feat(认证): 实现多管理员账号支持并更新密码配置
- 将单管理员配置改为支持多账号的数组结构 - 更新数据库和SMTP服务的密码配置 - 修改登录逻辑以支持多账号验证
This commit is contained in:
@@ -10,11 +10,14 @@ if (!isset($_SESSION['admin'])) {
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
|
||||
if ($username === ADMIN_USERNAME && $password === ADMIN_PASSWORD) {
|
||||
$adminFound = false;
|
||||
foreach ($admin_accounts as $account) {
|
||||
if ($username === $account['username'] && $password === $account['password']) {
|
||||
$_SESSION['admin'] = [
|
||||
'id' => 1, // 配置文件中未定义管理员ID,使用默认值1
|
||||
'username' => $username
|
||||
'id' => $account['id'],
|
||||
'username' => $account['username']
|
||||
];
|
||||
$adminFound = true;
|
||||
|
||||
// 处理自动登录
|
||||
if (isset($_POST['remember_me']) && $_POST['remember_me'] === 'on') {
|
||||
@@ -34,9 +37,12 @@ if (!isset($_SESSION['admin'])) {
|
||||
|
||||
header('Location: index.php');
|
||||
exit();
|
||||
} else {
|
||||
$error = '用户名或密码错误';
|
||||
}
|
||||
}
|
||||
|
||||
if (!$adminFound) {
|
||||
$error = '用户名或密码错误';
|
||||
}
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
|
||||
@@ -20,9 +20,11 @@ define('SMTP_PASSWORD', '');
|
||||
define('SMTP_FROM_EMAIL', 'leonmm2@163.com');
|
||||
define('SMTP_FROM_NAME', 'leonmm2@163.com');
|
||||
|
||||
// 管理员账号
|
||||
define('ADMIN_USERNAME', 'Admin');
|
||||
define('ADMIN_PASSWORD', '');
|
||||
// 管理员账号 - 支持多个账号
|
||||
$admin_accounts = [
|
||||
['id' => 1, 'username' => 'Admin', 'password' => ''],
|
||||
// 可添加更多管理员账号,格式: ['id' => 数字, 'username' => '用户名', 'password' => '']
|
||||
];
|
||||
|
||||
// 数据库连接
|
||||
$conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
|
||||
|
||||
Reference in New Issue
Block a user