public function signin()
{
if (IS_POST) {
$username = $this->_post('username');
$password = $this->_post('password');
$verify = $this->_post('verify');
if (!$username || !$password || !$verify) {
$this->error('参数错误!');
}
/* 检测验证码 TODO: */
if (!Verify::check(@$verify)) {
$this->error('验证码输入错误!');
}
$db = M('admins');
$map['username'] = $username;
$map['status'] = 1;
$user = $db->where($map)->find();
if (!$user) {
$this->error('帐号不存在或被禁用');
}
if ($user['password'] != user_md5($password . $user['salt'])) {
$this->error('密码错误');
}
$data = array('id' => $user['id'], 'login' => array('exp', '`login`+1'), 'last_login_time' => NOW_TIME, 'last_login_ip' => get_client_ip());
$db->save($data);
/* 记录登录SESSION和COOKIES */
$auth = array('uid' => $user['id'], 'username' => $user['username'], 'last_login_time' => $data['last_login_time']);
session('admins', $auth);
session('admins_sign', data_auth_sign($auth));
$this->success('登录成功,正在进入...', U('index/index'));
} else {
$this->redirect('index');
exit;
}
}
//是否登录
check_login();
#加载类别
$categoriesClass = new ccategories();
$categories = $categoriesClass->getAll(0, 0, " `visible` = 'true'");
abr('categories', $categories);
#发送联系支持请求
if (isset($_POST['action'])) {
//验证码验证
if (isset($_POST['verify'])) {
if (empty($_POST['verify'])) {
addErrorMessage($langArray['error_verify_invalid_empty'], '', 'error');
}
require_once ROOT_PATH . '/classes/Verify.class.php';
$verify = new Verify();
$yz_verify = $verify->check($_POST['verify'], 1);
if (!$yz_verify) {
addErrorMessage($langArray['error_invalid_verify'], '', 'error');
} else {
$contactsClass = new contacts();
$s = $contactsClass->add();
if ($s === true) {
refresh('/' . $languageURL . 'support/', $langArray['complete_send_email'], 'complete');
} else {
addErrorMessage($langArray['error_all_fields_required'], '', 'error');
}
}
} else {
addErrorMessage($langArray['error_verify_invalid_empty'], '', 'error');
}
}
private function checkVerity($img_verity)
{
$verity = new Verify();
return $res = $verity->check($img_verity);
}
public function login($admin = false)
{
global $mysql, $config;
if (!isset($_POST['username']) || !isset($_POST['password'])) {
return 'error_invalid_username_or_password';
}
//验证码验证
if (isset($_POST['verify'])) {
if (empty($_POST['verify'])) {
return 'error_verify_invalid_empty';
}
require_once ROOT_PATH . '/classes/Verify.class.php';
$verify = new Verify();
$yz_verify = $verify->check($_POST['verify'], 1);
if (!$yz_verify) {
return 'error_invalid_verify';
}
} else {
return 'error_verify_invalid_empty';
}
$mysql->query("\n\t\t\tSELECT *\n\t\t\tFROM `users`\n\t\t\tWHERE `username` = '" . sql_quote($_POST['username']) . "' AND `password` = '" . md5(md5($_POST['password'])) . "'\n\t\t", __FUNCTION__);
if ($mysql->num_rows() == 0) {
return 'error_invalid_username_or_password';
}
$row = $mysql->fetch_array();
if ($row['status'] != 'activate') {
return 'error_invalid_activation_no';
}
$user = $this->get($row['user_id']);
if ($user['last_login_datetime'] == '' || $user['last_login_datetime'] == '0000-00-00 00:00:00') {
$user['first_login'] = '******';
}
if ($admin && ($user['groups'] == false || count($user['groups']) < 1)) {
return 'error_invalid_username_or_password';
}
$verKey = '';
if (isset($_POST['rememberme'])) {
$verKey = md5(rand(0, 9999999) . time() . $user['user_id']);
setcookie("user_id", $user['user_id'], time() + 2592000, "/", "." . $config['domain']);
setcookie("verifyKey", $verKey, time() + 2592000, "/", "." . $config['domain']);
}
$mysql->query("\n\t\t\tUPDATE `users`\n\t\t\tSET `last_login_datetime` = NOW(),\n\t\t\t\t\t`ip_address` = '" . sql_quote($_SERVER['REMOTE_ADDR']) . "', \n\t\t\t\t\t`remember_key` = '" . sql_quote($verKey) . "'\n\t\t\tWHERE `user_id` = '" . intval($user['user_id']) . "'\n\t\t\tLIMIT 1\n\t\t", __FUNCTION__);
$_SESSION['user'] = $user;
return true;
}
public function login()
{
if (IS_POST) {
$email = $this->_post('email');
$password = $this->_post('password');
$verify = $this->_post('verify');
/* 检测验证码 TODO: */
if (!Verify::check(@$verify)) {
$this->error('验证码输入错误!');
}
$map['email'] = trim($email);
$map['status'] = 1;
$this->_mod = $this->_mod;
$user = $this->_mod->where($map)->find();
if (!$user) {
$this->error('用户不存在或已被禁用!');
//应用级别禁用
exit;
}
if (user_md5($password, $user['salt']) !== $user['password']) {
$this->error('密码不正确');
}
/* 登录用户 */
if ($this->_mod->login($user['id'], $email, $password)) {
//登录用户
//TODO:跳转到登录前页面
$this->success('登录成功!', session('rebackurl'));
} else {
$this->error($this->_mod->getError());
}
} else {
if ($this->_userid) {
$this->redirect('index');
} else {
// 登录后返回登录前页面
$reback = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : '/';
if (stripos($reback, 'login') || stripos($reback, 'register') || stripos($reback, 'logout')) {
$reback = U('index');
}
session('rebackurl', $reback);
$seo['title'] = '会员登录';
$this->_seo($seo);
$this->theme('login', 'user');
}
}
}
/**
* 验证码
*/
public function vertifyHandle()
{
if (C('vertify_code', true, true)) {
$verify = new Verify();
if (!$verify->check(I('post.vertify'), "AdminLogin")) {
$this->error("验证码错误");
}
}
}