Beispiel #1
0
 /**
  * 登录
  */
 public function actionLogin()
 {
     if ($this->_isPost()) {
         #------验证码------#
         $this->_loadCore('Help_ImgCode');
         $helpImgCode = new Help_ImgCode();
         if (!$helpImgCode->check($_POST['verify_code'])) {
             $this->_utilMsg->showMsg('您输入的验证码不正确', -1);
         }
         #------验证码------#
         $userName = trim($_POST['user_name']);
         $userInfo = $this->_modelUser->findByUserName($userName);
         if ($userInfo['password'] == md5($_POST['password'])) {
             //如果密码正确
             $this->_utilRbac->setLogin($userName);
             $utilOnline = $this->_getGlobalData('Util_Online', 'object');
             $utilOnline->setOnlineUser($userName);
             //设置在线用户
             $this->_utilMsg->showMsg(false, 1, Tools::url(CONTROL, 'Index'));
         } else {
             $this->_utilMsg->showMsg('您输入的密码不正确,或账号不存在', -2);
         }
     } else {
         $this->_view->display($this->_view->get_curPage());
     }
 }
Beispiel #2
0
 /**
  * 超管登录其他用户的账号
  */
 public function actionLoginOthers()
 {
     $userClass = $this->_getGlobalData('Util_Rbac', 'object')->getUserClass();
     if (in_array($userClass['_userName'], explode(',', MasterAccount))) {
         //判断是否超管
         $userName = trim($_REQUEST['user_name']);
         $userInfo = $this->_modelUser->findByUserName($userName);
         if ($userInfo) {
             $this->_utilRbac->setLogin($userName);
             $utilOnline = $this->_getGlobalData('Util_Online', 'object');
             $utilOnline->setOnlineUser($userName);
             //设置在线用户
             $this->_utilMsg->showMsg(false, 1, Tools::url(CONTROL, 'Index'));
         }
     } else {
         $this->_utilMsg->showMsg('不是超级管理员', -2);
     }
 }
Beispiel #3
0
 /**
  * 登录
  */
 public function actionLogin()
 {
     //获取passport发过来的参数
     $uname = $_GET['uname'];
     //用户名
     $password = $_GET['pwd'];
     //密码
     $sign = $_GET['sign'];
     //签名
     $sys = $_GET['sys'];
     //子系统标识名
     $pwds = $this->_authcode($password, 'DECODE', self::$_API_KEY);
     //加密后的密码
     $destime = $this->_authcode($_GET['desTime'], 'DECODE', self::$_API_KEY);
     $sign2 = md5($uname . $pwds . $destime . self::$_MD5_KEY);
     $check_uname_url = "http://pass.uwan.com/validate.aspx?uname=" . urlencode($uname) . "&destime=" . urlencode($_GET['desTime']) . "&despwd=" . urlencode($password) . "&sys=" . $sys;
     $apply = file_get_contents($check_uname_url);
     if ($apply == "1") {
         //passport验证成功
         if ($sign == $sign2) {
             //签名正确
             //本系统进行用户验证
             $uname = strtolower($uname);
             //小写
             $userInfo = $this->_modelUser->findByUserName($uname);
             if (!is_array($userInfo)) {
                 //用户不存在
                 //创建最低权限用户
                 $user = array();
                 $user['org_id'] = 0;
                 //组ID
                 $user['department_id'] = 0;
                 //部门ID
                 $user['roles'] = 'guest';
                 //角色
                 $user['nick_name'] = $uname;
                 //昵称
                 $user['user_name'] = $uname;
                 //用户名
                 $user['password'] = md5($password);
                 $user['date_created'] = time();
                 //创建时间
                 $user['date_updated'] = $user['date_created'];
                 //更新时间
                 $user['order_vip_level'] = '0,1,2,3,4,5,6';
                 if (!$this->_utilRbac->createUser($user)) {
                     //创建用户失败
                     echo "validate('" . $sys . "'," . self::$_API_FAILED . ");";
                     exit;
                 }
             }
             //设置成已登录
             $this->_utilRbac->setLogin($uname);
             $utilOnline = $this->_getGlobalData('Util_Online', 'object');
             $utilOnline->setOnlineUser($uname);
             //设置在线用户
             Tools::setHeadP3P();
             //header ( 'P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"' );
             echo "validate('" . $sys . "'," . self::$_API_SUCCESS . ");";
         } else {
             //登录失败
             echo "validate('" . $sys . "'," . self::$_API_FAILED . ");";
             exit;
         }
     } else {
         //验证失败
         echo "validate('" . $sys . "'," . self::$_API_FAILED . ");";
         exit;
     }
 }