public function actionLogin()
{
$this->layout = "login_layout";
$request = Yii::app()->request;
if ($request->isPostRequest && isset($_POST)) {
try {
$admin_name = Yii::app()->request->getPost('admin_name');
$admin_password = Yii::app()->request->getPost('admin_password');
$user = Admin::model()->findByAttributes(array('admin_name' => $admin_name));
if ($user) {
//user existed, check password
if ($user->admin_password == md5($admin_password)) {
Yii::app()->session['admin_id'] = $user->admin_id;
$this->redirect($this->md('home/user'));
} else {
//wrong device token
// echo "đm lỗi2";
// die();
$this->redirect('login');
}
// }
} else {
//user not existed
// echo "đm lỗi3";
// die();
$this->redirect('login');
}
} catch (exception $e) {
echo $e->getMessage();
}
}
$this->render('login/index');
}
public function run($args)
{
$user_info = Admin::model()->findAll();
$count = Advice::model()->count('status=0');
foreach ($user_info as $row) {
if ($row->send_email == 0 || empty($row->email)) {
continue;
}
$message = "您今天新增" . $count . "条后勤办反馈建议\n\t \t\t'http://localhost/logistics/index.php?r=admin/index/index' 点击链接登录后台进行查看";
$mailer = Yii::createComponent('application.extensions.mailer.EMailer');
$mailer->Host = 'smtp.qq.com';
$mailer->IsSMTP();
$mailer->SMTPAuth = true;
$mailer->From = '*****@*****.**';
$mailer->AddReplyTo("{$row->email}");
$mailer->AddAddress("{$row->email}");
$mailer->FromName = '你大爷';
$mailer->Username = '******';
//这里输入发件地址的用户名
$mailer->Password = '******';
//这里输入发件地址的密码
$mailer->SMTPDebug = true;
//设置SMTPDebug为true,就可以打开Debug功能,根据提示去修改配置
$mailer->CharSet = 'UTF-8';
$mailer->Subject = Yii::t('demo', 'Yii rulez!');
$mailer->Body = $message;
$x = $mailer->Send();
$x = $mailer->Send();
}
}
/**
* Authenticates user dengan menggunakan user model (Admin.php)
*/
public function authenticate()
{
/* find data dengan atribut username
* menggunakan model Admin */
$user = Admin::model()->findByAttributes(array('username' => $this->username));
/* jika user hasilnya null maka
* kasih error invalid username */
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
/* jika tidak null */
} else {
/* cek jika password yang ada didalam database
* tidak sama dengan password yang dienkrip maka
* kasih error password invalid */
if ($user->password !== $user->encrypt($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
/* jika sama password_database==password_enkrip */
} else {
/* jika password yang dienkrip sama dengan
* yang ada di dalam database maka */
/* ambil data user id dan
* ditampung oleh variable _id */
$this->_id = $user->admin_id;
/* set state username agar dapat ditampilkan
* sebagai data user yang login
*/
$this->setState('username', $user->username);
$this->setState('adminLogin', TRUE);
/* kasih error none pada variable errorCode */
$this->errorCode = self::ERROR_NONE;
}
}
/* kembalikan bukan error code */
return !$this->errorCode;
}
public function actionAddBlog()
{
$model = new Post();
$rec = Lookup::model()->findAll(array('condition' => 'type=:t', 'params' => array(':t' => 'PostStatus')));
$admin = Admin::model()->find();
$adminId = $admin->id;
foreach ($rec as $type) {
$id[] = $type->id;
$name[] = $type->name;
$op = array_combine($id, $name);
}
if (isset($_POST['Post'])) {
$model->attributes = $_POST['Post'];
if ($model->validate()) {
$model->author_id = $adminId;
if ($model->save()) {
$this->redirect(array('postlisting', 'id' => $model->id));
}
} else {
$errors = $model->getErrors();
//var_dump($errors);
}
}
$this->render('addblog', array('model' => $model, 'type' => $op));
}
/** @test */
public function it_allows_manually_create_model_configuration()
{
$model = new ModelConfiguration('My\\Model');
Admin::instance()->setModel('My\\Model', $model);
$model = Admin::model('My\\Model');
$this->assertInstanceOf('SleepingOwl\\Admin\\Model\\ModelConfiguration', $model);
}
public function authenticate()
{
/*
$users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
);
if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
elseif($users[$this->username]!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode;
*/
$username = strtolower($this->username);
