/** * * 强制用户退出,非管理员角色使用需要赋予权限应用的“强制退出”权限 ... * @param user_id 强制退出用户ID * @param is_member 是否会员用户 * */ public function force_logout_user() { $this->verify_content_prms(array('_action' => 'force_logout_user')); $userId = (int) $this->input['user_id']; !($userId > 0) && $this->errorOutput(NO_USER_ID); $isMember = isset($this->input['is_member']) && $this->input['is_member'] ? 1 : 0; $databasename = ''; $servers = hg_load_login_serv(); if (!$servers || !$isMember) { $newdb = hg_ConnectDB(); } elseif ($servers && $isMember) { $server_index = $userId % count($servers); $server = $servers[$server_index]; if ($server) { class_exists('db', false) or (include ROOT_PATH . 'lib/db/db_mysql.class.php'); $server['pass'] = hg_encript_str($server['pass'], false); $newdb = new db(); $newdb->connect($server['host'], $server['user'], $server['pass'], $server['database'], $server['charset'], $server['pconnect']); $databasename = $server['database'] . '.'; } else { $newdb = hg_ConnectDB(); } } $sql = 'DELETE FROM ' . $databasename . DB_PREFIX . 'user_login WHERE user_id = "' . $userId . '" AND is_member = ' . $isMember; $redata = array('status' => 0, 'user_id' => $userId, 'is_member' => $isMember, 'copywriting' => 'UserID = ' . $userId . '的TOKEN清除失败'); $query = $newdb->query($sql); if ($query && $newdb->affected_rows()) { $redata['status'] = 1; $redata['copywriting'] = 'UserID = ' . $userId . '的TOKEN清除成功'; } elseif ($query) { $redata['copywriting'] = 'UserID = ' . $userId . '的用户未登录'; } $this->addItem($redata); $this->output(); }
public function show() { $callback = urldecode(trim($this->input['verify_user_cb'])); $time_expired = defined('TOKEN_EXPIRED') ? intval(TOKEN_EXPIRED + TIMENOW) : intval(3600 + TIMENOW); if (!$callback) { $this->db = hg_ConnectDB(); $userinfo = $this->mcp_dologin(); if (!$userinfo) { $userinfo = $this->member_dologin(); if (!$userinfo) { $this->errorOutput(USER_LOGIN_ERROR); } $group_type = 9999999999; } else { if ($userinfo['forced_change_pwd']) { $this->addItem($userinfo); $this->output(); } //5游客 $group_type = intval(min(explode(',', $userinfo['admin_role_id']))); if (!$group_type) { $group_type = 9999999999; } } $appinfo = $this->verify_appkey($this->input['appid'], $this->input['appkey']); $accesstoken = $this->mk_access_token(0); //入user_login表数据 $data = array('ip' => hg_getip(), 'user_name' => urldecode($userinfo['user_name']), 'user_id' => intval($userinfo['id']), 'login_time' => TIMENOW, 'token' => $accesstoken, 'appid' => intval($appinfo['appid']), 'group_type' => $group_type, 'display_name' => $appinfo['display_name'] ? $appinfo['display_name'] : $appinfo['custom_name'], 'visit_client' => $appinfo['mobile'], 'org_id' => $userinfo['org_id'], 'slave_group' => $userinfo['admin_role_id'], 'slave_org' => $userinfo['childs'], 'is_member' => $userinfo['is_member']); $sql = 'INSERT INTO ' . DB_PREFIX . 'user_login SET '; foreach ($data as $field => $value) { $sql .