yzms/m/login2.php

<?
if(strstr($_SERVER['HTTP_HOST'], '.fsecity.com') && $_SERVER['SERVER_PORT'] != 443) {
	//header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
	//exit;
}
require_once("../show/common.php");
if(is_dir("/home/www")) require_once("/home/www/loginUrl.inc.php");
else require_once("d:/web/loginUrl.inc.php");

$act = $_GET['act'];

function get_user_by_phone2($cellphone)
{
	global $db;
	$row = $db->get_one("select a.*,b.name type_name from tb_user a, tb_user_type b where a.type_id = b.id and (cellphone = '{$cellphone}' or username='{$cellphone}') and a.enabled not in (0, -99)");
	if(!$row) return null;
	if(is_jdpw2($row['password'])) {
		$row['jdmm'] = 1;
	} else {
		$row['jdmm'] = 0;
	}
	$row1 = $db->get_one("select * from tb_config where class = 'ONLY_CASH_AREA'");
	$cash_fund = 0;
	if($row1) {
		$v = trim($row1['value'], ",");
		if(in_array($row['area_id'], explode(',', $v))) $cash_fund = 1;
	}
	$row['cash_fund'] = $cash_fund;
	return $row;
}

if($act == 'login') {
	$cellphone = trim($_POST['cellphone']);
	$password = trim($_POST['password']);
	$yzm = trim($_POST['yzm']);
	if($cellphone == '' || $password == '' || $yzm == '') exit;
	@session_start();
	if($yzm != strtolower($_SESSION['ftyzm'])) {
		$_SESSION['ftyzm'] = '';
		echoRs(0, '验证码错误！');
	}
	$_SESSION['ftyzm'] = '';
	$user = get_user_by_phone2($cellphone);
	if($user) {
		$uid = $user['id'];
		if($user['enabled'] == -1) {
			echoRs(0, '账号被锁，请通过忘记密码或联系管理员重置登录密码！');
		}
		if($user['enabled'] != 1) {
			echoRs(0, '帐号或密码错误');
		}
		if (md5($user['password'].$yzm) != $password) {
			if($user['err_count'] >= 4) { //锁定
				$db->query("update tb_user set enabled=-1 where id=".$uid);
				echoRs(0, '密码不正确，账号被锁，请通过忘记密码或联系管理员重置登录密码！');
			}
			$db->query("update tb_user set err_count=err_count+1 where id=".$uid);
			echoRs(0, '帐号或密码错误');
		}
		$db->query("update tb_user set err_count=0 where id=".$uid);
		$token = md5(uniqid());


		
		$set = "token='{$token}', ip='".$_SERVER['REMOTE_ADDR']."', login_time='".time()."', data='".addslashes(json_encode($user))."', expire_time='".(time()+86400)."'";
		$row = $db->get_one("select * from tb_session where uid=".$uid);
		if($row) {
			$db->query("update tb_session set {$set} where uid=".$uid);
		} else {
			$db->query("insert into tb_session set {$set}, uid=".$uid);
		}
		unset($user['password']);
		unset($user['weixin_openid']);
		unset($user['yixin_openid']);
		$user['token'] = $token;

		$db->query("update tb_user set worker_id=0 where id=".$uid);
		echoRs(1, 'ok', array('user' => $user, 'target' => 'fs'));
	}
	
	echoRs(0, '帐号或密码错误');
	exit;
}
$cinfo = $_GET['cinfo'];
if($cinfo) {
	$cinfo = unserialize(gzuncompress(base64_decode($cinfo)));
	if($cinfo) {
		setcookie("cellphone", $cinfo['cellphone'], time()+86400*365, "/m");
		setcookie("password", $cinfo['password'], time()+86400*365, "/m");
		setcookie("remember", $cinfo['remember'], time()+86400*365, "/m");
		gredirect("login.php");
		exit;
	}
}
?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <title>点餐平台</title>
    <meta name="viewport" content="initial-scale=1, maximum-scale=1">
    <link rel="stylesheet" href="css/light7.min.css?v=<?=filemtime("css/light7.min.css")?>" />
    <link rel="stylesheet" href="css/main.css?v=<?=filemtime("css/main.css")?>" />
	<script type="text/javascript" src="js/jquery.min.js?v=<?=filemtime("js/jquery.min.js")?>" charset="utf-8"></script>
    <script type="text/javascript" src="js/light7.min.js?v=<?=filemtime("js/light7.min.js")?>" charset="utf-8"></script>
<script type="text/javascript">


function gsetCookie(name, value) {
	if(!value) value = "";
	value = value + "";
	if(value == 'undefined') value = '';
	$.cookie(name, value, { expires: 365 });
	/*try {
		if(androidJs) {
			androidJs.setCookie(name, value);
		}
	} catch (e){}*/
	
}
function ggetCookie(name) {
	/*try {
		if(androidJs) {
			return androidJs.getCookie(name);
		}
	} catch (e){}*/
	var value = $.cookie(name);
	if(!value || value == 'undefined') value = '';
	return value;
}
function loadYzm() {
	lastUpdateYzm = new Date().getTime();
	$("#yzm_img").attr('src', '../show/yzm.php?r='+new Date().getTime());
	document.form1.yzm.value = '';
}
function doLogin() {
	var cellphone = $.trim(document.form1.cellphone.value);
	var password = $.trim(document.form1.password.value);
	var yzm = $.trim(document.form1.yzm.value);
	var remember = document.form1.remember.checked;

	if(!new RegExp(/\d{11}$/).test(cellphone)){
		//$.alert("请输入正确格式的账号");
		//return false;
	}
	if(password == ''){
		$.alert("密码不能为空");
		return false; 
	}
	if(yzm == ''){
		$.alert("验证码不能为空");
		return false; 
	}

