1 <label>username:</label><input id="uid" type="text" />
2 <label>password:</label><input id="pwd" type="password" />
3 <input type="submit" />
4 <script type="text/javascript">
5 var t = new Date*1,
6 uid = $("#uid").val(),
7 pwd = $("#pwd").val(),
8 delta = encrypt($("#pwd").val() + t);
9 $.post("./login.php",{
10 uid: $("#uid").val(),
11 pwd: delta,
12 tid: t
13 }, function(data){
14 //do something.
15 })
16 </script>
define("uid", "user-A");
define("pwd", "user-A-pwd");
if(time() - $_POST['tid'] > 60*2 ||
$_POST['uid'] !== uid ||
decrypt(pwd . $_POST['tid']) !== $_POST['pwd']){
die("error");
}
- 时间超过2分钟
- uid不匹配
- pwd与t的组合密码不匹配
- md5