通过加密cookie是网站安全性更高,登录信息不保存在session中
在function.php文件在建立两个函数,加密和解密函数/**<br>
* 加密函数<br>
* @param string $txt 需要加密的字符串<br>
* @param string $key 密钥<br>
* @return string 返回加密结果<br>
*/<br>
function encrypt($txt, $key = ''){<br>
if (empty($txt)) return $txt;<br>
if (empty($key)) $key = md5(MD5_KEY);<br>
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_.";<br>
$ikey ="-x6g6ZWm2G9g_vr0Bo.pOq3kRIxsZ6rm";<br>
$nh1 = rand(0,64);<br>
$nh2 = rand(0,64);<br>
$nh3 = rand(0,64);<br>
$ch1 = $chars{$nh1};<br>
$ch2 = $chars{$nh2};<br>
$ch3 = $chars{$nh3};<br>
$nhnum = $nh1 + $nh2 + $nh3;<br>
$knum = 0;$i = 0;<br>
while(isset($key{$i})) $knum +=ord($key{$i++});<br>
$mdKey = substr(md5(md5(md5($key.$ch1).$ch2.$ikey).$ch3),$nhnum%8,$knum%8 + 16);<br>
$txt = base64_encode(time().'_'.$txt);<br>
$txt = str_replace(array('+','/','='),array('-','_','.'),$txt);<br>
$tmp = '';<br>
$j=0;$k = 0;<br>
$tlen = strlen($txt);<br>
$klen = strlen($mdKey);<br>
for ($i=0; $i
$k = $k == $klen ? 0 : $k;<br>
$j = ($nhnum+strpos($chars,$txt{$i})+ord($mdKey{$k++}))%64;<br>
$tmp .= $chars{$j};<br>
}<br>
$tmplen = strlen($tmp);<br>
$tmp = substr_replace($tmp,$ch3,$nh2 % ++$tmplen,0);<br>
$tmp = substr_replace($tmp,$ch2,$nh1 % ++$tmplen,0);<br>
$tmp = substr_replace($tmp,$ch1,$knum % ++$tmplen,0);<br>
return $tmp;<br>
}<br>
<br>
/**<br>
* 解密函数<br>
* @param string $txt 需要解密的字符串<br>
* @param string $key 密匙<br>
* @return string 字符串类型的返回结果<br>
*/<br>
function decrypt($txt, $key = '', $ttl = 0){<br>
if (empty($txt)) return $txt;<br>
if (empty($key)) $key = md5(MD5_KEY);<br>
<br>
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_.";<br>
$ikey ="-x6g6ZWm2G9g_vr0Bo.pOq3kRIxsZ6rm";<br>
$knum = 0;$i = 0;<br>
$tlen = @strlen($txt);<br>
while(isset($key{$i})) $knum +=ord($key{$i++});<br>
$ch1 = @$txt{$knum % $tlen};<br>
$nh1 = strpos($chars,$ch1);<br>
$txt = @substr_replace($txt,'',$knum % $tlen--,1);<br>
$ch2 = @$txt{$nh1 % $tlen};<br>
$nh2 = @strpos($chars,$ch2);<br>
$txt = @substr_replace($txt,'',$nh1 % $tlen--,1);<br>
$ch3 = @$txt{$nh2 % $tlen};<br>
$nh3 = @strpos($chars,$ch3);<br>
$txt = @substr_replace($txt,'',$nh2 % $tlen--,1);<br>
$nhnum = $nh1 + $nh2 + $nh3;<br>
$mdKey = substr(md5(md5(md5($key.$ch1).$ch2.$ikey).$ch3),$nhnum % 8,$knum % 8 + 16);<br>
$tmp = '';<br>
$j=0; $k = 0;<br>
$tlen = @strlen($txt);<br>
$klen = @strlen($mdKey);<br>
for ($i=0; $i
$k = $k == $klen ? 0 : $k;<br>
$j = strpos($chars,$txt{$i})-$nhnum - ord($mdKey{$k++});<br>
while ($j
$tmp .= $chars{$j};<br>
}<br>
$tmp = str_replace(array('-','_','.'),array('+','/','='),$tmp);<br>
$tmp = trim(base64_decode($tmp));<br>
<br>
if (preg_match("/\d{10}_/s",substr($tmp,0,11))){<br>
if ($ttl > 0 && (time() - substr($tmp,0,11) > $ttl)){<br>
$tmp = null;<br>
}else{<br>
