CMS, 原创, , ,

Joomla获取当前登录用户信息,密码验证

Joomla获取当前登录用户信息使用函数:


$user = JFactory::getUser();
if ($user->id){
$username = $user->username;
$password = $user=>password;
}

Joomla查询数据库:


$db = JFactory::getDBO();
$query = "SELECT u.*,g.* FROM ( #__users u INNER JOIN #__user_usergroup_map g ON u.id = g.user_id ) WHERE username = '" . $username . "';";
$db->setQuery($query);
if ($row = $db->loadAssoc()){
    //有记录
    $email = $row['email'];
    $username = $row['username'];
    //密码验证
    if(JUserHelper::verifyPassword($password, $row['password'], $row['id'])){
        //密码正确
    }else{
        //密码不正确
    }
}else{
    //没有记录
}

上面代码中验证密码是否正确的时候可能有的时候会出现问题,可以参考 Joomla加密方式密码验证详解

下面是验证密码的具体情况:


$is_pwd_right = 0;
if($password == $row['password']){
  $is_pwd_right = 1;
}elseif(strlen($row['password']) == 65){
  list($hash, $salt) = explode(':', $row['password']);
  if(md5($password.$salt) == $hash){
    $is_pwd_right = 1;
  }
}elseif(strlen($row['password']) == 60){
  if(password_verify($password, $row['password'])){
    $is_pwd_right = 1;
  }
}else{
  $is_pwd_right = JUserHelper::verifyPassword($password, $row['password'], $row['id']);
}
if($is_pwd_right){
  //密码正确
}else{
  //密码错误
}

(985)

Related Post