<?php //mysql 字段驗證 require 'connect.php'; $username = $_POST['username']; $password = $_POST['password']; //檢查用戶是否存在 $row = $mysql->query("select * from user where username=$username limit 1"); $time = time(); if (empty($row['err_time'])) { //err_time為空,直接進行密碼校驗 $login = $mysql->query("select * from user where username=$username and password=$password limit 1"); if ($login) { echo '登錄成功,設置跳轉'; } else { $count = $login['err_count']; $mysql->query("UPDATE user SET err_time=$time,err_count=$count+1 where username=$username"); echo "登錄失敗"; } } else { //如果err_time不為空 $err_time = $login['err_time']; $hour = $hour = floor(($time - $err_time) % 86400 / 3600); //計算時間差 $count = $login['err_count']; if ($hour < 24) { if($count <= 3){ $mysql->query("UPDATE user SET err_time=$time,err_count=$count+1 where username=$username"); echo "登錄失敗"; }else{ //24小時以內,錯誤次數大於3 賬戶凍結 echo '您的賬戶已經被凍結,請聯系網站管理員'; exit; } } else { //大於24小時,自動解除凍結,重置err_time和err_count的值 $mysql->query("UPDATE user SET err_time=null,err_count=0 where username=$username"); $login = $mysql->query("select * from user where username=$username and password=$password limit 1"); if ($login) { echo '登錄成功,設置跳轉'; } else { //解除凍結后,賬號密碼錯誤的情況,更新數據庫,返回登錄頁 $count = $login['err_count']; $mysql->query("UPDATE user SET err_time=$time,err_count=$count+1 where username=$username"); echo "登錄失敗"; } } }
<?php //redis方法 $username = 'username'; $password = 'password'; $pwd =123456; $redis = new Redis; $redis->connect('127.0.0.1',6379); $numData = $redis->get($username); if($numData>3){ echo '登錄錯誤次數超過三次'; exit(); } if($password !=$pwd){ $redis->incr($username); //20s重置 $redis->setTimeout($username,20); echo '登錄失敗'; }else{ echo '登錄成功'; }