/** * 登录 */ public function login() { $user = $this->getR('user'); $pwd = $this->convertPwd($this->getR('pwd')); $this->_modelUser = $this->getGlobal('model/User', 'Model_User'); $userResult = $this->_modelUser->findByUser($user); if (!$userResult) { return array('status' => -1, 'info' => '账号不存在', 'data' => null); } if ($userResult['pwd'] != $pwd) { return array('status' => -1, 'info' => '用户名密码错误', 'data' => null); } $this->setLogin($userResult); $this->_modelUser->update(array('login_count' => '@@@+1'), "id={$userResult['id']}"); //增加登录次数 return array('status' => 1, 'info' => '登录成功', 'data' => null); }
/** * 删除部门 */ private function _departmentDel() { if ($this->_modelDepartment->delById($_GET['Id'])) { $this->_modelUser->update(array('department_id' => '0'), "department_id={$_GET['Id']}"); //将这个部门的所有员工都更新为0,无部门 $this->_modelDepartment->createCache(); $this->_modelUser->createCache(); $this->_utilMsg->showMsg('删除部门成功'); } else { $this->_utilMsg->showMsg('删除部门失败', -2); } }
public function updateAction() { //定义更新方法 $table = new Model_User(); //类的实例化 $set = array('tb_user' => 'mingri'); $where = 'id = 2'; //定义更新条件 if ($table->update($set, $where)) { //执行更新操作 $this->view->update = "修改成功!"; } else { $this->view->update = "该数据不存在或已经被修改过"; } }
public function setlangAction() { $this->referer = $_SERVER['HTTP_REFERER']; $lang = $this->_getParam("language"); $auth = Zend_Auth::getInstance(); if ($auth->hasIdentity()) { $umodel = new Model_User(); $data = (array) $auth->getIdentity(); $data['lang'] = $lang; $umodel->update($data); $auth->getStorage()->write((object) $data); } setcookie("lang", $lang, null, '/'); if ($this->hasValidReferer()) { $new_url = explode("/", $this->referer); if (count($new_url) > 3 && strlen($new_url[3]) > 0) { $new_url[3] = $lang; } $this->_redirect(join("/", $new_url), array('code' => 301)); } else { $this->_redirect('/', array('code' => 301)); } }
/** * * Check if we need to login the user or display the form, same form for normal user and admin */ public function action_login() { //if user loged in redirect home if (Auth::instance()->logged_in()) { Auth::instance()->login_redirect(); } elseif ($this->request->post() and CSRF::valid('login')) { $blocked_login = FALSE; // Load the user $user = new Model_User(); $user->where('email', '=', core::post('email'))->where('status', 'in', array(Model_User::STATUS_ACTIVE, Model_User::STATUS_SPAM))->limit(1)->find(); // Check if we must block this login attempt. if ($user->loaded() and $user->failed_attempts > 2) { // failed 2 or 3 attempts, wait 1 minute until next attempt if ($user->failed_attempts < 5 and $user->last_failed > Date::unix2mysql(strtotime('-1 minute'))) { $blocked_login = TRUE; Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in a minute.')); } elseif ($user->failed_attempts > 4 and $user->last_failed > Date::unix2mysql(strtotime('-24 hours'))) { $blocked_login = TRUE; Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in 24 hours.')); } } //not blocked so try to login if (!$blocked_login) { Auth::instance()->login(core::post('email'), core::post('password'), (bool) core::post('remember')); //redirect index if (Auth::instance()->logged_in()) { if ($user->loaded()) { $user->failed_attempts = 0; try { // Save the user $user->update(); } catch (ORM_Validation_Exception $e) { Form::set_errors($e->errors('')); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } //is an admin so redirect to the admin home Auth::instance()->login_redirect(); } else { Form::set_errors(array(__('Wrong email or password') . '. ' . '<a class="alert-link" href="' . Route::url('oc-panel', array('directory' => 'user', 'controller' => 'auth', 'action' => 'forgot')) . '">' . __('Have you forgotten your password?') . '</a>')); if ($user->loaded()) { // this