1 <label>username:</label><input id="uid" type="text" /> 2 <label>password:</label><input id="pwd" type="password" /> 3 <input type="submit" /> 4 <script type="text/javascript"> 5 var t = new Date*1, 6 uid = $("#uid").val(), 7 pwd = $("#pwd").val(), 8 delta = encrypt($("#pwd").val() + t); 9 $.post("./login.php",{ 10 uid: $("#uid").val(), 11 pwd: delta, 12 tid: t 13 }, function(data){ 14 //do something. 15 }) 16 </script>
define("uid", "user-A"); define("pwd", "user-A-pwd"); if(time() - $_POST['tid'] > 60*2 || $_POST['uid'] !== uid || decrypt(pwd . $_POST['tid']) !== $_POST['pwd']){ die("error"); }
- 时间超过2分钟
- uid不匹配
- pwd与t的组合密码不匹配
- md5