public function loginAction()
{
$userModel = $this->loadModel('users');
$groupModel = $this->loadModel('groups');
$user = $userModel->fetchOne(array('table' => 'table.users', 'where' => array('template' => 'user_name = ? AND user_password = ?', 'value' => array($_POST['username'], md5($_POST['password'])))));
if (NULL == $user) {
$this->result['message_open'] = true;
$this->result['message'] = $this->getLanguage('error', 'login');
} else {
$_SESSION['user_name'] = $user['user_name'];
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_group'] = $user['user_group'];
$_SESSION['auth_data'] = mgCreateRandomString(128);
setcookie('auth_data', $_SESSION['auth_data'], 0, '/');
if (isset($_GET['referer'])) {
header('location: ' . $this->stack['static_var']['index'] . $_GET['referer']);
} else {
if ($user['user_group'] >= $this->stack['static_var']['user_register_group']) {
header('location: ' . $this->stack['static_var']['siteurl']);
} else {
header('location: ' . $this->stack['static_var']['index'] . '/admin/');
}
}
}
}
public function insertUser()
{
$this->requirePost(NULL, false);
$userModel = $this->loadModel('users');
$password = isset($_POST['user_password']) && $_POST['user_password'] ? $_POST['user_password'] : mgCreateRandomString(7);
$insertId = $userModel->insertTable(array('user_name' => $_POST['user_name'], 'user_firstname' => $_POST['user_firstname'], 'user_lastname' => $_POST['user_lastname'], 'user_password' => md5($password), 'user_mail' => $_POST['user_mail'], 'user_url' => $_POST['user_url'], 'user_nick' => $_POST['user_nick'], 'user_about' => $_POST['user_about'], 'user_group' => $_POST['user_group']));
$this->result['open'] = true;
$this->result['word'] = '您的用户 "' . $_POST['user_name'] . '" 已经提交成功' . (isset($_POST['user_password']) && $_POST['user_password'] ? '' : ',密码为<strong>' . $password . '</strong>');
}
public function insertUser()
{
$this->requirePost(NULL, false);
$userModel = $this->loadModel('users');
$password = isset($_POST['user_password']) && $_POST['user_password'] ? $_POST['user_password'] : mgCreateRandomString(7);
$insertId = $userModel->insertTable(array('user_name' => $_POST['user_name'], 'user_password' => md5($password), 'user_mail' => $_POST['user_mail'], 'user_url' => isset($_POST['user_url']) ? $_POST['user_url'] : NULL, 'user_about' => isset($_POST['user_about']) ? $_POST['user_about'] : NULL));
$groupModel = $this->loadModel('groups');
$groupModel->insertUserGroup($insertId, $this->stack['static_var']['user_register_group']);
//发送注册邮件
$this->result['mailer']['subject'] = '"' . $this->stack['static_var']['blog_name'] . '"注册提示';
$this->result['mailer']['body'] = $_POST['user_name'] . ",您好:\r\n欢迎您成为我们网站的用户.\r\n您注册的用户名是'" . $_POST['user_name'] . "',密码是'" . $password . "'\r\n\r\n感谢您的支持! \r\n" . $this->stack['static_var']['siteurl'];
$this->result['mailer']['send_to'] = $_POST['user_mail'];
$this->result['mailer']['send_to_user'] = $_POST['user_name'];
//登录用户
$_SESSION['user_name'] = $_POST['user_name'];
$_SESSION['user_id'] = $insertId;
$_SESSION['user_group'] = array($this->stack['static_var']['user_register_group']);
$_SESSION['auth_data'] = mgCreateRandomString(128);
setcookie('auth_data', $_SESSION['auth_data'], 0, '/');
}
public function updatePost($postInput = NULL, $postId = 0)
{
$input = $postInput ? $postInput : $_POST;
$input['post_is_draft'] = isset($input['post_is_draft']) && $input['post_is_draft'] ? $input['post_is_draft'] : 0;
if ($this->stack['access']['user_group'] > $this->stack['static_var']['group']['editor']) {
$input['post_is_draft'] = 1;
}
$postId = $postId ? $postId : $_GET['post_id'];
if (!$postInput) {
$this->requirePost(NULL, !$input['post_is_draft']);
$this->requireGet('post_id');
}
$url = isset($input['post_trackback']) ? $input['post_trackback'] : NULL;
unset($input["post_trackback"]);
unset($input["post_id"]);
$input['post_title'] = isset($input['post_title']) && $input['post_title'] ? trim($input['post_title']) : ($input['post_is_draft'] ? '无标题文档' : NULL);
