public function user()
{
$saveTime = Config::getConfig('save_account_time') + Config::getConfig('max_remember_time') * 2;
$saveDay = $saveTime / 86400;
$sql = "SELECT `u`.`uid`, `s`.`name` FROM `user` `u`\n LEFT JOIN `student` `s` ON `s`.`sid` = `u`.`uid`\n WHERE `u`.`rank` < ?\n AND DATE_SUB(CURDATE(), INTERVAL {$saveDay} DAY) >= DATE(`u`.`lastTime`)";
if (!($users = Mysql::execute($sql, array(Config::RANK_ADMIN)))) {
return;
}
//删除微信及Token
$names = array();
$cache = new Cache('auth');
foreach ($users as $user) {
$names[] = $user['name'];
Wechat::deleteUser($user['uid']);
$tokens = $cache->smembers($user['uid']);
foreach ($tokens as $token) {
$cache->hdelete('token', $token);
}
$cache->delete($user['uid']);
}
//从数据库中删除
$sql = "DELETE FROM `user` WHERE `rank` < ?\n AND DATE_SUB(CURDATE(), INTERVAL {$saveDay} DAY) >= DATE(`lastTime`)";
Mysql::execute($sql, array(Config::RANK_ADMIN));
return '删除用户' . implode('、', $names);
}
public function update()
{
$oldPasswd = \Hnust\input('oldPasswd');
$newPasswd = \Hnust\input('newPasswd');
$mail = \Hnust\input('mail');
$phone = \Hnust\input('phone');
//修改密码
if (!empty($oldPasswd) && !empty($newPasswd)) {
//验证旧密码
$sql = 'SELECT * FROM `user` WHERE `uid` = ? AND `passwd` = ? LIMIT 1';
$result = Mysql::execute($sql, array($this->uid, \Hnust\passwdEncrypt($this->uid, $oldPasswd)));
//原密码错误
if (empty($result)) {
//错误次数加1
$sql = 'UPDATE `user` SET `error` = (`error` + 1) WHERE `uid` = ? LIMIT 1';
Mysql::execute($sql, array($this->uid));
$this->code = Config::RETURN_ALERT;
$this->msg = '原密码错误';
return false;
}
//检查弱密码
$sql = 'SELECT COUNT(*) `count` FROM `weak` WHERE `md5` = ? LIMIT 1';
$result = Mysql::execute($sql, array($newPasswd));
if ('0' != $result[0]['count']) {
$this->code = Config::RETURN_ALERT;
$this->msg = '您的密码过于简单';
return false;
}
//修改密码
$sql = 'UPDATE `user` SET `passwd` = ?, `error` = 0 WHERE `uid` = ?';
Mysql::execute($sql, array(\Hnust\passwdEncrypt($this->uid, $newPasswd), $this->uid));
//删除其他登陆设备
$tokens = $this->authCache->smembers($this->uid);
foreach ($tokens as $token) {
if ($token === $this->token) {
continue;
}
$this->authCache->hdelete('token', $token);
$this->authCache->sdelete($this->uid, $token);
}
$this->data = '修改成功,请牢记您的密码';
}
//修改其他数据
$sql = "UPDATE `user` `u`,`student` `s`\n SET `s`.`mail` = IF(? = '', `s`.`mail`, ?),\n `s`.`phone` = IF(length(?) <> 11, `s`.`phone`, ?)\n WHERE `s`.`sid` = `u`.`uid` AND `u`.`uid` = ?";
Mysql::execute($sql, array($mail, $mail, $phone, $phone, $this->uid));
Wechat::updateUser($this->uid);
$this->msg = '系统提示';
$this->data = empty($this->data) ? '已保存您的修改' : $this->data;
$this->code = Config::RETURN_CONFIRM;
return true;
}
public static function wechat($uid, $type, $data)
{
return Wechat::sendMsg($uid, $type, $data);
}
public function follow()
{
$info = Wechat::getUser($this->uid, false);
if (!empty($info) && is_array($info)) {
$wid = empty($info['weixinid']) ? '' : $info['weixinid'];
$status = empty($info['status']) ? -1 : $info['status'];
$sql = "INSERT INTO `weixin`(`uid`, `wid`, `status`) VALUES(?, ?, ?)\n ON DUPLICATE KEY UPDATE `wid` = IF(? = '', `wid`, ?), `status` = ?";
$sqlArr = array($this->uid, $wid, $status, $wid, $wid, $status);
Mysql::execute($sql, $sqlArr);
}
}
public function user()
{
