protected function doLogin($userName, $passWord, $loginType, $account, $autoLogin = 1, $cookieTime = 0, $inajax = 0) { if (!$passWord || $passWord != addslashes($passWord)) { $this->error(Ibos::lang("Passwd illegal")); } $errornum = $this->loginCheck($account); $ip = Ibos::app()->setting->get("clientip"); $identity = new ICUserIdentity($userName, $passWord, $loginType); $result = $identity->authenticate(); if (0 < $result) { $user = Ibos::app()->user; if (empty($autoLogin)) { $user->setState($user::AUTH_TIMEOUT_VAR, TIMESTAMP + $account["timeout"]); } else { MainUtil::setCookie("autologin", 1, $cookieTime); } $user->login($identity, $cookieTime); if ($user->uid != 1) { MainUtil::checkLicenseLimit(true); } if (!$inajax) { $urlForward = EnvUtil::referer(); $log = array("terminal" => "web", "password" => StringUtil::passwordMask($passWord), "ip" => $ip, "user" => $userName, "loginType" => $loginType, "address" => "", "gps" => ""); Log::write($log, "login", sprintf("module.user.%d", $user->uid)); $rule = UserUtil::updateCreditByAction("daylogin", $user->uid); if (!$rule["updateCredit"]) { UserUtil::checkUserGroup($user->uid); } $this->success(Ibos::lang("Login succeed", "", array("{username}" => $user->realname)), $urlForward); } else { $this->ajaxReturn(array("isSuccess" => true)); } } elseif ($result === 0) { $this->error(Ibos::lang("User not fount", "", array("{username}" => $userName)), "", array(), array("error" => $result)); } elseif ($result === -1) { $this->error(Ibos::lang("User lock", "", array("{username}" => $userName)), "", array(), array("error" => $result)); } elseif ($result === -2) { $this->error(Ibos::lang("User disabled", "", array("{username}" => $userName)), "", array(), array("error" => $result)); } elseif ($result === -3) { FailedLogin::model()->updateFailed($ip); list($ip1, $ip2) = explode(".", $ip); $newIp = $ip1 . "." . $ip2; FailedIp::model()->insertIp($newIp); $log = array("user" => $userName, "password" => StringUtil::passwordMask($passWord), "ip" => $ip); Log::write($log, "illegal", "module.user.login"); if ($errornum) { $this->error("登录失败,您还可以尝试" . ($errornum - 1) . "次"); } else { $this->error(Ibos::lang("User name or password is not correct"), "", array(), array("error" => $result)); } } }
public function actionConfirmPost() { if (EnvUtil::submitCheck("formhash")) { $key = EnvUtil::getRequest("key"); $param = WfCommonUtil::param($key, "DECODE"); $runId = intval($param["runid"]); $processId = intval($param["processid"]); $flowId = intval($param["flowid"]); $flowProcess = intval($param["flowprocess"]); $opflag = intval($_POST["opflag"]); $oldUid = intval($_POST["oldUid"]); $this->checkRunAccess($runId); $this->checkEntrustType($flowId); $referer = EnvUtil::referer(); $frp = FlowRunProcess::model()->fetchRunProcess($runId, $processId, $flowProcess, $oldUid); if ($frp) { $parent = $frp["parent"]; $topflag = $frp["topflag"]; } $toid = implode(",", StringUtil::getId($_POST["prcs_other"])); $tempFRP = FlowRunProcess::model()->fetchRunProcess($runId, $processId, $flowProcess, $toid); if (!$tempFRP) { $data = array("runid" => $runId, "processid" => $processId, "uid" => $toid, "flag" => 1, "flowprocess" => $flowProcess, "opflag" => $opflag, "topflag" => $topflag, "parent" => $parent, "createtime" => TIMESTAMP); FlowRunProcess::model()->add($data); } else { if ($tempFRP["opflag"] == 0 && $opflag == 1) { FlowRunProcess::model()->updateAll(array("opflag" => 1, "flag" => 2), sprintf("runid = %d AND processid = %d AND flowprocess = %d AND uid = %d", $runId, $processId, $flowProcess, $toid)); } else { $name = User::model()->fetchRealnameByUid($toid); $this->error(Ibos::lang("Already are opuser", "", array("{name}" => $name)), $referer); } } FlowRunProcess::model()->updateProcessTime($runId, $processId, $flowProcess, $oldUid); FlowRunProcess::model()->updateAll(array("flag" => 4, "opflag" => 0, "delivertime" => TIMESTAMP), "runid = :runid AND processid = :prcsid AND flowprocess = :fp AND uid = :uid", array(":runid" => $runId, ":prcsid" => $processId, ":fp" => $flowProcess, ":uid" => $oldUid)); $toName = User::model()->fetchRealnameByUid($toid); $userName = User::model()->fetchRealnameByUid($oldUid); $content = Ibos::lang("Entrust to desc", "", array("{username}" => $userName, "{toname}" => $toName)); WfCommonUtil::runlog($runId, $processId, $flowProcess, $this->uid, 2, $content, $toid); $message = StringUtil::filterCleanHtml($_POST["message"]); if (!empty($message)) { Notify::model()->sendNotify($toid, "workflow_entrust_notice", array("{message}" => $message)); } $this->redirect($referer); } }
