撞库

@@ -137,20 +137,26 @@ class PassportModel
 
     /*
      * 重写递增计数 cache方法
-     * $key cache-key
+     * $key cache-key,递增存放变量
      * $offset 递增偏移量
      * $initValue 初始化值
      * $expiry 缓存时间
      */
-    public static function increment($key, $offset = 1, $initValue = 0, $expire = 1800)
+
+    public static function increment($key, $timeKey, $offset = 1, $initValue = 0, $expire = 1800)
     {
-        //初始化key
-        if (!Cache::get($key)) {
-            Cache::set($key, $initValue, $expire);
+        //有效期之外清除key
+        if (!Cache::get($timeKey) && Cache::get($key)) {
+            Cache::delete($key);
+        }
+        //初始化计时
+        if (!Cache::get($timeKey) && !Cache::get($key)) {
+            Cache::set($timeKey, TRUE, $expire);
+            Cache::set($key, $initValue);
         }
-        //增加偏移量
-        $cacheValue = intval(Cache::get($key))+$offset;
-        Cache::set($key, $cacheValue, $expire);
+        //未过期则递增
+        $cacheValue = intval(Cache::get($key)) + $offset;
+        Cache::set($key, $cacheValue);
     }
 
 }

@@ -28,7 +28,7 @@ class LoginController extends WebAction
         if (!strstr($refer, 'http')) {
             $refer = SITE_MAIN . $refer;
         }
-        
+
         if (!empty($refer)) {
             $this->setCookie('refer', $refer);
         }
@@ -70,7 +70,7 @@ class LoginController extends WebAction
      */
     public function authAction()
     {
-        $data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配，是否<a href="'.Helpers::url('/passport/back/index').'" target="_blank">忘记密码?</a>', 'data' => '');
+        $data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配，是否<a href="' . Helpers::url('/passport/back/index') . '" target="_blank">忘记密码?</a>', 'data' => '');
         do {
             /* 判断是不是AJAX请求 */
             if (!$this->isAjax()) {
@@ -108,26 +108,43 @@ class LoginController extends WebAction
              */
             $ip = Helpers::getClientIp();
             $ipKey = md5('ip_signin_' . $ip);
+            $ipTimeKey = md5('ip_signin_time' . $ip);
             $accountKey = md5('account_signin_' . $account);
-            PassportModel::increment($ipKey, 1, 0, 3600);
+            $accountTimeKey = md5('account_signin_time' . $account);
+            //cache初始化，非有效时间内清除次数，有效时间内叠加cache计数
+            if (!Cache::get($accountTimeKey) && Cache::get($accountKey)) {
+                Cache::delete($accountKey);
+            }
+            if (!Cache::get($accountTimeKey) && !Cache::get($accountKey)) {
+                Cache::set($accountTimeKey, true, 1800);
+                Cache::set($accountKey, 0);
+            }
+            if (!Cache::get($ipTimeKey) && Cache::get($ipKey)) {
+                Cache::delete($ipKey);
+            }
+            if (!Cache::get($ipTimeKey) && !Cache::get($ipKey)) {
+                Cache::set($ipTimeKey, true, 3600);
+                Cache::set($ipKey, 0);
+            }
             $accountTimes = Cache::get($accountKey);
-            if ($accountTimes > 10) {
+            $ipTimes = Cache::get($ipKey);
+            if ($accountTimes >= 10) {
                 $data = array('code' => 400, 'message' => '您的账号已被暂时锁定,请稍后再试', 'data' => '');
                 break;
             }
-            
-            $ipTimes = Cache::get($ipKey);
-            if ($ipTimes > 100) {
+            if ($ipTimes >= 100) {
                 $data = array('code' => 400, 'message' => '您尝试的次数过多，账号已被暂时锁定，请稍后再试', 'data' => '');
                 break;
             }
             $data = LoginData::signin($area, $account, $password, $shoppingKey);
             if (!isset($data['code']) || $data['code'] != 200 || !isset($data['data']['uid'])) {
-                PassportModel::increment($accountKey, 1, 0, 1800);
-                $data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配，是否<a href="'.Helpers::url('/passport/back/index').'" target="_blank">忘记密码?</a>', 'data' => '');
+                Cache::set($accountKey, intval(Cache::get($accountKey)) + 1);
+                Cache::set($ipKey, intval(Cache::get($ipKey)) + 1);
+                $data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配，是否<a href="' . Helpers::url('/passport/back/index') . '" target="_blank">忘记密码?</a>', 'data' => '');
                 break;
             }
 
+            //登录成功
             $refer = $this->getCookie('refer');
             if (empty($refer) || strstr($refer, 'signin.html') || strstr($refer, 'passport/login/index')) {
                 $refer = SITE_MAIN;

@@ -48,7 +48,8 @@ class RegisterController extends WebAction
         $ip = Helpers::getClientIp();
         $data = array('code' => 400, 'message' => '', 'data' => '');
         $ipKey = md5('ip_checkmobile_' . $ip);
-        PassportModel::increment($ipKey, 1, 0, 3600);
+        $ipTimeKey = md5('ip_checkmobile_time_' . $ip);
+        PassportModel::increment($ipKey,$ipTimeKey,1, 0, 3600);
         $ipTimes = Cache::get($ipKey);
         do{
             /* 判断是不是AJAX请求 */
@@ -60,7 +61,7 @@ class RegisterController extends WebAction
                 $data['message'] = '手机号码格式不正确';
                 break;
             }
-            if ($ipTimes >= 500) {
+            if ($ipTimes > 500) {
                 $data['message'] = '由于你IP受限无法注册';
                 break;
             }
@@ -130,7 +131,8 @@ class RegisterController extends WebAction
             }
             //发送代码
             $sendCodeKey = md5('send_code_' . $area . '_' . $mobile);
-            PassportModel::increment($sendCodeKey, 1, 0, 3600);
+            $sendCodeTimeKey = md5('send_code_time_' . $area . '_' . $mobile);
+            PassportModel::increment($sendCodeKey,$sendCodeTimeKey, 1, 0, 3600);
             $sendCodeTimes = Cache::get($sendCodeKey);
             if ($sendCodeTimes > 50) {
                 $data['message'] = '发送验证码太多';