-
-
/** - * Validator for Login.
- */
- final class LoginValidator {
private function __construct() { -
- }
/** - * Validate the given username and password.
- * @param $username and $password to be validated
- * @return array array of {@link Error} s
- */
- public static function validate($username, $password) {
- $errors = array();
- $username = trim($username);
- if (! $username) {
- $errors[] = new Error('username', 'Username cannot be empty.');
- } elseif (strlen($username)<3) {
- $errors[] = new Error( 'username', 'The username cannot be less than 3 characters long');
- } elseif (strlen($username)>30) {
- $errors[] = new Error('username', 'The username cannot be longer than 3 characters. 30 characters. ');
- } elseif (!preg_match('/^[A-Za-z]+$/',substr($username, 0, 1))) {
- $errors[] = new Error( 'username', 'Username must start with a letter. ');
- } elseif (!preg_match('/^[A-Za-z0-9_]+$/', $username)) {
- $errors[] = new Error('username', 'Username can only be a combination of letters, numbers and underscores (_).');
- } elseif (!trim($password)) {
- $errors[] = new Error('password ', 'Password cannot be empty. ');
- } else {
- // check whether use exists or not
- $dao = new UserDao();
- $user = $dao->findByName($username);< /p>
if ($user) { - if (!($user->getPassword() == sha1($user->getSalt() . $password))) {
- $errors[ ] = new Error('password', 'Wrong username or password. ');
- }
- } else {
- $errors[] = new Error('username', 'Username does not exist.');
- }
- }
- return $errors;
- }
- }
- ?>< /p>
-
Error is a class written by myself:
-
-
/** - * Validation error.
- */
- final class Error {
private $source; - private $message;< /p>
- /**
- * Create new error.
- * @param mixed $source source of the error
- * @param string $message error message
- */
- function __construct($source, $message) {
- $this->source = $source;
- $this->message = $message;
- }
/** - * Get source of the error.
- * @return mixed source of the error
- */
- public function getSource() {
- return $this->source;
- }
/* * - * Get error message.
- * @return string error message
- */
- public function getMessage() {
- return $this->message;
- }
- }
- ?>
-
2. Call the validator to proceed verify
-
-
- $username = null;
- $password = null;
$msg = ""; - < ;p>if (isset($_POST['username']) && isset($_POST['password'])) {
- $username = addslashes(trim(stripslashes($_POST ['username'])));
- $password = addslashes(trim(stripslashes($_POST ['password'])));
- // validate
- $errors = LoginValidator::validate($username, $password);
-
- if (empty($errors)) {
- // save the latest ip or login time into database, then processing page forwarding
- $dao = new UserDao();
- $user = $dao->findByName($username);
- $last_login_ip = Utils::getIpAddress ();
- $user->setLastLoginIp($last_login_ip);
- $now = new DateTime();
- $user->setLastLoginTime($now);
- $dao->save($user);
- UserLogin ::setUserInfo($user);
- Flash::addFlash('Login successful!');
- Utils::redirect('welcome');
- }
-
- foreach ($errors as $e) {
- $msg .= $e->getMessage()."
";
- }
- ?>
-
| 