public function actionLogin() { if (!Ibos::app()->user->isGuest) { $return = array("login" => true, "formhash" => FORMHASH, "uid" => Yii::app()->user->uid, "user" => user::model()->fetchByUid(Ibos::app()->user->uid), "APPID" => Ibos::app()->setting->get("setting/iboscloud/appid")); if (EnvUtil::getRequest("issetuser") != "true") { $userData = UserUtil::getUserByPy(); $return["userData"] = $userData; } if (ModuleUtil::getIsEnabled("weibo")) { $udata = UserData::model()->getUserData(); } $return["user"]["following_count"] = isset($udata["following_count"]) ? $udata["following_count"] : 0; $return["user"]["follower_count"] = isset($udata["follower_count"]) ? $udata["follower_count"] : 0; $return["user"]["weibo_count"] = isset($udata["weibo_count"]) ? $udata["weibo_count"] : 0; $this->ajaxReturn($return, "JSONP"); } $account = Ibos::app()->setting->get("setting/account"); $userName = EnvUtil::getRequest("username"); $passWord = EnvUtil::getRequest("password"); $gps = EnvUtil::getRequest("gps"); $address = EnvUtil::getRequest("address"); $ip = Ibos::app()->setting->get("clientip"); $cookieTime = 0; if (!$passWord || $passWord != addslashes($passWord)) { $this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("Passwd illegal", "user.default")), "JSONP"); } $identity = new ICUserIdentity($userName, $passWord); $result = $identity->authenticate(false); if (0 < $result) { $user = Ibos::app()->user; if ($account["allowshare"] != 1) { $user->setStateKeyPrefix(Ibos::app()->setting->get("sid")); } MainUtil::setCookie("autologin", 1, $cookieTime); $user->login($identity, $cookieTime); if ($user->uid != 1) { MainUtil::checkLicenseLimit(true); } $urlForward = EnvUtil::referer(); $log = array("terminal" => "app", "password" => StringUtil::passwordMask($passWord), "ip" => $ip, "user" => $userName, "loginType" => "username", "address" => $address, "gps" => $gps); Log::write($log, "login", sprintf("module.user.%d", Ibos::app()->user->uid)); $return = array("login" => true, "formhash" => EnvUtil::formHash(), "uid" => Ibos::app()->user->uid, "user" => user::model()->fetchByUid(Ibos::app()->user->uid), "APPID" => Ibos::app()->setting->get("setting/iboscloud/appid")); if (ModuleUtil::getIsEnabled("weibo")) { $udata = UserData::model()->getUserData(); } $return["user"]["following_count"] = isset($udata["following_count"]) ? $udata["following_count"] : 0; $return["user"]["follower_count"] = isset($udata["follower_count"]) ? $udata["follower_count"] : 0; $return["user"]["weibo_count"] = isset($udata["weibo_count"]) ? $udata["weibo_count"] : 0; if (EnvUtil::getRequest("issetuser") != "true") { $userData = UserUtil::getUserByPy(); $return["userData"] = $userData; } $this->ajaxReturn($return, "JSONP"); } elseif ($result === 0) { $this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User not fount", "user.default", array("{username}" => $userName))), "JSONP"); } elseif ($result === -1) { $this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User lock", "user.default", array("{username}" => $userName))), "JSONP"); } elseif ($result === -2) { $this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User disabled", "", array("{username}" => $userName))), "JSONP"); } elseif ($result === -3) { $log = array("user" => $userName, "password" => StringUtil::passwordMask($passWord), "ip" => $ip); Log::write($log, "illegal", "module.user.login"); $this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User name or password is not correct", "user.default")), "JSONP"); } }