public function actionLogout()
{
alog(at("User logged out."));
AdminUser::model()->deleteAll('userid=:id', array(':id' => Yii::app()->user->id));
Yii::app()->user->logout();
fok(at('Thank You! You are now logged out.'));
$this->redirect(array('/login'));
}
public function authenticate()
{
if ($this->userType == 'Front') {
$record = User::model()->findByAttributes(array('username' => $this->username));
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($record->password !== $this->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $record->userId;
$this->setState('name', $record->firstName . ' ' . $record->lastName);
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
if ($this->userType == 'Back') {
$record = AdminUser::model()->findByAttributes(array('email' => $this->username));
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($record->password !== base64_encode($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->setState('isAdmin', 1);
$this->_id = $record->userId;
$this->setState('name', $record->name);
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
}
/**
* Logout action
*/
public function actionLogout()
{
// Log Message
alog(at("User logged out."));
// Delete records for this users from admin logged in
AdminUser::model()->deleteAll('userid=:id', array(':id' => Yii::app()->user->id));
Yii::app()->user->logout();
fok(at('Thank You! You are now logged out.'));
$this->redirect(array('/admin/login'));
}
/**
* 取用户被授权的所有动作
* @param type $userId
*/
public function getAuthAssignments($userId)
{
if (empty($userId)) {
return false;
}
$admin = AdminUser::model()->findByPk($userId);
$actions = $admin->role->actions;
if ($actions == '*') {
return '*';
}
return explode(',', $actions);
}
public function init()
{
// Login required
if (Yii::app()->getController()->id != 'login') {
$returnUrl = Yii::app()->request->getUrl();
if (strpos($returnUrl, '/admin') === false) {
$returnUrl = array('/admin');
}
Yii::app()->user->setReturnUrl($returnUrl);
}
// Make sure we have access
if (!Yii::app()->user->id || !checkAccess('admin')) {
// Do we need to login
if (!Yii::app()->user->id && Yii::app()->getController()->id != 'login') {
$this->redirect(array('/admin/login'));
}
// Make sure we are not in login page
if (Yii::app()->getController()->id != 'login') {
throw new CHttpException(at('Sorry, You are not allowed to enter this section.'));
}
}
// Make sure we have a valid admin user record
if (Yii::app()->getController()->id != 'login' && Yii::app()->user->id && !AdminUser::model()->exists('userid=:id', array(':id' => Yii::app()->user->id))) {
Yii::app()->user->logout();
ferror(at('Your session expired. Please login.'));
$this->redirect(array('/admin/login'));
}
// Check if we haven't clicked more then X amount of time
$maxIdleTime = 60 * 60 * getParam('admin_logged_in_time', 5);
// 5 hour default
// Were we using an old session
if (Yii::app()->getController()->id != 'login' && time() - $maxIdleTime > Yii::app()->session['admin_clicked']) {
// Loguser out and redirect to login
AdminUser::model()->deleteAll('userid=:id', array(':id' => Yii::app()->user->id));
Yii::app()->user->logout();
ferror(at('Your session expired. Please login.'));
$this->redirect(array('/admin/login'));
}
// Delete old records
AdminUser::model()->deleteAll('lastclick_time < :time', array(':time' => time() - $maxIdleTime));
// Update only if this is not an ajax request
if (!request()->isAjaxRequest) {
// Update record info
Yii::app()->session['admin_clicked'] = time();
AdminUser::model()->updateAll(array('lastclick_time' => time(), 'location' => Yii::app()->getController()->id), 'userid=:id', array(':id' => Yii::app()->user->id));
}
// Add Breadcrumb
$this->addBreadCrumb(at('Dashboard'), array('index/index'));
parent::init();
}
/**
* Authenticates a user.
