/** * 登录处理 * */ public function doLogin() { if (!empty($_POST['username']) && !empty($_POST['password'])) { $db = $this->app->orm()->query(); $user_info = $db->addTable('SystemUser')->addWhere('UserName', trim($_POST['username']))->getRow(); if ($user_info['Password'] == md5($_POST['password'])) { $auth = $db->getValue('select Methods from `SystemGroup` where GroupId = ' . intval($user_info['GroupId'])); if (!empty($auth)) { $_SESSION['Auth'] = explode(',', $auth); if (in_array('Login', $_SESSION['Auth']) !== FALSE) { $_SESSION['admin'] = true; $_SESSION['UserName'] = trim($_POST['username']); } } } } $this->app->redirect('/system/index.php'); }