$user = Admin::model()->find('LOWER(username)=?', array($username));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user->PASSWORD != $this->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
// successful login
$this->_id = $user->ID_ADMIN;
$this->username = $user->USERNAME;
//$this->setState('level', $user->level);
//untuk memanggil level di database menggunakan EWebUser.php nanti
$this->errorCode = self::ERROR_NONE;
}
}
return $this->errorCode == self::ERROR_NONE;
}
/**
* admin login, dengan meng-input email dan password
*/
public function login()
{
/*jika _indentity null maka*/
if ($this->_identity === null) {
/*panggil component CustomerLogin dengan param
*email, dan password
*dan ditampung oleh variabel _identity
*/
$this->_identity = new CustomerLogin($this->customer_email, $this->customer_password);
/*panggil fungsi authenticate()
*yang ada di component CustomerLogin
*yang akan memvalidasi email dan password*/
$this->_identity->authenticate();
}
/*jika errorCode/error email dan password benar maka*/
if ($this->_identity->errorCode === CustomerLogin::ERROR_NONE) {
//membuat remember me durasi 30 hari
$duration = $this->rememberMe ? 3600 * 24 * 30 : 0;
// 30 days
Yii::app()->user->login($this->_identity, $duration);
//update last_login_time admin
Admin::model()->updateByPk($this->_identity->id, array('last_login_time' => new CDbExpression('NOW()')));
return true;
} else {
return false;
}
}
public function actionLogin()
{
ob_start();
Yii::app()->theme = 'back';
$model = new LoginForm();
//echo "Mohit";die;
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
$uName = $_POST['LoginForm']['username'];
$uPass = $_POST['LoginForm']['password'];
$pass = md5($uPass);
$admin = Admin::model()->findByAttributes(array('username' => $uName, 'password' => $pass));
$count = count($admin);
//echo $count;die;
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
//$this->redirect(Yii::app()->user->returnUrl);
Yii::app()->session['username'] = $uName;
}
if ($count > 0) {
//Yii::app()->session['username']=$uName;
$this->redirect('dashboard', array('model' => $model));
} else {
$this->render('index', array('model' => $model));
}
}
// display the login form
//$this->render('index',array('model'=>$model));
}
/**
* 首页
*/
public function actionIndex()
{
Tool::p('xx');
$result = Admin::model()->findByPk(1);
Tool::p($result);
$this->render('login');
}
private function loadModel($id)
{
$model=Admin::model()->findByPk($id);
if($model===null)
throw new CHttpException(404,'The requested page does not exist.');
return $model;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$admins = Admin::model()->find('name=:name',array(':name'=>$this->username));
if($admins == NULL){
$this->errorCode=self::ERROR_USERNAME_INVALID;
return false;
}
if($admins->password !== md5($this->password)){
$this->errorCode=self::ERROR_PASSWORD_INVALID;
return false;
}
$this->errorCode=self::ERROR_NONE;
// $_SESSION['adminInfo']=array(
// 'id'=>$admins->id,
// 'rid'=>$admins->rid,
// 'name'=>$admins->name,
// 'purview'=>explode(';',$admins->purview)
// );
return true;
/* if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
elseif($users[$this->username]!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode; */
}
/**
* 更新备忘
*
*/
public function actionUpdateNotebook()
{
$notebook = $this->_gets->getParam('notebook');
$model = Admin::model()->findByPk($this->_admini['userId']);
$model->notebook = trim($notebook);
if ($model->save()) {
exit('更新完成');
} else {
exit('更新失败');
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user_info = Admin::model()->find('username = :username', array(':username' => $this->username));
if (!isset($user_info->password)) {
return $this->errorCode = self::ERROR_USERNAME_INVALID;
}
if ($user_info->password != $this->password) {
return $this->errorCode = self::ERROR_PASSWORD_INVALID;
}
return !($this->errorCode = self::ERROR_NONE);
}
public function authenticate()
{
$user = Admin::model()->find("LOWER(username)=? and password=? and status=1", array(strtolower($this->username), md5($this->password)));
if ($user === null) {
return false;
} else {
$this->_id = $user->id;
$this->setState('userInfo', $user);
$this->errorCode = UserIdentity::ERROR_NONE;
return true;
