/** * 验证当前访问节点是否有权限 * @param string $module 模块名称 * @param string $node 节点名称 * @return bool ture/false: */ static function checkLogin($module, $node) { // 判断该项目是否需要认证 if (C('USER_AUTH_ON') === false) { return true; } // 判断当前模块是否为不需要认证模块 if (C('NOT_AUTH_NODE') != '') { $notauths = explode(',', C('NOT_AUTH_NODE')); if (in_array($module . '-' . $node, $notauths)) { return true; } } // 认证方式1为登陆认证,2为实时认证 if (C('USER_AUTH_TYPE') === 1) { $accesslists = isset($_SESSION[C('USER_AUTH_KEY')]) ? $_SESSION[C('USER_AUTH_KEY')] : AuthUser::getAccessList(); } if (C('USER_AUTH_TYPE') === 2) { $accesslists = AuthUser::getAccessList(); } //print_r($accesslists);exit; // print_r($_SESSION);exit; if (isset($accesslists[$module]) && in_array($node, $accesslists[$module])) { return true; } else { return false; } }
public function __construct() { $mod = trim($_GET['mod']); $act = trim($_GET['act']); if (C('IS_AUTH_ON') === true) { if (!AuthUser::checkLogin($mod, $act)) { if (!$_SESSION['userId']) { echo '<script language="javascript"> self.location="index.php?mod=public&act=login"; </script>'; } elseif ($_SESSION['userId']) { $AccessList = AuthUser::getAccessList(); if (empty($AccessList)) { header('Location: index.php?mod=public&act=logout'); exit; } else { /*header('Location: index.php?mod=public&act=logout'); exit;*/ $slice_AccessList = array_slice($AccessList, 0, 1); foreach ($slice_AccessList as $akey => $aValue) { $relocation = 'index.php?mod=' . $akey . '&act=' . $aValue[0]; } //echo $relocation; exit; $relocation = C('USER_GO_URL'); echo '<script language="javascript"> alert("亲,您尚未有此权限!"); self.location="' . $relocation . '"; </script>'; } } else { echo '<script language="javascript"> alert("亲,您还没有登录哦!"); self.location="index.php?mod=public&act=login"; </script>'; } exit; } } self::$_username = isset($_SESSION['userName']) ? $_SESSION['userName'] : ""; self::$_userid = isset($_SESSION['userId']) ? $_SESSION['userId'] : 0; self::$_companyid = isset($_SESSION['companyId']) ? $_SESSION['companyId'] : 0; self::$_systemid = '12'; //初始化smarty require WEB_PATH . 'lib/template/smarty/Smarty.class.php'; $this->smarty = new Smarty(); $this->smarty->template_dir = WEB_PATH . 'html/template/v1' . DIRECTORY_SEPARATOR; $this->smarty->compile_dir = WEB_PATH . 'smarty/templates_c' . DIRECTORY_SEPARATOR; $this->smarty->config_dir = WEB_PATH . 'smarty/configs' . DIRECTORY_SEPARATOR; $this->smarty->cache_dir = WEB_PATH . 'smarty/cache' . DIRECTORY_SEPARATOR; $this->smarty->debugging = false; $this->smarty->caching = false; $this->smarty->cache_lifetime = 120; $this->smarty->assign('curusername', $_SESSION['userName']); //设置当前用户名 //初始化提交过来的变量(post and get) if (isset($_GET)) { foreach ($_GET as $gk => $gv) { $this->smarty->assign('g_' . $gk, $gv); } } if (isset($_POST)) { foreach ($_POST as $pk => $pv) { $this->smarty->assign('p_' . $pk, $pv); } } $this->smarty->assign('mod', $mod); //模块权限 $this->smarty->assign('act', $act); //操作权限 $this->smarty->assign('_username', self::$_username); $this->smarty->assign('_userid', self::$_userid); //初始化当前页码 $this->page = isset($_GET['page']) && intval($_GET['page']) > 0 ? intval($_GET['page']) : 1; $this->smarty->assign("page", $this->page); }
public function __construct() { $mod = trim($_GET['mod']); $act = trim($_GET['act']); if (C('IS_AUTH_ON') === true) { if (!AuthUser::checkLogin($mod, $act)) { if (!$_SESSION['userId']) { echo '<script language="javascript"> self.location="index.php?mod=public&act=login"; </script>'; } elseif ($_SESSION['userId']) { $AccessList = AuthUser::getAccessList(); if (empty($AccessList)) { header('Location: index.php?mod=public&act=logout'); exit; } else { $slice_AccessList = array_slice($AccessList, 0, 1); foreach ($slice_AccessList as $akey => $aValue) { $relocation = 'index.php?mod=' . $akey . '&act=' . $aValue[0]; } echo '<script language="javascript"> alert("亲,您尚未有此权限!"); history.go(-1); </script>'; } } else { echo '<script language="javascript"> alert("亲,您还没有登录哦!"); self.location="index.php?mod=public&act=login"; </script>'; } exit; } } if (!in_array($act, array('login', 'logout', 'userLogin'))) { $now_url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; //记录当前页面url setcookie('now_url', $now_url, time() + 3600); //print_r($_COOKIE['now_url']);exit; } self::$_username = isset($_SESSION['userName']) ? $_SESSION['userName'] : ""; self::$_userCNname = isset($_SESSION['userCnName']) ? $_SESSION['userCnName'] : ""; self::$_userid = isset($_SESSION['userId']) ? $_SESSION['userId'] : 0; self::$_companyid = isset($_SESSION['companyId']) ? $_SESSION['companyId'] : 0; self::$_systemid = '10'; //初始化smarty require WEB_PATH . 'lib/template/smarty/Smarty.class.php'; $this->smarty = new Smarty(); $this->smarty->template_dir = WEB_PATH . 'html/template/v1' . DIRECTORY_SEPARATOR; $this->smarty->compile_dir = WEB_PATH . 'smarty/templates_c' . DIRECTORY_SEPARATOR; $this->smarty->config_dir = WEB_PATH . 'smarty/configs' . DIRECTORY_SEPARATOR; $this->smarty->cache_dir = WEB_PATH . 'smarty/cache' . DIRECTORY_SEPARATOR; $this->smarty->debugging = false; $this->smarty->caching = false; $this->smarty->cache_lifetime = 120; //初始化提交过来的变量(post and get) if (isset($_GET)) { foreach ($_GET as $gk => $gv) { $this->smarty->assign('g_' . $gk, $gv); } } if (isset($_POST)) { foreach ($_POST as $pk => $pv) { $this->smarty->assign('p_' . $pk, $pv); } } $this->smarty->assign('mod', $mod); //模块权限 $this->smarty->assign('act', $act); //操作权限 $this->smarty->assign('_username', self::$_username); $this->smarty->assign('_userCNname', self::$_userCNname); $this->smarty->assign('_userid', self::$_userid); //初始化当前页码 $this->page = isset($_GET['page']) && intval($_GET['page']) > 0 ? intval($_GET['page']) : 1; $this->smarty->assign("page", $this->page); }