public static function hasLogin()
{
$cookieUid = Typecho_Cookie::get('__typecho_uid');
if (null !== $cookieUid) {
$db = Typecho_Db::get();
$user = $db->fetchRow($db->select()->from('table.users')->where('uid = ?', intval($cookieUid))->limit(1));
$cookieAuthCode = Typecho_Cookie::get('__typecho_authCode');
if ($user && Typecho_Common::hashValidate($user['authCode'], $cookieAuthCode)) {
return true;
}
Typecho_Cookie::delete('__typecho_uid');
Typecho_Cookie::delete('__typecho_authCode');
}
return false;
}
/**
* 构造方法
*
* @access public
* @var void
*/
public function __construct($request, $response, $params = NULL)
{
parent::__construct($request, $response, $params);
/* 获取插件配置 */
$options = parent::widget('Widget_Options');
$this->_config = $options->plugin('Remix');
/* 初始服务标识 */
if (isset($request->serve) && !empty($request->serve)) {
static::$serve = $request->filter('strip_tags', 'trim', 'xss')->serve;
} else {
static::$serve = 'xiami';
}
/* 判断来路 */
$siteParts = parse_url($options->siteUrl);
$refParts = parse_url($request->getReferer());
$hash = $request->getServer('HTTP_REMIX_HASH');
if (!$request->isAjax() || $siteParts['host'] != $refParts['host'] || !Typecho_Common::hashValidate($this->_config->hash, $hash)) {
throw new Typecho_Widget_Exception(_t('Bad Request!'), 403);
}
}
/**
* 判断用户是否已经登录
*
* @access public
* @return boolean
*/
public function hasLogin()
{
if (NULL !== $this->_hasLogin) {
return $this->_hasLogin;
} else {
$cookieUid = Typecho_Cookie::get('__typecho_uid');
if (NULL !== $cookieUid) {
/** 验证登陆 */
$user = $this->db->fetchRow($this->db->select()->from('table.users')->where('uid = ?', intval($cookieUid))->limit(1));
$cookieAuthCode = Typecho_Cookie::get('__typecho_authCode');
if ($user && Typecho_Common::hashValidate($user['authCode'], $cookieAuthCode)) {
$this->_user = $user;
return $this->_hasLogin = true;
}
$this->logout();
}
return $this->_hasLogin = false;
}
}
/**
* 重置密码
*
* @access public
* @return void
*/
public function doReset()
{
/* 验证token */
$token = $this->request->filter('strip_tags', 'trim', 'xss')->token;
list($uid, $hashValidate, $timeStamp) = explode('.', base64_decode($token));
$currentTimeStamp = $this->options->gmtTime;
/* 检查链接时效 */
if ($currentTimeStamp - $timeStamp > 3600) {
// 链接失效, 返回登录页
$this->notice->set(_t('该链接已失效, 请重新获取'), 'notice');
$this->response->redirect($this->options->loginUrl);
}
$db = Typecho_Db::get();
$user = $db->fetchRow($db->select()->from('table.users')->where('uid = ?', $uid));
$hashString = $user['name'] . $user['mail'] . $user['password'];
$hashValidate = Typecho_Common::hashValidate($hashString, $hashValidate);
if (!$hashValidate) {
// token错误, 返回登录页
$this->notice->set(_t('该链接已失效, 请重新获取'), 'notice');
$this->response->redirect($this->options->loginUrl);
}
require_once 'theme/reset.php';
/* 重置密码 */
if ($this->request->isPost()) {
/* 验证表单 */
if ($error = $this->resetForm()->validate()) {
$this->notice->set($error, 'error');
return false;
}
$hasher = new PasswordHash(8, true);
$password = $hasher->HashPassword($this->request->password);
$update = $db->query($db->update('table.users')->rows(array('password' => $password))->where('uid = ?', $user['uid']));
if (!$update) {
$this->notice->set(_t('重置密码失败'), 'error');
}
$this->notice->set(_t('重置密码成功'), 'success');
$this->response->redirect($this->options->loginUrl);
}
}
/**
* 判断用户是否已经登录
*
* @access public
* @return void
*/
public function hasLogin()
{
if (NULL !== $this->_hasLogin) {
return $this->_hasLogin;
} else {
if (NULL !== $this->request->__typecho_uid) {
/** 验证登陆 */
$user = $this->db->fetchRow($this->db->select()->from('table.users')->where('uid = ?', intval($this->request->__typecho_uid))->limit(1));
//var_dump(Typecho_Common::hashValidate($user['authCode'], $this->request->__typecho_authCode));
//die;
if ($user && Typecho_Common::hashValidate($user['authCode'], $this->request->__typecho_authCode)) {
$this->_user = $user;
return $this->_hasLogin = true;
}
$this->logout();
}
return $this->_hasLogin = false;
}
}
