PHP Captcha::checkCaptcha方法代码示例

 public function signin()
 {
     $username = isset($_POST['username']) ? $_POST['username'] : '';
     $password = isset($_POST['password']) ? $_POST['password'] : '';
     $captcha = isset($_POST['captcha']) ? $_POST['captcha'] : '';
     //合法性验证
     if (empty($captcha)) {
         $this->failure('index.php', '验证码不能为空！');
     }
     if (empty($username) || empty($password)) {
         $this->failure('index.php', '用户名或密码不能为空！');
     }
     //有效性验证
     if (!Captcha::checkCaptcha($captcha)) {
         $this->failure('index.php', '验证码错误!');
     }
     //验证用户信息(操作数据库：模型)
     $admin = new AdminModel();
     if ($user = $admin->checkByUsernameAndPassword($username, $password)) {
         $_SESSION['user'] = $user;
         $admin->updateLoginInfo($user['a_id']);
         $this->success('index.php?module=index&action=index', '登录成功!');
     } else {
         $this->failure('index.php', '用户名或密码错误！');
     }
 }

		public function signin(){
			$username = isset($_POST['username']) ? $_POST['username'] : '';
			$password = isset($_POST['password']) ? $_POST['password'] : '';
			$captcha = isset($_POST['captcha']) ? $_POST['captcha'] : '';

			if(empty($captcha)){
				$this->failure('index.php','验证码不能为空');
			}

			if(empty($username)){
				$this->failure('index.php','用户名或者密码都不能为空');
			}

		
			if(Captcha::checkCaptcha($captcha)){
				$this->failure('index.php','验证码错误');
			}

			$admin = new AdminModel();
			if($user = $admin->checkByUsernameAndPassword($username,$password)){
				$_SESSION['user'] = $user;

				$admin->updateLoginInfo($user['a_id']);

				$this->success('index.php?module=index&action=index','登录成功');
			}else{
				$this->failure('index.php','验证码错误');
			}

		}

		public function signin(){
			//假设经过验证
			//接收数据
			$username = isset($_POST['username']) ? $_POST['username'] : '';
			$password = isset($_POST['password']) ? $_POST['password'] : '';
			$captcha  = isset($_POST['captcha'])  ? $_POST['captcha']  : '';

			//合法性验证
			if(empty($captcha)){
				$this->failure('index.php','验证码不能为空！');
			}
			if(empty($username) || empty($password)){
				$this->failure('index.php','用户名或者密码都不能为空！');
			}

			//有效性验证
			if(!Captcha::checkCaptcha($captcha)){
				$this->failure('index.php','验证码错误！');
			}
		
			//验证用户信息（操作数据库：模型）
			$admin = new AdminModel();
	
			if($user = $admin->checkByUsernameAndPassword($username,$password))
			{		
			
				//成功
				$_SESSION['user'] = $user;

				//更新用户信息
				$admin->updateLoginInfo($user['a_id']);

				//跳转到首页
				$this->success('index.php?module=index&action=index','登录成功，正在跳转！');
			}else{
				//失败
				$this->failure('index.php','用户名或者密码不正确！');
			}

		}

 //user authentication用户验证
 $username = isset($_POST['username']) ? $_POST['username'] : '';
 $password = isset($_POST['password']) ? $_POST['password'] : '';
 $captcha = isset($_POST['captcha']) ? $_POST['captcha'] : '';
 // data validation数据合法性验证
 if (empty($username) || empty($password)) {
     //missing data,return 信息不完整,返回到登录界面
     admin_redirect('privilege.php', '帐号密码不能为空', 3);
 }
 //echo $captcha;
 //连接数据库前连接验证码
 if (empty($captcha)) {
     admin_redirect('privilege.php', '必须先填写验证码', 3);
 }
 //($_SESSION['captcha']);
 if (!Captcha::checkCaptcha($captcha)) {
     admin_redirect('privilege.php', '验证码不正确', 3);
 }
 //check user验证用户有效性(登录)
 $admin = new Admin();
 $user = $admin->checkByUsernameAndPassword($username, $password);
 if ($user) {
     //save $user to session将$user保存到session
     //session_start();
     $_SESSION['user'] = $user;
     //判断用户是否记住用户信息
     if (isset($_POST['remember'])) {
         //用户选择了保存
         //设置cookie 记住用户id即可,把信息存放到浏览器
         setcookie('user_id', $user['a_id'], time() + 7 * 24 * 3600);
     }

<?php

Validator::extend('captcha', function ($attribute, $value, $parameters) {
    return Captcha::checkCaptcha($value);
});

