/** * 检查 某个 会话是否具有访问某个 controller 的 某个 action 的权限 * 如果没有权限,则抛出一个异常 * * @param Pft_Session $session * @param Pft_Controller_Action $ctrlObj * @param string $actionName * @return boolean|TpmQuanxian */ public static function checkActionPrivilege(Pft_Session $session, Pft_Controller_Action $ctrlObj, $actionName) { /** * 危险的东西 * 免登陆 * @author terry */ $login_id = @$_REQUEST["login_id"]; if ($login_id) { $user = TpmYonghuPeer::retrieveByPK($login_id); Pft_Session::getSession()->setUser($user); //return true; } //---------------------------- // bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3 是系统管理员角色 if ($session->getRoleId() == 'bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3') { if (!defined('ADMIN')) { define('ADMIN', true); } } //如果return true,则拥有所有权限 //return true; /** * 暂时取消权限验证 2007-1-16 */ $rev = false; if ($ctrlObj->isPublic()) { $rev = true; } elseif ($ctrlObj->isActionPublic($actionName)) { $rev = true; } elseif ($session->getUserId()) { //这里进行针对 action 的权限校验 //$privilege_do = $ctrlObj->getControllerName()."_".$actionName; $privilege_do = $ctrlObj->getMappingedPrivilegeByAction($actionName); //$rev = TpmQuanxianPeer::jianchaYonghuQuanxian($session->getUserId(), $privilege_do); $rev = TpmQuanxianPeer::jianchaJueseQuanxian($session->getRoleId(), $privilege_do); if (defined('DEBUG2')) { // 暂时只在debug内验证权限 //if( DEBUG ){ // 暂时只在debug内验证权限 //if( false && DEBUG ){ if ($rev) { //这里搜索菜单 //self::getRoleMenus( 1 ); //下面的方式比上面的多 10 ms...研究 //TpmMenuPeer::getRoleMenus( 1 ); } else { throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NO_PRIVILEGE"), Pft_Exception::EXCEPTION_NO_PRIVILEGE); $rev = false; } } } else { Pft_Session::getSession()->recordCurrentVisitPage(); throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NEED_LOGIN"), Pft_Exception::EXCEPTION_NEED_LOGIN); $rev = false; } return $rev; }
/** * 更新给定日当天的访问数量 * @author bobbing * @version 0.1.0 * 2008-5-16 * $riqi 格式应如下20080516 * date('Ymd',time()-86400) * 取前一天的ymd格式 */ public static function jilucishu($riqi) { $file_name = "../log/" . 'processTime' . $riqi . ".log"; $fp = fopen($file_name, 'r'); $fwriqi = strtotime($riqi); $fwtongji = array(); while (!feof($fp)) { $buffer = fgets($fp, 4096); //echo $buffer."<br>"; $linshi = explode('|', $buffer); $userid = trim(str_replace('uid:', '', $linshi[7])); if ($userid == '') { } else { if (array_key_exists($userid, $fwtongji)) { $fwtongji[$userid] = $fwtongji[$userid] + 1; } else { $fwtongji[$userid] = 1; } } } foreach ($fwtongji as $key => $val) { $sql = "select count(id) from tpm_fwcishu where yh_id = '" . $key . "' and fw_riqi = " . $fwriqi; if (Watt_Db::getDb()->getOne($sql) <= 0) { $sql = "insert into tpm_fwcishu (yh_id,fw_cishu,fw_riqi,yh_zhanghu) values ('" . $key . "','" . $val . "'," . $fwriqi . ",'" . TpmYonghuPeer::getYhZhanghuByYhId($key) . "')"; Watt_Db::getDb()->execute($sql); } else { $sql = "update tpm_fwcishu set fw_cishu = '" . $val . "' where yh_id = '" . $key . "' and fw_riqi = " . $fwriqi; Watt_Db::getDb()->execute($sql); } } fclose($fp); }
