/**
*
* 强制用户退出,非管理员角色使用需要赋予权限应用的“强制退出”权限 ...
* @param user_id 强制退出用户ID
* @param is_member 是否会员用户
*
*/
public function force_logout_user()
{
$this->verify_content_prms(array('_action' => 'force_logout_user'));
$userId = (int) $this->input['user_id'];
!($userId > 0) && $this->errorOutput(NO_USER_ID);
$isMember = isset($this->input['is_member']) && $this->input['is_member'] ? 1 : 0;
$databasename = '';
$servers = hg_load_login_serv();
if (!$servers || !$isMember) {
$newdb = hg_ConnectDB();
} elseif ($servers && $isMember) {
$server_index = $userId % count($servers);
$server = $servers[$server_index];
if ($server) {
class_exists('db', false) or (include ROOT_PATH . 'lib/db/db_mysql.class.php');
$server['pass'] = hg_encript_str($server['pass'], false);
$newdb = new db();
$newdb->connect($server['host'], $server['user'], $server['pass'], $server['database'], $server['charset'], $server['pconnect']);
$databasename = $server['database'] . '.';
} else {
$newdb = hg_ConnectDB();
}
}
$sql = 'DELETE FROM ' . $databasename . DB_PREFIX . 'user_login WHERE user_id = "' . $userId . '" AND is_member = ' . $isMember;
$redata = array('status' => 0, 'user_id' => $userId, 'is_member' => $isMember, 'copywriting' => 'UserID = ' . $userId . '的TOKEN清除失败');
$query = $newdb->query($sql);
if ($query && $newdb->affected_rows()) {
$redata['status'] = 1;
$redata['copywriting'] = 'UserID = ' . $userId . '的TOKEN清除成功';
} elseif ($query) {
$redata['copywriting'] = 'UserID = ' . $userId . '的用户未登录';
}
$this->addItem($redata);
$this->output();
}
public function show()
{
$callback = urldecode(trim($this->input['verify_user_cb']));
$time_expired = defined('TOKEN_EXPIRED') ? intval(TOKEN_EXPIRED + TIMENOW) : intval(3600 + TIMENOW);
if (!$callback) {
$this->db = hg_ConnectDB();
$userinfo = $this->mcp_dologin();
if (!$userinfo) {
$userinfo = $this->member_dologin();
if (!$userinfo) {
$this->errorOutput(USER_LOGIN_ERROR);
}
$group_type = 9999999999;
} else {
if ($userinfo['forced_change_pwd']) {
$this->addItem($userinfo);
$this->output();
}
//5游客
$group_type = intval(min(explode(',', $userinfo['admin_role_id'])));
if (!$group_type) {
$group_type = 9999999999;
}
}
$appinfo = $this->verify_appkey($this->input['appid'], $this->input['appkey']);
$accesstoken = $this->mk_access_token(0);
//入user_login表数据
$data = array('ip' => hg_getip(), 'user_name' => urldecode($userinfo['user_name']), 'user_id' => intval($userinfo['id']), 'login_time' => TIMENOW, 'token' => $accesstoken, 'appid' => intval($appinfo['appid']), 'group_type' => $group_type, 'display_name' => $appinfo['display_name'] ? $appinfo['display_name'] : $appinfo['custom_name'], 'visit_client' => $appinfo['mobile'], 'org_id' => $userinfo['org_id'], 'slave_group' => $userinfo['admin_role_id'], 'slave_org' => $userinfo['childs'], 'is_member' => $userinfo['is_member']);
$sql = 'INSERT INTO ' . DB_PREFIX . 'user_login SET ';
foreach ($data as $field => $value) {
$sql .= "{$field} = '{$value}',";
}
$this->db->query(trim($sql, ','));
//获取用户头像
$avatar = unserialize($userinfo['avatar']) ? unserialize($userinfo['avatar']) : '';
//登陆返回的数据 纪录session
