PHP Arbac::saveAccessList Examples

Example #1

File: UserAction.class.php Project: wjgjb1109/huicms

 /**
  * 用户登陆操作
  * @author Terry <*****@*****.**>
  * @date 2013-3-23
  */
 public function doLogin()
 {
     $ary_post = $this->_post();
     $code = D('Config')->getCfgByModule('CODE_SET');
     if (empty($ary_post['username'])) {
         $this->error(L('PlEASE_USERNAME'));
     } else {
         if (empty($ary_post['passwd'])) {
             $this->error(L('PlEASE_PASSWD'));
         }
     }
     if (!empty($code['BALOGIN']) && $code['BALOGIN'] == '1') {
         if (empty($ary_post['code']) || trim($ary_post['code']) == "验证码") {
             $this->error(L('PlEASE_CODE'));
         }
     }
     //生成认证条件
     $map = array();
     // 支持使用绑定帐号登录
     $map['u_name'] = $ary_post['username'];
     $map["u_status"] = array('gt', 0);
     $verify = session("code");
     if (!empty($code['BALOGIN']) && $code['BALOGIN'] == '1') {
         if ($verify != md5($ary_post['code'])) {
             $this->error(L('CODE_ERROR'));
         }
     }
     $admin_access = D('Config')->getCfgByModule('ADMIN_ACCESS');
     $exitTime = $admin_access['EXPIRED_TIME'];
     $rbac = new Arbac();
     import('ORG.Util.Session');
     $auth_info = $rbac->authenticate($map);
     if (empty($auth_info)) {
         $this->error(L('ACCOUNT_EXIT_DISABLED'));
     } else {
         if ($auth_info['u_passwd'] != md5($ary_post['passwd'])) {
             $this->error(L('PASSWD_ERROR'));
         }
         Session::setExpire(time() + $exitTime * 60);
         $_SESSION[C('USER_AUTH_KEY')] = $auth_info['u_id'];
         $_SESSION['admin_name'] = $auth_info['u_name'];
         $_SESSION['pic'] = $auth_info['u_photo'];
         $_SESSION['last_time'] = $auth_info['u_lastlogin_time'];
         $_SESSION['u_countlog'] = $auth_info['u_countlog'];
         if ($auth_info['u_name'] == $admin_access['SYS_ADMIN']) {
             $_SESSION[C('ADMIN_AUTH_KEY')] = true;
         }
         //保存登录信息
         $admin = M(C('USER_AUTH_MODEL'));
         $ip = get_client_ip();
         $time = date("Y-m-d H:i:s");
         $data = array();
         $data['u_lastlogin_time'] = $time;
         $data['u_countlog'] = array('exp', 'u_countlog + 1');
         $data['u_ip'] = $ip;
         $_SESSION['ip'] = $ip;
         $admin->where(array('u_name' => $ary_post['username']))->save($data);
         // 缓存访问权限
         $rbac->saveAccessList();
         $ary_data = array();
         $admin_log = M("AdminLog");
         $ary_data['u_id'] = $auth_info['u_id'];
         $ary_data['u_name'] = $auth_info['u_name'];
         $ary_data['log_ip'] = $ip;
         $ary_data['log_create'] = $time;
         $admin_log->add($ary_data);
         //将菜单控制台写入COOKIE
         $rolenav = M('RoleNav')->field('id')->where(array('name' => '控制台'))->find();
         cookie("nav_id", $rolenav['id']);
         $this->success(L('LOGIN_SUCCESS'));
     }
 }

Example #2

File: Arbac.class.php Project: wjgjb1109/huicms

 public static function checkLogin()
 {
     //检查当前操作是否需要认证
     if (Arbac::checkAccess()) {
         //检查认证识别号
         if (!$_SESSION[C('USER_AUTH_KEY')]) {
             if (C('GUEST_AUTH_ON')) {
                 // 开启游客授权访问
                 if (!isset($_SESSION['_ACCESS_LIST'])) {
                     // 保存游客权限
                     Arbac::saveAccessList(C('GUEST_AUTH_ID'));
                 }
             } else {
                 // 禁止游客访问跳转到认证网关
                 redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
             }
         }
     }
     return true;
 }