$type = \Hnust\input('type');
$uid = \Hnust\input('uid');
//添加用户
if ('add' === $type) {
$rank = \Hnust\input('rank');
$sql = "SELECT * FROM\n (SELECT COUNT(*) `user` FROM `user` WHERE `uid` = ?) `a` ,\n (SELECT COUNT(*) `student` FROM `student` WHERE `sid` = ?) `b`";
$result = Mysql::execute($sql, array($uid, $uid));
if (empty($result)) {
return $this->msg = '添加失败';
} elseif ($result[0]['user'] > 0) {
return $this->msg = '添加失败,用户已存在';
} elseif ($result[0]['student'] <= 0) {
return $this->msg = '添加失败,未找到对应学号';
}
$randPasswd = \Hnust\randStr(6);
$passwd = \Hnust\passwdEncrypt($uid, md5($randPasswd));
//选取与数据库不重复的ApiToken
do {
$apiToken = \Hnust\randStr(32);
$sql = 'SELECT COUNT(*) `count` FROM `user` WHERE `apiToken` = ? ';
$result = Mysql::execute($sql, array($apiToken));
} while ('0' != $result[0]['count']);
//添加新用户
$sql = "INSERT INTO `user`(\n `uid`, `inviter`, `passwd`, `apiToken`,\n `lastTime`, `regTime`, `rank`\n ) VALUES (?, ?, ?, ?, NOW(), NOW(), ?)";
$sqlArr = array($uid, $this->uid, $passwd, $apiToken, $rank);
if (Mysql::execute($sql, $sqlArr)) {
$push = new \Hnust\Analyse\Push();
$push->add($uid, 1, '系统安全提示:', '您的密码过弱,请立即修改密码!', '#/user');
$this->msg = '成功添加网站用户';
$this->data = "新用户 {$uid} 的密码为 {$randPasswd}";
\Hnust\Utils\Wechat::createUser($uid);
} else {
$this->msg = '添加失败,数据库有误';
}
//解锁用户
} elseif ('unlock' === $type) {
$sql = 'UPDATE `user` SET `error` = 0 WHERE `uid` = ? LIMIT 1';
Mysql::execute($sql, array($uid));
$this->code = Config::RETURN_NORMAL;
//修改用户权限
} elseif ('change' === $type) {
$rank = \Hnust\input('rank');
if ($this->uid == $uid) {
return $this->msg = '不能修改自己的权限';
}
$sql = 'UPDATE `user` SET `rank` = ? WHERE `uid` = ? LIMIT 1';
Mysql::execute($sql, array($rank, $uid));
$this->code = Config::RETURN_NORMAL;
//重置用户密码
} elseif ('reset' === $type) {
$randPasswd = \Hnust\randStr(6);
$passwd = \Hnust\passwdEncrypt($uid, md5($randPasswd));
$sql = 'UPDATE `user` SET `passwd` = ?, `error` = 0 WHERE `uid` = ? LIMIT 1';
Mysql::execute($sql, array($passwd, $uid));
$this->msg = '重置密码成功';
$this->data = "已成功重置用户密码为{$randPasswd}";
//删除用户
} elseif ('delete' === $type) {
if ($uid == $this->uid) {
return $this->msg = '不能删除自己';
}
$sql = 'DELETE FROM `user` WHERE `uid` = ? LIMIT 1';
Mysql::execute($sql, array($uid));
\Hnust\Utils\Wechat::deleteUser($uid);
$this->msg = '删除成功';
//获取用户列表
} else {
$sql = "SELECT `u`.`uid`, `s1`.`name`, `s2`.`name` `inviter`,\n `u`.`webCount`, `u`.`wxCount`, `u`.`apiCount`,\n `u`.`error`, `u`.`rank`, `u`.`lastTime`, `u`.`regTime`,\n `wx`.`wid`, `wx`.`status` `wxStatus`,\n IF(`wx`.`time` IS NULL, '', `wx`.`time`) `wxTime`\n FROM `user` `u`\n LEFT JOIN `student` `s1` ON `s1`.`sid` = `u`.`uid`\n LEFT JOIN `student` `s2` ON `s2`.`sid` = `u`.`inviter`\n LEFT JOIN `weixin` `wx` ON `wx`.`uid` = `u`.`uid`";
$this->data = Mysql::execute($sql);
//计算用户状态
$maxError = Config::getConfig('max_passwd_error');
for ($i = 0; $i < count($this->data); $i++) {
$this->data[$i]['count'] = $this->data[$i]['webCount'] + $this->data[$i]['wxCount'] + $this->data[$i]['apiCount'];
if ('0' == $this->data[$i]['error']) {
$this->data[$i]['state'] = '正常';
} elseif ($maxError == $this->data[$i]['error']) {
$this->data[$i]['state'] = '冻结';
} else {
$this->data[$i]['state'] = "{$this->data[$i]['error']}次错误";
}
}
}
}
