📄 正在查看:twcms/model/user_model.class.php
1<?php
2/**
3 * (C)2012-2014 twcms.com TongWang Inc.
4 * Author: wuzhaohuan <kongphp@gmail.com>
5 */
6
7defined('TWCMS_PATH') or exit;
8
9class user extends model {
10 function __construct() {
11 $this->table = 'user'; // 表名
12 $this->pri = array('uid'); // 主键
13 $this->maxid = 'uid'; // 自增字段
14 }
15
16 // 根据用户名获取用户数据
17 public function get_user_by_username($username) {
18 $data = $this->find_fetch(array('username'=>$username), array(), 0, 1);
19 return $data ? current($data) : array();
20 }
21
22 // 检查用户名是否合格
23 public function check_username(&$username) {
24 $username = trim($username);
25 if(empty($username)) {
26 return '用户名不能为空哦!';
27 }elseif(utf8::strlen($username) > 16) {
28 return '用户名不能大于16位哦!';
29 }elseif(str_replace(array("\t","\r","\n",' ',' ',',',',','-','"',"'",'\\','/','&','#','*'), '', $username) != $username) {
30 return '用户名中含有非法字符!';
31 }elseif(htmlspecialchars($username) != $username) {
32 return '用户名中不能含有<>!';
33 }
34
35 // hook usre_model_check_username_after.php
36 return '';
37 }
38
39 // 返回安全的用户名
40 public function safe_username(&$username) {
41 $username = str_replace(array("\t","\r","\n",' ',' ',',',',','-','"',"'",'\\','/','&','#','*'), '', $username);
42 $username = htmlspecialchars($username);
43 }
44
45 // 检查密码是否合格
46 public function check_password(&$password) {
47 if(empty($password)) {
48 return '密码不能为空哦!';
49 }elseif(utf8::strlen($password) < 6) {
50 return '密码不能小于6位哦!';
51 }elseif(utf8::strlen($password) > 32) {
52 return '密码不能大于32位哦!';
53 }
54 return '';
55 }
56
57 // 验证密码是否相等
58 public function verify_password($password, $salt, $password_md5) {
59 return md5(md5($password).$salt) == $password_md5;
60 }
61
62 // 防IP暴力破解
63 public function anti_ip_brute($ip) {
64 $password_error = $this->runtime->get('password_error_'.$ip);
65 return ($password_error && $password_error >= 8) ? true : false;
66 }
67
68 // 根据IP记录密码错误次数
69 public function password_error($ip) {
70 $password_error = (int)$this->runtime->get('password_error_'.$ip);
71 $password_error++;
72 $this->runtime->set('password_error_'.$ip, $password_error, 450);
73 }
74
75 // 格式化后显示给用户
76 public function format(&$user) {
77 if(!$user) return;
78 $user['regdate'] = empty($user['regdate']) ? '0000-00-00 00:00' : date('Y-m-d H:i', $user['regdate']);
79 $user['regip'] = long2ip($user['regip']);
80 $user['logindate'] = empty($user['logindate']) ? '0000-00-00 00:00' : date('Y-m-d H:i', $user['logindate']);
81 $user['loginip'] = long2ip($user['loginip']);
82 $user['lastdate'] = empty($user['lastdate']) ? '0000-00-00 00:00' : date('Y-m-d H:i', $user['lastdate']);
83 $user['lastip'] = long2ip($user['lastip']);
84
85 // hook usre_model_format_after.php
86 }
87}
88