$tmp = substr($tmp,11);<br>
}<br>
}<br>
return $tmp;<br>
}后台系统登录页面的操作处理方法 //登录<br>
public function login(){<br>
if(IS_POST){<br>
//验证验证码<br>
if(!$this->checkverify(I('post.captcha'))){<br>
$this->error(L('verify_error'));//L函数方便多语言系统,内容是“验证码错误”<br>
}<br>
$Admin=D('admin');<br>
$res=$Admin->checkLogin(I('post.name'),I('post.pass'));//这里其实就是在model里面通过M('admin')->where(array('admin_name'=>$name,'admin_password'=>$pass))->find();<br>
if(is_array($res) && !empty($res)) {<br>
//admin_name用户名。amdin_id主键。admin_gid是权限组id。admin_is_super是否是超级管理员<br>
$data=array('name'=>$res['admin_name'], 'id'=>$res['admin_id'],'gid'=>$res['admin_gid'],'sp'=>$res['admin_is_super']);<br>
$this->systemSetKey($data);<br>
$this->redirect(U('Index/index'));<br>
}else{<br>
$this->error(L('user_pass_error'));//L函数方便多语言系统,内容是“用户名或密码错误”<br>
}<br>
}else{<br>
$this->display();<br>
}<br>
}<br>
private function systemSetKey($user=''){<br>
if(is_array($user) && !empty($user)){<br>
cookie(COOKIE_PRE.'sys_key',encrypt(serialize($user),MD5_KEY),3600);//这里的COOKIE_PRE是一个常量,你可以在入口文件直接定义个常量。user是一个数据然后序列化成字符串<br>
}<br>
}后台系统首页的验证管理员信息的方法
在基类中写验证<?php <br />
namespace Admin\Controller;<br>
use Think\Controller;<br>
class BaseController extends Controller {<br>
protected $admin_info; //管理员资料 name id group<br>
protected $permission; //权限内容<br>
<br>
public function __construct(){<br>
/**<br>
* 验证用户是否登录<br>
* $admin_info 管理员资料 name id<br>
* id为1 是超级管理员<br>
*/<br>
$this->admin_info = $this->systemLogin();<br>
if ($this->admin_info['id'] != 1){<br>
// 验证权限,这个省略<br>
<br>
}<br>
parent::__construct();<br>
}<br>
<br>
/**<br>
* 系统后台登录验证<br>
*<br>
* @param<br>
* @return array 数组类型的返回结果<br>
*/<br>
protected final function systemLogin(){<br>
//取得cookie内容,解密,和系统匹配<br>
$user = unserialize(decrypt(cookie(COOKIE_PRE.'sys_key'),MD5_KEY));<br>
if (!key_exists('gid',(array)$user) || !isset($user['sp']) || (empty($user['name']) || empty($user['id']))){<br>
$this->redirect(U('Public/login'));<br>
}else {<br>
$this->systemSetKey($user);<br>
}<br>
return $user;<br>
}<br>
/**<br>
* 系统后台 会员登录后 将会员验证内容写入对应cookie中<br>
* @param string $name 用户名<br>
* @param int $id 用户ID<br>
* @return bool 布尔类型的返回结果<br>
*/<br>
protected final function systemSetKey($user){<br>
cookie(COOKIE_PRE.'sys_key',encrypt(serialize($user),MD5_KEY),3600);<br>
}<br>
}
AD:真正免费,域名+虚机+企业邮箱=0元
BigDecimal method to compare sizes
How to turn off the firewall
html online editor
Bitcoin buying and selling process on Huobi.com
The server cannot be found on the computer solution
How Oracle creates a database
Introduction to the usage of sort() function in python
Which key should I press to recover when I can't type on my computer keyboard?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