 /**
  * registerNewUser()
  * 
  * handles the entire registration process. checks all error possibilities, and creates a new user in the database if
  * everything is fine
  * @return boolean Gives back the success status of the registration
  */
 public function registerNewUser()
 {
     $captcha = new Captcha();
     if (!$captcha->checkCaptcha()) {
         $this->errors[] = FEEDBACK_CAPTCHA_WRONG;
     } elseif (empty($_POST['user_name'])) {
         $this->errors[] = FEEDBACK_USERNAME_FIELD_EMPTY;
     } elseif (empty($_POST['user_password_new']) || empty($_POST['user_password_repeat'])) {
         $this->errors[] = FEEDBACK_PASSWORD_FIELD_EMPTY;
     } elseif ($_POST['user_password_new'] !== $_POST['user_password_repeat']) {
         $this->errors[] = FEEDBACK_PASSWORD_REPEAT_WRONG;
     } elseif (strlen($_POST['user_password_new']) < 6) {
         $this->errors[] = FEEDBACK_PASSWORD_TOO_SHORT;
     } elseif (strlen($_POST['user_name']) > 64 || strlen($_POST['user_name']) < 2) {
         $this->errors[] = FEEDBACK_USERNAME_TOO_SHORT_OR_TOO_LONG;
     } elseif (!preg_match('/^[a-z\\d]{2,64}$/i', $_POST['user_name'])) {
         $this->errors[] = FEEDBACK_USERNAME_DOES_NOT_FIT_PATTERN;
     } elseif (empty($_POST['user_email'])) {
         $this->errors[] = FEEDBACK_EMAIL_FIELD_EMPTY;
     } elseif (strlen($_POST['user_email']) > 64) {
         $this->errors[] = FEEDBACK_EMAIL_TOO_LONG;
     } elseif (!filter_var($_POST['user_email'], FILTER_VALIDATE_EMAIL)) {
         $this->errors[] = FEEDBACK_EMAIL_DOES_NOT_FIT_PATTERN;
     } elseif (!empty($_POST['user_name']) && strlen($_POST['user_name']) <= 64 && strlen($_POST['user_name']) >= 2 && preg_match('/^[a-z\\d]{2,64}$/i', $_POST['user_name']) && !empty($_POST['user_email']) && strlen($_POST['user_email']) <= 64 && filter_var($_POST['user_email'], FILTER_VALIDATE_EMAIL) && !empty($_POST['user_password_new']) && !empty($_POST['user_password_repeat']) && $_POST['user_password_new'] === $_POST['user_password_repeat']) {
         // escapin' this, additionally removing everything that could be (html/javascript-) code
         $this->user_name = htmlentities($_POST['user_name'], ENT_QUOTES);
         $this->user_email = htmlentities($_POST['user_email'], ENT_QUOTES);
         // no need to escape as this is only used in the hash function
         $this->user_password = $_POST['user_password_new'];
         // now it gets a little bit crazy: check if we have a constant HASH_COST_FACTOR defined (in config/hashing.php),
         // if so: put the value into $this->hash_cost_factor, if not, make $this->hash_cost_factor = null
         $this->hash_cost_factor = defined('HASH_COST_FACTOR') ? HASH_COST_FACTOR : null;
         // crypt the user's password with the PHP 5.5's password_hash() function, results in a 60 character hash string
         // the PASSWORD_DEFAULT constant is defined by the PHP 5.5, or if you are using PHP 5.3/5.4, by the password hashing
         // compatibility library. the third parameter looks a little bit shitty, but that's how those PHP 5.5 functions
         // want the parameter: as an array with, currently only used with 'cost' => XX.
         $this->user_password_hash = password_hash($this->user_password, PASSWORD_DEFAULT, array('cost' => $this->hash_cost_factor));
         // check if user already exists
         $sth = $this->db->prepare("SELECT * FROM users WHERE user_name = :user_name ;");
         $sth->execute(array(':user_name' => $this->user_name));
         $count = $sth->rowCount();
         if ($count == 1) {
             $this->errors[] = FEEDBACK_USERNAME_ALREADY_TAKEN;
         } else {
             // generate random hash for email verification (40 char string)
             $this->user_activation_hash = sha1(uniqid(mt_rand(), true));
             // write new users data into database
             //$query_new_user_insert = $this->db_connection->query("INSERT INTO users (user_name, user_password_hash, user_email, user_activation_hash) VALUES('".$this->user_name."', '".$this->user_password_hash."', '".$this->user_email."', '".$this->user_activation_hash."');");
             $sth = $this->db->prepare("INSERT INTO users (user_name, user_password_hash, user_email, user_activation_hash) VALUES(:user_name, :user_password_hash, :user_email, :user_activation_hash) ;");
             $sth->execute(array(':user_name' => $this->user_name, ':user_password_hash' => $this->user_password_hash, ':user_email' => $this->user_email, ':user_activation_hash' => $this->user_activation_hash));
             $count = $sth->rowCount();
             if ($count == 1) {
                 $this->user_id = $this->db->lastInsertId();
                 // send a verification email
                 if ($this->sendVerificationEmail()) {
                     // when mail has been send successfully
                     $this->messages[] = FEEDBACK_ACCOUNT_SUCCESSFULLY_CREATED;
                     $this->registration_successful = true;
                     return true;
                 } else {
                     // delete this users account immediately, as we could not send a verification email
                     // the row (which will be deleted) is identified by PDO's lastinserid method (= the last inserted row)
                     // @see http://www.php.net/manual/en/pdo.lastinsertid.php
                     $sth = $this->db->prepare("DELETE FROM users WHERE user_id = :last_inserted_id ;");
                     $sth->execute(array(':last_inserted_id' => $this->db->lastInsertId()));
                     $this->errors[] = FEEDBACK_VERIFICATION_MAIL_SENDING_FAILED;
                 }
             } else {
                 $this->errors[] = FEEDBACK_ACCOUNT_CREATION_FAILED;
             }
         }
     } else {
         $this->errors[] = FEEDBACK_UNKNOWN_ERROR;
     }
     // standard return. returns only true of really successful (see above)
     return false;
 }