/**
* 会员登录
*/
public function actionLogin()
{
$model = new Admin('login');
if (XUtils::method() == 'POST') {
$model->attributes = $_POST['Admin'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$model->addError('username', '用户不存在');
AdminLogger::_create(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . CHtml::encode($model->username), 'user_id' => 0));
} elseif (!$model->validatePassword($data->password)) {
$model->addError('password', '密码不正确');
AdminLogger::_create(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . CHtml::encode($model->username) . ',使用密码:' . CHtml::encode($model->password), 'user_id' => 0));
} elseif ($data->group_id == 2) {
$model->addError('username', '用户被锁定,请联系网站管理');
} else {
parent::_stateWrite(array('userId' => $data->id, 'userName' => $data->username, 'groupId' => $data->group_id, 'super' => $data->group_id == 1 ? 1 : 0), array('prefix' => '_admini'));
$data->last_login_ip = XUtils::getClientIP();
$data->last_login_time = time();
$data->login_count = $data->login_count + 1;
$data->save();
AdminLogger::_create(array('catalog' => 'login', 'intro' => '用户登录成功:' . CHtml::encode($model->username)));
$this->redirect(array('default/index'));
}
}
}
$this->render('login', array('model' => $model));
}
public function actionLogin()
{
$model = new Admin('login');
if (XUtils::method() == 'POST') {
$model->attributes = $_POST['Admin'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$model->addError('username', '用户不存在');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . CHtml::encode($model->username), 'user_id' => 0));
} elseif (!$model->validatePassword($data->password)) {
$model->addError('password', '密码不正确');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . CHtml::encode($model->username) . ',使用密码:' . CHtml::encode($model->password), 'user_id' => 0));
} elseif ($data->group_id == 2) {
$model->addError('username', '用户已经锁定,请联系管理');
} else {
$this->_sessionSet('_backendGroupId', $data->group_id);
if (isset($data->group_id) && $data->group_id == 1) {
$this->_sessionSet('_backendPermission', 'backendstrator');
}
$data->last_login_ip = XUtils::getClientIP();
$data->last_login_time = time();
$data->login_count = $data->login_count + 1;
$data->save();
parent::_sessionSet('uid', $data->id);
parent::_sessionSet('uname', $data->username);
parent::_backendLogger(array('catalog' => 'login', 'intro' => '用户登录成功:' . $data->username));
$this->redirect(array('default/index'));
XUtils::message('success', '登录成功', $this->createUrl('default/index'), 2);
}
}
}
$this->render('login', array('model' => $model));
}
public static function run($event)
{
$admin = \Admin::find($event->Admin->id);
$admin->last_ip = $event->ip_address;
$admin->last_aggregate = $event->_aggregate_hash;
$admin->save();
return \Gxela\LebackEvent\EventResponse::setData(array('success' => 'User Logged In'));
}
public function save_profile()
{
$admin = Admin::find(Session::get('admin_id'));
$password = Hash::make(Input::get('password'));
$admin->password = $password;
$admin->save();
$message = "Successfully updated the password";
$type = "success";
return Redirect::to('/admin/profile')->with('type', $type)->with('message', $message);
}
public function __construct()
{
$this->beforeFilter(function () {
$id = Session::get('admin_id');
if (isset($id)) {
$admin = Admin::find($id);
View::share('root', URL::to('/'));
View::share('name', $admin->name);
}
});
}
public function loginAction()
{
$request = $this->getRequest();
// Check if we have a POST request
if (!$request->isPost()) {
$this->_helper->redirector('index', 'admin');
}
// Get our form and validate it
$form = new LoginForm();
if (!$form->isValid($request->getPost())) {
// Invalid entries
$this->view->form = $form;
$this->_helper->redirector('index', 'admin');
// re-render the login form
}
// Get our authentication adapter and check credentials
$adapter = $this->getAuthAdapter($form->getValues());
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
// Invalid credentials
$form->setDescription('Invalid credentials provided');
$this->view->form = $form;
$this->_helper->redirector('index', 'admin');
// re-render the login form
}
$db = Zend_Registry::get('db');
$admin_id = $db->fetchOne("SELECT id FROM admin WHERE email = :temp", array('temp' => $auth->getIdentity()));
$adminModel = new Admin();
$admin = $adminModel->find($admin_id)->current();
$authNamespace = new Zend_Session_Namespace('Zend_Auth');
//2011-04-08 ham.bao separate the sessions with admin
//$authNamespace->user = $admin;
$authNamespace->admin = $admin;
//2011-04-08 ham.bao separate the sessions with admin
$authNamespace->role = 'administrator';
// We're authenticated! Redirect to the home page
$url = $form->getValue('url');
