public static function verify_login_in($username, $password, $logintype = 2)
{
if ($logintype == 1) {
$password_md5 = md5($password);
} elseif ($logintype == 2) {
$password_md5 = $password;
} elseif ($logintype == 3) {
$password_md5 = $password;
}
$select = "SELECT * FROM gamebi_admin_user WHERE `user_name`='{$username}' and `password`='{$password_md5}'";
if (pm_db::query($select)) {
$data = pm_db::num_rows();
if ($data > 0) {
$auth_key = self::get_user_agent();
$auth_password = $password;
$auth_username = $username;
$cookie_value = authcode($auth_username . ':' . $auth_key . ':' . $auth_password, $operation = 'ENCODE');
$cookie_expire = time() + 7200;
//20分钟
$cook_pre = AUTH_KEY . '_admin_auth';
$_COOKIE[$cook_pre] = $cookie_value;
setcookie(AUTH_KEY . '_admin_auth', $cookie_value, $cookie_expire, PATH_COOKIE);
defined('USERNAME') || define('USERNAME', $username);
$row_info = pm_db::fetch_one();
defined('TRUENAME') || define('TRUENAME', $row_info['truename']);
defined('ADMINLEVEL') || define('ADMINLEVEL', $row_info['level']);
defined('ADMINUSERID') || define('ADMINUSERID', $row_info['user_id']);
defined('ISSUPERADMIN') || define('ISSUPERADMIN', $row_info['is_super']);
if (ADMINLEVEL == 1) {
defined('If_manager') || define('If_manager', 1);
$rightset = array();
} else {
defined('If_manager') || define('If_manager', 0);
$rightset = array();
$rightset = r_unserialize($row_info['rights']);
$crmi = strpos($row_info['rights'], "crmhome_index");
$summary = strpos($row_info['rights'], 'summarybutton');
defined('CRM') || define('CRM', $crmi);
defined('SUMMARY') || define('SUMMARY', $summary);
$sys_con = self::get_control();
//用户当前进行的操作
if (empty($sys_con) || $sys_con['c'] == 'login' || $sys_con['c'] == 'securimage' || globalrt($sys_con) || $_GET['c'] == 'tweet') {
} else {
$if_auth = false;
foreach ($rightset as $k => $v) {
if (is_int(strrpos($k, 'fl111'))) {
$ka = explode('fl111', $k);
foreach ($ka as $v) {
$rt = self::getrt($v);
if ($rt == $sys_con) {
$if_auth = true;
}
}
} else {
$rt = self::getrt($k);
if ($rt == $sys_con) {
$if_auth = true;
}
}
}
if ($if_auth) {
return true;
} else {
$sourceurl = $_SERVER['HTTP_REFERER'];
if ($sourceurl == 'http://gamebi.feiliu.com/?c=login&a=menu' || $sourceurl == '?c=login&a=menu') {
$sourceurl = '?c=login&a=welcome';
}
$error = '抱歉,您没有对应的操作权限,如有所需,请联系管理员。';
$http = $sourceurl;
$stop_loop = 0;
//没权限不跳转
self::message($error, $http);
exit;
}
}
}
$admin_recordfile = PATH_ADMIN_LOG_PATH . "/admin_log_" . date('Y-m-d') . ".php";
$onlineip = get_client_ip();
$new_record = "<?die;?>|{$username}|***|Logging Failed|{$onlineip}|" . time() . "|\n";
//登陆次数限制
//writeover($admin_recordfile,$new_record,"ab");
return true;
} else {
self::log_error_login($username, $password);
setcookie(AUTH_KEY . '_admin_auth', 0, 100, '/', PATH_COOKIE);
pm_tpl::assign('error', '账号或密码错误');
pm_tpl::display('login');
exit;
}
}
}
public static function member_password($user_id, $password, $type = 1)
{
$sql_add = '';
if ($type == 1) {
$sql_add = " AND level=!'1')";
}
if (ADMINUSERID == $user_id) {
$oldpassword = empty($_POST['oldpassword']) ? '' : $_POST['oldpassword'];
if (empty($oldpassword)) {
throw new Exception("请输入原始密码.");
}
$oldpassword = md5($oldpassword);
pm_db::query("SELECT name,adminright FROM iosadm_admin_user WHERE user_id='{$user_id}' and password='******' {$sql_add}");
$how = pm_db::num_rows();
if ($how == 0) {
throw new Exception("原始密码不正确.");
}
//修改自己密码
}
pm_db::query("SELECT name,adminright FROM iosadm_admin_user WHERE user_id='{$user_id}' {$sql_add}");
$how = pm_db::num_rows();
if ($how == 0) {
throw new Exception("没有这个用户.");
}
if ($password != '') {
if (strlen($password) < 6) {
throw new Exception("密码长度不够,最少6位.");
}
$S_key = array("\\", '&', ' ', "'", '"', '/', '*', ',', '<', '>', "\r", "\t", "\n", '#');
foreach ($S_key as $value) {
if (strpos($password, $value) !== false) {
throw new Exception("密码不能包含特殊字符.");
}
}
$password = md5($password);
pm_db::query("UPDATE iosadm_admin_user SET password='******' WHERE user_id='{$user_id}'");
return true;
} else {
throw new Exception("请输入新密码.");
}
}