= "{$field} = '{$value}',"; } $this->db->query(trim($sql, ',')); //获取用户头像 $avatar = unserialize($userinfo['avatar']) ? unserialize($userinfo['avatar']) : ''; //登陆返回的数据 纪录session $reUserInfo = array('token' => $data['token'], 'appid' => $data['appid'], 'display_name' => $data['display_name'], 'app_expire_time' => $appinfo['expire_time'], 'user_name' => $userinfo['user_name'], 'group_type' => $group_type, 'password' => $userinfo['password'], 'id' => $userinfo['id'], 'verify_code' => $userinfo['verify_code'], 'visit_client' => $appinfo['mobile'], 'group_name' => $userinfo['role_name'], 'org_name' => $userinfo['org_name'], 'org_id' => $userinfo['org_id'], 'slave_org' => $userinfo['childs'], 'avatar' => $avatar, 'default_page' => $userinfo['index_page'], 'open_way' => $userinfo['open_way'], 'domain' => $userinfo['domain'], 'app_custom_menus' => $userinfo['app_unique'], 'cardid' => $userinfo['cardid'], 'prms_menus' => $userinfo['prms_menus'], 'expired_time' => $time_expired, 'is_member' => $data['is_member']); if ($reUserInfo['id'] > 0 && ($this->input['isextend'] || defined('IS_EXTEND') && IS_EXTEND)) { $reUserInfo['extend'] = $this->getUserExtendInfo($reUserInfo['id']); } $this->addItem($reUserInfo); //$token_expired = defined('TOKEN_EXPIRED') ? TOKEN_EXPIRED : 3600; $this->output(); } else { $extend = urldecode($this->input['extend']); $user = array('user_name' => $this->input['user_name'], 'password' => $this->input['password']); $extend = explode('&', $extend); foreach ($extend as $v) { $v = explode('=', $v); if ($v[0]) { $user[$v[0]] = $v[1]; } } $userinfo = $this->post(urldecode($callback), $user); $userinfo = $userinfo[0]; if (!$userinfo['user_id']) { $this->erroroutput(USER_VERIFY_FAIL); } $servers = hg_load_login_serv(); if (!$servers) { $server_index = -1; $this->db = hg_ConnectDB(); } else { include_once ROOT_PATH . 'lib/db/db_mysql.class.php'; $server_index = $userinfo['user_id'] % count($servers); $server = $servers[$server_index]; $server['pass'] = hg_encript_str($server['pass'], false); $this->db = new db(); $conn = $this->db->connect($server['host'], $server['user'], $server['pass'], $server['database'], $server['charset'], $server['pconnect']); if (!$conn) { $this->erroroutput(LOGIN_SERVER_ERROR); } $server['database'] = $server['database'] . '.'; } $appinfo = $this->verify_appkey($this->input['appid'], $this->input['appkey']); $group_type = 999999999; $accesstoken = $this->mk_access_token($server_index + 1); $data = array('ip' => hg_getip(), 'user_name' => urldecode($userinfo['user_name']), 'user_id' => intval($userinfo['user_id']), 'login_time' => TIMENOW, 'token' => $accesstoken, 'appid' => intval($appinfo['appid']), 'group_type' => $group_type, 'display_name' => $appinfo['display_name'] ? $appinfo['display_name'] : $appinfo['custom_name'], 'visit_client' => $appinfo['mobile'], 'org_id' => $userinfo['org_id'], 'slave_group' => $userinfo['admin_role_id'], 'slave_org' => $userinfo['childs'], 'is_member' => 1); $sql = 'INSERT INTO ' . $server['database'] . DB_PREFIX . 'user_login SET '; foreach ($data as $field => $value) { $sql .= "{$field} = '{$value}',"; } $this->db->query(trim($sql, ',')); $userinfo['token'] = $accesstoken; $userinfo['appid'] = $data['appid']; $userinfo['display_name'] = $data['display_name']; $userinfo['visit_client'] = $data['visit_client']; $userinfo['login_time'] = $data['login_time']; $userinfo['expired_time'] = $time_expired; $userinfo['is_member'] = $data['is_member']; if ($userinfo['user_id'] > 0 && ($this->input['isextend'] || defined('IS_EXTEND') && IS_EXTEND)) { $userinfo['extend'] = $this->getUserExtendInfo($userinfo['user_id']); } $this->addItem($userinfo); $this->output(); } }