PHP:【商城后台管理系统】admin超级管理员后台登录界面部署
一.后台管理登录非空验证
二.后台管理登录用户信息验证
三.注意事项
- 需要注意储存用户password的时候需要进行加密
- 存储password的时候 优先选择password_hash 比 md5 更安全
- 如果使用md5 加密 请加严处理
HTML 代码块
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="/static/layui-v2.6.8/layui/css/layui.css" />
<script src="/static/layui-v2.6.8/layui/layui.js"></script>
<title>后台登录</title>
<style>
body {
background: lightblue;
}
.box {
width: 500px;
margin: 80px auto;
}
imgs {
width: 150px;
height: 35px;
cursor: pointer;
}
</style>
</head>
<body>
<div class="box">
<div style="background: ffffff; border-radius: 4px; box-shadow: 5px 5px 20px 444444; padding: 20px">
<div class="layui-form">
<div class="layui-form-item">
<h2 style="color: gray">后台管理系统</h2>
</div>
<hr />
<div class="layui-form-item">
<label class="layui-form-label" for="username">用户名</label>
<div class="layui-input-block">
<input type="text" class="layui-input" name="username" id="username" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label" for="password">密 码</label>
<div class="layui-input-block">
<input type="password" class="layui-input" name="password" id="password" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label" for="captcha">验证码</label>
<div class="layui-input-inline">
<input type="text" class="layui-input" name="captcha" id="captcha" />
</div>
<img src="{:captcha_src()}" alt="captcha" onclick="captcha()" id="imgs" />
</div>
<div class="layui-form-item">
<div style="margin-left: 110px" class="layui-input-block">
<button class="layui-btn" onclick="login()">登录</button>
<span id="tips" style="margin-left: 80px"></span>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
<script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script>
<script type="text/javascript">
//页面开始就获取焦点
$(" username").focus();
//点击登录
function login() {
let data = {};
//jquery trim 截断空格
data.username = $.trim($(" username").val());
data.password = $(" password").val();
data.captcha = $(" captcha").val();
console.log(data);
if (data.username == "") {
layer.alert("请输入用户名",{icon:2});
return;
}
if (data.password == "") {
layer.alert("请输入密码",{icon:2});
return;
}
if (data.captcha == "") {
layer.alert("请输入验证码",{icon:2});
return;
}
$.post(
"/admin/Account/dologin",
data,
function (res) {
if (res.id == 1) {
layer.alert(res.msg,{icon:1});
setTimeout(() => {
window.location.href = '/admin/home/index';
}, 2000);
} else {
captcha();
layer.alert(res.msg,{icon:2});
}
},
"json"
);
}
//点击验证码刷新
function captcha() {
$(" imgs").attr("src", "{:captcha_src()}?rand=" + Math.random());
}
</script>
PHP 代码块
<?php
namespace app\admin\controller;
use app\BaseController;
use think\facade\Db;
use think\facade\View;
use think\facade\Request;
use think\facade\Session;
/**
* 后台账号管理
*/
class Account extends BaseController
{
//登录
public function login()
{
return View::fetch('/account/login');
}
//登录执行
public function dologin()
{
$username = Request::post('username');
$password = Request::post('password');
$captcha = Request::post('captcha');
//用户名非空验证
if (empty($username)) {
exit(json_encode(['id'=> 0, 'msg' => '用户名不能为空']));
}
//密码非空验证
if (empty($password)) {
exit(json_encode(['id'=> 0, 'msg' => '密码不能为空']));
}
//验证码非空验证
if (empty($captcha)) {
exit(json_encode(['id'=> 0, 'msg' => '验证码不能为空']));
}
//验证码正确验证
if (captcha_check($captcha)) {
exit(json_encode(['id'=> 0, 'msg' => '验证码不正确']));
}
//查询用户信息
$find = Db::table('admins')
->where([
'username' => $username,
])
->find();
//验证用户是否存在
if (empty($find)) {
echo json_encode(['id'=> 0, 'msg' => '用户名不存在']);
return;
}
//校验用户信息
if ($find) {
if (md5($find['username'].$password) != $find['password']) {
echo json_encode(['id'=> 0, 'msg' => '密码不正确']);
}else {
echo json_encode(['id'=> 1, 'msg' => '登陆成功']);
}
}else {
echo json_encode(['id'=> 0, 'msg' => '用户名不存在']);
}
//校验成功后 设置用户session
Session::set('admin',$find);
}
}