/** * cgi/login/{user}/{password} */ public function indexAction() { $account = @trim(MyTool::get($this, MyConst::PARAM_USER_ACCOUNT)); $password = @trim(MyTool::get($this, MyConst::PARAM_USER_PASSWORD)); if (!$this->checkParams($account, $password)) { return $this->onError(MyConst::STATUS_INVALID_PARAM, 'need account and password'); } $user = $this->getUserInfo($account); if (empty($user)) { return $this->onError(MyConst::STATUS_INVALID_USER, 'unknown user id'); } if (!$this->checkPassword($user, $password)) { return $this->onError(MyConst::STATUS_INVALID_PASSWORD, 'invalid password'); } MyTool::setVar($this, MyConst::FIELD_STATUS, MyConst::STATUS_OK); MyTool::setVar($this, MyConst::FIELD_USER, $user); $ts = time(); if (!MyTool::hasCookie($this, MyConst::COOKIE_UUID)) { MyTool::setCookie($this, MyConst::COOKIE_UUID, MyTool::genUuid($ts), MyConst::COOKIE_NEVER_EXPIRE); } MyTool::setCookie($this, MyConst::COOKIE_TOKEN, MyTool::genToken($this, $user->id, $ts), MyConst::COOKIE_EXPIRE); MyTool::setCookie($this, MyConst::COOKIE_UID, $user->id, MyConst::COOKIE_EXPIRE); MyTool::setCookie($this, MyConst::COOKIE_TS, $ts, MyConst::COOKIE_EXPIRE); return true; }
public function setAction($targetId, $field) { MyTool::simpleView($this); $field = @trim($field); $targetId = @intval($targetId); if (!array_key_exists($field, self::$FIELDS)) { return $this->onError(MyConst::STATUS_INVALID_PARAM, 'invalid param'); } if (!MyTool::loginAuth($this)) { return $this->onError(MyConst::STATUS_NOT_LOGIN, 'must login first'); } $uid = MyTool::getCookie($this, MyConst::COOKIE_UID); $team = TeamLogic::getTeam($targetId); if (empty($team)) { return MyTool::onExit($this, MyConst::STATUS_INVALID_TEAM, 'unknown team id'); } if ($team->owner != $uid) { return MyTool::onExit($this, MyConst::STATUS_NO_PERMISSION, 'no premission'); } $value = MyTool::get($this, MyConst::FIELD_VALUE); if (MyTool::eq($team->{$field}, $value)) { return MyTool::onExit($this, MyConst::STATUS_OK, 'nothing changed'); } $team->{$field} = $value; try { if (true !== $team->update()) { return MyTool::onExit($this, MyConst::STATUS_ERROR, "update team failed"); } } catch (Exception $e) { return MyTool::onExit($this, MyConst::STATUS_ERROR, $e->getMessage()); } MyTool::setVar($this, MyConst::FIELD_STATUS, MyConst::STATUS_OK); return true; }
public function setAction($field) { MyTool::simpleView($this); $field = @trim($field); if (!array_key_exists($field, self::$FIELDS)) { return $this->onError(MyConst::STATUS_INVALID_PARAM, 'invalid param'); } if (!MyTool::loginAuth($this)) { return $this->onError(MyConst::STATUS_NOT_LOGIN, 'must login first'); } $uid = MyTool::getCookie($this, MyConst::COOKIE_UID); $user = $this->getUserInfo($uid); if (empty($user)) { return $this->onError(MyConst::STATUS_INVALID_USER, 'unknown user id'); } $value = MyTool::get($this, MyConst::FIELD_VALUE); if (MyTool::eq($field, MyConst::FIELD_OPEN)) { $value = MyTool::eq($value, '1') ? 1 : 0; } $value2 = null; if (MyTool::eq($user->{$field}, $value)) { return $this->onError(MyConst::STATUS_OK, 'nothing changed'); } if (MyTool::eq($field, MyConst::FIELD_PASSWORD)) { if (!MyTool::isPassword($value)) { return $this->onError(MyConst::STATUS_INVALID_PASSWORD, 'invalid password'); } $value2 = MyTool::get($this, MyConst::FIELD_VALUE2); if (0 !== strcasecmp($user->{$field}, $value2)) { return $this->onError(MyConst::STATUS_WRONG_PASSWORD, 'current password wrong'); } } else { if (MyTool::eq($field, MyConst::FIELD_EMAIL)) { if (!MyTool::isEmail($value)) { return $this->onError(MyConst::STATUS_INVALID_EMAIL, 'wrong email address'); } } else { if (MyTool::eq($field, MyConst::FIELD_PHONE)) { if (!MyTool::isPhone($value)) { return $this->onError(MyConst::STATUS_INVALID_PHONE, 'wrong phone number'); } } } } $user->{$field} = $value; $user->mtime = MyTool::now(); if (true !== $user->update()) { return $this->onError(MyConst::STATUS_DB, 'update user information failed'); } MyTool::setVar($this, MyConst::FIELD_STATUS, MyConst::STATUS_OK); return true; }