File: //var/www/test/login.php
<?php
session_start(); // 啟用 Session
// 初始化錯誤次數和限制時間
if (!isset($_SESSION['error_count'])) {
$_SESSION['error_count'] = 0;
$_SESSION['lock_time'] = null;
}
// 如果存在鎖定時間,檢查是否已過期
if ($_SESSION['lock_time'] !== null) {
$current_time = time();
if (($_SESSION['lock_time'] + 300) <= $current_time) { // 5 分鐘後解除鎖定
$_SESSION['error_count'] = 0;
$_SESSION['lock_time'] = null;
}
}
$username = '';
$password = '';
$error = '';
// 檢查是否達到錯誤次數限制
if ($_SESSION['error_count'] >= 5) {
$remaining_time = ($_SESSION['lock_time'] + 300) - time();
if ($remaining_time > 0) {
$error = "多次輸入錯誤,請等待 " . ceil($remaining_time / 60) . " 分鐘後再嘗試登入。";
} else {
$_SESSION['error_count'] = 0;
$_SESSION['lock_time'] = null;
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $_SESSION['error_count'] < 5) {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$captcha = trim($_POST['captcha']);
if ($captcha !== $_SESSION['captcha']) {
$error = "驗證碼錯誤,請重新輸入。";
$_SESSION['error_count']++;
} else {
// 使用 db.php 連接資料庫
require_once 'db.php';
try {
$stmt = $conn->prepare("SELECT name, user, member, endday, code2, speed, month, season, halfyear, year, twoyear, discount, newpwd, email, ecpay, ecpay_number, rtn_code, rtn_msg FROM filemaker WHERE user = ?");
$stmt->bind_param('s', $username);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$user = $result->fetch_assoc();
if (!empty($user['newpwd'])) {
if (password_verify($password, $user['newpwd'])) {
$_SESSION['user'] = $username;
$_SESSION['name'] = $user['name'];
$_SESSION['member'] = $user['member'];
$_SESSION['endday'] = $user['endday'];
$_SESSION['code2'] = $user['code2'];
$_SESSION['speed'] = $user['speed'];
$_SESSION['month'] = $user['month'];
$_SESSION['season'] = $user['season'];
$_SESSION['halfyear'] = $user['halfyear'];
$_SESSION['year'] = $user['year'];
$_SESSION['twoyear'] = $user['twoyear'];
$_SESSION['discount'] = $user['discount'];
$_SESSION['email'] = $user['email'];
$_SESSION['ecpay'] = $user['ecpay'];
$_SESSION['ecpay_number'] = $user['ecpay_number'];
$_SESSION['rtn_code'] = $user['rtn_code'];
$_SESSION['rtn_msg'] = $user['rtn_msg'];
$_SESSION['error_count'] = 0;
$_SESSION['lock_time'] = null;
header('Location: member.php');
exit();
} else {
$error = "帳號或密碼錯誤,請重新輸入。";
$_SESSION['error_count']++;
}
} else {
$stmt = $conn->prepare("SELECT * FROM filemaker WHERE user = ?
AND (RIGHT(password, 5) = ?
OR RIGHT(idnumber, 5) = ?
)");
$stmt->bind_param('sss', $username, $password, $password);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$_SESSION['user'] = $username;
$_SESSION['name'] = $user['name'];
$_SESSION['email'] = $user['email'];
header('Location: changepwd.php');
exit();
} else {
$error = "帳號或密碼錯誤,請重新輸入。";
$_SESSION['error_count']++;
}
}
} else {
$error = "帳號或密碼錯誤,請重新輸入。";
$_SESSION['error_count']++;
}
} catch (Exception $e) {
$error = "資料庫錯誤:" . $e->getMessage();
}
}
if ($_SESSION['error_count'] >= 5) {
$_SESSION['lock_time'] = time();
$error = "多次輸入錯誤,請等待 5 分鐘後再嘗試登入。";
}
}
?>
<!DOCTYPE html>
<html lang="zh-TW">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>寬頻會員登入</title>
<style>
html {
font-size: 16px; /* 基本字體大小 */
}
body {
margin: 0;
padding: 0;
font-size: calc(1rem + 0.5vw); /* 文字隨螢幕寬度縮放 */
}
h1 {
font-size: clamp(24px, 2rem + 1vw, 36px); /* 標題大小響應式調整 */
}
label, .error, div {
font-size: calc(1rem + 0.3vw); /* 標籤和提示文字大小隨螢幕調整 */
}
form input, form button {
font-size: calc(1rem + 0.4vw); /* 表單元素文字大小響應 */
}
.container {
display: flex;
width: 100%;
max-width: 1200px;
margin: 20px auto;
flex-direction: row; /* 預設為橫向佈局 */
}
.left-section,
.right-section {
width: 50%;
padding: 20px;
box-sizing: border-box;
}
.left-section {
background-color: #f0f0f0; /* 灰色背景 */
}
.right-section {
background-color: #ffffff; /* 白色背景 */
}
@media screen and (max-width: 768px) {
.container {
flex-direction: column; /* 改為縱向佈局 */
