arr); //转换为json格式
$result = http_post_json($url, $jsonStr);
$result = json_decode($result,true);
// 返回结果
if ($result['output'] == "SUCCESS") {
// 赋予COOKIE
setcookie( 'studentID' , $studentID , time()+2678400 , '/' , '');
// 返回
if (empty($callback)) { if (empty($callback)) {
$callbacks = '/'; header('location: /index.php');
} else { } else {
$callbacks = $callback; header('location: '.$callback);
} }
header('location:'.$callbacks); } elseif ($result['output'] == "PASSWORD_DENY") {
} else {
echo <<<EOF echo <<<EOF
<script language="javascript"> <script language="javascript">
alert( "密码错误" ) alert( "密码错误" )
window.history.go(-1); window.history.go(-1);
</script> </script>
EOF; EOF;
}
} else { } else {
echo <<<EOF echo <<<EOF
<script language="javascript"> <script language="javascript">
alert( "数据库查询失败" ) alert( "未知错误" )
window.history.go(-1); window.history.go(-1);
</script> </script>
EOF; EOF;