public function actionLogin()
{
$access = $this->getAccess();
$defaultUrl = $this->createUrl("default/index");
if (0 < $access) {
$this->success(Ibos::lang("Login succeed"), $defaultUrl);
}
if (!EnvUtil::submitCheck("formhash")) {
$data = array("userName" => !empty($this->user) ? $this->user["username"] : "");
$this->render("login", $data);
} else {
$userName = EnvUtil::getRequest("username");
$passWord = EnvUtil::getRequest("password");
if (!$passWord || $passWord != addslashes($passWord)) {
$this->error(Ibos::lang("Passwd illegal"));
}
$identity = new ICUserIdentity($userName, $passWord);
$result = $identity->authenticate(true);
if (0 < $result) {
Ibos::app()->user->login($identity);
if (Ibos::app()->user->uid != 1) {
MainUtil::checkLicenseLimit(true);
}
$this->success(Ibos::lang("Login succeed"), $defaultUrl);
} else {
$passWord = preg_replace("/^(.{" . round(strlen($passWord) / 4) . "})(.+?)(.{" . round(strlen($passWord) / 6) . "})\$/s", "***", $passWord);
$log = array("user" => $userName, "password" => $passWord, "ip" => Ibos::app()->setting->get("clientip"));
Log::write($log, "illegal", "module.dashboard.login");
$this->error(Ibos::lang("Login failed"));
}
}
}
protected function doLogin($userName, $passWord, $loginType, $account, $autoLogin = 1, $cookieTime = 0, $inajax = 0)
{
if (!$passWord || $passWord != addslashes($passWord)) {
$this->error(Ibos::lang("Passwd illegal"));
}
$errornum = $this->loginCheck($account);
$ip = Ibos::app()->setting->get("clientip");
$identity = new ICUserIdentity($userName, $passWord, $loginType);
$result = $identity->authenticate();
if (0 < $result) {
$user = Ibos::app()->user;
if (empty($autoLogin)) {
$user->setState($user::AUTH_TIMEOUT_VAR, TIMESTAMP + $account["timeout"]);
} else {
MainUtil::setCookie("autologin", 1, $cookieTime);
}
$user->login($identity, $cookieTime);
if ($user->uid != 1) {
MainUtil::checkLicenseLimit(true);
}
if (!$inajax) {
$urlForward = EnvUtil::referer();
$log = array("terminal" => "web", "password" => StringUtil::passwordMask($passWord), "ip" => $ip, "user" => $userName, "loginType" => $loginType, "address" => "", "gps" => "");
Log::write($log, "login", sprintf("module.user.%d", $user->uid));
$rule = UserUtil::updateCreditByAction("daylogin", $user->uid);
if (!$rule["updateCredit"]) {
UserUtil::checkUserGroup($user->uid);
}
$this->success(Ibos::lang("Login succeed", "", array("{username}" => $user->realname)), $urlForward);
} else {
$this->ajaxReturn(array("isSuccess" => true));
}
} elseif ($result === 0) {
$this->error(Ibos::lang("User not fount", "", array("{username}" => $userName)), "", array(), array("error" => $result));
} elseif ($result === -1) {
$this->error(Ibos::lang("User lock", "", array("{username}" => $userName)), "", array(), array("error" => $result));
} elseif ($result === -2) {
$this->error(Ibos::lang("User disabled", "", array("{username}" => $userName)), "", array(), array("error" => $result));
} elseif ($result === -3) {
FailedLogin::model()->updateFailed($ip);
list($ip1, $ip2) = explode(".", $ip);
$newIp = $ip1 . "." . $ip2;
FailedIp::model()->insertIp($newIp);
$log = array("user" => $userName, "password" => StringUtil::passwordMask($passWord), "ip" => $ip);
Log::write($log, "illegal", "module.user.login");
if ($errornum) {
$this->error("登录失败,您还可以尝试" . ($errornum - 1) . "次");
} else {
$this->error(Ibos::lang("User name or password is not correct"), "", array(), array("error" => $result));
}
}
}
public function actionEdit()
{
$op = EnvUtil::getRequest("op");
if ($op && in_array($op, array("enabled", "disabled", "lock")) && Ibos::app()->request->getIsAjaxRequest()) {
$ids = EnvUtil::getRequest("uid");
if ($op !== "disabled") {
MainUtil::checkLicenseLimit();
}
return $this->setStatus($op, $ids);
} else {
MainUtil::checkLicenseLimit();
}
$uid = EnvUtil::getRequest("uid");
$user = User::model()->fetchByUid($uid);
if (EnvUtil::submitCheck("userSubmit")) {
$this->dealWithSpecialParams();
if (empty($_POST["password"])) {
unset($_POST["password"]);
} else {
$_POST["password"] = md5(md5($_POST["password"]) . $user["salt"]);
$_POST["lastchangepass"] = TIMESTAMP;
}
if (isset($_POST["auxiliarydept"])) {
$deptIds = StringUtil::getId($_POST["auxiliarydept"]);
$this->handleAuxiliaryDept($uid, $deptIds, $_POST["deptid"]);
}
if (isset($_POST["auxiliarypos"])) {
$posIds = StringUtil::getId($_POST["auxiliarypos"]);
$this->handleAuxiliaryPosition($uid, $posIds, $_POST["positionid"]);
}
$data = User::model()->create();
User::model()->updateByUid($uid, $data);
OrgUtil::update();
