/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
//在这个地方来校验用户名和密码的真实性
//首先来看看是否有此用户名存在
//find() 如果没有查询出来数据,则会返回null
//findAll() 空数据会返回空数组
//根据用户名查询是否有一个用户信息
$user_model = Manager::model()->find('username=:name', array(':name' => $this->username));
//如果用户名不存在
if ($user_model === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
return false;
} else {
if ($user_model->password !== $this->password) {
//密码判断
$this->errorCode = self::ERROR_PASSWORD_INVALID;
return false;
} else {
$this->errorCode = self::ERROR_NONE;
return true;
}
}
// if(!isset($users[$this->username]))
// $this->errorCode=self::ERROR_USERNAME_INVALID;
// elseif($users[$this->username]!==$this->password)
// $this->errorCode=self::ERROR_PASSWORD_INVALID;
// else
// $this->errorCode=self::ERROR_NONE;
// return !$this->errorCode;
}
public function getManager($useCached = TRUE)
{
if ($useCached || is_null($this->manager)) {
$this->manager = Manager::model()->findByPk($this->id);
}
return $this->manager;
}
public function actionView($username = null)
{
if ($model = Manager::model()->find('username=:username', array(':username' => $username))) {
$this->render('view', array('model' => $model));
} else {
throw new CHttpException(400, 'Такой страницы нет');
}
}
public function validatePassword($attribute, $params)
{
if (!$this->hasErrors($attribute)) {
$count = Manager::model()->countByAttributes(array('manager_id' => Yii::app()->user->id, 'login_password' => md5($this->{$attribute})));
// if(!Yii::app()->db->createCommand('SELECT COUNT(*) FROM {{manager}} WHERE id=? AND login_password=?')->queryScalar(array(Yii::app()->user->id,md5($this->$attribute))))
if ($count <= 0) {
$this->addError($attribute, '原密码错误');
}
}
}
public function authenticate()
{
$model = Manager::model()->findByAttributes(array('login_name' => $this->username));
if (is_null($model)) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (!$this->_checkPassword($this->password, $model->login_password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} elseif (!$model->is_allow_login) {
$this->errorCode = self::ERROR_DENY_LOGIN;
} else {
$this->id = $model->primaryKey;
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
public function run()
{
if (Yii::app()->request->isAjaxRequest && isset($_GET['q'])) {
$tag = Yii::app()->request->getParam('q', '');
$limit = Yii::app()->request->getParam('limit', 50);
$limit = min($limit, 50);
$criteria = new CDbCriteria();
$criteria->condition = "username LIKE :sterm";
$criteria->params = array(":sterm" => "%{$tag}%");
$criteria->limit = $limit;
$tagArray = Manager::model()->findAll($criteria);
$returnVal = '';
foreach ($tagArray as $tagValue) {
$returnVal .= $tagValue->getAttribute('username') . '|' . $tagValue->getAttribute('username') . "\n";
}
echo $returnVal;
}
}
public function run()
{
$category = array();
$menus = array();
$category['stat'] = '访客统计';
$menus['stat'][] = array('访问统计', '/admin/stat/visit');
$menus['stat'][] = array('三方统计', 'http://tongji.baidu.com/web/welcome/ico?s=17978066889cd84953900994ae849d62');
$category['sys'] = '系统管理';
$menus['sys'][] = array('用户列表', '/admin/manager/index');
$menus['sys'][] = array('系统设置', '/admin/system/setting');
// current codes is check up the special privileges and remove it.
