PHP:【商城后台管理系统】admin超级管理员后台登录界面部署
一.后台管理登录非空验证
二.后台管理登录用户信息验证
三.注意事项
- 需要注意储存用户password的时候需要进行加密
- 存储password的时候 优先选择password_hash 比 md5 更安全
- 如果使用md5 加密 请加严处理
HTML 代码块
<!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="stylesheet" href="/static/layui-v2.6.8/layui/css/layui.css" /> <script src="/static/layui-v2.6.8/layui/layui.js"></script> <title>后台登录</title> <style> body { background: lightblue; } .box { width: 500px; margin: 80px auto; } #imgs { width: 150px; height: 35px; cursor: pointer; } </style> </head> <body> <div class="box"> <div style="background: #ffffff; border-radius: 4px; box-shadow: 5px 5px 20px #444444; padding: 20px"> <div class="layui-form"> <div class="layui-form-item"> <h2 style="color: gray">后台管理系统</h2> </div> <hr /> <div class="layui-form-item"> <label class="layui-form-label" for="username">用户名</label> <div class="layui-input-block"> <input type="text" class="layui-input" name="username" id="username" /> </div> </div> <div class="layui-form-item"> <label class="layui-form-label" for="password">密 码</label> <div class="layui-input-block"> <input type="password" class="layui-input" name="password" id="password" /> </div> </div> <div class="layui-form-item"> <label class="layui-form-label" for="captcha">验证码</label> <div class="layui-input-inline"> <input type="text" class="layui-input" name="captcha" id="captcha" /> </div> <img src="{:captcha_src()}" alt="captcha" onclick="captcha()" id="imgs" /> </div> <div class="layui-form-item"> <div style="margin-left: 110px" class="layui-input-block"> <button class="layui-btn" onclick="login()">登录</button> <span id="tips" style="margin-left: 80px"></span> </div> </div> </div> </div> </div> </body></html><script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script><script type="text/javascript"> //页面开始就获取焦点 $("#username").focus(); //点击登录 function login() { let data = {}; //jquery trim 截断空格 data.username = $.trim($("#username").val()); data.password = $("#password").val(); data.captcha = $("#captcha").val(); console.log(data); if (data.username == "") { layer.alert("请输入用户名",{icon:2}); return; } if (data.password == "") { layer.alert("请输入密码",{icon:2}); return; } if (data.captcha == "") { layer.alert("请输入验证码",{icon:2}); return; } $.post( "/admin/Account/dologin", data, function (res) { if (res.id == 1) { layer.alert(res.msg,{icon:1}); setTimeout(() => { window.location.href = '/admin/home/index'; }, 2000); } else { captcha(); layer.alert(res.msg,{icon:2}); } }, "json" ); } //点击验证码刷新 function captcha() { $("#imgs").attr("src", "{:captcha_src()}?rand=" + Math.random()); }</script>
PHP 代码块
<?phpnamespace app\admin\controller;use app\BaseController;use think\facade\Db;use think\facade\View;use think\facade\Request;use think\facade\Session;/** * 后台账号管理 */class Account extends BaseController{ //登录 public function login() { return View::fetch('/account/login'); } //登录执行 public function dologin() { $username = Request::post('username'); $password = Request::post('password'); $captcha = Request::post('captcha'); //用户名非空验证 if (empty($username)) { exit(json_encode(['id'=> 0, 'msg' => '用户名不能为空'])); } //密码非空验证 if (empty($password)) { exit(json_encode(['id'=> 0, 'msg' => '密码不能为空'])); } //验证码非空验证 if (empty($captcha)) { exit(json_encode(['id'=> 0, 'msg' => '验证码不能为空'])); } //验证码正确验证 if (captcha_check($captcha)) { exit(json_encode(['id'=> 0, 'msg' => '验证码不正确'])); } //查询用户信息 $find = Db::table('admins') ->where([ 'username' => $username, ]) ->find(); //验证用户是否存在 if (empty($find)) { echo json_encode(['id'=> 0, 'msg' => '用户名不存在']); return; } //校验用户信息 if ($find) { if (md5($find['username'].$password) != $find['password']) { echo json_encode(['id'=> 0, 'msg' => '密码不正确']); }else { echo json_encode(['id'=> 1, 'msg' => '登陆成功']); } }else { echo json_encode(['id'=> 0, 'msg' => '用户名不存在']); } //校验成功后 设置用户session Session::set('admin',$find); }}
