+ add the suport of get method identify.

2010-07-02 07:58:36 +00:00
parent 99a9d88f8a
commit ff42d1f2eb
2 changed files with 16 additions and 3 deletions
--- a/trunk/module/user/control.php
+++ b/trunk/module/user/control.php
@@ -296,9 +296,17 @@ class user extends control
        }

        /* 用户提交了登陆信息，则检查用户的身份。*/
-        if(!empty($_POST))
+        if(!empty($_POST) or !empty($_GET))
        {
-            $user = $this->user->identify($this->post->account, $this->post->password);
+            $account  = '';
+            $password = '';
+            if($this->post->account)  $account  = $this->post->account;
+            if($this->get->account)   $account  = $this->get->account;
+            if($this->post->password) $password = $this->post->password;
+            if($this->get->password)  $password = $this->get->password;
+
+            $user = $this->user->identify($account, $password);
+
            if($user)
            {
                /* 对用户进行授权，并登记session。*/
--- a/trunk/module/user/model.php
+++ b/trunk/module/user/model.php
@@ -174,7 +174,12 @@ class userModel extends model
            ->andWhere('deleted')->eq(0)
            ->fetch();

-        if(strlen($password) == 32) $user = ($password == md5($user->password . $this->session->rand))?$user:'';
+        /* 密码长度为32位，改用md5 hash方式验证。*/
+        if(strlen($password) == 32)
+        {
+            $hash = $this->session->rand ? md5($user->password . $this->session->rand) : $user->password;
+            $user = $password == $hash ? $user : '';
+        }

        if($user)
        {