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = AdminUser::model()->find('LOWER(username)=?', array(strtolower($this->username)));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (!$user->validatePassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user->id;
$this->username = $user->username;
$this->errorCode = self::ERROR_NONE;
}
}
return $this->errorCode == self::ERROR_NONE;
}
/**
* 锁屏
*/
public function actionLock()
{
$user = Yii::app()->user;
$userInfo = $user->getState('userInfo');
if ($_POST) {
$inputpwd = $_POST['passwd'];
$n = $user->getState("userInfo");
if (AdminUser::model()->encrypt($inputpwd) == $n['password']) {
$user->setState('lock', false);
$this->redirect(Yii::app()->createUrl('adminis/default/index'));
}
}
$user->setState('lock', true);
// var_dump($_SESSION);
$this->renderpartial("lock", array('userInfo' => $userInfo));
}
public function actionDelete(array $ids)
{
foreach ($ids as $id) {
$model = AdminUserGroup::model()->findByPk($id);
if (is_null($model)) {
errorHandler()->log(Yii::t('AdminUserGroup.Api', 'Admin User Group not found.'));
continue;
}
if (AdminUser::model()->count('user_group_id=:groupId', array(':groupId' => $model->id)) > 0) {
errorHandler()->log(Yii::t('AdminUserGroup.Api', 'This group has user. Cannot delete.'));
continue;
}
$model->delete();
}
return $this->result;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = AdminUser::model()->find(array('condition' => 'login = :l', 'params' => array(':l' => $this->username)));
if (!$user) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($this->isPasswordValid($user)) {
$this->user = $user;
$this->errorCode = self::ERROR_NONE;
} else {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
}
}
// $this->errorCode = self::ERROR_NONE;
return !$this->errorCode;
}
/**
* ajax修改密码
*/
public function actionAjaxUpdatePasswd()
{
$model = $this->loadModel();
if (AdminUser::model()->encrypt($_POST['oldPasswd']) != $model->attributes['password']) {
$result = array('class' => 'alert-warning', 'title' => '失败', 'msg' => '原密码不正确');
} elseif ($_POST['newPasswd'] != $_POST['repPasswd']) {
$result = array('class' => 'alert-warning', 'title' => '失败', 'msg' => '两次输入密码不一致');
} else {
$model->attributes = array('password' => AdminUser::model()->encrypt($_POST['repPasswd']));
if ($model->save()) {
$this->updateUserInfo();
$result = array('class' => 'alert-success', 'title' => '成功', 'msg' => "修改密码成功,请牢记新密码");
} else {
$result = array('class' => 'alert-danger', 'title' => '失败', 'msg' => "修改密码失败");
}
}
$this->renderPartial("message", array('msg' => $result));
}
/**
* Authenticates a user.
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
// 获取用户信息
$user = AdminUser::getUserInfoByName($this->username);
if ($user === false) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (!$user->validatePassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->user_id = $user->id;
$this->user_name = $user->username;
Yii::app()->user->setState('user_id', $this->user_id);
Yii::app()->user->setState('user_name', $this->user_name);
// 更新用户最后登陆时间
AdminUser::model()->updateByPk($user->id, array('last_time' => time(), 'last_ip' => Yii::app()->request->userHostAddress));
}
return $this->errorCode = self::ERROR_NONE;
}
public function authenticate()
{
$username = strtolower($this->username);
$adminUser = AdminUser::model()->find('username = :username and password = :password', array(':username' => $username, ':password' => AdminUser::model()->encrypt($this->password)));
if ($username === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (!$adminUser) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} elseif ($adminUser->attributes['disable'] == 1) {
//用户账户
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $adminUser->id;
$this->username = $adminUser->username;
$this->errorCode = self::ERROR_NONE;
}
return $this->errorCode === self::ERROR_NONE;
}
public function authenticate()
{
if ($this->userType == 'Front') {
// check if login details exists in database
$userType = Yii::app()->user->getState("user_type");
$user = User::model()->findByAttributes(array('email_id' => CHtml::encode($this->username), 'user_type' => $userType));
Yii::app()->user->setState("user_type", null);
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user->password !== md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->setState('user_id', $user->user_id);
//$this->setState('name', $user->first_name.' '.$user->last_name);
//$this->setState('userType', $user->user_type);
$this->errorCode = self::ERROR_NONE;
$this->setUser($user);
}
}
unset($user);
return !$this->errorCode;
}
if ($this->userType == 'admin') {
// check if login details exists in database
$record = AdminUser::model()->findByAttributes(array('email' => $this->username));
// here I use Email as user name which comes from database
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($record->password !== $this->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->setState('isAdmin', 1);
$this->setState('userId', $record->userId);
$this->setState('name', $record->firstName . ' ' . $record->lastName);
$this->setUser($record);
$this->errorCode = self::ERROR_NONE;
}
}
unset($record);
return !$this->errorCode;
}
}
/**
* Authenticates username and password
