php实现的一个登录验证类,有需要的朋友,主要参考下这个代码的实现思路吧。
毕竟,多看高手的源码,对提高自己的编程水平,是很有帮助的。
<?php
final class UserLogin {
public function __construct() {
}
public static function getUserInfo() {
if (isset($_COOKIE["user_id"])&&$_COOKIE["user_id"]&&(trim($_COOKIE["user_id"])!="")) {
if (isset($_SESSION["USER_INFO"]))
return $_SESSION["USER_INFO"];
$dao = new UserDao();
$user = $dao->find($_COOKIE["user_id"]);
if ($user) {
$_SESSION["USER_INFO"] = $user;
setcookie("docloud_sid", session_id(), time() + 36000);
setcookie("user_id", $_COOKIE["user_id"], time() + 36000);
if (array_key_exists("selected_prj_id", $_COOKIE))
setcookie("selected_prj_id", $_COOKIE["selected_prj_id"], time() + 36000);
if (array_key_exists("selected_class_id", $_COOKIE))
setcookie("selected_class_id", $_COOKIE["selected_class_id"], time() + 36000);
if (array_key_exists("selected_image_id", $_COOKIE))
setcookie("selected_image_id", $_COOKIE["selected_image_id"], time() + 36000);
if (array_key_exists("test_image_ids", $_COOKIE))
setcookie("test_image_ids", $_COOKIE["test_image_ids"], time() + 36000);
if (array_key_exists("upload_image_ids", $_COOKIE))
setcookie("upload_image_ids", $_COOKIE["upload_image_ids"], time() + 36000);
return $user;
}
}
self::clearCookie();
return null;
}
public static function setUserInfo($userInfo) {
$_SESSION["USER_INFO"] = $userInfo;
setcookie("docloud_sid", session_id(), time() + 36000);
setcookie("user_id", $userInfo->getId(), time() + 36000);
}
public static function isLogin() {
if (self::getUserInfo()) {
return true;
}
return false;
}
public static function delUserInfo() {
self::clearCookie();
session_destroy();
}
private static function clearCookie() {
setcookie("docloud_sid", "", time() - 36000);
setcookie("user_id", "", time() - 36000);
setcookie("selected_prj_id", "", time() - 36000);
setcookie("selected_class_id", "", time() - 36000);
setcookie("selected_image_id", "", time() - 36000);
setcookie("test_image_ids", "", time() - 36000);
setcookie("upload_image_ids", "", time() - 36000);
}
}
/**
* Validator for Login.
*/
final class LoginValidator {
private function __construct() {
}
/**
* Validate the given username and password.
* @param $username and $password to be validated
* @return array array of {@link Error} s
*/
public static function validate($username, $password) {
$errors = array();
$username = trim($username);
if (!$username) {
$errors[] = new Error('username', '用户名不能为空。');
} elseif (strlen($username)<3) {
$errors[] = new Error('username', '用户名长度不能小于3个字符。');
} elseif (strlen($username)>30) {
$errors[] = new Error('username', '用户名长度不能超过30个字符。');
} elseif (!preg_match('/^[A-Za-z]+$/',substr($username, 0, 1))) {
$errors[] = new Error('username', '用户名必须以字母开头。');
} elseif (!preg_match('/^[A-Za-z0-9_]+$/', $username)) {
$errors[] = new Error('username', '用户名只能是字母、数字以及下划线( _ )的组合。');
} elseif (!trim($password)) {
$errors[] = new Error('password', '密码不能为空。');
} else {
// check whether use exists or not
$dao = new UserDao();
$user = $dao->findByName($username);
if ($user) {
if (!($user->getPassword() == sha1($user->getSalt() . $password))) {
$errors[] = new Error('password', '用户名或密码错误。');
}
} else {
$errors[] = new Error('username', '用户名不存在。');
}
}
return $errors;
}
}
/**
* Validation error.
*/
final class Error {
private $source;
private $message;
/**
* Create new error.
* @param mixed $source source of the error
* @param string $message error message
*/
function __construct($source, $message) {
$this->source = $source;
$this->message = $message;
}
/**
* Get source of the error.
* @return mixed source of the error
*/
public function getSource() {
return $this->source;
}
/**
* Get error message.
* @return string error message
*/
public function getMessage() {
return $this->message;
}
}
// if logged in, logout 页面的跳转类在http://www.cnblogs.com/setsail/archive/2012/12/18/2823231.html 里这里不再重复书写
if (UserLogin::isLogin() && $_COOKIE["user_id"]==1) {
UserLogin::delUserInfo();
}elseif (UserLogin::isLogin()){
Utils::redirect('welcome');
}
$username = null;
$password = null;
$msg = "";
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = addslashes(trim(stripslashes($_POST ['username'])));
$password = addslashes(trim(stripslashes($_POST ['password'])));
// validate
$errors = LoginValidator::validate($username, $password);
if (empty($errors)) {
// save
$dao = new UserDao();
$user = $dao->findByName($username);
$last_login_ip = Utils::getIpAddress();
$user->setLastLoginIp($last_login_ip);
$now = new DateTime();
$user->setLastLoginTime($now);
$dao->save($user);
UserLogin::setUserInfo($user);
Flash::addFlash('登录成功!');
Utils::redirect('welcome');
}
foreach ($errors as $e) {
$msg .= $e->getMessage()."<br>";
}
}
?>