76 lines
2.7 KiB
PHP
Executable File
76 lines
2.7 KiB
PHP
Executable File
<?php
|
|
require_once __DIR__ . '/config/db.php';
|
|
require_once __DIR__ . '/includes/functions.php';
|
|
|
|
if (isset($_SESSION['user_id'])) {
|
|
redirect('index.php');
|
|
}
|
|
|
|
$error = '';
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$username = trim($_POST['username'] ?? '');
|
|
$password = $_POST['password'] ?? '';
|
|
$captcha = strtoupper(trim($_POST['captcha'] ?? ''));
|
|
|
|
if ($captcha !== ($_SESSION['captcha'] ?? '')) {
|
|
$error = '验证码错误';
|
|
} elseif ($username === '' || $password === '') {
|
|
$error = '请输入用户名和密码';
|
|
} else {
|
|
$stmt = $pdo->prepare('SELECT * FROM users WHERE username = ?');
|
|
$stmt->execute([$username]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user && password_verify($password, $user['password'])) {
|
|
if (!empty($user['disabled'])) {
|
|
$error = '账户已被禁用';
|
|
} else {
|
|
session_regenerate_id(true);
|
|
$_SESSION['user_id'] = (int)$user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['role'] = $user['role'];
|
|
redirect('index.php');
|
|
}
|
|
} else {
|
|
$error = '用户名或密码错误';
|
|
}
|
|
}
|
|
$_SESSION['captcha'] = '';
|
|
}
|
|
?><!DOCTYPE html>
|
|
<html lang="zh-CN">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>登录 - 兑换码管理系统</title>
|
|
<link rel="stylesheet" href="assets/css/style.css">
|
|
</head>
|
|
<body class="auth-page">
|
|
<div class="auth-card">
|
|
<h1>兑换码管理系统</h1>
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger"><?= h($error) ?></div>
|
|
<?php endif; ?>
|
|
<form method="post">
|
|
<div class="form-group">
|
|
<label>用户名</label>
|
|
<input type="text" name="username" class="form-control" required autocomplete="username">
|
|
</div>
|
|
<div class="form-group">
|
|
<label>密码</label>
|
|
<input type="password" name="password" class="form-control" required autocomplete="current-password">
|
|
</div>
|
|
<div class="form-group">
|
|
<label>验证码</label>
|
|
<div class="captcha-row">
|
|
<input type="text" name="captcha" class="form-control" required maxlength="4" autocomplete="off">
|
|
<img src="captcha.php?<?= time() ?>" alt="验证码" onclick="this.src='captcha.php?'+Date.now()" title="点击刷新">
|
|
</div>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary">登 录</button>
|
|
</form>
|
|
<div class="auth-footer">没有账号?<a href="register.php">立即注册</a></div>
|
|
</div>
|
|
</body>
|
|
</html>
|