public function check()
{
$this->json = new JSON();
$key = ForceStringFrom('key');
$code = ForceStringFrom('code');
$decode = authcode($code, 'DECODE', $key);
$cookievalue = ForceCookieFrom(COOKIE_SAFE);
$email = ForceStringFrom('email');
if (!$email) {
$this->ajax['i'] = '请输入Email地址!';
} elseif (!IsEmail($email)) {
$this->ajax['i'] = 'Email地址非法!';
} elseif ($decode != md5(WEBSITE_KEY)) {
$this->ajax['i'] = '验证码超时! 请刷新页面后重新提交.';
} elseif ($cookievalue != md5(WEBSITE_KEY . $key . APP::$_CFG['KillRobotCode'])) {
$this->ajax['i'] = '安全验证Cookie错误!';
} elseif (!($user = APP::$DB->getOne("SELECT u.aid, u.password, u.fullname FROM " . TABLE_PREFIX . "admin u WHERE u.email = '{$email}' AND u.activated = 1"))) {
$this->ajax['i'] = 'Email地址不存在!';
} else {
$subject = '管理员找回密码 -- ' . APP::$_CFG['Title'];
$verifycode = PassGen(8);
$verify_url = BASEURL . ADMINDIR . '/index.php?c=getpass&a=verify&key=' . base64_encode($email) . '&sid=' . md5($user['fullname'] . WEBSITE_KEY . $user['password'] . $verifycode);
$content = "{$user['fullname']}:<br><br>您好! 请点击以下链接重设密码:<br><br>";
$content .= "<a href=\"{$verify_url}\" target=\"_blank\">{$verify_url}</a><br><br>";
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET verifycode = '{$verifycode}' WHERE aid = '{$user['aid']}'");
if (SendMail($email, $subject, $content) === true) {
$this->ajax['s'] = 1;
$this->ajax['i'] = '重设密码的邮件已发送到您的信箱, 请查收!';
} else {
$this->ajax['i'] = '发送邮件失败!';
}
}
die($this->json->encode($this->ajax));
}
/**
* public 退出登录函数logout
*/
public function logout()
{
$sessionid = ForceCookieFrom(COOKIE_ADMIN);
setcookie(COOKIE_ADMIN, '', 0, '/');
//清除cookie
if ($sessionid and IsAlnum($sessionid)) {
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "session WHERE sid = '{$sessionid}'");
//后台用户退出时删除当前的session
}
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "vvc WHERE time < " . (time() - 3600 * 8));
//删除8小时前的验证码
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "session WHERE time < " . (time() - 3600 * 24 * 30));
//删除30天前的session
Redirect();
//退出后跳转到后台首页
}
protected function header_menu($path = '')
{
$info_total = 0;
//如果不是后台首页, 获取cookie统计数据
if ($path[0] != 'index') {
$info_total = ForceInt(ForceCookieFrom(COOKIE_KEY . 'backinfos'));
}
return '<div id="header">
<div class="logo"><a href="./"><img src="' . SYSDIR . 'public/img/logo.gif" title="后台首页"></a></div>
<div id="ajax-loader"></div>
<div id="topbar">
<div id="topmenu">
<dl class="first"></dl>
<dl class="home">
<dt><a href="./">首页</a></dt>
<dd>
<div>
<li class="first"><a href="./">首页</a></li>
<li class="last"></li>
</div>
</dd>
</dl>
<dl>
<dt><a href="' . BURL('guests') . '">用户</a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('users/add') . '">添加客服</a></li>
<li><a href="' . BURL('users') . '">客服列表</a></li>
<li><a href="' . BURL('guests') . '">客人管理</a></li>
<li class="last"><a href="' . BURL('avatar') . '">上传我的头像</a></li>
</div>
</dd>
</dl>
<dl>
<dt><a href="' . BURL('comments') . '">留言</a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('comments') . '">留言列表</a></li>
<li class="last"></li>
</div>
</dd>
</dl>
<dl>
<dt><a href="' . BURL('messages') . '">记录</a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('messages') . '">记录列表</a></li>
<li class="last"></li>
</div>
</dd>
</dl>
<dl>
<dt><a href="' . BURL('phrases') . '">短语</a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('phrases/add') . '">添加常用短语</a></li>
<li class="last"><a href="' . BURL('phrases') . '">常用短语列表</a></li>
</div>
</dd>
</dl>
<dl>
<dt><a href="' . BURL('settings') . '">系统</a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('settings') . '">系统设置</a></li>
<li><a href="' . BURL('language') . '">语言管理</a></li>
<li><a href="' . BURL('database') . '">数据维护</a></li>
<li><a href="' . BURL('phpinfo') . '">环境信息</a></li>
<li class="last"><a href="' . BURL('upgrade') . '">系统升级</a></li>
</div>
</dd>
</dl>
<dl class="last"></dl>
</div>
<div id="topuser">
<div class="open"><a href="' . BURL('online') . '" target="_blank" class="link-btn2">进入客服</a></div>
<dl class="first"></dl>
<dl class="' . Iif($info_total, 'info', 'info none') . '" id="info_all"><!-- 如果没有信息 class=info none -->
<dt><a href="' . BURL() . '" title="点击更新提示信息"><i></i><span id="info_total">' . $info_total . '</span></a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('comments') . '"><font id="info_comms" class="' . Iif($info_total, 'orangeb', 'light') . '">' . $info_total . '</font> 条未读留言</a></li>
<li class="last"></li>
</div>
</dd>
</dl>
<dl class="admin">
<dt><a href="#" class="logout"><i></i></a></dt>
<dd>
<div>
<li class="first"><a href="' . BURL('index/logout') . '"><img src="' . GetAvatar($this->admin['aid']) . '" class="avatar" style="margin-bottom:6px;"><BR><font class=orange>' . $this->admin['fullname'] . '</font> 退出?</a></li>
<li><a href="' . BURL('users/edit?aid=' . $this->admin['aid']) . '">修改我的资料</a></li>
<li class="last"><a href="' . BURL('avatar') . '">上传我的头像</a></li>
</div>
</dd>
</dl>
<dl class="last"></dl>
</div>
<div></div>
</div>
</div>';
}