is fifth failed attempt, invalidate token? if ($user->failed_attempts == 4) { $user->token = NULL; $user->user_agent = NULL; $user->token_created = NULL; $user->token_expires = NULL; } $user->failed_attempts = new Database_Expression('failed_attempts + 1'); $user->last_failed = Date::unix2mysql(time()); try { // Save the user $user->update(); } catch (ORM_Validation_Exception $e) { Form::set_errors($e->errors('')); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } } } } //Login page $this->template->title = __('Login'); $this->template->meta_description = __('Login to') . ' ' . Core::config('general.site_name'); $this->template->content = View::factory('pages/auth/login'); }
/** * Allow a user to reset his password after he had forgotten it. * * @return void */ public function resetpasswordAction() { $this->view->title = __('reset password page title'); $authVars = Garp_Auth::getInstance()->getConfigValues(); $activationCode = $this->getRequest()->getParam('c'); $activationEmail = $this->getRequest()->getParam('e'); $expirationColumn = $authVars['forgotpassword']['activation_code_expiration_date_column']; $userModel = new Model_User(); $activationCodeClause = 'MD5(CONCAT(' . $userModel->getAdapter()->quoteIdentifier($authVars['forgotpassword']['activation_token_column']) . ',' . 'MD5(email),' . 'MD5(' . $userModel->getAdapter()->quote($authVars['salt']) . '),' . 'MD5(id)' . ')) = ?'; $select = $userModel->select()->where($activationCodeClause, $activationCode)->where('MD5(email) = ?', $activationEmail); $user = $userModel->fetchRow($select); if (!$user) { $this->view->error = __('reset password user not found'); return; } if (strtotime($user->{$expirationColumn}) < time()) { $this->view->error = __('reset password link expired'); return; } if (!$this->getRequest()->isPost()) { return; } $password = $this->getRequest()->getPost('password'); if (!$password) { $this->view->formError = sprintf(__('%s is a required field'), ucfirst(__('password'))); return; } if (!empty($authVars['forgotpassword']['repeatPassword']) && !empty($authVars['forgotpassword']['repeatPasswordField'])) { $repeatPasswordField = $this->getRequest()->getPost($authVars['forgotpassword']['repeatPasswordField']); if ($password != $repeatPasswordField) { $this->view->formError = __('the passwords do not match'); return; } } // Update the user's password and send him along to the login page $updateClause = $userModel->getAdapter()->quoteInto('id = ?', $user->id); $userModel->update(array('password' => $password, $authVars['forgotpassword']['activation_token_column'] => null, $authVars['forgotpassword']['activation_code_expiration_date_column'] => null), $updateClause); $this->_helper->flashMessenger(__($authVars['resetpassword']['success_message'])); $this->_redirect('/g/auth/login'); }
if ($_FILES["file"]["error"] > 0) { global_common::writeLog($_FILES["file"]["error"]); //echo "Return Code: " . $_FILES["file"]["error"] . "<br>"; } else { //if (file_exists("upload/" . $_FILES["file"]["name"])) //{ $manipulator = new ImageManipulator($_FILES["file"]["tmp_name"]); // resizing to 200x200 $manipulator->resample($_FILES["file"]["tmp_name"], $_FILES["file"]["type"], 200, 200); //echo "after"; $fileName = global_common::FOLDER_AVATAR . $currentUser[global_mapping::UserID] . '_' . $_FILES["file"]["name"]; $userUpdate = $objUser->getUserByID($currentUser[global_mapping::UserID]); $userUpdate[global_mapping::Avatar] = $fileName; //echo $fileName; //echo $userUpdate[global_mapping::IsActive]; $result = $objUser->update($userUpdate[global_mapping::UserID], $userUpdate[global_mapping::UserName], $userUpdate[global_mapping::Password], $userUpdate[global_mapping::FullName], $userUpdate[global_mapping::BirthDate], $userUpdate[global_mapping::Address], $userUpdate[global_mapping::Phone], $userUpdate[global_mapping::Email], $userUpdate[global_mapping::Sex], $userUpdate[global_mapping::Identity], $userUpdate[global_mapping::RoleID], $userUpdate[global_mapping::UserRankID], $userUpdate[global_mapping::Avatar], $userUpdate[global_mapping::AccountID], $userUpdate[global_mapping::IsActive]); //echo $result; $_SESSION[global_common::SES_C_USERINFO] = $currentUser = $userUpdate; move_uploaded_file($_FILES["file"]["tmp_name"], $fileName); //} //else //{ // move_uploaded_file($_FILES["file"]["tmp_name"], // global_common::FOLDER_AVATAR . $currentUser[global_mapping::UserID].$_FILES["file"]["name"]); //} } } else { global_common::writeLog("Invalid file"); //echo "Invalid file"; } //return;
public function change2Action() { $request = $this->getRequest(); $aNamespace = new Zend_Session_Namespace('Nolotiro'); $locationtemp = $aNamespace->locationTemp; $this->view->page_title .= $this->view->translate('change location'); //if is get overwrite the localtemp value if ($_GET['location']) { $locationtemp = $_GET['location']; } $places = $this->getYahooGeoWoeidList($locationtemp, $this->view->lang); //check if we got response from yahoo geo api if ($places === false) { $this->_helper->_flashMessenger->addMessage($this->view->translate('I can not connect to Yahoo geo service, sorry!')); $this->_redirect('/' . $this->view->lang . '/woeid/' . $aNamespace->location . '/give'); } //check if the yahoo geo api returns no results! if (count($places->place) == 0) { $this->_helper->_flashMessenger->addMessage($this->view->translate('No location found named:') . ' "' . $locationtemp . '"'); $this->_redirect('/' . $this->view->lang . '/woeid/' . $aNamespace->location . '/give'); } //if just one result then jump straight to change location if (count($places->place) == 1) { //if the user is logged then update the woeid value in ddbb, if not just update the session location value $auth = Zend_Auth::getInstance(); if ($auth->hasIdentity()) { require_once APPLICATION_PATH . '/models/User.php'; $model = new Model_User(); $data['id'] = $auth->getIdentity()->id; $data['woeid'] = (int) $places->place->woeid; $userUpdateLocation = $model->update($data); } $aNamespace = new Zend_Session_Namespace('Nolotiro'); $aNamespace->location = (int) $places->place->woeid; //woeid setcookie('location', (int) $places->place->woeid, null, '/'); $name = $places->place->name . ', ' . $places->place->admin1 . ', ' . $places->place->country; $aNamespace->locationName = $name; //location name $this->_helper->_flashMessenger->addMessage($this->view->translate('Location changed successfully to:') . ' ' . $name); $this->_redirect('/' . $this->view->lang . '/woeid/' . $places->place->woeid . '/give'); } $form = $this->_getLocationChange2Form($locationtemp); // assign the form to the view $this->view->locationtemp = $locationtemp; $this->view->places = $places; $this->view->form = $form; $counter = 0; //*** here add the select values to the form from yahoo xml result foreach ($places->place as $item) { $name = $item->name . ', ' . $item->admin1 . ', ' . $item->country; $woeid = (string) $item->woeid; //we have to cast to string item to not disturb the zend form translate parser! //glue together woeid and text to parse after with * $woeid = $woeid . '*' . $name; $location_options[$woeid] = $name; //check the first value of the array results to show the first selected to form $counter++; if ($counter == 1) { $firstitem = $woeid; } } $form->addElement('select', 'location', array('validators'))->getElement('location')->addMultiOptions($location_options)->setValue($firstitem)->setRegisterInArrayValidator(false)->setIsArray(true); //this set select expanded // add the submit button $form->addElement('submit', 