if (isset($url) && !empty($url)) {
$this->_redirector = $this->_helper->getHelper('Redirector');
$this->_redirector->gotoUrl($url);
} else {
$this->_helper->redirector('adminindex', 'campaign');
}
}
/**
* This function shows user profile
*/
public function getUserProfile()
{
if (Session::get('admin') == 'admin') {
$user = User::where('username', '=', Session::get('username'))->get()->first();
$userProfile = Admin::find($user->details_id);
$userProfile->DOB = DateFormat::show($userProfile->DOB);
return View::make('user.profile')->with('userProfile', $userProfile);
}
if (Session::get('employee') == 'employee') {
$user = User::where('username', '=', Session::get('username'))->get()->first();
$userProfile = Employee::find($user->details_id);
$userProfile->DOB = DateFormat::show($userProfile->DOB);
return View::make('user.profile')->with('userProfile', $userProfile);
}
if (Session::get('member') == 'member') {
$user = User::where('username', '=', Session::get('username'))->get()->first();
$userProfile = Member::find($user->details_id);
$userProfile->DOB = DateFormat::show($userProfile->DOB);
return View::make('user.profile')->with('userProfile', $userProfile);
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$model = new Admin('login');
$model->attributes = $_POST['LoginForm'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
$model->addError('username', '用户不存在');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . $model->username, 'user_id' => 0));
} elseif (!$this->validatePassword($data->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$model->addError('password', '密码不正确');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . $model->username . ',使用密码:' . $model->password, 'user_id' => 0));
} elseif ($data->group_id == 2) {
$this->errorCode = self::ERROR_UNKNOWN_IDENTITY;
$model->addError('username', '用户已经锁定,请联系管理');
} else {
$this->errorCode = self::ERROR_NONE;
}
}
return $this->errorCode;
}
public function actionIndex()
{
$model = new Admin('login');
if (isset($_POST['Admin'])) {
$model->attributes = $_POST['Admin'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$model->addError('username', '用户不存在');
} elseif (!$model->validatePassword($data->password)) {
$model->addError('password', '密码不正确');
} elseif ($data->group_id == 2) {
$model->addError('username', '用户被锁定,请联系网站管理');
} else {
$_SESSION['_admini'] = array('userId' => $data->id, 'userName' => $data->username, 'groupId' => $data->group_id, 'super' => $data->group_id == 1 ? 1 : 0);
$data->last_login_time = time();
$data->login_count = $data->login_count + 1;
$data->save();
$this->redirect(array('main/index'));
}
}
}
$this->render('index', array('model' => $model));
}
public static function rubahPassword($id, $password_baru)
{
$me = Admin::find($id);
$me->password = $password_baru;
$me->save();
}
<?php
include 'config.php';
logincheck();
$message = [];
$title = "Create admin";
$admin = new Admin();
$edit = 0;
if (isset($_GET['id'])) {
$title = "Edit admin";
$admin = Admin::find($_GET['id']);
}
if (isset($_POST['submit'])) {
$error = 0;
$exists = Admin::where('username', '=', $_POST['username'])->get();
if (empty($_POST['username'])) {
$message['type'] = "error";
$message['message'] = "username field cannot be empty";
$error = 1;
} else {
if (!isset($_GET['id']) && $_POST['password'] == "") {
$message['type'] = "error";
$message['message'] = "password error";
$error = 1;
}
}
if ($error == 0) {
$message['type'] = "success";
if (isset($_GET['id'])) {
$message['message'] = "admin edited";
} else {
public function testBeforeSaveOnUpdateFromModelRow()
{
$connection = m::mock('juicyORM\\Database\\DbConnection');
$connection->shouldReceive('query')->with('SELECT * FROM "admin" WHERE "admin_id" = ? LIMIT 0, 1', array('5'))->once()->andReturn(array(array("admin_id" => 5, "username" => "Steve", "email" => "*****@*****.**")));
$connection->shouldReceive('query')->with('UPDATE "admin" SET "username" = ?, "email" = ? WHERE "admin_id" = ?', array('Steve5', '*****@*****.**', 5), false)->once()->andReturn(true);
$connection->shouldReceive('query')->with('SELECT * FROM "admin" WHERE "admin_id" = ?', array('5'))->times(2)->andReturn(array(array("admin_id" => 5, "username" => "Steve5", "email" => "*****@*****.**")));
$db = juicyORM\Database\DB::Instance($this->dbConfig, $connection, true);
$admin = new Admin($db);
$user_response = $admin->find(5)->update(array("username" => "Derek", "email" => "*****@*****.**"));
$this->assertEquals(gettype($user_response), 'object');
$this->assertEquals(get_class($user_response), 'juicyORM\\Database\\ModelRow');
$this->assertEquals($user_response->username, 'Steve5');
}
public function changePassword($id)
{
$currentUserId = Auth::admin()->get()->id;