}
.left-section,
.right-section {
width: 100%;
}
.left-section {
margin-bottom: 20px;
}
}
form {
display: flex;
flex-direction: column;
gap: 10px;
}
form label {
font-weight: bold;
}
form input {
padding: 8px;
border: 1px solid #ccc;
border-radius: 4px;
width: 90%;
}
form button {
width: 94%;
background-color: #4CAF50;
color: white;
padding: 10px 20px;
border: none;
border-radius: 5px;
cursor: pointer;
}
form button:hover {
background-color: #45a049;
}
.captcha-container {
display: flex;
align-items: center;
gap: 10px;
}
.captcha-container a {
color: blue;
text-decoration: none;
}
.error {
color: red;
margin: 10px 0;
font-size: calc(1rem + 0.3vw);
}
.password-container {
position: relative;
display: flex;
align-items: center;
width: 100%;
}
.password-container button {
position: absolute;
right: 40px;
top: 50%;
transform: translateY(-50%);
background: none;
border: none;
cursor: pointer;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
width: 24px;
height: 24px;
}
.password-container button img {
width: 20px;
height: 20px;
}
.forgot-password {
text-align: left;
margin-top: 5px;
}
.forgot-password a {
color: blue;
text-decoration: none;
font-size: 18px;
}
.forgot-password a:hover {
text-decoration: underline;
}
</style>
<script src="/js/iframe-resizer-helper.js"></script>
</head>
<body>
<div class="container">
<div class="left-section">
<form method="POST">
<label for="username">客戶編號</label>
<input type="text" id="username" name="username" placeholder="輸入客戶編號" value="<?php echo htmlspecialchars($username); ?>" required>
<label for="password">密碼 <span style="font-size:17px;color:#696969;background:hsla(168,100%,50%,0.3);">(預設為申請人身份證/手機號碼後 5 碼)</span></label>
<div class="password-container">
<input type="password" id="password" name="password" placeholder="輸入密碼" required>
<button type="button" id="toggle-password">
<img src="eye-close.png" alt="顯示密碼" id="password-icon">
</button>
</div>
<label for="captcha">驗證碼 (請輸入 5 位數字)</label>
<div class="captcha-container">
<img id="captcha-image" src="captcha.php" alt="驗證碼">
<a href="#" id="refresh-captcha">重新產生</a>
</div>
<input type="text" id="captcha" name="captcha" placeholder="輸入驗證碼" required>
<?php if (!empty($error)): ?>
<div class="error"><?php echo $error; ?></div>
<?php endif; ?>
<button type="submit" <?php echo ($_SESSION['error_count'] >= 5) ? 'disabled' : ''; ?>>登入</button>
<!-- 新增忘記密碼連結 -->
<div class="forgot-password">
<a href="forgot_password.php">忘記密碼?</a>
</div>
</form>
</div>
<div class="right-section">
<h1>寬頻用戶使用說明</h1>
<div><span style="color: green;">✔</span> 只要您成為亞訊寬頻用戶即可登入使用會員功能。</div>
<div><span style="color: green;">✔</span> 客戶編號您可以在裝機單或繳費通知單查詢。</div>
<div><span style="color: green;">✔</span> 密碼預設為申請人<span style="font-weight: bold;">身份證/統一編號/手機號碼後 5 碼。</span></div>
<br>
<br>
<div><span style="color: red;">✘</span> 如無法登入會員功能,請洽亞訊寬頻客服 <span style="font-weight: bold; color: blue;">03-3585867</span> 查詢問題。</div>
</div>
</div>
<script>
document.getElementById("toggle-password").addEventListener("click", function () {
const passwordInput = document.getElementById("password");
const passwordIcon = document.getElementById("password-icon");
if (passwordInput.type === "password") {
passwordInput.type = "text"; // 顯示密碼
passwordIcon.src = "eye-open.png"; // 切換為關閉眼睛圖標
} else {
passwordInput.type = "password"; // 隱藏密碼
passwordIcon.src = "eye-close.png"; // 切換為打開眼睛圖標
}
});
document.getElementById('refresh-captcha').addEventListener('click', function (e) {
e.preventDefault();
var captchaImage = document.getElementById('captcha-image');
captchaImage.src = 'captcha.php?t=' + new Date().getTime();
});
document.getElementById('refresh-captcha').addEventListener('click', function (e) {
e.preventDefault();
document.getElementById('captcha-image').src = 'captcha.php?t=' + new Date().getTime();
});
</script>
</body>
</html>