$this->success(Ibos::lang("Save succeed", "message"), $this->createUrl("user/index"));
} else {
if (empty($user)) {
$this->error(Ibos::lang("Request param"), $this->createUrl("user/index"));
}
$user["auxiliarydept"] = DepartmentRelated::model()->fetchAllDeptIdByUid($user["uid"]);
$user["auxiliarypos"] = PositionRelated::model()->fetchAllPositionIdByUid($user["uid"]);
$account = Ibos::app()->setting->get("setting/account");
if ($account["mixed"]) {
$preg = "[0-9]+[A-Za-z]+|[A-Za-z]+[0-9]+";
} else {
$preg = "^[A-Za-z0-9\\!\\@\\#\$\\%\\^\\&\\*\\.\\~]{" . $account["minlength"] . ",32}\$";
}
$this->setPageTitle(Ibos::lang("Edit user"));
$this->setPageState("breadCrumbs", array(array("name" => Ibos::lang("Organization"), "url" => $this->createUrl("department/index")), array("name" => Ibos::lang("User manager"), "url" => $this->createUrl("user/index")), array("name" => Ibos::lang("Edit user"))));
$this->render("edit", array("user" => $user, "passwordLength" => $account["minlength"], "preg" => $preg));
}
}
public function actionLogin()
{
if (!Ibos::app()->user->isGuest) {
$return = array("login" => true, "formhash" => FORMHASH, "uid" => Yii::app()->user->uid, "user" => user::model()->fetchByUid(Ibos::app()->user->uid), "APPID" => Ibos::app()->setting->get("setting/iboscloud/appid"));
if (EnvUtil::getRequest("issetuser") != "true") {
$userData = UserUtil::getUserByPy();
$return["userData"] = $userData;
}
if (ModuleUtil::getIsEnabled("weibo")) {
$udata = UserData::model()->getUserData();
}
$return["user"]["following_count"] = isset($udata["following_count"]) ? $udata["following_count"] : 0;
$return["user"]["follower_count"] = isset($udata["follower_count"]) ? $udata["follower_count"] : 0;
$return["user"]["weibo_count"] = isset($udata["weibo_count"]) ? $udata["weibo_count"] : 0;
$this->ajaxReturn($return, "JSONP");
}
$account = Ibos::app()->setting->get("setting/account");
$userName = EnvUtil::getRequest("username");
$passWord = EnvUtil::getRequest("password");
$gps = EnvUtil::getRequest("gps");
$address = EnvUtil::getRequest("address");
$ip = Ibos::app()->setting->get("clientip");
$cookieTime = 0;
if (!$passWord || $passWord != addslashes($passWord)) {
$this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("Passwd illegal", "user.default")), "JSONP");
}
$identity = new ICUserIdentity($userName, $passWord);
$result = $identity->authenticate(false);
if (0 < $result) {
$user = Ibos::app()->user;
if ($account["allowshare"] != 1) {
$user->setStateKeyPrefix(Ibos::app()->setting->get("sid"));
}
MainUtil::setCookie("autologin", 1, $cookieTime);
$user->login($identity, $cookieTime);
if ($user->uid != 1) {
MainUtil::checkLicenseLimit(true);
}
$urlForward = EnvUtil::referer();
$log = array("terminal" => "app", "password" => StringUtil::passwordMask($passWord), "ip" => $ip, "user" => $userName, "loginType" => "username", "address" => $address, "gps" => $gps);
Log::write($log, "login", sprintf("module.user.%d", Ibos::app()->user->uid));
$return = array("login" => true, "formhash" => EnvUtil::formHash(), "uid" => Ibos::app()->user->uid, "user" => user::model()->fetchByUid(Ibos::app()->user->uid), "APPID" => Ibos::app()->setting->get("setting/iboscloud/appid"));
if (ModuleUtil::getIsEnabled("weibo")) {
$udata = UserData::model()->getUserData();
}
$return["user"]["following_count"] = isset($udata["following_count"]) ? $udata["following_count"] : 0;
$return["user"]["follower_count"] = isset($udata["follower_count"]) ? $udata["follower_count"] : 0;
$return["user"]["weibo_count"] = isset($udata["weibo_count"]) ? $udata["weibo_count"] : 0;
if (EnvUtil::getRequest("issetuser") != "true") {
$userData = UserUtil::getUserByPy();
$return["userData"] = $userData;
}
$this->ajaxReturn($return, "JSONP");
} elseif ($result === 0) {
$this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User not fount", "user.default", array("{username}" => $userName))), "JSONP");
} elseif ($result === -1) {
$this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User lock", "user.default", array("{username}" => $userName))), "JSONP");
} elseif ($result === -2) {
$this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User disabled", "", array("{username}" => $userName))), "JSONP");
} elseif ($result === -3) {
$log = array("user" => $userName, "password" => StringUtil::passwordMask($passWord), "ip" => $ip);
Log::write($log, "illegal", "module.user.login");
$this->ajaxReturn(array("login" => false, "msg" => Ibos::lang("User name or password is not correct", "user.default")), "JSONP");
}
}