public function post($f3)
{
global $smarty;
// 首先做参数合法性验证
$validator = new Validator($f3->get('POST'));
$input = array();
$input['user_name'] = $validator->required('用户名不能为空')->minLength(2, '用户名最短为2个字符')->validate('user_name');
$input['password'] = $validator->required('密码不能为空')->minLength(6, '密码最短为6个非空字符')->validate('password');
$input['email'] = $validator->validate('email');
$input['mobile_phone'] = $validator->digits('手机号格式不对')->validate('mobile_phone');
$p_captcha = $validator->required('验证码不能为空')->validate('captcha');
// 手机输入,输入法经常无故添加空格,我们需要去除所有的空额,防止出错
$p_captcha = Utils::filterAlnumStr($p_captcha);
// 需要跳转回去的地址
$returnUrl = $validator->validate('returnUrl');
if (!$this->validate($validator)) {
goto out_fail;
}
// 检查验证码是否有效
$captchaController = new \Controller\Image\Captcha();
if (!$captchaController->validateCaptcha($p_captcha)) {
$this->addFlashMessage('验证码错误[' . $p_captcha . '][' . $captchaController->getCaptcha() . ']');
goto out_fail;
}
$userService = new UserService();
// 检查用户是否已经注册
$isUserExist = $userService->isUserExist($input['user_name'], $input['email']);
if ($isUserExist) {
$this->addFlashMessage($isUserExist . '已经存在');
goto out_fail;
}
// 注册用户
$user = $userService->registerUser($input);
if (!$user) {
$this->addFlashMessage('用户注册失败,请稍后刷新页面重试');
goto out_fail;
}
// 记录用户的登陆信息
$userInfo = $user->toArray();
unset($userInfo['password']);
// 不要记录密码
AuthHelper::saveAuthUser($userInfo, 'normal');
$this->addFlashMessage("注册成功");
if ($returnUrl) {
header('Location:' . $returnUrl);
return;
} else {
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
}
return;
// 这里正常返回
out_fail:
// 失败,从这里出口
$smarty->assign('captchaUrl', RouteHelper::makeUrl('/Image/Captcha', array('hash' => time())));
$smarty->display('user_register.tpl', 'User|Register|post');
}
public function post($f3)
{
global $smarty;
// 首先做参数合法性验证
$validator = new Validator($f3->get('POST'));
$input = array();
$input['user_name'] = $validator->required('用户名不能为空')->validate('user_name');
$input['password'] = $validator->required('密码不能为空')->validate('password');
$p_captcha = $validator->required('验证码不能为空')->validate('captcha');
if (!$this->validate($validator)) {
goto out_fail;
}
// 检查验证码是否有效
$captchaController = new \Controller\Image\Captcha();
if (!$captchaController->validateCaptcha($p_captcha)) {
$this->addFlashMessage("验证码错误");
goto out_fail;
}
$adminService = new AdminUserService();
// 验证用户登陆
$admin = $adminService->doAuthAdmin($input['user_name'], $input['user_name'], $input['password']);
if (!$admin) {
$this->addFlashMessage("登陆失败,用户名、密码错误");
goto out_fail;
}
// 记录用户的登陆信息
$adminUserInfo = $admin->toArray();
unset($adminUserInfo['password']);
// 不要记录密码
// 取得用户的角色权限
$adminUserInfo['role_action_list'] = '';
if ($adminUserInfo['role_id'] > 0) {
$metaRoleService = new MetaRoleService();
$role = $metaRoleService->loadRoleById($adminUserInfo['role_id']);
if (!$role->isEmpty()) {
// 赋值角色权限
$adminUserInfo['role_action_list'] = $role['meta_data'];
}
}
AuthHelper::saveAuthUser($adminUserInfo);
try {
// 记录用户登录日志
AdminLog::logAdminOperate('user.login', '用户登录', 'IP:' . $f3->get('IP'));
} catch (\Exception $e) {
// do nothing
}
$this->addFlashMessage("登陆成功");
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
return;
