fix: 修复移动端登录500错误

1. loginIn() 改用 ci_admin 表验证（原查 ci_staff 表 passWord 字段不存在） 2. login() cookie自动登录同步修复 3. good() 页面增加登录态验证 4. login.php 表单 action 修正为 mobile/loginIn 5. login.js 修复 JSON 解析问题（responseType=json 在原生XHR无效） 6. 登录成功返回完整URL跳转地址
2026-04-20 00:15:37 +08:00
parent 76c421679f
commit 7a15979874
3 changed files with 152 additions and 172 deletions
--- a/application/controllers/mobile.php
+++ b/application/controllers/mobile.php
@@ -10,15 +10,9 @@ class Mobile extends CI_Controller {
 	    $user = get_cookie('user');
 	    $pwd = get_cookie('pwd');//die($user.$pwd);
 	    if(!empty($user) && !empty($pwd)){
-	        $list = $this->getUser($user,$pwd);
-	        if(count($list)>0){
-	            $data = reset($list);
-	            $this->input->set_cookie('user',$data['number'],3600000);
-	            $this->input->set_cookie('pwd',$data['passWord'],3600000);
-	            $this->input->set_cookie('userName',$data['name'],3600000);
-	            $this->input->set_cookie('deptId',$data['deptId'],3600000);
-	            $this->input->set_cookie('deptName',$data['deptName'],3600000);
-	            $this->input->set_cookie('score',$data['score'],3600000);
+	        // 2026-04-20 fix: 改用 ci_admin 表验证
+	        $data = $this->mysql_model->get_rows('admin','(username="'.$user.'") or (mobile="'.$user.'") ');
+	        if(count($data)>0 && $data['status']==1 && $data['userpwd'] == md5($pwd)){
 	            redirect('mobile/good','refresh');
 	        }
 	    }
@@ -28,17 +22,15 @@ class Mobile extends CI_Controller {
 	public function loginIn(){
 	    $user = str_enhtml($this->input->get_post('user',TRUE));
 	    $pwd = str_enhtml($this->input->get_post('pwd',TRUE));
-	    $list = $this->getUser($user,$pwd);
-	    if(count($list)>0){
-	        $data = reset($list);
-	        $this->input->set_cookie('user',$data['number'],3600000);
-	        $this->input->set_cookie('pwd',$data['passWord'],3600000);
+	    // 2026-04-20 fix: 改用 ci_admin 表登录（原 getUser() 查 ci_staff 表 passWord 字段不存在）
+	    $data = $this->mysql_model->get_rows('admin','(username="'.$user.'") or (mobile="'.$user.'") ');
+	    if(count($data)>0 && $data['status']==1 && $data['userpwd'] == md5($pwd)){
+	        $this->input->set_cookie('user',$user,3600000);
+	        $this->input->set_cookie('pwd',$pwd,3600000);
+	        $this->input->set_cookie('uid',$data['uid'],3600000);
 	        $this->input->set_cookie('userName',$data['name'],3600000);
-	        $this->input->set_cookie('deptId',$data['deptId'],3600000);
-	        $this->input->set_cookie('deptName',$data['deptName'],3600000);
-	        $this->input->set_cookie('score',$data['score'],3600000);
 	        $rtn['code'] = '200';
-	        $rtn['msg'] = 'good';
+	        $rtn['msg'] = base_url().'index.php/mobile/good';
 	    }else{
 	        $rtn['code'] = '-1';
 	        $rtn['msg'] = '账号或密码错误';
@@ -66,6 +58,11 @@ class Mobile extends CI_Controller {
 	    if(empty($user)||empty($pwd)){
 	        $this->load->view('mobile/login',NULL);return;
 	    }
+	    // 2026-04-20 fix: 改用 ci_admin 表验证
+	    $data = $this->mysql_model->get_rows('admin','(username="'.$user.'") or (mobile="'.$user.'") ');
+	    if(count($data)==0 || $data['status']!=1 || $data['userpwd'] != md5($pwd)){
+	        $this->load->view('mobile/login',NULL);return;
+	    }
 	    $this->load->view('mobile/good',NULL);
 	}
 	