$currentRoleId = Auth::admin()->get()->role_id;
if ($currentRoleId != ADMIN) {
if ($id != $currentUserId) {
dd('error permission');
}
}
$data = Admin::find($id);
return View::make('admin.manager.changepassword')->with(compact('data'));
}
public function delete_admin()
{
$id = Request::segment(4);
$success = Input::get('success');
$admin = Admin::find($id);
if ($admin) {
Admin::where('id', $id)->delete();
return Redirect::to("/admin/admins?success=1");
} else {
return View::make('notfound')->with('title', 'Error Page Not Found')->with('page', 'Error Page Not Found');
}
}
public function reqGetRents($idPoins, $date) {
$rentsArr = Rent::all( array('idPoints'=>$idPoins) );
$resultArr = array();
foreach($rentsArr as $rent) {
$admin = Admin::find( array('id'=>$rent->idadmin) );
$client = Client::find( array('id'=>$rent->idclient) );
$inventory = Inventories::find( array('idRents'=>$rent->id) );
$tarif = Tarif::find( array('id'=>$inventory->idtarif) );
$resultTarifArr = array('id'=>$tarif->id, 'sum_per_hour'=>$tarif->sum_per_hour);
$resultAdminArr = array('id'=>$admin->id, 'name'=>$admin->name, 'email'=>$admin->email);
$resultClientArr = array('id'=>$client->id, 'name'=>$client->name, "phone"=>$client->phone, "sex"=>$client->sex);
$resultInventoryArr = array('id'=>$inventory->id, 'model'=>$inventory->model, 'number'=>$inventory->number, 'tarif'=>$resultTarifArr);
$startDate = $rent->start;//date_format($rent->start, 'Y-m-d H:i:s');
$endDate = $rent->end; //date_format($rent->end, 'Y-m-d H:i:s');
if(!is_null($rent->start)) {
$startDate = date_format($rent->start, 'Y-m-d H:i:s');
}
if (!is_null($rent->end)) {
$endDate = date_format($rent->end, 'Y-m-d H:i:s');
}
array_push( $resultArr, array( 'id'=>$rent->guid, 'start'=>$startDate, 'end'=>$endDate, 'note'=>$rent->note, 'administrator'=>$resultAdminArr, 'client'=>$resultClientArr, 'inventory'=>$resultInventoryArr ) );
}
echo json_encode(array("modified"=>"2015-11-23 22:23:00", "rents"=>$resultArr));
}
/**
* Show the form for editing the specified Admin.
*/
public function edit()
{
$this->data['admin'] = Admin::find(Auth::admin()->get()->id);
$this->data['profileSettingActive'] = 'active';
return View::make('admin.profile_settings.edit', $this->data);
}
public function profile()
{
$idadmin = Admin::where('user_id', Sentry::getUser()->id)->first();
$admins = Admin::find($idadmin->id);
// $admins = Admin::where('user_id', Sentry::getUser()->id);
return View::make('admins.profile', compact('admins'))->withTitle("Profile");
}
/**
* Show the form for editing the specified admin.
*
* @param int $id
* @return Response
*/
public function edit($id)
{
$admin = Admin::find($id);
return View::make('admins.edit', compact('admin'));
}
<?php
/**
* Created by Tyfix 2015
*/
include 'config.php';
logincheck();
$message = [];
if (isset($_GET['delete'])) {
if ($_GET['delete'] == 1) {
$message['type'] = "error";
$message['message'] = "You cannot remove the main admin account";
} else {
$admin = Admin::find($_GET['delete']);
$admin->delete();
$message['type'] = "success";
$message['message'] = "Admin deleted";
}
}
$admins = Admin::all();
echo $template->view()->make('admins')->with('admins', $admins)->with('message', $message)->render();
<?php
// Initialize the Yellow Duck Framework
require_once dirname(__FILE__) . '/../../YDFramework2/YDF2_init.php';
YDConfig::set('YD_DATABASEOBJECT_PATH', YD_SELF_DIR . YD_DIRDELIM . 'includes');
YDInclude('Admin.php');
$adm = new Admin();
// Let's begin
echo "<h1>Let's see who are the admins</h1>";
echo "<p>The Admins here are just an extension of the User object. Isn't another table, it's the same, <br>";
echo "but with some protected fields values that cannot be changed. In this case the \"is_admin\" field.</p>";
YDDebugUtil::dump($adm->getValues());
$total = $adm->find();
echo "<p>We have " . $total . " admins. Let's see who they are.</p>";
while ($adm->fetch()) {
YDDebugUtil::dump($adm->getValues());
}
echo "<p>We can't change the protected field. It's always going to return to it's protected value.<br>";
echo "But let's try... changing to is_admin=3 with the set method.</p>";
$adm->set('is_admin', 3);
YDDebugUtil::dump($adm->getValues());
echo "<p>Nothing... Let's try setting the value directly.</p>";
$adm->is_admin = 3;
YDDebugUtil::dump($adm->getValues());
echo "<p>Same thing. The idea is that the Admin Database Object will only work with the Users that are admins.<br>";
echo "If you want to unset a Admin you have to use the User object as it doesn't protect this field.</p>";
echo "<p> </p>";
echo "<p>Now we are going to define users addressses! <a href=\"users_addresses.php?YD_DEBUG=" . YDConfig::get('YD_DEBUG') . "\">Click here</a>.</p>";
echo "<p></p><p> </p>";
