PHP不区分大小写的usermame匹配
答案编辑:PHP不区分大小写的usermame匹配,php,authentication,case-insensitive,Php,Authentication,Case Insensitive,答案编辑: // Get users $input_pwd = ( isset( $_POST["password"] ) ? $_POST["password"] : '' ); $input_user = ( isset( $_POST["username"] ) ? $_POST["username"] : '' ); // Your pseudo database here $usernames = array( "username@domain1.com", "username2@d
// Get users
$input_pwd = ( isset( $_POST["password"] ) ? $_POST["password"] : '' );
$input_user = ( isset( $_POST["username"] ) ? $_POST["username"] : '' );
// Your pseudo database here
$usernames = array(
"username@domain1.com",
"username2@domain1.com",
"username3@domain1.com",
"username1@domain2.com",
"/[a-z][A-Z][0-9]@domain2\.com/", // use an emtpy password string for each of these
"/[^@]+@domain3\.com/" // entries if they don't need to authenticate
);
$passwords = array( "password1", "password2", "password3", "password4", "", "" );
// Create an array of username literals or patterns and corresponding redirection targets
$targets = array(
"username@domain1.com" => "http://www.google.com",
"username2@domain1.com" => "http://www.yahoo.com",
"username3@domain1.com" => "http://www.stackoverflow.com",
"username1@domain2.com" => "http://www.serverfault.com",
"/[a-z][A-Z][0-9]@domain2\.com/" => "http://target-for-aA1-usertypes.com",
"/[^@]+@domain3\.com/" => "http://target-for-all-domain3-users.com",
"/.+/" => "http://default-target-if-all-else-fails.com",
);
$logindata = array_combine( $usernames, $passwords );
if ( get_user_data( $input_user, $logindata ) === $input_pwd ) {
session_start();
$_SESSION["username"] = $input_user;
header('Location: ' . get_user_data( $input_user, $targets ) );
exit;
} else {
// Supplied username is invalid, or the corresponding password doesn't match
header('Location: login.php?login_error=1');
exit;
}
function get_user_data ( $user, array $data ) {
$retrieved = null;
foreach ( $data as $user_pattern => $value ) {
if (
( $user_pattern[0] == '/' and preg_match( $user_pattern, $user ) )
or ( $user_pattern[0] != '/' and $user_pattern === $user)
) {
$retrieved = $value;
break;
}
}
return $retrieved;
}
解决办法是改变:
if(获取用户数据($input\u user,$loginda)==$input\u pwd){
到
if(获取用户数据(strtolower($input\u user),$loginda)===$input\u pwd){
所以用户名必须是小写的。我只需要有意识地将我的用户名也存储为小写。
我知道
strcasecmp
。但我不确定这将如何应用于我的工作代码,因为您只能比较两个变量
在下面的工作代码上下文中,我是否能够使preg_match
不区分大小写?
我可以将/I
正则表达式添加到我的preg\u match
命令到返回的变量中吗
我只希望用户输入的用户名(包括域名)在INSTIVE中是大小写。uSeRnAMe@dOmAIN1.CoM)无需将所有有效用户名组合添加到我的伪数据库
这是我的工作代码:
// Get users
$input_pwd = ( isset( $_POST["password"] ) ? $_POST["password"] : '' );
$input_user = ( isset( $_POST["username"] ) ? $_POST["username"] : '' );
// Your pseudo database here
$usernames = array(
"username@domain1.com",
"username2@domain1.com",
"username3@domain1.com",
"username1@domain2.com",
"/[a-z][A-Z][0-9]@domain2\.com/", // use an emtpy password string for each of these
"/[^@]+@domain3\.com/" // entries if they don't need to authenticate
);
$passwords = array( "password1", "password2", "password3", "password4", "", "" );
// Create an array of username literals or patterns and corresponding redirection targets
$targets = array(
"username@domain1.com" => "http://www.google.com",
"username2@domain1.com" => "http://www.yahoo.com",
"username3@domain1.com" => "http://www.stackoverflow.com",
"username1@domain2.com" => "http://www.serverfault.com",
"/[a-z][A-Z][0-9]@domain2\.com/" => "http://target-for-aA1-usertypes.com",
"/[^@]+@domain3\.com/" => "http://target-for-all-domain3-users.com",
"/.+/" => "http://default-target-if-all-else-fails.com",
);
$logindata = array_combine( $usernames, $passwords );
if ( get_user_data( $input_user, $logindata ) === $input_pwd ) {
session_start();
$_SESSION["username"] = $input_user;
header('Location: ' . get_user_data( $input_user, $targets ) );
exit;
} else {
// Supplied username is invalid, or the corresponding password doesn't match
header('Location: login.php?login_error=1');
exit;
}
function get_user_data ( $user, array $data ) {
$retrieved = null;
foreach ( $data as $user_pattern => $value ) {
if (
( $user_pattern[0] == '/' and preg_match( $user_pattern, $user ) )
or ( $user_pattern[0] != '/' and $user_pattern === $user)
) {
$retrieved = $value;
break;
}
}
return $retrieved;
}
如果您希望使用不区分大小写的用户名,一种方法是在存储新用户名时始终将其小写,然后在检查时始终将比较值小写。(这比使用
preg_match
快得多)您可以在PHP中使用i进行不区分大小写的匹配。例如,下面将打印“This matches!”:
<?php
if ( preg_match('/def/i', 'ABCDEF') ) {
echo 'This matches!';
}
?>
因此,只要将i添加到模式中,案例就会被忽略。我不知道“返回变量”是什么意思但是将i添加到preg_match会使其不区分大小写。你能将你的响应添加到代码段的上下文中吗?我可以为你接受答案:)就这么做了:)。我希望代码段足够了。实际上,我认为更简单的方法是将任何用户输入转换为小写,然后将我的数据库条目也改为小写。类似于
if(get_user_data)(strtower($input_user),$loginda)==$input_pwd){
Yes,只要您同意要求精确(不包括大小写)的匹配。例如,对于嵌入字符串或空格之类的内容,您希望进行更多的清理。这是否可行?if(get_user_data(strtower($input_user),$loginda)==$input_pwd){
到目前为止似乎像预期的那样工作?是的,这是一个想法,尽管我会在get\u user\u date()内执行strtolower()
。