Hello, great gods. I really didn"t understand it after studying it for a long time, so I sent a post for help! Website backstage login is always wrong password, but the database account and password are admin, password is correct, do not know why can not log on. I looked at the login php file and found that the password seems to have other parameters, please have a look!
namespace Qwadmin\Controller;
use Common\Controller\BaseController;
use Think\Auth;
class LoginController extends BaseController {
public function index(){
$flag = false;
$auth = cookie("auth");
list($identifier, $token) = explode(",", $auth);
if (ctype_alnum($identifier) && ctype_alnum($token)) {
$user = M("member")->field("uid,user,identifier,token,salt")->where(array("identifier"=>$identifier))->find();
if($user) {
if($token == $user["token"] && $user["identifier"] == password($user["uid"].md5($user["user"].$user["salt"]))){
$flag = true;
$this->USER = $user;
}
}
}
if ($flag) {
$this -> error(",",U("index/index"));
}
$this -> display();
}
public function login(){
$verify = isset($_POST["verify"])?trim($_POST["verify"]):"";
if (!$this->check_verify($verify,"login")) {
$this -> error("",U("login/index"));
}
$username = isset($_POST["user"])?trim($_POST["user"]):"";
$password = isset($_POST["password"])?password(trim($_POST["password"])):"";
$remember = isset($_POST["remember"])?$_POST["remember"]:0;
if ($username=="") {
$this -> error("",U("login/index"));
} elseif ($password=="") {
$this -> error("",U("login/index"));
}
$model = M("Member");
$user = $model ->field("uid,user")-> where(array("user"=>$username,"password"=>$password)) -> find();
if($user) {
$token = password(uniqid(rand(), TRUE));
$salt = random(10);
$identifier = password($user["uid"].md5($user["user"].$salt));
$auth = $identifier.",".$token;
M("member")->data(array("identifier"=>$identifier,"token"=>$token,"salt"=>$salt))->where(array("uid"=>$user["uid"]))->save();
if($remember){
cookie("auth",$auth,3600*24*365);//
}else{
cookie("auth",$auth);
}
addlog("",$username);
$url=U("index/index");
header("Location: $url");
exit(0);
}else{
addlog("",$username);
$this -> error("",U("login/index"));
}
}
public function verify() {
$config = array(
"fontSize" => 14, //
"length" => 4, //
"useNoise" => false, //
"imageW"=>100,
"imageH"=>30,
);
$verify = new \Think\Verify($config);
$verify -> entry("login");
}
function check_verify($code, $id = "") {
$verify = new \Think\Verify();
return $verify -> check($code, $id);
}
}
the code to control login is as above, uid=1,user=admin,password=md532 bit encrypted admin
excuse me, how can I set the account password is user password is password, and what content can be deleted? can I log in with any password or login without a password?