	$.showIndicator();

	$.ajax({type:'POST',url:'?act=login',dataType: 'json',data:{'cellphone':cellphone, 'password':md5(md5(password)+yzm), 'yzm':yzm},success:function(ret){
		$.hideIndicator();
		if(ret.status == '1' || ret.status == '2') {
			//location.href = ret.url;

			gsetCookie("nowtarget", ret.target);
			if(remember) {
				gsetCookie("remember", "1");
				gsetCookie("cellphone", cellphone);
				gsetCookie("password", password);
			} else {
				gsetCookie("remember", "0");
				gsetCookie("cellphone", "");
				gsetCookie("password", "");
			}
			if(typeof iosJs != 'undefined') {
				try {
					iosJs.bindAccount(cellphone);
				} catch (e){}
				
			}
			if(typeof androidJs != 'undefined') {
				try {
					androidJs.bindAccount(cellphone);
				} catch (e){}
				
			}
			if(ret.status == '1') {
				gsetCookie("user",JSON.stringify(ret.user));
				//if(ret.user.area_id && (ret.user.area_id == 6) && ret.user.dining_hall_id != 25) location.href =	"shop-index.html";
				//else 
				location.href = "index.html";
			} else if(ret.status == '2') {
				location.href = ret.tourl;
			}
		} else {
			loadYzm();
			$.alert(ret.message);
		}
									
	},
　　error: function(){
		$.hideIndicator();
		loadYzm();
　　　　$.alert("请检查网络！");	
　　}
　　});
}
function findPwd() {
	var cellphone = $.trim(document.form1.cellphone.value);
	location.href = "findPwd.php?num="+cellphone;
}
var lastUpdateYzm = new Date().getTime();
gsetCookie("nowtarget", '');
function checkYzmGq() {
	if(new Date().getTime() - lastUpdateYzm > 60000) {
		loadYzm();
	}
}
window.onload = function() {
	loadYzm();
	setInterval(checkYzmGq, 1000);

	if(typeof iosJs != 'undefined') {
		try {
			iosJs.unbindAccount();
		} catch (e){}
		
	}
	if(typeof androidJs != 'undefined') {
		try {
			androidJs.unbindAccount();
		} catch (e){}
		
	}
}

</script>
</head>
<body>
	<div class="page-group">
		<div class="page" id="page-login">
		<div class="content">
        	<form name="form1">
                <div class="list-block inset text-center">
                    <i class="icon icon-shi"></i>
                    <ul>
                        <li>
                        <div class="item-content">
                            <div class="item-media">
                                <i class="icon icon-mobile"></i>
                            </div>
                            <div class="item-inner">
                                <div class="item-input">
                                    <input type="text" name="cellphone" value="" placeholder="填写天翼手机号码" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" />
									<script type="text/javascript">
									document.form1.cellphone.value = ggetCookie('cellphone');
									</script>
                                </div>
                            </div>
                        </div>
                        </li>
                        <li>
                        <div class="item-content">
                            <div class="item-media">
                                <i class="icon icon-unlock"></i>
                            </div>
                            <div class="item-inner">							 
                                <div class="item-input">
                                    <input type="password" name="password" value="" placeholder="填写密码" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" />
									<script type="text/javascript">
									document.form1.password.value = ggetCookie('password');
									</script>
                                </div>
                            </div>
                        </div>
                        </li>

						<li>
                        <div class="item-content">
                            <div class="item-media">
                                <i class="icon icon-edit"></i>
                            </div>
                            <div class="item-inner" style="padding-right:0">							 
                                <div class="item-input">
								<table cellpadding="0" cellspacing="0" border="0" width="100%">
								<tr>
								<td height="100%"><input type="text" name="yzm" value="" placeholder="填写验证码" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" /></td>
								<td width="110" align="right"><img id="yzm_img" src="" style="width:105px;vertical-align:middle;" onclick="loadYzm()" /></td>
								</tr>
								</table>
                                    
                                </div>
                            </div>
                        </div>
                        </li>

                        <li>
                        <div class="item-content">
                            <div class="item-media">							 
                            </div>
                            <div class="item-inner">
                                <div class="item-title label text-left">
                                    记住我		
                                </div>
                                <div class="item-input">
                                    <label class="label-switch pull-left">
									<script type="text/javascript">
									if(ggetCookie("remember") == '1') {
										document.write('<input type="checkbox" name="remember" checked />');
									} else {
										document.write('<input type="checkbox" name="remember" />');
									}
									</script>
                                    
									
                                    <div class="checkbox">
                                    </div>
                                    </label>
                                </div>
                            </div>
                        </div>
                        </li>
                    </ul>
                </div>
            
                <div class="content-block">
                    <div class="row">
                        <div class="col-100">
                            <button  class="button button-big button-fill submit" type="button" onclick="doLogin()">登陆</button>                       
                        </div>
                    </div>
                    <p class="text-center signup">
                      <!--<a href="javascript:;" class="pull-left">初始密码123456</a>-->
                      <a href="javascript:;" onclick="findPwd()" class="pull-right replace">忘记密码？</a>
                    </p>                
                </div>
            </form>
		</div>
	</div>
    </div>
           
	
  </body>
</html>