--- fenglin/bbs/user_login_service.php 2025/04/01 02:45:18 1.2 +++ fenglin/bbs/user_login_service.php 2025/04/04 05:03:37 1.8 @@ -29,7 +29,7 @@ header("Content-Type:application/json; charset=utf-8"); // Validate input data - if (!preg_match("/^[A-Za-z][A-Za-z0-9]{4,11}$/", $username)) + if (!preg_match("/^[A-Za-z][A-Za-z0-9]{2,11}$/", $username)) { $result_set["return"]["code"] = -1; array_push($result_set["return"]["errorFields"], array( @@ -49,7 +49,7 @@ if ($ch_passwd) { - if (!preg_match("/^[A-Za-z0-9]{5,12}$/", $password_new)) + if (!preg_match("/^[A-Za-z0-9]{6,12}$/", $password_new)) { $result_set["return"]["code"] = -1; array_push($result_set["return"]["errorFields"], array( @@ -117,7 +117,7 @@ if ($rs == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Query login log error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Query login log error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -143,7 +143,7 @@ if ($rs == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Query login log error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Query login log error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -154,7 +154,7 @@ if ($row["err_count"] >= 5) { $result_set["return"]["code"] = 1; - $result_set["return"]["message"] = "账号存在多次失败登陆尝试,请输入验证码"; + $result_set["return"]["message"] = "账户存在多次失败登陆尝试,请输入验证码"; mysqli_close($db_conn); exit(json_encode($result_set)); @@ -174,7 +174,7 @@ if ($rs == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Query user list error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Query user list error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -184,7 +184,7 @@ if ($row = mysqli_fetch_array($rs)) { - $uid = $row["UID"]; + $uid = intval($row["UID"]); if ($password == $row["temp_password"] && !$ch_passwd) { @@ -197,7 +197,26 @@ if ($ch_passwd) { - $verified = ($password == $row["temp_password"] ? 1 : $row["verified"]); // New user first time login with temp password + if ($password == $row["temp_password"]) // New user first time login with temp password + { + $verified = 1; + + // Set life = 150 for verified user + $sql = "UPDATE user_pubinfo SET life = 150 WHERE UID = $uid"; + $rs_life = mysqli_query($db_conn, $sql); + if ($rs_life == false) + { + $result_set["return"]["code"] = -2; + $result_set["return"]["message"] = "Update user life error: " . mysqli_error($db_conn); + + mysqli_close($db_conn); + exit(json_encode($result_set)); + } + } + else + { + $verified = $row["verified"]; + } $sql = "UPDATE user_list SET password = SHA2('$password_new', 256), temp_password = '', verified = $verified WHERE UID = $uid"; @@ -205,7 +224,7 @@ if ($rs_p == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Update password error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -218,7 +237,7 @@ if ($rs_p == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Upgrade password error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Upgrade password error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -234,7 +253,7 @@ if ($rs == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Write log error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Write log error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -271,7 +290,7 @@ if ($rs == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Write log error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Write log error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -310,13 +329,13 @@ $ret = load_user_info($uid, $db_conn); switch($ret) { - case "-1": + case -1: $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "User data not found; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "User data not found: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); - case "-2": + case -2: if (!$agreement) { $buffer = file_get_contents("./doc/license/" . (new DateTime($BBS_license_dt))->format("Ymd") . ".txt"); @@ -328,7 +347,7 @@ exit(json_encode($result_set)); } break; - case "-3": + case -3: $result_set["return"]["code"] = 3; $result_set["return"]["message"] = "很遗憾,您已经永远离开了我们的世界……"; @@ -342,7 +361,7 @@ if ($rs == false) { $result_set["return"]["code"] = -2; - $result_set["return"]["message"] = "Update login info error; " . mysqli_error($db_conn); + $result_set["return"]["message"] = "Update login info error: " . mysqli_error($db_conn); mysqli_close($db_conn); exit(json_encode($result_set)); @@ -351,7 +370,16 @@ $_SESSION["BBS_uid"] = $uid; $_SESSION["BBS_username"] = $username; $_SESSION["BBS_login_tm"] = time(); - $_SESSION["BBS_vn_str"] == ""; + $_SESSION["BBS_vn_str"] = ""; + + if (!keep_alive($db_conn)) + { + $result_set["return"]["code"] = -2; + $result_set["return"]["message"] = "Keep alive error: " . mysqli_error($db_conn); + + mysqli_close($db_conn); + exit(json_encode($result_set)); + } mysqli_close($db_conn); exit(json_encode($result_set));