// 这里正常返回
out_fail:
// 失败从这里入口
$smarty->display('user_login.tpl', 'User|Login|post');
}
public function post($f3)
{
global $smarty;
// 首先做参数合法性验证
$validator = new Validator($f3->get('POST'));
$input = array();
$input['user_name'] = $validator->required('用户名不能为空')->minLength(2, '用户名最短为2个字符')->validate('user_name');
$input['password'] = $validator->required('密码不能为空')->minLength(6, '密码最短为6个非空字符')->validate('password');
$input['email'] = $validator->validate('email');
$input['mobile_phone'] = $validator->digits('手机号格式不对')->validate('mobile_phone');
$p_captcha = $validator->required('验证码不能为空')->validate('captcha');
if (!$this->validate($validator)) {
goto out_fail;
}
// 检查验证码是否有效
$captchaController = new \Controller\Image\Captcha();
if (!$captchaController->validateCaptcha($p_captcha)) {
$this->addFlashMessage("验证码错误");
goto out_fail;
}
$userService = new UserService();
// 检查用户是否已经注册
$isUserExist = $userService->isUserExist($input['user_name'], $input['email']);
if ($isUserExist) {
$this->addFlashMessage($isUserExist . '已经存在');
goto out_fail;
}
// 注册用户
$user = $userService->registerUser($input);
if (!$user) {
$this->addFlashMessage('用户注册失败,请稍后刷新页面重试');
goto out_fail;
}
// 记录用户的登陆信息
$userInfo = $user->toArray();
unset($userInfo['password']);
// 不要记录密码
AuthHelper::saveAuthUser($userInfo, 'normal');
// 设置用户名在网页显示
ClientData::saveClientData(Login::$clientDataIsUserLoginKey, true);
ClientData::saveClientData(Login::$clientDataUserNameDisplayKey, $user->user_name);
$this->addFlashMessage("注册成功");
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
return;
// 这里正常返回
out_fail:
// 失败,从这里出口
$smarty->display('user_login.tpl', 'User|Register|post');
}
public function post($f3)
{
global $smarty;
// 首先做参数合法性验证
$validator = new Validator($f3->get('POST'));
$input = array();
$input['user_name'] = $validator->required('用户名不能为空')->validate('user_name');
$input['password'] = $validator->required('密码不能为空')->validate('password');
$p_captcha = $validator->required('验证码不能为空')->validate('captcha');
// 手机输入,输入法经常无故添加空格,我们需要去除所有的空额,防止出错
$p_captcha = Utils::filterAlnumStr($p_captcha);
// 需要跳转回去的地址
$returnUrl = $validator->validate('returnUrl');
if (!$this->validate($validator)) {
goto out_fail;
}
// 检查验证码是否有效
$captchaController = new \Controller\Image\Captcha();
if (!$captchaController->validateCaptcha($p_captcha)) {
$this->addFlashMessage('验证码错误[' . $p_captcha . '][' . $captchaController->getCaptcha() . ']');
goto out_fail;
}
$userService = new UserService();
// 验证用户登陆
$user = $userService->doAuthUser($input['user_name'], $input['user_name'], $input['password']);
if (!$user) {
$this->addFlashMessage("登陆失败,用户名、密码错误");
goto out_fail;
}
// 记录用户的登陆信息
$userInfo = $user->toArray();
unset($userInfo['password']);
// 不要记录密码
AuthHelper::saveAuthUser($userInfo, 'normal');
$this->addFlashMessage("登陆成功");
if ($returnUrl) {
header('Location:' . $returnUrl);
return;
} else {
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
}
return;
// 这里正常返回
out_fail:
// 失败从这里出口
$smarty->assign('captchaUrl', RouteHelper::makeUrl('/Image/Captcha', array('hash' => time())));
$smarty->display('user_login.tpl', 'User|Login|post');
}
public function post($f3)
{
global $smarty;
// 首先做参数合法性验证
$validator = new Validator($f3->get('POST'));