$manager_sp = Manager::model()->sp();
if (!empty($manager_sp)) {
$self_sp_controllers = Yii::app()->user->getSp();
$manager_sp_controller = array_keys($manager_sp);
foreach ($menus as $one_level_key => $one_level_value) {
foreach ($one_level_value as $two_level_key => $two_level_value) {
$tmp_controller = explode('/', $two_level_value[1]);
if (!empty($tmp_controller[2]) && in_array($tmp_controller[2], $manager_sp_controller) && !in_array($tmp_controller[2], $self_sp_controllers)) {
unset($menus[$one_level_key][$two_level_key]);
}
}
}
foreach ($category as $key => $value) {
if (empty($menus[$key])) {
unset($category[$key]);
}
}
}
// over
$c = $this->controller->id;
$a = $this->controller->action->id;
$ac = '';
$am = '';
foreach ($menus as $ck => $ms) {
foreach ($ms as $m) {
if ('/admin/' . $c . '/' . $a == $m[1]) {
$ac = $ck;
$am = '/admin/' . $c . '/' . $a;
}
}
}
$this->render("NavList", compact('category', 'menus', 'c', 'a', 'ac', 'am'));
}
/**
* 校验访问权限
* @return [type] [description]
*/
private function visitCheck()
{
$this->rule['guest'] = array('manager' => array('login', 'logout'), 'site' => array('verify'));
if (Yii::app()->user->getIsGuest()) {
if (empty($this->rule['guest'][$this->controller_id]) || !in_array($this->action_id, $this->rule['guest'][$this->controller_id])) {
$this->showMessage('请先登陆', '/admin/manager/login');
}
} else {
if (empty($this->rule['guest'][$this->controller_id]) || !in_array($this->action_id, $this->rule['guest'][$this->controller_id])) {
$manager_sp = Manager::model()->sp();
if (!empty($manager_sp)) {
$manager_sp_controllers = array_keys($manager_sp);
$self_sp_controllers = Yii::app()->user->getSp();
if (in_array($this->controller_id, $manager_sp_controllers) && !in_array($this->controller_id, $self_sp_controllers)) {
throw new CHtteException(404);
}
}
}
}
}
public function authenticate()
{
$manager = Manager::model()->getArrByAttributes(array('name' => $this->name));
if (empty($manager)) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($manager['status'] != Manager::MAN_STATUS_NORMAL) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (McryptComponent::decryption($manager['passwd']) != $this->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->errorCode = self::ERROR_NONE;
$this->id = $manager['id'];
$this->sp = $manager['sp'];
}
}
}
return !$this->errorCode;
}
public function actionLogin()
{
session_start();
//获得表单提交的数据
$userName = $_POST["userName"];
$password = $_POST["password"];
$checkCode = $_POST["checkCode"];
$trueCode = $_SESSION["trueCode"];
//登陆验证
if ($checkCode != $trueCode) {
$this->redirect(__APP__ . "/success/index/act/login/rst/0");
} else {
$userInfo = Manager::model()->find("userName='******' and password='******'");
if ($userInfo == NULL) {
$this->redirect(__APP__ . "/success/index/act/login/rst/1");
} else {
$_SESSION["userMsg"] = $userInfo;
$this->redirect(__APP__ . "/success/index/act/login/rst/2");
}
}
}
public function actionDelete()
{
if (Yii::app()->user->getIsSuperUser() == false && Yii::app()->user->checkAccess('deleteManager') == false) {
throw new CHttpException(403);
}
$id = Yii::app()->request->getQuery('id');
$manager = Manager::model()->findByPk($id);
if (is_null($manager)) {
throw new CHttpException(403);
}
if ($manager->is_admin) {
throw new CHttpException(403, strtr('管理员{name}为默认系统管理员, 不允许被删除.', array('{name}' => $manager->login_name)));
}
$flag = $manager->delete();
ManagerLog::logCurrentUserAction($flag, '删除管理员', $manager->login_name);
}
public function actionPassword()
{
$model = new UpdatePasswordForm();
if (isset($_POST['UpdatePasswordForm'])) {
$model->attributes = Yii::app()->request->getPost('UpdatePasswordForm');
if ($model->validate()) {
Manager::model()->updateByPk(Yii::app()->user->id, array('login_password' => md5($model->new_password)));
$this->setFlashMessage('您的密码已更新, 新密码已生效');
$this->redirect($this->getReturnUrl());
}
}
$this->breadcrumbs = array('修改密码');
$this->render('password', array('model' => $model, 'returnUrl' => $this->getReturnUrl()));
}
public function actionDelete()
{
$id = Yii::app()->request->getQuery('id');
print_r($id);
print_r(Yii::app()->session['manager_id']);
if ($id == Yii::app()->session['manager_id']) {
$this->showError('不能对自己进行该操作');
} else {
$status = Manager::model()->deleteById($id);
if ($status) {
$this->showSuccess('删除操作成功');
} else {
$this->showError('删除操作失败');
}
}
$this->redirect('/admin/manager/index');
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = Manager::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'Запрашиваемая страница не существует.');
}
return $model;
}