'submit', array('label' => 'Choose your location')); // check to see if this action has been POST'ed to if ($this->getRequest()->isPost()) { if ($form->isValid($request->getPost())) { $formulario = $form->getValues(); //parse the location value $values = explode("*", $formulario['location'][0]); //if the user is logged then update the woeid value in ddbb, if not just update the session location value $auth = Zend_Auth::getInstance(); if ($auth->hasIdentity()) { require_once APPLICATION_PATH . '/models/User.php'; $model = new Model_User(); $data['id'] = $auth->getIdentity()->id; $data['woeid'] = $values[0]; $userUpdateLocation = $model->update($data); } $aNamespace = new Zend_Session_Namespace('Nolotiro'); $aNamespace->location = $values[0]; //woeid setcookie('location', $values[0], null, '/'); $name = $item->name . ', ' . $item->admin1 . ', ' . $item->country; $aNamespace->locationName = $values[1]; //location name $this->_helper->_flashMessenger->addMessage($this->view->translate('Location changed successfully to:') . ' ' . $values[1]); $this->_redirect('/' . $this->view->lang . '/woeid/' . $values[0] . '/give'); } } }
public function lockAction() { $id = (int) $this->getRequest()->getParam('id'); $this->view->userRole = $this->_helper->checkUserRole->check(); //only admins have access to this action if ($this->view->userRole == 1) { $modelUser = new Model_User(); $this->view->userToLock = $modelUser->fetchUser($id)->username; if ($this->view->userToLock == null) { //the user does not exists $this->_helper->_flashMessenger->addMessage($this->view->translate('This user does not exists')); $this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give'); } if ($this->getRequest()->isPost()) { $lock = $this->getRequest()->getPost('lock'); if ($lock == 'Yes') { //bye bye troll $data['locked'] = 1; $data['id'] = $id; $modelUser->update($data); $this->_helper->_flashMessenger->addMessage($this->view->translate('User locked successfully.')); $this->_redirect('/' . $this->view->lang . '/woeid/' . $this->location . '/give'); return; } } } else { $this->_helper->_flashMessenger->addMessage($this->view->translate('You are not allowed to view this page')); $this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give'); return; } }
$userRankID = $_pgR['UserRankID']; $userRankID = global_editor::rteSafe(html_entity_decode($userRankID, ENT_COMPAT, 'UTF-8')); $avatar = $_pgR['Avatar']; $avatar = global_editor::rteSafe(html_entity_decode($avatar, ENT_COMPAT, 'UTF-8')); $accountID = $_pgR['AccountID']; $accountID = global_editor::rteSafe(html_entity_decode($accountID, ENT_COMPAT, 'UTF-8')); $isActived = $_pgR['IsActived']; $isActived = global_editor::rteSafe(html_entity_decode($isActived, ENT_COMPAT, 'UTF-8')); //$checkProduct = $objMenu->getMenuByName($_pgR['name']); //if ($checkProduct && $checkProduct['menu_id']!= $strID) { // echo global_common::convertToXML($arrHeader, array("rs",'info'), array(0,global_common::STRING_NAME_EXIST), array(0,1)); // return; //} //$strName = $_pgR['name']; //$strDetail= $_pgR['detail']; $resultID = $objUser->update($userID, $userName, $password, $fullname, $birthDate, $address, $phone, $email, $sex, $identity, $roleID, $userRankID, $avatar, $accountID, $isActived); if ($resultID) { $arrHeader = global_common::getMessageHeaderArr($banCode); //$banCode echo global_common::convertToXML($arrHeader, array("rs", "inf"), array(1, $result), array(0, 1)); return; } else { echo global_common::convertToXML($arrHeader, array("rs"), array(0), array(0)); return; } } else { echo global_common::convertToXML($arrHeader, array("rs", 'info'), array(0, global_common::STRING_REQUIRE_LOGIN), array(0, 1)); } return; } elseif ($_pgR['act'] == model_User::ACT_CHANGE_PAGE) { $intPage = $_pgR['p'];