$input = array();
$input['user_name'] = $validator->required('用户名不能为空')->validate('user_name');
$input['password'] = $validator->required('密码不能为空')->validate('password');
$p_captcha = $validator->required('验证码不能为空')->validate('captcha');
if (!$this->validate($validator)) {
goto out_fail;
}
// 检查验证码是否有效
$captchaController = new \Controller\Image\Captcha();
if (!$captchaController->validateCaptcha($p_captcha)) {
$this->addFlashMessage("验证码错误");
goto out_fail;
}
$userService = new UserService();
// 验证用户登陆
$user = $userService->doAuthUser($input['user_name'], $input['user_name'], $input['password']);
if (!$user) {
$this->addFlashMessage("登陆失败,用户名、密码错误");
goto out_fail;
}
// 记录用户的登陆信息
$userInfo = $user->toArray();
unset($userInfo['password']);
// 不要记录密码
AuthHelper::saveAuthUser($userInfo, 'normal');
// 设置用户名在网页显示
ClientData::saveClientData(Login::$clientDataIsUserLoginKey, true);
ClientData::saveClientData(Login::$clientDataUserNameDisplayKey, $user->user_name);
$this->addFlashMessage("登陆成功");
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
return;
// 这里正常返回
out_fail:
// 失败从这里入口
$smarty->display('user_login.tpl', 'User|Login|post');
}
/**
* QQ 登陆
*/
public function get($f3)
{
global $logger;
global $smarty;
// 验证 state 参数,防止 csrf 攻击
if ($_REQUEST['state'] != $f3->get('SESSION[qq_login_state]')) {
$errorMessage = 'qq login state doest not match, GET[' . $f3->get('GET[state]') . '] SESSION[' . $f3->get('SESSION[qq_login_state]') . ']';
$logger->addLogInfo(\Core\Log\Base::NOTICE, 'QQLOGIN', $errorMessage);
goto out;
}
// 获取 access_token
$callback = RouteHelper::makeUrl('/Thirdpart/QQAuth/Callback', null, false, true);
$tokenUrl = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&" . "client_id=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&redirect_uri=" . urlencode($callback) . "&client_secret=" . QQAuthPlugin::getOptionValue('qqauth_appkey') . "&code=" . $_REQUEST["code"];
$response = $this->get_url_contents($tokenUrl);
if (strpos($response, "callback") !== false) {
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos - 1);
$msg = json_decode($response);
if (isset($msg->error)) {
$errorMessage = 'error [' . $msg->error . '] msg [' . $msg->error_description . ']';
$logger->addLogInfo(\Core\Log\Base::NOTICE, 'QQLOGIN', $errorMessage);
goto out;
}
}
$params = array();
parse_str($response, $params);
$logger->addLogInfo(\Core\Log\Base::DEBUG, 'QQLOGIN', print_r($params, true));
$accessToken = $params["access_token"];
// 取得 OpenID
$graphUrl = "https://graph.qq.com/oauth2.0/me?access_token=" . $accessToken;
$response = $this->get_url_contents($graphUrl);
if (strpos($response, "callback") !== false) {
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos - 1);
}
$user = json_decode($response);
if (isset($user->error)) {
$errorMessage = 'error [' . $msg->error . '] msg [' . $msg->error_description . ']';
goto out;
}
$openId = $user->openid;
// 取得 userInfo
$get_user_info = "https://graph.qq.com/user/get_user_info?" . "access_token=" . $accessToken . "&oauth_consumer_key=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&openid=" . $openId . "&format=json";
$response = $this->get_url_contents($get_user_info);
$qqUserInfo = json_decode($response, true);
$sns_login = "******";
