问答项目---登陆也要做验证！（JS和PHP验证）

简单JS示例：

var login = $( 'form[name=login]' );

login.submit( function () {
    if (validate.loginAccount && validate.loginPwd) {
        return true;
    }

    $( 'input[name=account]', login ).trigger('blur');
    $( 'input[name=pwd]', login ).trigger('blur');
    return false;

} );

$( 'input[name=account]', login ).blur( function () {
    var account = $( this ).val();
    var span = $( '#login-msg' );

    if (account == '') {
        span.html( '请填入帐号' );
        validate.loginAccount = false;
        return;
    }

} );

$( 'input[name=pwd]', login ).blur( function () {
    var account = $( 'input[name=account]', login ).val();
    var pwd = $( this ).val();
    var span = $( '#login-msg' );

    if (pwd == '') {
        span.html( '请填写密码' );
        validate.loginPwd = false;
        return;
    }

    if (account == '') {
        span.html( '请填入帐号' );
        validate.loginAccount = false;
        return;
    }

    var data = {
        account : account,
        password : pwd
    };

    $.post(CONTROL + 'checkLogin', data, function (status) {
        if (status) {
            span.html( '' );
            validate.loginAccount = true;
            validate.loginPwd = true;
        } else {
            span.html( '帐号或密码不正确' );
            validate.loginAccount = false;
            validate.loginPwd = false;
        }
    }, 'json');

} );

异步验证：

//异步验证登录帐号与密码
Public function checkLogin () {
    if (!$this->isAjax()) halt('页面不存在');

    $account = $this->_post('account');
    $where = array('account' => $account);

    $pwd = M('user')->where($where)->getField('password');
    if (!$pwd || $pwd != $this->_post('password', 'md5')) {
        echo 0;
    } else {
        echo 1;
    }
}

登录表单处理：

//登录表单处理
Public function login () {
    if (!$this->isPost()) halt('页面不存在');

    $db = M('user');
    $where = array('account' => $this->_post('account'));
    $field = array('id', 'username', 'password', 'logintime', 'lock');
    $user = $db->where($where)->field($field)->find();

    if (!$user || $user['password'] != $this->_post('pwd', 'md5')) {
        $this->error('帐号或密码错误');
    }

    if ($user['lock']) {
        $this->error('帐号被锁定');
    }

    if (isset($_POST['auto'])) {
        $value = $user['id'] . '|' . get_client_ip() . '|' . $user['username'];
        $value = encrytion($value, 1);
        @setcookie('auto', $value, C('AUTO_LOGIN_LIFETIME'), '/');
    }

    //每天登录增加经验
    $today = strtotime(date('Y-m-d'));
    $where = array('id' => $user['id']);
    if ($user['logintime'] < $today) {
        $db->where($where)->setInc('exp', C('LV_LOGIN'));
    }

    $db->where($where)->save(array('logintime' => time()));

    session('uid', $user['id']);
    session('username', $user['username']);
    redirect($_SERVER['HTTP_REFERER']);
}