public function user() { $saveTime = Config::getConfig('save_account_time') + Config::getConfig('max_remember_time') * 2; $saveDay = $saveTime / 86400; $sql = "SELECT `u`.`uid`, `s`.`name` FROM `user` `u`\n LEFT JOIN `student` `s` ON `s`.`sid` = `u`.`uid`\n WHERE `u`.`rank` < ?\n AND DATE_SUB(CURDATE(), INTERVAL {$saveDay} DAY) >= DATE(`u`.`lastTime`)"; if (!($users = Mysql::execute($sql, array(Config::RANK_ADMIN)))) { return; } //删除微信及Token $names = array(); $cache = new Cache('auth'); foreach ($users as $user) { $names[] = $user['name']; Wechat::deleteUser($user['uid']); $tokens = $cache->smembers($user['uid']); foreach ($tokens as $token) { $cache->hdelete('token', $token); } $cache->delete($user['uid']); } //从数据库中删除 $sql = "DELETE FROM `user` WHERE `rank` < ?\n AND DATE_SUB(CURDATE(), INTERVAL {$saveDay} DAY) >= DATE(`lastTime`)"; Mysql::execute($sql, array(Config::RANK_ADMIN)); return '删除用户' . implode('、', $names); }
public function update() { $oldPasswd = \Hnust\input('oldPasswd'); $newPasswd = \Hnust\input('newPasswd'); $mail = \Hnust\input('mail'); $phone = \Hnust\input('phone'); //修改密码 if (!empty($oldPasswd) && !empty($newPasswd)) { //验证旧密码 $sql = 'SELECT * FROM `user` WHERE `uid` = ? AND `passwd` = ? LIMIT 1'; $result = Mysql::execute($sql, array($this->uid, \Hnust\passwdEncrypt($this->uid, $oldPasswd))); //原密码错误 if (empty($result)) { //错误次数加1 $sql = 'UPDATE `user` SET `error` = (`error` + 1) WHERE `uid` = ? LIMIT 1'; Mysql::execute($sql, array($this->uid)); $this->code = Config::RETURN_ALERT; $this->msg = '原密码错误'; return false; } //检查弱密码 $sql = 'SELECT COUNT(*) `count` FROM `weak` WHERE `md5` = ? LIMIT 1'; $result = Mysql::execute($sql, array($newPasswd)); if ('0' != $result[0]['count']) { $this->code = Config::RETURN_ALERT; $this->msg = '您的密码过于简单'; return false; } //修改密码 $sql = 'UPDATE `user` SET `passwd` = ?, `error` = 0 WHERE `uid` = ?'; Mysql::execute($sql, array(\Hnust\passwdEncrypt($this->uid, $newPasswd), $this->uid)); //删除其他登陆设备 $tokens = $this->authCache->smembers($this->uid); foreach ($tokens as $token) { if ($token === $this->token) { continue; } $this->authCache->hdelete('token', $token); $this->authCache->sdelete($this->uid, $token); } $this->data = '修改成功,请牢记您的密码'; } //修改其他数据 $sql = "UPDATE `user` `u`,`student` `s`\n SET `s`.`mail` = IF(? = '', `s`.`mail`, ?),\n `s`.`phone` = IF(length(?) <> 11, `s`.`phone`, ?)\n WHERE `s`.`sid` = `u`.`uid` AND `u`.`uid` = ?"; Mysql::execute($sql, array($mail, $mail, $phone, $phone, $this->uid)); Wechat::updateUser($this->uid); $this->msg = '系统提示'; $this->data = empty($this->data) ? '已保存您的修改' : $this->data; $this->code = Config::RETURN_CONFIRM; return true; }
public static function wechat($uid, $type, $data) { return Wechat::sendMsg($uid, $type, $data); }
public function follow() { $info = Wechat::getUser($this->uid, false); if (!empty($info) && is_array($info)) { $wid = empty($info['weixinid']) ? '' : $info['weixinid']; $status = empty($info['status']) ? -1 : $info['status']; $sql = "INSERT INTO `weixin`(`uid`, `wid`, `status`) VALUES(?, ?, ?)\n ON DUPLICATE KEY UPDATE `wid` = IF(? = '', `wid`, ?), `status` = ?"; $sqlArr = array($this->uid, $wid, $status, $wid, $wid, $status); Mysql::execute($sql, $sqlArr); } }
