Beispiel #1
0
 /**
  * 登录页面
  *
  * @return \Core\Http\Response
  */
 public function loginAction()
 {
     if ($this->adminId > 0) {
         return $this->goHome();
     }
     $session = \App::session();
     if ($this->request->isMethod('post')) {
         $userName = $this->getPost('username');
         $password = $this->getPost('password');
         $remember = $this->getPost('remember', 0);
         $adminInfo = AdminModel::getInstance()->getAdminByName($userName);
         if ($adminInfo && $adminInfo['password'] == md5($password . $adminInfo['salt'])) {
             $this->setLoginAuth($adminInfo['id'], $adminInfo['password'], $remember);
             AdminModel::getInstance()->updateAdmin($adminInfo['id'], array('last_login' => NOW, 'last_ip' => $this->request->getClientIp()));
             return $this->redirect(URL('main/index'));
         }
         $session->setFlash('error', '帐号或密码错误');
     }
     $this->assign(['error' => $session->getFlash('error')]);
     return $this->display();
 }
Beispiel #2
0
 private function delAdmin()
 {
     $adminModel = AdminModel::getInstance();
     $id = intval($this->get('id'));
     if ($id == 1) {
         return $this->message('不能删除ID为1的帐号');
     }
     $adminModel->deleteAdmin($id);
     return $this->redirect(URL(CUR_ROUTE));
 }
Beispiel #3
0
 private function initAuth()
 {
     $auth = $this->request->cookies()->getDecrypt('auth');
     $ip = '';
     // $this->request->getClientIp()
     if (empty($auth) || strpos($auth, '|') === false) {
         return false;
     }
     list($id, $password) = explode('|', $auth);
     $adminInfo = AdminModel::getInstance()->getAdmin($id);
     if (!$adminInfo || md5($adminInfo['password'] . $ip) != $password) {
         return false;
     }
     $this->adminId = $adminInfo['id'];
     $this->userName = $adminInfo['user_name'];
     $this->adminSex = $adminInfo['sex'];
     $this->powers = explode(',', $adminInfo['power']);
     return true;
 }