--- a/application/views/mobile/login.php
+++ b/application/views/mobile/login.php
@@ -17,7 +17,7 @@
 <div class="login-title"><p>ERP进销存V8标准版</p>
 <i></i>
 </div>
-<form method="post" action="<?php echo base_url()?>index.php/mobile/good">
+<form method="post" action="<?php echo base_url()?>index.php/mobile/loginIn">
 <div class="login-bar">
 <ul>
 <li><img src="<?php echo base_url()?>statics/mobile/login/images/login_user.png"><input type="text" class="text" placeholder="请输入用户名" /></li>
--- a/statics/mobile/login/js/login.js
+++ b/statics/mobile/login/js/login.js
@@ -13,12 +13,6 @@ window.onload=function(){
            aI.innerHTML='密码不可为空';
            return false;
        }
-    	/*Ajax.post("loginIn",
-    			"user=1&pwd=2",
-    			function(rtn){
-    				alert(rtn);
-    			}
-    			);*/
    	ajax({ 
    		  type:"POST", 
    		  url:"loginIn", 
@@ -28,7 +22,7 @@ window.onload=function(){
    		    //some js code 
    		  }, 
    		  success:function(rtn){ 
-    			  if(rtn.code !=200)
+    			  if(rtn.code != '200' && rtn.code != 200)
    				  aI.innerHTML= rtn.msg;
    			  else
    				  location.href = rtn.msg;
@@ -41,33 +35,19 @@ window.onload=function(){
    	return false;
    }
    
-    
-    
-    //用户名检测
-    
    oUser.onfocus=function(){
        aI.innerHTML='';
        oUser.removeAttribute("placeholder");
    }
    
-    oUser.onkeyup=function(){
-        
-    }
+    oUser.onkeyup=function(){}
    
    oUser.onblur=function(){
    	if(oUser.value==""){
    		oUser.setAttribute("placeholder","账号不可为空");
    	}
-       /* var tel = /1[3|4|5|7|8][0-9]\d{8}$/;
-        if(!tel.test(this.value)){
-            aI.innerHTML='手机号不正确';
-        }else if(this.value==""){
-            aI.innerHTML='手机号不可为空';
-        }*/
    }
    
-    //密码检测
-    
    oPwd.onfocus=function(){
        oPwd.removeAttribute("placeholder");
    }
@@ -76,32 +56,32 @@ window.onload=function(){
    		oPwd.setAttribute("placeholder","请输入确认密码");
    	}
    }
-    
-    
 }
+
 var Ajax={
 	    get: function(url, fn) {
-	        var obj = new XMLHttpRequest();  // XMLHttpRequest对象用于在后台与服务器交换数据          
+	        var obj = new XMLHttpRequest();
 	        obj.open('GET', url, true);
 	        obj.onreadystatechange = function() {
-	            if (obj.readyState == 4 && obj.status == 200 || obj.status == 304) { // readyState == 4说明请求已完成
-	                fn.call(this, obj.responseText);  //从服务器获得数据
+	            if (obj.readyState == 4 && (obj.status == 200 || obj.status == 304)) {
+	                fn.call(this, obj.responseText);
 	            }
 	        };
 	        obj.send();
 	    },
-	    post: function (url, data, fn) {         // datat应为'a=a1&b=b1'这种字符串格式，在jq里如果data为对象会自动将对象转成这种字符串格式
+	    post: function (url, data, fn) {
 	        var obj = new XMLHttpRequest();
 	        obj.open("POST", url, true);
-	        obj.setRequestHeader("Content-type", "application/x-www-form-urlencoded");  // 添加http头，发送信息至服务器时内容编码类型
+	        obj.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
 	        obj.onreadystatechange = function() {
-	            if (obj.readyState == 4 && (obj.status == 200 || obj.status == 304)) {  // 304未修改
+	            if (obj.readyState == 4 && (obj.status == 200 || obj.status == 304)) {
 	                fn.call(this, obj.responseText);
 	            }
 	        };
 	        obj.send(data);
 	    }
 }
+
 function ajax(){ 
 	  var ajaxData = { 
 	    type:arguments[0].type || "GET", 
@@ -116,14 +96,17 @@ function ajax(){
 	  } 
 	  ajaxData.beforeSend() 
 	  var xhr = createxmlHttpRequest();  
-	  xhr.responseType=ajaxData.dataType; 
 	  xhr.open(ajaxData.type,ajaxData.url,ajaxData.async);  
 	  xhr.setRequestHeader("Content-Type",ajaxData.contentType);  
 	  xhr.send(convertData(ajaxData.data));  
 	  xhr.onreadystatechange = function() {  
 	    if (xhr.readyState == 4) {  
 	      if(xhr.status == 200){
-	        ajaxData.success(xhr.response) 
+	        var response = xhr.responseText;
+	        if(ajaxData.dataType === "json" && response){
+	            try { response = JSON.parse(response); } catch(e){}
+	        }
+	        ajaxData.success(response);
 	      }else{ 
 	        ajaxData.error() 
 	      }