Esempio n. 1
0
 /**
  * Authenticates a user.
  * The example implementation makes sure if the username and password
  * are both 'demo'.
  * In practical applications, this should be changed to authenticate
  * against some persistent user identity storage (e.g. database).
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     //在这个地方来校验用户名和密码的真实性
     //首先来看看是否有此用户名存在
     //find() 如果没有查询出来数据,则会返回null
     //findAll()  空数据会返回空数组
     //根据用户名查询是否有一个用户信息
     $user_model = Manager::model()->find('username=:name', array(':name' => $this->username));
     //如果用户名不存在
     if ($user_model === null) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
         return false;
     } else {
         if ($user_model->password !== $this->password) {
             //密码判断
             $this->errorCode = self::ERROR_PASSWORD_INVALID;
             return false;
         } else {
             $this->errorCode = self::ERROR_NONE;
             return true;
         }
     }
     //		if(!isset($users[$this->username]))
     //			$this->errorCode=self::ERROR_USERNAME_INVALID;
     //		elseif($users[$this->username]!==$this->password)
     //			$this->errorCode=self::ERROR_PASSWORD_INVALID;
     //		else
     //			$this->errorCode=self::ERROR_NONE;
     //		return !$this->errorCode;
 }
Esempio n. 2
0
 public function getManager($useCached = TRUE)
 {
     if ($useCached || is_null($this->manager)) {
         $this->manager = Manager::model()->findByPk($this->id);
     }
     return $this->manager;
 }
 public function actionView($username = null)
 {
     if ($model = Manager::model()->find('username=:username', array(':username' => $username))) {
         $this->render('view', array('model' => $model));
     } else {
         throw new CHttpException(400, 'Такой страницы нет');
     }
 }
Esempio n. 4
0
 public function validatePassword($attribute, $params)
 {
     if (!$this->hasErrors($attribute)) {
         $count = Manager::model()->countByAttributes(array('manager_id' => Yii::app()->user->id, 'login_password' => md5($this->{$attribute})));
         // if(!Yii::app()->db->createCommand('SELECT COUNT(*) FROM {{manager}} WHERE id=? AND login_password=?')->queryScalar(array(Yii::app()->user->id,md5($this->$attribute))))
         if ($count <= 0) {
             $this->addError($attribute, '原密码错误');
         }
     }
 }
Esempio n. 5
0
 public function authenticate()
 {
     $model = Manager::model()->findByAttributes(array('login_name' => $this->username));
     if (is_null($model)) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
     } elseif (!$this->_checkPassword($this->password, $model->login_password)) {
         $this->errorCode = self::ERROR_PASSWORD_INVALID;
     } elseif (!$model->is_allow_login) {
         $this->errorCode = self::ERROR_DENY_LOGIN;
     } else {
         $this->id = $model->primaryKey;
         $this->errorCode = self::ERROR_NONE;
     }
     return !$this->errorCode;
 }
 public function run()
 {
     if (Yii::app()->request->isAjaxRequest && isset($_GET['q'])) {
         $tag = Yii::app()->request->getParam('q', '');
         $limit = Yii::app()->request->getParam('limit', 50);
         $limit = min($limit, 50);
         $criteria = new CDbCriteria();
         $criteria->condition = "username LIKE :sterm";
         $criteria->params = array(":sterm" => "%{$tag}%");
         $criteria->limit = $limit;
         $tagArray = Manager::model()->findAll($criteria);
         $returnVal = '';
         foreach ($tagArray as $tagValue) {
             $returnVal .= $tagValue->getAttribute('username') . '|' . $tagValue->getAttribute('username') . "\n";
         }
         echo $returnVal;
     }
 }
Esempio n. 7
0
 public function run()
 {
     $category = array();
     $menus = array();
     $category['stat'] = '访客统计';
     $menus['stat'][] = array('访问统计', '/admin/stat/visit');
     $menus['stat'][] = array('三方统计', 'http://tongji.baidu.com/web/welcome/ico?s=17978066889cd84953900994ae849d62');
     $category['sys'] = '系统管理';
     $menus['sys'][] = array('用户列表', '/admin/manager/index');
     $menus['sys'][] = array('系统设置', '/admin/system/setting');
     // current codes is check up the special privileges and remove it.
