Beispiel #1
0
 /**
  * Authenticates a user.
  * The example implementation makes sure if the username and password
  * are both 'demo'.
  * In practical applications, this should be changed to authenticate
  * against some persistent user identity storage (e.g. database).
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     $model = new Admin('login');
     $model->attributes = $_POST['LoginForm'];
     if ($model->validate()) {
         $data = $model->find('username=:username', array('username' => $model->username));
         if ($data === null) {
             $this->errorCode = self::ERROR_USERNAME_INVALID;
             $model->addError('username', '用户不存在');
             parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . $model->username, 'user_id' => 0));
         } elseif (!$this->validatePassword($data->password)) {
             $this->errorCode = self::ERROR_PASSWORD_INVALID;
             $model->addError('password', '密码不正确');
             parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . $model->username . ',使用密码:' . $model->password, 'user_id' => 0));
         } elseif ($data->group_id == 2) {
             $this->errorCode = self::ERROR_UNKNOWN_IDENTITY;
             $model->addError('username', '用户已经锁定,请联系管理');
         } else {
             $this->errorCode = self::ERROR_NONE;
         }
     }
     return $this->errorCode;
 }