public function loginAction() { $userModel = $this->loadModel('users'); $groupModel = $this->loadModel('groups'); $user = $userModel->fetchOne(array('table' => 'table.users', 'where' => array('template' => 'user_name = ? AND user_password = ?', 'value' => array($_POST['username'], md5($_POST['password']))))); if (NULL == $user) { $this->result['message_open'] = true; $this->result['message'] = $this->getLanguage('error', 'login'); } else { $_SESSION['user_name'] = $user['user_name']; $_SESSION['user_id'] = $user['id']; $_SESSION['user_group'] = $user['user_group']; $_SESSION['auth_data'] = mgCreateRandomString(128); setcookie('auth_data', $_SESSION['auth_data'], 0, '/'); if (isset($_GET['referer'])) { header('location: ' . $this->stack['static_var']['index'] . $_GET['referer']); } else { if ($user['user_group'] >= $this->stack['static_var']['user_register_group']) { header('location: ' . $this->stack['static_var']['siteurl']); } else { header('location: ' . $this->stack['static_var']['index'] . '/admin/'); } } } }
public function insertUser() { $this->requirePost(NULL, false); $userModel = $this->loadModel('users'); $password = isset($_POST['user_password']) && $_POST['user_password'] ? $_POST['user_password'] : mgCreateRandomString(7); $insertId = $userModel->insertTable(array('user_name' => $_POST['user_name'], 'user_firstname' => $_POST['user_firstname'], 'user_lastname' => $_POST['user_lastname'], 'user_password' => md5($password), 'user_mail' => $_POST['user_mail'], 'user_url' => $_POST['user_url'], 'user_nick' => $_POST['user_nick'], 'user_about' => $_POST['user_about'], 'user_group' => $_POST['user_group'])); $this->result['open'] = true; $this->result['word'] = '您的用户 "' . $_POST['user_name'] . '" 已经提交成功' . (isset($_POST['user_password']) && $_POST['user_password'] ? '' : ',密码为<strong>' . $password . '</strong>'); }
public function insertUser() { $this->requirePost(NULL, false); $userModel = $this->loadModel('users'); $password = isset($_POST['user_password']) && $_POST['user_password'] ? $_POST['user_password'] : mgCreateRandomString(7); $insertId = $userModel->insertTable(array('user_name' => $_POST['user_name'], 'user_password' => md5($password), 'user_mail' => $_POST['user_mail'], 'user_url' => isset($_POST['user_url']) ? $_POST['user_url'] : NULL, 'user_about' => isset($_POST['user_about']) ? $_POST['user_about'] : NULL)); $groupModel = $this->loadModel('groups'); $groupModel->insertUserGroup($insertId, $this->stack['static_var']['user_register_group']); //发送注册邮件 $this->result['mailer']['subject'] = '"' . $this->stack['static_var']['blog_name'] . '"注册提示'; $this->result['mailer']['body'] = $_POST['user_name'] . ",您好:\r\n欢迎您成为我们网站的用户.\r\n您注册的用户名是'" . $_POST['user_name'] . "',密码是'" . $password . "'\r\n\r\n感谢您的支持! \r\n" . $this->stack['static_var']['siteurl']; $this->result['mailer']['send_to'] = $_POST['user_mail']; $this->result['mailer']['send_to_user'] = $_POST['user_name']; //登录用户 $_SESSION['user_name'] = $_POST['user_name']; $_SESSION['user_id'] = $insertId; $_SESSION['user_group'] = array($this->stack['static_var']['user_register_group']); $_SESSION['auth_data'] = mgCreateRandomString(128); setcookie('auth_data', $_SESSION['auth_data'], 0, '/'); }
public function updatePost($postInput = NULL, $postId = 0) { $input = $postInput ? $postInput : $_POST; $input['post_is_draft'] = isset($input['post_is_draft']) && $input['post_is_draft'] ? $input['post_is_draft'] : 0; if ($this->stack['access']['user_group'] > $this->stack['static_var']['group']['editor']) { $input['post_is_draft'] = 1; } $postId = $postId ? $postId : $_GET['post_id']; if (!$postInput) { $this->requirePost(NULL, !