     $manager_sp = Manager::model()->sp();
     if (!empty($manager_sp)) {
         $self_sp_controllers = Yii::app()->user->getSp();
         $manager_sp_controller = array_keys($manager_sp);
         foreach ($menus as $one_level_key => $one_level_value) {
             foreach ($one_level_value as $two_level_key => $two_level_value) {
                 $tmp_controller = explode('/', $two_level_value[1]);
                 if (!empty($tmp_controller[2]) && in_array($tmp_controller[2], $manager_sp_controller) && !in_array($tmp_controller[2], $self_sp_controllers)) {
                     unset($menus[$one_level_key][$two_level_key]);
                 }
             }
         }
         foreach ($category as $key => $value) {
             if (empty($menus[$key])) {
                 unset($category[$key]);
             }
         }
     }
     // over
     $c = $this->controller->id;
     $a = $this->controller->action->id;
     $ac = '';
     $am = '';
     foreach ($menus as $ck => $ms) {
         foreach ($ms as $m) {
             if ('/admin/' . $c . '/' . $a == $m[1]) {
                 $ac = $ck;
                 $am = '/admin/' . $c . '/' . $a;
             }
         }
     }
     $this->render("NavList", compact('category', 'menus', 'c', 'a', 'ac', 'am'));
 }
Esempio n. 8
0
 /**
  * 校验访问权限
  * @return [type] [description]
  */
 private function visitCheck()
 {
     $this->rule['guest'] = array('manager' => array('login', 'logout'), 'site' => array('verify'));
     if (Yii::app()->user->getIsGuest()) {
         if (empty($this->rule['guest'][$this->controller_id]) || !in_array($this->action_id, $this->rule['guest'][$this->controller_id])) {
             $this->showMessage('请先登陆', '/admin/manager/login');
         }
     } else {
         if (empty($this->rule['guest'][$this->controller_id]) || !in_array($this->action_id, $this->rule['guest'][$this->controller_id])) {
             $manager_sp = Manager::model()->sp();
             if (!empty($manager_sp)) {
                 $manager_sp_controllers = array_keys($manager_sp);
                 $self_sp_controllers = Yii::app()->user->getSp();
                 if (in_array($this->controller_id, $manager_sp_controllers) && !in_array($this->controller_id, $self_sp_controllers)) {
                     throw new CHtteException(404);
                 }
             }
         }
     }
 }
Esempio n. 9
0
 public function authenticate()
 {
     $manager = Manager::model()->getArrByAttributes(array('name' => $this->name));
     if (empty($manager)) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
     } else {
         if ($manager['status'] != Manager::MAN_STATUS_NORMAL) {
             $this->errorCode = self::ERROR_USERNAME_INVALID;
         } else {
             if (McryptComponent::decryption($manager['passwd']) != $this->password) {
                 $this->errorCode = self::ERROR_PASSWORD_INVALID;
             } else {
                 $this->errorCode = self::ERROR_NONE;
                 $this->id = $manager['id'];
                 $this->sp = $manager['sp'];
             }
         }
     }
     return !$this->errorCode;
 }
Esempio n. 10
0
 public function actionLogin()
 {
     session_start();
     //获得表单提交的数据
     $userName = $_POST["userName"];
     $password = $_POST["password"];
     $checkCode = $_POST["checkCode"];
     $trueCode = $_SESSION["trueCode"];
     //登陆验证
     if ($checkCode != $trueCode) {
         $this->redirect(__APP__ . "/success/index/act/login/rst/0");
     } else {
         $userInfo = Manager::model()->find("userName='******' and password='******'");
         if ($userInfo == NULL) {
             $this->redirect(__APP__ . "/success/index/act/login/rst/1");
         } else {
             $_SESSION["userMsg"] = $userInfo;
             $this->redirect(__APP__ . "/success/index/act/login/rst/2");
         }
     }
 }
Esempio n. 11
0
 public function actionDelete()
 {
     if (Yii::app()->user->getIsSuperUser() == false && Yii::app()->user->checkAccess('deleteManager') == false) {
         throw new CHttpException(403);
     }
     $id = Yii::app()->request->getQuery('id');
     $manager = Manager::model()->findByPk($id);
     if (is_null($manager)) {
         throw new CHttpException(403);
     }
     if ($manager->is_admin) {
         throw new CHttpException(403, strtr('管理员{name}为默认系统管理员, 不允许被删除.', array('{name}' => $manager->login_name)));
     }
     $flag = $manager->delete();
     ManagerLog::logCurrentUserAction($flag, '删除管理员', $manager->login_name);
 }
Esempio n. 12
0
 public function actionPassword()
 {
     $model = new UpdatePasswordForm();
     if (isset($_POST['UpdatePasswordForm'])) {
         $model->attributes = Yii::app()->request->getPost('UpdatePasswordForm');
         if ($model->validate()) {
             Manager::model()->updateByPk(Yii::app()->user->id, array('login_password' => md5($model->new_password)));
             $this->setFlashMessage('您的密码已更新, 新密码已生效');
             $this->redirect($this->getReturnUrl());
         }
     }
     $this->breadcrumbs = array('修改密码');
     $this->render('password', array('model' => $model, 'returnUrl' => $this->getReturnUrl()));
 }
Esempio n. 13
0
 public function actionDelete()
 {
     $id = Yii::app()->request->getQuery('id');
     print_r($id);
     print_r(Yii::app()->session['manager_id']);
     if ($id == Yii::app()->session['manager_id']) {
         $this->showError('不能对自己进行该操作');
     } else {
         $status = Manager::model()->deleteById($id);
         if ($status) {
             $this->showSuccess('删除操作成功');
         } else {
             $this->showError('删除操作失败');
         }
     }
     $this->redirect('/admin/manager/index');
 }
 /**
  * Returns the data model based on the primary key given in the GET variable.
  * If the data model is not found, an HTTP exception will be raised.
  * @param integer the ID of the model to be loaded
  */
 public function loadModel($id)
 {
     $model = Manager::model()->findByPk($id);
     if ($model === null) {
         throw new CHttpException(404, 'Запрашиваемая страница не существует.');
     }
     return $model;
 }