* @return boolean CUserIdentity::ERROR_NONE if successful authentication
*/
public function authenticate()
{
$attribute = strpos($this->username, '@') ? 'email' : 'username';
$user = AdminUser::model()->find(array('condition' => $attribute . '=:loginname', 'params' => array(':loginname' => $this->username)));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (!$user->verifyPassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$user->regenerateValidationKey();
$this->_id = $user->id;
$this->username = $user->username;
$this->setState('vkey', $user->validation_key);
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = AdminUser::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
public function uniquename()
{
if (!$this->hasErrors('UserName')) {
if ($_GET['id']) {
$user = AdminUser::model()->find('UserName=:name and ID <> :id', array(':name' => $_POST['AdminUser']['UserName'], 'id' => $_GET['id']));
} else {
$user = AdminUser::model()->find('UserName=:name ', array(':name' => $_POST['AdminUser']['UserName']));
}
if ($user) {
$this->addError('UserName', '该会员名已存在');
}
}
}
public function totalLoggedIn()
{
return AdminUser::model()->count();
}
public function actionChangeStatus(array $ids, $value = 0)
{
$criteria = new CDbCriteria();
$criteria->addInCondition('id', $ids);
AdminUser::model()->updateAll(array('status' => $value), $criteria);
}
public function actionForgot()
{
$forgot_flag = 0;
if (isset($_POST['Lupa']['email'])) {
//if(isset($_POST['Lupa']['email'])){
$getEmail = $_POST['Lupa']['email'];
$getModel = User::model()->findByAttributes(array('email_id' => $getEmail));
if ($getModel) {
$admin = AdminUser::model()->findByAttributes(array('isAdmin' => 1));
$getToken = rand(0, 99999);
$getTime = date("H:i:s");
$getModel->token = md5($getToken . $getTime);
$namaPengirim = "utopeen Admin";
$emailadmin = $admin->email;
//"indresh.pathak@utopeen";
$subjek = "Utopeen Account Password Reset";
$setpesan = "Hi " . $getModel->first_name . ",<br/> You recently requested a password reset.<br/> To change you anhalyzer password,\n <a href='http://www.utopeen.com/product/index.php/site/vertoken/token/" . $getModel->token . "'>click here</a> or paste the following link into your browser: <a href='http://www.utopeen.com/product/index.php/site/vertoken/token/" . $getModel->token . "'>http://www.utopeen.com/product/index.php/site/vertoken/token/" . $getModel->token . "</a>";
/* READ MI:
* khusus seng link ndek nduwur kui ganti en karo alamat website mu his.
* contoh e:
<a href='http://www.jsource-indonesia.co.id/index.php?r=site/vertoken/view&token=".$getModel->token."'>Klik Untuk Reset Password</a>
* utowo lek awk mu modifikasi urlManager ndek config/main.php
* gantien koyok ngene
* <a href='http://www.jsource-indonesia.co.id/index.php/site/vertoken/token/".$getModel->token."'>Klik Untuk Reset Password</a>
*/
if ($getModel->validate()) {
$name = '=?UTF-8?B?' . base64_encode($namaPengirim) . '?=';
$subject = '=?UTF-8?B?' . base64_encode($subjek) . '?=';
$headers = "From: {$name} <{$emailadmin}>\r\n" . "Reply-To: {$emailadmin}\r\n" . "MIME-Version: 1.0\r\n" . "Content-type: text/html; charset=UTF-8";
if ($getModel->save()) {
//var_dump($getModel);die();
$forgot_flag = 1;
mail($getEmail, $subject, $setpesan, $headers);
//var_dump($getModel);die();
//$this->refresh();
// $this->redirect('forgot',array('flag'=>$forgot_flag));
}
//Yii::app()->user->setFlash('forgot','Link Untuk merubah password telah kami kirim ke email anda');
}
} else {
$forgot_flag = 2;
// $return=array('emailExist'=>'1');
// $this->layout=false;
// header('Content-type: application/json');
// echo CJSON::encode($return);//$return;
// Yii::app()->end();
}
}
$this->render('forgot', array('flag' => $forgot_flag));
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer $id the ID of the model to be loaded
* @return AdminUser the loaded model
* @throws CHttpException
*/
public function loadModel($id)
{
$model = AdminUser::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'QAQ 没有找到资源唉。。。');
}
return $model;
}
<section class="grid_12">
<div class="ui_tabs">
<ul>
<li><a href="#tabs-1"><?php
echo at('Staff Messages');
?>
</a></li>
<li><a href="#tabs-2"><?php
echo at('Admin Logged In ({total})', array('{total}' => AdminUser::model()->totalLoggedIn()));
?>
</a></li>
<li><a href="#tabs-3"><?php
echo at('Admin Login History');
?>
</a></li>
<li><a href="#tabs-4"><?php
echo at('Admin Latest Logs');
?>
</a></li>
</ul>
<div id="tabs-1">
<div class="inside">
<?php
echo CHtml::beginForm('', 'post', array('class' => 'formee'));
?>
<div class="in">
<?php
bp('staff message');
?>
<?php
Yii::app()->customEditor->getEditor(array('name' => 'dashboard_staff_message', 'value' => getParam('dashboard_staff_message')));
/**
* 批量禁用用户
* @param array $ids 用户ID数组
* @param string $callback jsonp回调函数,自动赋值
*/
public function actionMultiForbidden($callback)
{
$ids = (array) request()->getPost('ids');
$successIds = $failedIds = array();
$attributes = array('state' => USER_STATE_FORBIDDEN);
foreach ($ids as $id) {
$result = AdminUser::model()->updateByPk($id, $attributes);
if ($result) {
$successIds[] = $id;
} else {
$failedIds[] = $id;
}
}
$data = array('success' => $successIds, 'failed' => $failedIds, 'label' => t('user_forbidden', 'admin'));
BetaBase::jsonp($callback, $data);
}