110 lines
3.9 KiB
PHP
Executable File
110 lines
3.9 KiB
PHP
Executable File
<?php
|
||
session_start(); // 确保会话启动
|
||
require './config.php';
|
||
|
||
if (!isset($conn)) {
|
||
die("连接失败:\$conn 未定义");
|
||
}
|
||
|
||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
|
||
$password = isset($_POST['password']) ? $_POST['password'] : '';
|
||
|
||
if (empty($username) || empty($password)) {
|
||
echo "用户名和密码不能为空,请重新输入。";
|
||
exit();
|
||
}
|
||
|
||
// 修改查询语句,将 created_at 替换为 register_time
|
||
$stmt = $conn->prepare("SELECT id, username, password, register_time, level FROM users WHERE username = ?");
|
||
if (!$stmt) {
|
||
echo "数据库查询准备失败: " . $conn->error;
|
||
exit();
|
||
}
|
||
$stmt->bind_param("s", $username);
|
||
if (!$stmt->execute()) {
|
||
echo "数据库查询执行失败: " . $stmt->error;
|
||
$stmt->close();
|
||
exit();
|
||
}
|
||
$stmt->store_result();
|
||
// 修改绑定结果,将 created_at 替换为 register_time
|
||
$stmt->bind_result($id, $db_username, $hashed_password, $register_time, $current_level);
|
||
$stmt->fetch();
|
||
|
||
if ($stmt->num_rows > 0 && password_verify($password, $hashed_password)) {
|
||
// 如果用户已经是等级 4,跳过等级更新
|
||
if ($current_level == 4) {
|
||
$level = 4;
|
||
} else {
|
||
// 计算等级,将 created_at 替换为 register_time
|
||
try {
|
||
$registration_date = new DateTime($register_time);
|
||
$now = new DateTime();
|
||
$interval = $registration_date->diff($now);
|
||
|
||
if ($interval->m >= 6) {
|
||
$level = 3; // 6 个月到 1 年
|
||
} elseif ($interval->m >= 1) {
|
||
$level = 2; // 1 个月到 6 个月
|
||
} else {
|
||
$level = 1; // 不足 1 个月
|
||
}
|
||
} catch (Exception $e) {
|
||
echo "日期计算出错: " . $e->getMessage();
|
||
$stmt->close();
|
||
exit();
|
||
}
|
||
}
|
||
|
||
// 更新等级到数据库
|
||
if ($level != $current_level) {
|
||
$update_stmt = $conn->prepare("UPDATE users SET level = ? WHERE id = ?");
|
||
if (!$update_stmt) {
|
||
echo "数据库更新准备失败: " . $conn->error;
|
||
$stmt->close();
|
||
exit();
|
||
}
|
||
$update_stmt->bind_param("ii", $level, $id);
|
||
if (!$update_stmt->execute()) {
|
||
echo "数据库更新执行失败: " . $update_stmt->error;
|
||
$update_stmt->close();
|
||
$stmt->close();
|
||
exit();
|
||
}
|
||
$update_stmt->close();
|
||
}
|
||
|
||
// 存储用户信息到会话
|
||
$_SESSION['user_id'] = $id;
|
||
$_SESSION['username'] = $db_username;
|
||
|
||
// 生成 Token
|
||
$token = bin2hex(random_bytes(32)); // 生成一个唯一的 Token
|
||
|
||
// 将 Token 存储到数据库
|
||
$stmt = $conn->prepare("UPDATE users SET token = ? WHERE id = ?");
|
||
if (!$stmt) {
|
||
echo "数据库更新 Token 准备失败: " . $conn->error;
|
||
exit();
|
||
}
|
||
$stmt->bind_param("si", $token, $id);
|
||
if (!$stmt->execute()) {
|
||
echo "数据库更新 Token 执行失败: " . $stmt->error;
|
||
$stmt->close();
|
||
exit();
|
||
}
|
||
|
||
// 设置 Token 到 Cookie
|
||
setcookie('auth_token', $token, time() + 3600, '/', '', false, true); // 设置 Cookie,有效期为 1 小时
|
||
|
||
// 跳转到控制台页面并附加参数
|
||
header("Location: ../console/index.php?login=success");
|
||
exit();
|
||
} else {
|
||
echo "用户名或密码错误,请重新输入。";
|
||
}
|
||
|
||
$stmt->close();
|
||
}
|
||
$conn->close(); |