/** *用户登录 * @param $username用户名 * @param $password密码 * 返回"true"为成功,不为true返回失败信息 */ public static function userLogin($username = NULL, $password = NULL) { $ret = array('status' => 0, 'msg' => ''); $ret_num = 2; try { if (!empty($_SESSION['user_id'])) { } if (empty($username) || empty($password)) { throw new Exception("用户名或密码输入有误"); } $password = md5("beubeu" . md5($password)); $users = self::userSelectByParm("", $username, $password); //查询用户表用户名和密码是否正确 if (empty($users)) { //大于0说明数据库查询有数据 $ret_num = 2; //用户名密码错误 throw new Exception('用户名密码错误'); } $currenttime = time(); ///echo $currenttime." ".$users['endtime'];exit(); if ($currenttime > strtotime($users['endtime'])) { //如果当前时间大于到期时间说明已过期 $ret_num = 3; throw new Exception('帐号过期'); } self::usermodelUpdateByUserid($users['id'], 2); //$ret_status=self::userSeleteStatus($users['id']); //print_r($ret_status);exit(); //if($ret_status['status']==1){//说明可登录 // $ret_num=8; // throw new Exception('帐号已登陆'); //} //设置seesion和cookie if (!empty($users["type"]) && $users["type"] == Yii::app()->params['sub_type']) { $ret_num = 6; throw new Exception('用户访问权限不够'); } //用户需要进行IP验证的就验证 if ($users['ip_limit'] == 1) { $sel = Yii::app()->db->createCommand(); $ipp2 = $sel->select('IP')->from('beu_user_ip_limit')->where('status=1 and userid=' . $users['id'])->queryAll(); if (count($ipp2) == 0) { $ret_num = 5; throw new Exception('IP未设置'); } $is_bool = false; foreach ($ipp2 as $value) { if ($value['IP'] == Comm::getSourceIp()) { $is_bool = true; break; } } if (!$is_bool) { $ret_num = 5; throw new Exception('当前访问IP不在设置范围内'); } } $users['type'] = self::userTypeChange($users['type'], $users['ERP3_status']); //权限转换 if ($users['type'] > 70 || $users['type'] < 51) { //用户权限级别不再范围表示其权限不可访问后台 $ret_num = 6; throw new Exception('用户访问权限不够'); } //$_SESSION ['type'] = $users['type']; //$_SESSION ['touchid'] = json_decode ( $userinfo ['touchid'], true ); //$_SESSION ['permissions'] = json_decode ( $userinfo ['permissions'], true ); $_SESSION['user_id'] = $users['id']; $_SESSION['userid'] = $users['id']; $_SESSION['user'] = $users['username']; //用户名 $_SESSION['type'] = $users['type']; //用户类型,2为管理员,5为品牌,10为普通用户 $_SESSION['istotalaccount'] = $users['istotalaccount']; //是非品牌总管理 1.是 0.否 $_SESSION['account'] = isset($users['account']) && !empty($users['account']) ? $users['account'] : 0; //对应的账户类型 beu_useraccount.id $_SESSION['touchidd'] = isset($users['touchid']) && !empty($users['touchid']) ? implode(',', json_decode($users['touchid'], true)) : ''; $_SESSION['xiazai_v'] = 1; //是有可下载图片 $_SESSION['brandid'] = isset($users['brandid']) && !empty($users['brandid']) ? $users['brandid'] : 0; /************* 总分屏配置 start ********************/ $_SESSION['clothes_table'] = 'touch_clothes'; $_SESSION['table_where'] = ''; $_SESSION['is_push'] = 0; $_SESSION['sub_id'] = 0; /************* 总分屏配置 end ********************/ Yii::app()->cache->delete(CacheName::getCacheName('user_action_Info') . $users['id']); //清除用户的可访问页面列表缓存 usercookie::userSet($users['id'], $username, $password); //删除该用户临时数据 //self::usermodeDeleteByUserid($users['id']); //将该用户添加到临时表中 //self::usermodeForAdd($users['id']); $ret_num = 4; $ret['status'] = 1; } catch (Exception $e) { $ret['msg'] = $e->getMessage(); } $ret['data'] = $ret_num; return $ret; }
/** * 获取用户可访问的权限 * @return array('status'=>0,'msg'=>'','data'=>array(),'user_type'=>0) 成功status为1 有data数据,用户权限 */ static function getPowerAll() { $ret = array('status' => 0, 'msg' => ''); try { if (!isset($_SESSION['user_id'])) { throw new Exception('用户ID不能为空'); } $userid = $_SESSION['user_id']; $ret_judge_bool = permission::judgeUserIP(); //获取用户是否需要判断来源IP if ($ret_judge_bool['status'] == 0) { throw new Exception($ret_judge_bool['msg']); } if ($ret_judge_bool['is_bool_ip']) { //需要判断来源IP $ret_ip = self::getIpLimit($userid); //获取用户的IP白名单 if ($ret_ip['status'] == 0 && !isset($ret_ip['data'])) { throw new Exception($ret_ip['msg']); } $is_bool = false; foreach ($ret_ip['data'] as $value) { if ($value['IP'] == Comm::getSourceIp()) { $is_bool = true; break; } } if (!$is_bool) { //未在IP白名单里找到来源IP throw new Exception('来源IP未添加到用户的IP白名单里'); } } $user_type = $ret_judge_bool['user_type']; //用户权限级别 if ($user_type != 1) { //不为超级管理员时才查询其访问权限 $cache = Yii::app()->cache->get(CacheName::getCacheName('user_action_Info') . $userid . $user_type); if ($cache === false) { $ret_Action = self::getActionInfoByUser($userid, $user_type); if ($ret_Action['status'] == 0) { throw new Exception($ret_Action['msg']); } Yii::app()->cache->set(CacheName::getCacheName('user_action_Info') . $userid . $user_type, $ret_Action, 300); //设置用户的可访问页面列表缓存 } else { $ret_Action = $cache; } if ($user_type == Yii::app()->params['main_type'] && $_SESSION['sub_id'] != 0) { //当期帐号权限为总屏权限时,并且切换到了子屏 $ret_Action = self::getActionInfoByUser($_SESSION['sub_id'], Yii::app()->params['sub_type']); //获取子屏访问权限 } $ret['data'] = $ret_Action['data']; } $ret['status'] = 1; $ret['user_type'] = $user_type; } catch (Exception $e) { $ret['msg'] = $e->getMessage(); } return $ret; }