后端PHP生成Key
session('loginskey', $this->loginskey = uniqid())
在前端加入隐藏表单
<input type="hidden" name="skey" value="{$loginskey|default=''}">
提交前通过skey值+密码进行md5加密
/*! 后台加密登录处理 */
$body.find('[data-login-form]').map(function (that) {
that = this;
require(["md5"], function (md5) {
$("form").vali(function (data) {
data['password'] = md5.hash(md5.hash(data['password']) + data['skey']);
if (data['skey']) delete data['skey'];
$.form.load(location.href, data, "post", function (ret) {
if (parseInt(ret.code) !== 1) {
$(that).find('.verify.layui-hide').removeClass('layui-hide');
$(that).find('[data-refresh-captcha]').trigger('click');
}
}, null, null, 'false');
});
});
});
后端做判断
$data=$_POST;
$map = ['is_deleted' => '0', 'username' => $data['username']];
$user = Db::name('SystemUser')->where($map)->order('id desc')->find();
if (empty($user)) $this->error('登录账号或密码错误,请重新输入!');
if (md5($user['password'] . session('loginskey')) !== $data['password']) {
$this->error('登录账号或密码错误,请重新输入!');
}
提交效果图
相关文章
