...
|
...
|
@@ -70,7 +70,7 @@ class LoginController extends WebAction |
|
|
*/
|
|
|
public function authAction()
|
|
|
{
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否<a href="'.Helpers::url('/passport/back/index').'" target="_blank">忘记密码?</a>', 'data' => '');
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否<a href="' . Helpers::url('/passport/back/index') . '" target="_blank">忘记密码?</a>', 'data' => '');
|
|
|
do {
|
|
|
/* 判断是不是AJAX请求 */
|
|
|
if (!$this->isAjax()) {
|
...
|
...
|
@@ -108,26 +108,43 @@ class LoginController extends WebAction |
|
|
*/
|
|
|
$ip = Helpers::getClientIp();
|
|
|
$ipKey = md5('ip_signin_' . $ip);
|
|
|
$ipTimeKey = md5('ip_signin_time' . $ip);
|
|
|
$accountKey = md5('account_signin_' . $account);
|
|
|
PassportModel::increment($ipKey, 1, 0, 3600);
|
|
|
$accountTimeKey = md5('account_signin_time' . $account);
|
|
|
//cache初始化,非有效时间内清除次数,有效时间内叠加cache计数
|
|
|
if (!Cache::get($accountTimeKey) && Cache::get($accountKey)) {
|
|
|
Cache::delete($accountKey);
|
|
|
}
|
|
|
if (!Cache::get($accountTimeKey) && !Cache::get($accountKey)) {
|
|
|
Cache::set($accountTimeKey, true, 1800);
|
|
|
Cache::set($accountKey, 0);
|
|
|
}
|
|
|
if (!Cache::get($ipTimeKey) && Cache::get($ipKey)) {
|
|
|
Cache::delete($ipKey);
|
|
|
}
|
|
|
if (!Cache::get($ipTimeKey) && !Cache::get($ipKey)) {
|
|
|
Cache::set($ipTimeKey, true, 3600);
|
|
|
Cache::set($ipKey, 0);
|
|
|
}
|
|
|
$accountTimes = Cache::get($accountKey);
|
|
|
if ($accountTimes > 10) {
|
|
|
$ipTimes = Cache::get($ipKey);
|
|
|
if ($accountTimes >= 10) {
|
|
|
$data = array('code' => 400, 'message' => '您的账号已被暂时锁定,请稍后再试', 'data' => '');
|
|
|
break;
|
|
|
}
|
|
|
|
|
|
$ipTimes = Cache::get($ipKey);
|
|
|
if ($ipTimes > 100) {
|
|
|
if ($ipTimes >= 100) {
|
|
|
$data = array('code' => 400, 'message' => '您尝试的次数过多,账号已被暂时锁定,请稍后再试', 'data' => '');
|
|
|
break;
|
|
|
}
|
|
|
$data = LoginData::signin($area, $account, $password, $shoppingKey);
|
|
|
if (!isset($data['code']) || $data['code'] != 200 || !isset($data['data']['uid'])) {
|
|
|
PassportModel::increment($accountKey, 1, 0, 1800);
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否<a href="'.Helpers::url('/passport/back/index').'" target="_blank">忘记密码?</a>', 'data' => '');
|
|
|
Cache::set($accountKey, intval(Cache::get($accountKey)) + 1);
|
|
|
Cache::set($ipKey, intval(Cache::get($ipKey)) + 1);
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否<a href="' . Helpers::url('/passport/back/index') . '" target="_blank">忘记密码?</a>', 'data' => '');
|
|
|
break;
|
|
|
}
|
|
|
|
|
|
//登录成功
|
|
|
$refer = $this->getCookie('refer');
|
|
|
if (empty($refer) || strstr($refer, 'signin.html') || strstr($refer, 'passport/login/index')) {
|
|
|
$refer = SITE_MAIN;
|
...
|
...
|
|