60 lines
1.6 KiB
PHP
60 lines
1.6 KiB
PHP
|
<?
|
||
|
require_once("../show/common.php");
|
||
|
$key = "d7107772ca557850a44e127500a661bc";
|
||
|
$act = $_GET['act'];
|
||
|
if($act == 'get_timestamp') {
|
||
|
echo time();
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
$cellphone = trim($_GET['cellphone']);
|
||
|
$code = trim($_GET['code']);
|
||
|
if(!$cellphone || !$code) exit;
|
||
|
|
||
|
$user = $db->get_one("select * from tb_user where cellphone = '{$cellphone}' and enabled not in (0, -99) and type_id != 4");
|
||
|
|
||
|
if(!$user) {
|
||
|
galert("用户不存在!", "/m");
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
$time = time();
|
||
|
$suc = false;
|
||
|
for($i = $time; $i >= $time - 20; $i--) {
|
||
|
if(md5($cellphone."_".$i."_".$key) == $code) {
|
||
|
$suc = true;
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
if(!$suc) {
|
||
|
galert("登录失败!", "/m");
|
||
|
exit;
|
||
|
}
|
||
|
//http://36.111.41.116:8081/m/login_app.php?cellphone=18988651520&code=1399b5d54010e78daa56d7068d084dfd
|
||
|
//18988651520_1491383036_d7107772ca557850a44e127500a661bc
|
||
|
//http://36.111.41.116:8081/m/login_app.php?act=get_timestamp
|
||
|
|
||
|
$uid = $user['id'];
|
||
|
|
||
|
if($user['enabled'] == -1) {
|
||
|
echoRs(0, '账号被锁,请通过忘记密码或联系管理员重置登录密码!');
|
||
|
}
|
||
|
|
||
|
$token = md5(uniqid());
|
||
|
|
||
|
|
||
|
|
||
|
$set = "token='{$token}', ip='".$ip."', login_time='".time()."', data='".addslashes(json_encode($user))."', expire_time='".(time()+86400)."'";
|
||
|
$row = $db->get_one("select * from tb_session where uid=".$uid);
|
||
|
if($row) {
|
||
|
$db->query("update tb_session set {$set} where uid=".$uid);
|
||
|
} else {
|
||
|
$db->query("insert into tb_session set {$set}, uid=".$uid);
|
||
|
}
|
||
|
unset($user['password']);
|
||
|
unset($user['weixin_openid']);
|
||
|
unset($user['yixin_openid']);
|
||
|
$user['token'] = $token;
|
||
|
$tourl = "login.php?act=dologin2&data=".urlencode(base64_encode(serialize($user)));
|
||
|
gredirect($tourl);
|
||
|
exit;
|