123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 |
- <?php
- header("Content-type=text/json;charset=UTF-8");
- $conn = mysqli_connect("localhost", "root", "R.!a@O&t9CjweWLSTr", "centralized_control_db") or die("mysql connect error!");
- mysqli_query($conn, "set character set 'utf8'");
- date_default_timezone_set('Asia/Shanghai');
- $dataP = file_get_contents("php://input");
- $arr = json_decode($dataP);
- //$user_name = "2";
- //$password = "eccbc87e4b5ce2fe28308fd9f2a7baf3";
- //$ip = "221.0.237.194";
- $user_name = "'" . $arr->userName . "'";
- $password = "'" . $arr->password . "'";
- $ip = "'" . $arr->ip . "'";
- # 判断访问IP是否在白名单或黑名单中
- $real_data = null;
- $black_white_sql = $conn->query("SELECT `lists` FROM `user_list` WHERE `ip` = $ip;");
- while($row1 = mysqli_fetch_array($black_white_sql, MYSQLI_ASSOC)) {
- $real_data = $row1["lists"];
- }
- if ( $real_data=='1' ) {
- // ip在黑名单中,禁止登录
- $res_info = "失败5次,进入黑名单";
- } else {
- // ip不在黑名单中,判断账号密码是否正确
- $user_pw_sql = mysqli_query($conn, "SELECT * FROM user WHERE user_name = $user_name AND password = $password;");
- $result = $user_pw_sql->num_rows;
- if ($result == 1) {
- // 密码正确,允许登录
- $res_info = "success";
- }
- else {
- // 密码错误,判断是否需要增加登录失败的次数
- if ( $real_data == '0' ) {
- // ip在白名单中,不需要增加登录失败的次数
- $res_info = "账号或密码错误,请重新登录";
- } elseif ( is_null($real_data) ) {
- // ip不在白名单中,登录失败次数+1或者加入黑名单
- $wrong_sql = mysqli_query($conn, "SELECT `id`, `times` FROM user_var WHERE `ip` = $ip;");
- $result_var = $wrong_sql->num_rows;
- if ( $result_var=='0' ) {
- // ip第一次登录失败
- mysqli_query($conn, "INSERT INTO `user_var` (`ip`) VALUES ($ip);");
- $res_info = "第1次登录失败,超过5次将进入黑名单";
- } elseif ( $result_var=='1' ) {
- while($row2 = mysqli_fetch_array($wrong_sql, MYSQLI_ASSOC)) {
- $id = $row2["id"];
- $times = $row2["times"] + 1;
- }
- if ( $times == 5 ) {
- // 已经失败5次,加入黑名单
- mysqli_query($conn, "INSERT INTO `user_list` (`ip`, `lists`) VALUES ($ip, 1);");
- mysqli_query($conn, "DELETE FROM `user_var` WHERE ((`id` = $id));");
- $res_info = $times."次登录失败,进入黑名单";
- } else {
- // 登录失败次数+1
- mysqli_query($conn, "UPDATE `user_var` SET `times`=$times WHERE `id`=$id;");
- $res_info = "第".$times."次登录失败,超过5次将进入黑名单";
- }
- }
- }
- }
- }
- $res["result"] = $res_info;
- echo json_encode($res);
- $conn->close();
- ?>
|