public function user() { $type = \Hnust\input('type'); $uid = \Hnust\input('uid'); //添加用户 if ('add' === $type) { $rank = \Hnust\input('rank'); $sql = "SELECT * FROM\n (SELECT COUNT(*) `user` FROM `user` WHERE `uid` = ?) `a` ,\n (SELECT COUNT(*) `student` FROM `student` WHERE `sid` = ?) `b`"; $result = Mysql::execute($sql, array($uid, $uid)); if (empty($result)) { return $this->msg = '添加失败'; } elseif ($result[0]['user'] > 0) { return $this->msg = '添加失败,用户已存在'; } elseif ($result[0]['student'] <= 0) { return $this->msg = '添加失败,未找到对应学号'; } $randPasswd = \Hnust\randStr(6); $passwd = \Hnust\passwdEncrypt($uid, md5($randPasswd)); //选取与数据库不重复的ApiToken do { $apiToken = \Hnust\randStr(32); $sql = 'SELECT COUNT(*) `count` FROM `user` WHERE `apiToken` = ? '; $result = Mysql::execute($sql, array($apiToken)); } while ('0' != $result[0]['count']); //添加新用户 $sql = "INSERT INTO `user`(\n `uid`, `inviter`, `passwd`, `apiToken`,\n `lastTime`, `regTime`, `rank`\n ) VALUES (?, ?, ?, ?, NOW(), NOW(), ?)"; $sqlArr = array($uid, $this->uid, $passwd, $apiToken, $rank); if (Mysql::execute($sql, $sqlArr)) { $push = new \Hnust\Analyse\Push(); $push->add($uid, 1, '系统安全提示:', '您的密码过弱,请立即修改密码!', '#/user'); $this->msg = '成功添加网站用户'; $this->data = "新用户 {$uid} 的密码为 {$randPasswd}"; \Hnust\Utils\Wechat::createUser($uid); } else { $this->msg = '添加失败,数据库有误'; } //解锁用户 } elseif ('unlock' === $type) { $sql = 'UPDATE `user` SET `error` = 0 WHERE `uid` = ? LIMIT 1'; Mysql::execute($sql, array($uid)); $this->code = Config::RETURN_NORMAL; //修改用户权限 } elseif ('change' === $type) { $rank = \Hnust\input('rank'); if ($this->uid == $uid) { return $this->msg = '不能修改自己的权限'; } $sql = 'UPDATE `user` SET `rank` = ? WHERE `uid` = ? LIMIT 1'; Mysql::execute($sql, array($rank, $uid)); $this->code = Config::RETURN_NORMAL; //重置用户密码 } elseif ('reset' === $type) { $randPasswd = \Hnust\randStr(6); $passwd = \Hnust\passwdEncrypt($uid, md5($randPasswd)); $sql = 'UPDATE `user` SET `passwd` = ?, `error` = 0 WHERE `uid` = ? LIMIT 1'; Mysql::execute($sql, array($passwd, $uid)); $this->msg = '重置密码成功'; $this->data = "已成功重置用户密码为{$randPasswd}"; //删除用户 } elseif ('delete' === $type) { if ($uid == $this->uid) { return $this->msg = '不能删除自己'; } $sql = 'DELETE FROM `user` WHERE `uid` = ? LIMIT 1'; Mysql::execute($sql, array($uid)); \Hnust\Utils\Wechat::deleteUser($uid); $this->msg = '删除成功'; //获取用户列表 } else { $sql = "SELECT `u`.`uid`, `s1`.`name`, `s2`.`name` `inviter`,\n `u`.`webCount`, `u`.`wxCount`, `u`.`apiCount`,\n `u`.`error`, `u`.`rank`, `u`.`lastTime`, `u`.`regTime`,\n `wx`.`wid`, `wx`.`status` `wxStatus`,\n IF(`wx`.`time` IS NULL, '', `wx`.`time`) `wxTime`\n FROM `user` `u`\n LEFT JOIN `student` `s1` ON `s1`.`sid` = `u`.`uid`\n LEFT JOIN `student` `s2` ON `s2`.`sid` = `u`.`inviter`\n LEFT JOIN `weixin` `wx` ON `wx`.`uid` = `u`.`uid`"; $this->data = Mysql::execute($sql); //计算用户状态 $maxError = Config::getConfig('max_passwd_error'); for ($i = 0; $i < count($this->data); $i++) { $this->data[$i]['count'] = $this->data[$i]['webCount'] + $this->data[$i]['wxCount'] + $this->data[$i]['apiCount']; if ('0' == $this->data[$i]['error']) { $this->data[$i]['state'] = '正常'; } elseif ($maxError == $this->data[$i]['error']) { $this->data[$i]['state'] = '冻结'; } else { $this->data[$i]['state'] = "{$this->data[$i]['error']}次错误"; } } } }