$reUserInfo = array('token' => $data['token'], 'appid' => $data['appid'], 'display_name' => $data['display_name'], 'app_expire_time' => $appinfo['expire_time'], 'user_name' => $userinfo['user_name'], 'group_type' => $group_type, 'password' => $userinfo['password'], 'id' => $userinfo['id'], 'verify_code' => $userinfo['verify_code'], 'visit_client' => $appinfo['mobile'], 'group_name' => $userinfo['role_name'], 'org_name' => $userinfo['org_name'], 'org_id' => $userinfo['org_id'], 'slave_org' => $userinfo['childs'], 'avatar' => $avatar, 'default_page' => $userinfo['index_page'], 'open_way' => $userinfo['open_way'], 'domain' => $userinfo['domain'], 'app_custom_menus' => $userinfo['app_unique'], 'cardid' => $userinfo['cardid'], 'prms_menus' => $userinfo['prms_menus'], 'expired_time' => $time_expired, 'is_member' => $data['is_member']);
if ($reUserInfo['id'] > 0 && ($this->input['isextend'] || defined('IS_EXTEND') && IS_EXTEND)) {
$reUserInfo['extend'] = $this->getUserExtendInfo($reUserInfo['id']);
}
$this->addItem($reUserInfo);
//$token_expired = defined('TOKEN_EXPIRED') ? TOKEN_EXPIRED : 3600;
$this->output();
} else {
$extend = urldecode($this->input['extend']);
$user = array('user_name' => $this->input['user_name'], 'password' => $this->input['password']);
$extend = explode('&', $extend);
foreach ($extend as $v) {
$v = explode('=', $v);
if ($v[0]) {
$user[$v[0]] = $v[1];
}
}
$userinfo = $this->post(urldecode($callback), $user);
$userinfo = $userinfo[0];
if (!$userinfo['user_id']) {
$this->erroroutput(USER_VERIFY_FAIL);
}
$servers = hg_load_login_serv();
if (!$servers) {
$server_index = -1;
$this->db = hg_ConnectDB();
} else {
include_once ROOT_PATH . 'lib/db/db_mysql.class.php';
$server_index = $userinfo['user_id'] % count($servers);
$server = $servers[$server_index];
$server['pass'] = hg_encript_str($server['pass'], false);
$this->db = new db();
$conn = $this->db->connect($server['host'], $server['user'], $server['pass'], $server['database'], $server['charset'], $server['pconnect']);
if (!$conn) {
$this->erroroutput(LOGIN_SERVER_ERROR);
}
$server['database'] = $server['database'] . '.';
}
$appinfo = $this->verify_appkey($this->input['appid'], $this->input['appkey']);
$group_type = 999999999;
$accesstoken = $this->mk_access_token($server_index + 1);
$data = array('ip' => hg_getip(), 'user_name' => urldecode($userinfo['user_name']), 'user_id' => intval($userinfo['user_id']), 'login_time' => TIMENOW, 'token' => $accesstoken, 'appid' => intval($appinfo['appid']), 'group_type' => $group_type, 'display_name' => $appinfo['display_name'] ? $appinfo['display_name'] : $appinfo['custom_name'], 'visit_client' => $appinfo['mobile'], 'org_id' => $userinfo['org_id'], 'slave_group' => $userinfo['admin_role_id'], 'slave_org' => $userinfo['childs'], 'is_member' => 1);
$sql = 'INSERT INTO ' . $server['database'] . DB_PREFIX . 'user_login SET ';
foreach ($data as $field => $value) {
$sql .= "{$field} = '{$value}',";
}
$this->db->query(trim($sql, ','));
$userinfo['token'] = $accesstoken;
$userinfo['appid'] = $data['appid'];
$userinfo['display_name'] = $data['display_name'];
$userinfo['visit_client'] = $data['visit_client'];
$userinfo['login_time'] = $data['login_time'];
$userinfo['expired_time'] = $time_expired;
$userinfo['is_member'] = $data['is_member'];
if ($userinfo['user_id'] > 0 && ($this->input['isextend'] || defined('IS_EXTEND') && IS_EXTEND)) {
$userinfo['extend'] = $this->getUserExtendInfo($userinfo['user_id']);
}
$this->addItem($userinfo);
$this->output();
}
}