$input['post_is_draft']); $this->requireGet('post_id'); } $url = isset($input['post_trackback']) ? $input['post_trackback'] : NULL; unset($input["post_trackback"]); unset($input["post_id"]); $input['post_title'] = isset($input['post_title']) && $input['post_title'] ? trim($input['post_title']) : ($input['post_is_draft'] ? '无标题文档' : NULL); $input['post_content'] = isset($input['post_content']) && $input['post_content'] ? $input['post_content'] : NULL; $input['post_tags'] = isset($input['post_tags']) ? $this->praseTags($input['post_tags']) : NULL; $input['post_allow_ping'] = isset($input['post_allow_ping']) && $input['post_allow_ping'] ? $input['post_allow_ping'] : 0; $input['post_allow_comment'] = isset($input['post_allow_comment']) && $input['post_allow_comment'] ? $input['post_allow_comment'] : 0; $input['post_allow_feed'] = isset($input['post_allow_feed']) && $input['post_allow_feed'] ? $input['post_allow_feed'] : 0; $input['post_is_hidden'] = isset($input['post_is_hidden']) && $input['post_is_hidden'] ? $input['post_is_hidden'] : 0; $input['post_is_page'] = isset($input['post_is_page']) && $input['post_is_page'] ? $input['post_is_page'] : 0; $input['post_is_draft'] = isset($input['post_is_draft']) && $input['post_is_draft'] ? $input['post_is_draft'] : 0; $input['category_id'] = isset($input['category_id']) && $input['category_id'] ? $input['category_id'] : 0; if (!isset($input['post_edit_time']) || !$input['post_edit_time']) { $input['post_edit_time'] = time() - $this->stack['static_var']['server_timezone']; } $postModel = $this->loadModel('posts'); //自动生成post_name $input['post_name'] = NULL == $input['post_name'] ? $input['post_title'] : $input['post_name']; $input['post_name'] = $this->praseUrl($input['post_name']); $post = $postModel->fetchOneByKey($postId); if ($post['post_name'] != $input['post_name'] && ($count = count($postModel->fetchByFieldEqual('post_name', $input['post_name']))) > 0) { $timePre = date("Y-n-j-His", $this->stack['static_var']['time_zone'] + $input["post_time"]); $input['post_name'] = $input['post_name'] . '-' . $timePre; } //自动生成密码 $autoPassword = NULL; if ($input['post_is_hidden'] && NULL == $input['post_password']) { $input['post_password'] = mgCreateRandomString(7); $autoPassword = '******' . $input['post_password'] . '</b>.'; } if (NULL != $input['post_password']) { $input['post_is_hidden'] = 1; } if (!$post) { return false; } if ($post["user_id"] != $this->stack['access']['user_id']) { if ($this->stack['access']['user_group'] <= $this->stack['static_var']['group']['editor']) { unset($input['user_id']); unset($input['post_user_name']); } else { $this->throwException(E_ACCESSDENIED, $this->stack['action']['path']); } } $trackback = mgSendTrackback($url, array("title" => $input['post_title'], "url" => $this->stack['static_var']['index'] . '/archives/' . $postId . '/', "excerpt" => $input['post_content'], "blog_name" => $this->stack['static_var']['blog_name'], "agent" => $this->stack['static_var']['version'])); $categoriesModel = $this->loadModel('categories'); if ($post['category_id'] != $input['category_id'] && !$post['post_is_page'] && !$post['post_is_hidden']) { $categoriesModel->decreaseFieldByKey($post['category_id'], 'category_count'); } if ($post['category_id'] != $input['category_id'] && !$input['post_is_page'] && !$input['post_is_hidden']) { $categoriesModel->increaseFieldByKey($input['category_id'], 'category_count'); } $updated = $postModel->updateByKey($postId, $input); $tagsModel = $this->loadModel('tags'); if (NULL !== $post['post_tags']) { $tagsModel->deleteTagsByPostId($postId); $tags = $tagsModel->getTags($post['post_tags']); $deleteTags = array(); foreach ($tags as $key => $val) { $tagsModel->decreaseFieldByKey($key, 'tag_count'); //删除空tag $finalTag = $tagsModel->fetchOneByKey($key); if ($finalTag['tag_count'] <= 0) { $deleteTags[] = $key; } } $tagsModel->deleteByKeys($deleteTags); } if (NULL !== $post['post_tags']) { $tagsModel->insertTags($postId, $input['post_tags']); $tags = $tagsModel->getTags($input['post_tags']); foreach ($tags as $key => $val) { $tagsModel->increaseFieldByKey($key, 'tag_count'); } } $this->result['open'] = true; $this->result['trackback'] = $trackback; $this->result['time'] = date("H点i分", $input['post_edit_time']); $this->result['word'] = '文章 "' . $post['post_title'] . '" 已经被更新' . $autoPassword; return $updated; }