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$users = Admin::model()->findByAttributes(array('name' => $this->username));
if ($users == null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif ($users->password != md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
Yii::app()->user->name = $users->name;
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$model = Admin::model()->findByPk(1);
$users = array('admin' => $model->password);
if (!isset($users[$this->username])) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif ($users[$this->username] !== crypt($this->password, 'dsghfg[][s3dfhd4sоап154рылов24апрвло')) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$admin = Admin::model()->findByAttributes(array('usuario' => $this->username));
if ($admin == null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (md5($this->password) != $admin->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $admin->id_usuario;
$this->setState("usuario", $admin->usuario);
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
public function judge($usr, $psw)
{
$model = Admin::model()->findByAttributes(array('username' => $usr));
if (!isset($model->username) || empty($model->username)) {
$this->addError('old_username', '用户名或密码错误');
} else {
if ($model->password != $psw) {
$this->addError('old_username', '用户名或密码错误');
} else {
return true;
}
}
return false;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$result = Admin::model()->findAll();
foreach ($result as $value) {
$users[$value['username']] = $value['password'];
}
if (!isset($users[$this->username])) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (Yii::app()->aes256->decrypt($users[$this->username]) !== $this->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
public function authenticate()
{
$user_info = Admin::model()->find('username = :username', array(':username' => $this->username));
if (!isset($user_info->password)) {
return $this->errorCode = self::ERROR_USERNAME_INVALID;
}
if ($user_info->password != $this->password) {
return $this->errorCode = self::ERROR_PASSWORD_INVALID;
}
$this->setState('last_logintime', $user_info->last_logintime);
$user_info->last_logintime = date("Y-m-d H:i:s", time());
$this->setState('class_id', $user_info->class_id);
$this->setState('level', $user_info->level);
$this->setState('username', $user_info->real_name);
return !($this->errorCode = self::ERROR_NONE);
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$criteria = new EMongoCriteria();
$criteria->username('==', $this->username);
$userInfo = Admin::model()->find($criteria);
if ($userInfo == NULL) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
return false;
}
if ($userInfo->password !== md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
return false;
}
$this->errorCode = self::ERROR_NONE;
return true;
}
public function authenticate()
{
$username = strtolower($this->username);
$user = Admin::model()->find('LOWER(login)=?', array($username));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (!$user->validatePassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user->id;
$this->username = $user->login;
$this->errorCode = self::ERROR_NONE;
}
}
return $this->errorCode == self::ERROR_NONE;
}
public function authenticate()
{
$record = Admin::model()->findByAttributes(array('a_login' => $this->username));
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($record->a_password !== self::hashPassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $record->id;
$this->setState('_admin_title', $record->name);
$this->setState('superadmin', $record->super_admin == 0 ? false : true);
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
/**
* 验证以保存密码的用户信息
*/
public function checkManageLogin()
{
if (empty(Yii::app()->request->cookies['manage_id']) || empty(Yii::app()->request->cookies['manage_email']) || empty(Yii::app()->request->cookies['manage_pwd'])) {
return false;
}
$info = Admin::model()->findByAttributes(array('email' => Yii::app()->request->cookies['manage_email']));
if (empty($info) || empty($info->password)) {
return false;
}
$id = substr(Yii::app()->request->cookies['manage_id'], 32);
$mcrypt_pwd = md5($info['password'] . $info['id']);