// 用户登陆操作
$userBasicService = new UserBasicService();
$authUser = $userBasicService->doAuthSnsUser($sns_login, null, null, false);
if ($authUser) {
goto out_login_user;
}
// 之前没有登陆过,自动注册用户
$authUser = $userBasicService->doAuthSnsUser($sns_login, $openId . '@qq.com', $openId . '@qq.com', true);
$logger->addLogInfo(\Core\Log\Base::INFO, 'QQLOGIN', '注册QQ用户:' . print_r($qqUserInfo, true));
out_login_user:
AuthHelper::saveAuthUser($authUser->toArray(), 'qqlogin');
// 设置用户名在网页显示
ClientData::saveClientData(\Controller\User\Login::$clientDataIsUserLoginKey, true);
ClientData::saveClientData(\Controller\User\Login::$clientDataUserNameDisplayKey, 'QQ用户:' . $qqUserInfo['nickname']);
out:
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
}
/**
* 360 登陆
*/
public function get($f3)
{
global $logger;
if (empty($_GET['code'])) {
$this->addFlashMessage('360联合登陆失败,Code 不存在');
goto out;
}
require_once 'sdk/QClient.php';
// 获取access token
$callback = RouteHelper::makeUrl('/Thirdpart/Dev360Auth/Callback', null, false, true);
$oauth = new \QOAuth2(Dev360AuthPlugin::getOptionValue(self::$optionKeyPrefix . 'dev360auth_app_key'), Dev360AuthPlugin::getOptionValue(self::$optionKeyPrefix . 'dev360auth_app_secrect'), '');
$token = $oauth->getAccessTokenByCode($_GET['code'], $callback);
if (empty($token['access_token'])) {
$this->addFlashMessage('360联合登陆失败,获取 access_token 失败');
goto out;
}
// 调用API,获取用户信息
$client = new \QClient(Dev360AuthPlugin::getOptionValue(self::$optionKeyPrefix . 'dev360auth_app_key'), Dev360AuthPlugin::getOptionValue(self::$optionKeyPrefix . 'dev360auth_app_secrect'), $token['access_token']);
$user = $client->userMe();
if (empty($user)) {
$this->addFlashMessage('360联合登陆失败,用户信息为空');
goto out;
}
$param = array('user_id' => $user['id'], 'username' => !empty($user['name']) ? (string) $user['name'] : '网友', 'token' => $token['access_token']);
// put all values into $_POST[]
$qid = $param['user_id'];
$qname = urldecode($param['username']);
$qmail = '';
if (empty($qid)) {
// 没有 qid 没法登陆
$this->addFlashMessage('360联合登陆失败,没有 qid');
goto out;
}
$sns_login = "******";
// 用户登陆操作
$userBasicService = new UserBasicService();
$authUser = $userBasicService->doAuthSnsUser($sns_login, null, null, false);
if ($authUser) {
goto out_login_user;
}
// 用户不存在,自动注册一个用户
if (empty($qmail)) {
$qmail = '' . $qid . '@360.cn';
}
if (empty($qname)) {
$qname = $qmail;
}
$retry = 10;
// 重试 10 次
$regUserName = $qname;
while ($userBasicService->isUserExist($regUserName, null) && $retry-- > 0) {
$regUserName = $qname . '_' . rand(10000, 99999);
}
if ($retry <= 0) {
$this->addFlashMessage('360联合登陆失败,用户名已经存在,无法自动注册');
goto out;
}
$authUser = $userBasicService->doAuthSnsUser($sns_login, $qname, $qmail, true);
$logger->addLogInfo(\Core\Log\Base::INFO, 'DEV360AUTH', '注册360用户' . print_r(array('sns_login' => $sns_login, 'qname' => $qname, 'qmail' => $qmail), true));
out_login_user:
AuthHelper::saveAuthUser($authUser->toArray(), 'dev360auth');
// 设置用户名在网页显示
ClientData::saveClientData(\Controller\User\Login::$clientDataIsUserLoginKey, true);
ClientData::saveClientData(\Controller\User\Login::$clientDataUserNameDisplayKey, '360用户:' . $authUser['user_name']);
out:
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
}