$input['post_content'] = isset($input['post_content']) && $input['post_content'] ? $input['post_content'] : NULL;
$input['post_tags'] = isset($input['post_tags']) ? $this->praseTags($input['post_tags']) : NULL;
$input['post_allow_ping'] = isset($input['post_allow_ping']) && $input['post_allow_ping'] ? $input['post_allow_ping'] : 0;
$input['post_allow_comment'] = isset($input['post_allow_comment']) && $input['post_allow_comment'] ? $input['post_allow_comment'] : 0;
$input['post_allow_feed'] = isset($input['post_allow_feed']) && $input['post_allow_feed'] ? $input['post_allow_feed'] : 0;
$input['post_is_hidden'] = isset($input['post_is_hidden']) && $input['post_is_hidden'] ? $input['post_is_hidden'] : 0;
$input['post_is_page'] = isset($input['post_is_page']) && $input['post_is_page'] ? $input['post_is_page'] : 0;
$input['post_is_draft'] = isset($input['post_is_draft']) && $input['post_is_draft'] ? $input['post_is_draft'] : 0;
$input['category_id'] = isset($input['category_id']) && $input['category_id'] ? $input['category_id'] : 0;
if (!isset($input['post_edit_time']) || !$input['post_edit_time']) {
$input['post_edit_time'] = time() - $this->stack['static_var']['server_timezone'];
}
$postModel = $this->loadModel('posts');
//自动生成post_name
$input['post_name'] = NULL == $input['post_name'] ? $input['post_title'] : $input['post_name'];
$input['post_name'] = $this->praseUrl($input['post_name']);
$post = $postModel->fetchOneByKey($postId);
if ($post['post_name'] != $input['post_name'] && ($count = count($postModel->fetchByFieldEqual('post_name', $input['post_name']))) > 0) {
$timePre = date("Y-n-j-His", $this->stack['static_var']['time_zone'] + $input["post_time"]);
$input['post_name'] = $input['post_name'] . '-' . $timePre;
}
//自动生成密码
$autoPassword = NULL;
if ($input['post_is_hidden'] && NULL == $input['post_password']) {
$input['post_password'] = mgCreateRandomString(7);
$autoPassword = '******' . $input['post_password'] . '</b>.';
}
if (NULL != $input['post_password']) {
$input['post_is_hidden'] = 1;
}
if (!$post) {
return false;
}
if ($post["user_id"] != $this->stack['access']['user_id']) {
if ($this->stack['access']['user_group'] <= $this->stack['static_var']['group']['editor']) {
unset($input['user_id']);
unset($input['post_user_name']);
} else {
$this->throwException(E_ACCESSDENIED, $this->stack['action']['path']);
}
}
$trackback = mgSendTrackback($url, array("title" => $input['post_title'], "url" => $this->stack['static_var']['index'] . '/archives/' . $postId . '/', "excerpt" => $input['post_content'], "blog_name" => $this->stack['static_var']['blog_name'], "agent" => $this->stack['static_var']['version']));
$categoriesModel = $this->loadModel('categories');
if ($post['category_id'] != $input['category_id'] && !$post['post_is_page'] && !$post['post_is_hidden']) {
$categoriesModel->decreaseFieldByKey($post['category_id'], 'category_count');
}
if ($post['category_id'] != $input['category_id'] && !$input['post_is_page'] && !$input['post_is_hidden']) {
$categoriesModel->increaseFieldByKey($input['category_id'], 'category_count');
}
$updated = $postModel->updateByKey($postId, $input);
$tagsModel = $this->loadModel('tags');
if (NULL !== $post['post_tags']) {
$tagsModel->deleteTagsByPostId($postId);
$tags = $tagsModel->getTags($post['post_tags']);
$deleteTags = array();
foreach ($tags as $key => $val) {
$tagsModel->decreaseFieldByKey($key, 'tag_count');
//删除空tag
$finalTag = $tagsModel->fetchOneByKey($key);
if ($finalTag['tag_count'] <= 0) {
$deleteTags[] = $key;
}
}
$tagsModel->deleteByKeys($deleteTags);
}
if (NULL !== $post['post_tags']) {
$tagsModel->insertTags($postId, $input['post_tags']);
$tags = $tagsModel->getTags($input['post_tags']);
foreach ($tags as $key => $val) {
$tagsModel->increaseFieldByKey($key, 'tag_count');
}
}
$this->result['open'] = true;
$this->result['trackback'] = $trackback;
$this->result['time'] = date("H点i分", $input['post_edit_time']);
$this->result['word'] = '文章 "' . $post['post_title'] . '" 已经被更新' . $autoPassword;
return $updated;
}
