16.6.4 用户注册、登陆功能讲解

注册功能

模板所在位置： /theme/default/reg.html

PHP页面 reg.php

需要完成的功能点：
1 对输入项要进行魔术转义，防止SQL注入；
2 验证邮箱格式；
3 验证密码：长度，并校验两次输入是否一致；
4 校验数据库中是否存在改用户名；
5 校验图片验证码输入是否正确；
6 若全部校验通过则创建用户，并自动登录，登陆状态使用Cookie记录；
7 注册成功，赠送积分；

<?php

	include "./common/common.php";

	$title = "用户注册 - " . WEB_NAME;

	//验证是否为提交注册信息
	if (!empty($_POST["regsubmit"]))
	{
		$uname = strMagic($_POST["username"]);
		$upass = trim($_POST["password"]);
		$urpass = trim($_POST["repassword"]);
		$umail = $_POST["mail"];
		$pyzm = $_POST["yzm"];
		
		//错误跳转页默认值
		$url = $_SERVER["HTTP_REFERER"];
		$style = "alert_error";
		$toTime = 3000;

		$alterNotice = false;	//提示页面标记位
		//验证用户名长度
		if(stringLen($uname))
		{
			$alterNotice = true;
			$msgArr[] = "<font color=red><b>用户名长度错误：用户名由 3 到 12 个字符组成</b></font>";
		}

		//判断数据库里是否存在这个用户名
		$exists = dbSelect("user","uid", "username="".$uname.""","uid desc",1);
		if($exists)
		{
			$alterNotice = true;
			$msgArr[] = "<font color=red><b>用户名已存在</b></font>";
		}
		
		//验证密码长度
		if(stringLen($upass))
		{
			$alterNotice = true;
			$msgArr[] = "<font color=red><b>密码长度错误：由 3 到 12 个字符组成</b></font>";
		}
		
		//验证两次密码是否一致
		if(str2Equal($upass, $urpass))
		{
			$alterNotice = true;
			$msgArr[] = "<font color=red><b>错误：两次密码不一致</b></font>";
		}
		
		//验证email
		if(checkEmail($umail))
		{
			$alterNotice = true;
			$msgArr[] = "<font color=red><b>错误：邮箱不合法</b></font>";
		}

		//判断验证码
		if(checkVerify($pyzm, $_SESSION["code"]))
		{
			$alterNotice = true;
			$msgArr[] = "<font color=red><b>验证码输入错误</b></font>";
		}

		//验证是否需要显示提示信息
		if($alterNotice)
		{
			$msg = join("<br />", $msgArr);
			include "notice.php";
			exit;
		}

		//创建用户
		$money = REWARD_REG;
		$n = "username, password, email, udertype, regtime, lasttime, regip, grade";
		$v = ""$uname", "".md5($upass)."", "$umail", 0, ".time().", ".time().", ".ip2long($_SERVER["REMOTE_ADDR"]).", ".$money;
		$result = dbInsert("user", $n, $v);
		if(!$result)
		{
			$msg = "<font color=red><b>注册失败，请联系管理员</b></font>";
			include "notice.php";
		}else{
			//注册成功后自动登录
			$result = dbSelect("user", "uid,username,udertype,picture,grade", "username="".$uname."" and password="".md5($upass).""", "uid desc", 1);

			setcookie("uid",$result[0]["uid"],time()+86400);
			setcookie("username",$result[0]["username"],time()+2592000);
			setcookie("udertype",$result[0]["udertype"],time()+86400);
			setcookie("picture",$result[0]["picture"],time()+86400);
			setcookie("grade",$result[0]["grade"],time()+86400);
			
			$msg = "<font color=green><b>感谢您的注册，现在将以会员身份登录站点</b></font>";
			$url = "index.php";
			$style = "alert_right";
			include "notice.php";

			$msg = "注册赠送";
			include "layer.php";
		}
	
	}else{
		include template("reg.html");
	}

?>

用户登陆

PHP页面 login.php

需要完成的功能点：
1 自动登陆功能，通过设置Cookie的过期时间来验证是否使用了自动登陆，有效期为30天。若浏览器Cookie被清除则自动失效；
2 验证登陆账号是否被管理员从后台锁定；
3 记录用户最后登陆时间；

<?php

	include "./common/common.php";

	$username = strMagic($_POST["username"]);
	$password = trim($_POST["password"]);
	$cookietime = $_POST["cookietime"];

	$result = dbSelect("user","uid,username,udertype,picture,grade,allowlogin,lasttime", "username="".$username."" and password="".md5($password).""");

	//判断是否使用了自动登录
	if($cookietime)
	{
		$longTime = time()+2592000;
	}else{
		$longTime = time()+86400;	
	}

	if(!$result)
	{
		$msg = "<font color=red><b>登录失败，用户名或密码错误</b></font>";
		$url = $_SERVER["HTTP_REFERER"];
		$style = "alert_error";
		$toTime = 3000;
		include "notice.php";
	}else{
		if($result[0]["allowlogin"])
		{
			$msg = "<font color=red><b>您的账号已经被锁定，请联系管理员</b></font>";
			$url = $_SERVER["HTTP_REFERER"];
			$style = "alert_error";
			$toTime = 3000;
			include "notice.php";
			exit;
		}
		$money = REWARD_LOGIN;
		if(formatTime($result[0]["lasttime"])<date("Y-m-d"))
		{
			//更新最后登录时间,首次登陆还要加积分
			$lasttime = dbUpdate("user", "lasttime=".time().",grade=grade+".(int)$money."", "uid=".$result[0]["uid"]."");
			$first = true;
			$grade = $result[0]["grade"]+(int)$money;
		}else{
			//更新最后登录时间
			$lasttime = dbUpdate("user", "lasttime=".time()."", "uid=".$result[0]["uid"]."");
			$grade = $result[0]["grade"];
		}
		setcookie("uid",$result[0]["uid"],$longTime);
		setcookie("username",$result[0]["username"],time()+2592000);
		setcookie("udertype",$result[0]["udertype"],$longTime);
		setcookie("picture",$result[0]["picture"],$longTime);
		setcookie("grade",$grade,$longTime);

		$msg = "<font color=green><b>登录成功</b></font>";
		$url = $_SERVER["HTTP_REFERER"];
		$style = "alert_right";
		$toTime = 3000;
		
		include "notice.php";

		if($first)
		{
			$msg = "每天登陆";
			include "layer.php";
		}
	
	}

退出登陆状态

PHP页面 logout.php

Cookie 时间设置为当前时间-1，视为立即失效；

<?php

	include "./common/common.php";

	setcookie("uid","",time()-1);
	setcookie("udertype","",time()-1);
	setcookie("picture","",time()-1);
	setcookie("grade","",time()-1);

	$msg = "<font color=green><b>您已退出站点，现在将以游客身份转入退出前页面</b></font>";
	$url = "index.php";
	$style = "alert_right";
	$toTime = 3000;
	include "notice.php";
	

退出成功后，跳转到首页。