if ($id == $info['id'] && $mcrypt_pwd == Yii::app()->request->cookies['manage_pwd']) {
Yii::app()->session['manage_id'] = $info['id'];
Yii::app()->session['manage_email'] = $info['email'];
return true;
}
return false;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = Admin::model()->find('LOWER(login)=?', array(strtolower($this->username)));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (trim($this->password) !== $user->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} elseif ($user->role == Admin::DISABLED) {
$this->errorCode = self::ACTION_IS_NOT_ALLOWED;
} else {
$this->id = $user->id;
$this->role = $user->role;
Yii::app()->user->setState('role', $user->role);
$this->username = $user->login;
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
public static function getMenuItems($returnSelected = false) {
// get admin model
$admin=Admin::model()->findByPk(1);
$nicknames = explode(":",$admin->menuNicknames);
$menuOrder = explode(":",$admin->menuOrder);
$menuVis = explode(":",$admin->menuVisibility);
$menuItems = array(); // assoc. array with correct order, containing realName => nickName
$selectedItems = array();
for($i=0;$i<count($menuOrder);$i++) { // load items from menuOrder into $menuItems keys
$menuItems[$menuOrder[$i]] = Yii::t('app',$nicknames[$i]); // set values to their (translated) nicknames
if($menuVis[$i] == 1 && $returnSelected)
$selectedItems[] = $menuOrder[$i]; // but only include them if they are visible (or we need the full list)
}
return $returnSelected? array($menuItems,$selectedItems) : $menuItems;
}
/**
* 更新备注
*/
public function actionNotebookUpdate()
{
try {
$notebook = $this->_gets->getPost('notebook');
$adminModel = Admin::model()->findByPk($this->_admini['userId']);
if ($adminModel == false) {
throw new Exception('管理员不存在');
}
$adminModel->notebook = trim($notebook);
if ($adminModel->save()) {
$var['state'] = 'success';
$var['message'] = '更新成功';
} else {
throw new Exception('更新失败');
}
} catch (Exception $e) {
$var['state'] = 'error';
$var['message'] = $e->getMessage();
}
exit(CJSON::encode($var));
}
public function actionEdit($_id)
{
$model = Admin::model();
$adminModel = $model->findByPk(new MongoID($_id));
$get = Yii::app()->request->getParam('Admin');
$adminModel->attributes = $get;
if ($get && $adminModel->validate()) {
$get = Yii::app()->request->getParam('Admin');
if (!empty($get['password'])) {
$adminModel->password = md5($get['password']);
}
if ($adminModel->save()) {
Yii::app()->user->setFlash('success', '修改成功');
$this->redirect(array('user/index'));
} else {
Yii::app()->user->setFlash('error', '修改失败');
$this->redirect(array('user/index'));
}
}
$adminModel->password = '';
$this->render('edit', array('model' => $adminModel));
}
/**
* checklogin
*
*/
public function actionCheckLogin()
{
$model = new LoginForm();
if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
echo CActiveForm::validate($model);
Yii::app()->end();
}
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
if ($model->validate() && $model->login()) {
//更新登入时间
$user = Admin::model()->findByPk(yii::app()->user->id);
$user->login_time = time();
//save
$user->save();
$this->redirect(Yii::app()->request->urlReferrer);
} else {
exit('登入失败!');
}
} else {
$this->error('错误的请求', $this->createUrl('site/index'));
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
/*$users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
);*/
//校验username和password的真实性,根据用户名查询是否有相关信息
$user_model = Admin::model()->find('username=:name', array(':name' => $this->username));
//如果用户名不存在
if ($user_model === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
return false;
} else {
if ($user_model->password !== $this->password) {
//密码判断
$this->errorCode = self::ERROR_PASSWORD_INVALID;
return false;
} else {
$user_model->createtime = time();
//$user_model->last_login_ip=Yii::app()->request->UserHostAddress;//IP地址
$user_model->save(false);
$this->setState('createtime', $user_model->createtime);
$this->setState('username', $user_model->username);
$this->errorCode = self::ERROR_NONE;
return true;
}
}
/*if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
elseif($users[$this->username]!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode;*/
}
