Correcting teacher:PHPz
Correction status:qualified
Teacher's comments:
// email和password是从表单中获取到的邮箱和密码值
// 有效性校验,这样做的好处是减少一些无效请求,减轻服务器压力和相关开销
const emailReg = /^[a-z0-9]+([._\\-]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/;
// 假定密码规则是需要介于6~12位,且包含大小写和数字及特殊字符(!@#%&)
const passwordReg = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#%&]).{6,12}$/;
if(
!emailReg.test(email) || !passwordReg.test(password)
){
alert('邮箱或密码格式不正确');
return false;
}else{
// 向后端提交的代码写到这里
}
// 前后端双重校验,减少出错概率
//$user 为前端传过来的email和password数组
// $emailReg = "/^([a-zA-Z0-9_-])+@([a-zA-Z0-9_-])+(.[a-zA-Z0-9_-])+/";
$passwordReg = "/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#%&]).{6,12}$/";
if(
!filter_var($user['email'],FILTER_VALIDATE_EMAIL)
||
!preg_match($passwordReg,$user['password'])
){
echo json_encode([
'state'=> -1, // -1, 账号密码失效
'msg' => '账号或密码错误'
]);
}else{
// 假定函数checkUserfromDatabase($email,$password) 是向数据库中查找一条数据,email和password是否匹配;如存在,返回true,否则false
if(checkUserfromDatabase($user['email'],$user['password'])){
echo json_encode([
'state' => 1,
'msg' => '登录成功'
]);
}else{
echo json_encode([
'state'=> -1, // -1, 账号密码失效
'msg' => '账号或密码错误'
]);
}
}