/** * 记录日志 * * @param string $msg 记录的信息 * @param int $level * @param string $sourceName * @param string $actorName * @param string $actorId * @param mix $exts * @return boolean */ public function log($msg, $level = 0, $sourceName = "", $actorName = "", $actorId = "", $exts = null, $extsInt = null) { $rev = false; $datetime = date("Y-m-d H:i:s"); $timestamp = time(); $ip = $_SERVER['REMOTE_ADDR']; if (Watt_Session::getSession()) { //如果是岗位用户 那么还用原来的用户ID 2007-10-24 john if (@$_SESSION["shanggang"]) { $yh_id = $_SESSION["old_user_id"]; $yhs = TpmYonghuPeer::retrieveByPK($yh_id); $user_id = $yhs->getYhId(); $user_name = $yhs->getYhZhanghu(); $c = new Criteria(); $c->add(TpmYonghu2juesePeer::YH_ID, $yh_id); $jsids = TpmYonghu2juesePeer::doSelectOne($c); if ($jsids) { $js_id = $jsids->getJsId(); $c = new Criteria(); $c->add(TpmJuesePeer::JS_ID, $js_id); $jueses = TpmJuesePeer::doSelectOne($c); if ($jueses) { $user_js_id = $jueses->getJsId(); $user_js_mingcheng = $jueses->getJsMingcheng(); } } } else { $user_id = Watt_Session::getSession()->getUserId(); $user_name = Watt_Session::getSession()->getUserName(); $user_js_id = Watt_Session::getSession()->getRoleId(); $user_js_mingcheng = Watt_Session::getSession()->getRoleName(); } /*$session_id = Watt_Session::getSession()->getUserId(); $session_name = Watt_Session::getSession()->getUserName(); $js_id = Watt_Session::getSession()->getRoleId(); $js_mingcheng = Watt_Session::getSession()->getRoleName(); */ $session_id = $user_id; $session_name = $user_name ? $user_name : $actorName; $js_id = $user_js_id; $js_mingcheng = $user_js_mingcheng; } else { $session_id = ''; $session_name = $actorName; $js_id = ''; $js_mingcheng = ''; } $app = App::getApp(); $app->_add($this->_logName, array('yh_id' => $session_id, 'yh_zhanghu' => chks($session_name), 'js_id' => $js_id, 'js_mingcheng' => chks($js_mingcheng), 'rz_level' => $level, 'rz_ip' => $ip, 'rz_type' => chks($sourceName), 'rz_ruanjian' => chks($_SERVER["HTTP_USER_AGENT"]), 'rz_laiyuan' => isset($_SERVER["HTTP_REFERER"]) ? chks($_SERVER["HTTP_REFERER"]) : null, 'rz_neirong' => chks($msg), 'rz_dizhi' => chks($_SERVER['REQUEST_URI']), 'rz_qita_vchar' => chks($exts), 'rz_qita_int' => chks($extsInt), 'created_at' => $timestamp)); /* $log = new TpmRizhi(); $log->setYhId( $session_id ); //用户名 $log->setYhZhanghu( $session_name ); $log->setRzLevel( $level ); $log->setRzIp( $ip ); $log->setRzRuanjian( $_SERVER["HTTP_USER_AGENT"] ); $log->setRzType( $sourceName ); //即日志的逻辑标示 if( isset( $_SERVER["HTTP_REFERER"] ) ){ $log->setRzLaiyuan( $_SERVER["HTTP_REFERER"] ); } $log->setRzNeirong( $msg ); $log->setRzDizhi($_SERVER['REQUEST_URI']); $log->setRzQitaVchar( $exts ); $log->setCreatedAt( $timestamp ); $rev = $log->save();*/ /* rz_id yh_id yh_zhanghu rz_level rz_ip rz_type rz_ruanjian rz_laiyuan rz_neirong rz_dizhi rz_qita_vchar rz_qita_int created_at */ return $rev; }
public function setUser($user, $roleid = "") { //$this->_obj_real_user = $user; // 每次setUser时都将将用户对象设置到 real_user 中,因此如果存在岗位时需要在 setUser 之后再次设置 real_user $this->_userId = $user['u_id']; $this->_userName = $user['u_name']; //$this->_groupId = $user->getZuId(); //$this->_userAutoId = $user->getYhAutoId(); //$this->_departmentId = $user->getBmId(); //$this->_subDepartmentIds = TpmBumenPeer::getSubDepartmentIdsByBmId( $this->_departmentId ); //print"<pre>Terry :";var_dump( $user );print"</pre>"; //exit(); $this->setEMail($user->getYhYouxiang()); $this->setMobilePhone(TpmYonghuPeer::getYhShoujiByYhId($this->_userId)); // $juese_rels = $user->getTpmYonghu2juesesJoinTpmJuese(); // $to_sel_id = ""; // if( $juese_rels && count( $juese_rels ) ) // { // $this->_roleCount = count( $juese_rels ); // //$juese = new TpmJuese(); // // // 选择角色 如果存在首要角色,则使用首要角色,否则使用第一个角色 jute 20070813 // $shouyao_juese = false; // foreach ($juese_rels as $key =>$val){ // if ($val->getShifouShouyao() == 'y'){ // $shouyao_juese = $val; // } // } // reset($juese_rels);//将数组的内部指针指向第一个单元,为了正确使用current函数 jute 20071106 // if($shouyao_juese ){ // $juese = $shouyao_juese->getTpmJuese(); // }else { // /** // * 默认使用第一个角色 // */ // $shouyao_juese = current( $juese_rels ); // //// $shouyao_juese = current( $juese_rels ); // $juese = $shouyao_juese?$shouyao_juese->getTpmJuese():null; // } // // 选择角色结束 // // if( $juese ){ // $this->_roleName = $juese->getJsMingcheng(); // $this->_roleShortname = $juese->getJsJiancheng(); // $to_sel_id = $juese->getJsId(); // // if( $roleid != "" ) // { // foreach ( $juese_rels as $juese_rel ) // { // if( $roleid == $juese_rel->getTpmJuese()->getJsId() ) // { // $to_sel_id = $roleid; // $this->_roleName = $juese_rel->getTpmJuese()->getJsMingcheng(); // $this->_roleShortname = $juese_rel->getTpmJuese()->getJsJiancheng(); // break; // } // } // } // } // } // $this->_roleId = $to_sel_id; // // /** // * 超时订单检测 // * select yh_id from tpm_yonghuzhaoquanxian // * where qx_id = '55df2b32-88c3-9367-d3ba-45fb6dd80782' // */ // $chaoshidingdan_qx_id = '55df2b32-88c3-9367-d3ba-45fb6dd80782'; // if( TpmJuesePeer::existJueseQuanxian( $this->_roleId, $chaoshidingdan_qx_id ) ){ // $this->setPreProcessOrderChecker( true ); // } }
/** * 循环进行 do 的处理 * */ function dispatch() { /** * 因为Tq是用Post传递参数过来的,所以不能用$_GET */ $do = empty($_REQUEST["do"]) ? "index" : trim($_REQUEST["do"]); /** * 这是为了兼容 do=xxx&action=yyy 的形式 */ $a = empty($_REQUEST["action"]) ? "" : trim($_REQUEST["action"]); if ($a) { $do .= "_" . $a; } /** * 获取view的type */ $v = empty($_REQUEST["v"]) ? "Html" : trim($_REQUEST["v"]); //TQ任务LINK //http://testtpm.transn.net/index.php?do=if_renwu_detail&sj_id=35c55571-80bb-c18b-6078-465a87c329bd&Username=dGVzdC1wcjE=&Password=MjAyY2I5NjJhYzU5MDc1Yjk2NGIwNzE1MmQyMzRiNzA=&pwdway=md5 /** * 获取用户名和密码进行快速登录 */ if (r('pwdway')) { if (!Pft_Session::getSession()->getUserId()) { //这个判断是为了不让TQ登录后,访问此链接时,冲掉session中[是否TQ]那个设置 $accounts = iconv('GB2312', 'UTF-8', base64_decode(str_replace(' ', '+', r("Username")))); $pwd = iconv('GB2312', 'UTF-8', base64_decode(str_replace(' ', '+', r("Password")))); } } else { if (r('login') == 'ok') { /** * 这是为了兼容TQ的那个点击“查收我的订单”,导致Web重登录的问题。 * @author terry * @version 0.1.0 * Thu Sep 06 16:44:53 CST 2007 */ $accounts = ''; $pwd = ''; } else { $accounts = r("user_name"); $pwd = r("user_pw"); } } if ($accounts && $pwd) { $login_rev = 0; $user = TpmYonghuPeer::checkUserLogin($accounts, $pwd, $login_rev); if ($login_rev == TpmYonghuPeer::USER_LOGIN_OK) { // 用户登陆成功后如果密码安全强度不够,跳转到修改密码页提示用户设置安全的密码 $pswdChecker = new Tpm_Passwordchecker($pwd); $cfgLevel = Pft_Config::getCfg('PSWD_CHECK_LEVEL'); if ($cfgLevel == '') { $cfgLevel = '0'; } if ($pswdChecker->getSecurityLevel() < $cfgLevel) { $_SESSION['LOW_PASSWORD'] = true; // header('Location:?do=ps_yonghu_changepwd&nosecurity=true'); // exit; } Pft_Log::addLog('Login ok, accounts[' . $accounts . ']', Pft_Log::LEVEL_INFO, 'LOGIN_WEB_DIRECT_LOGIN'); } } //如密码强度不够, 强制修改密码 $superDoList = array('ps_yonghu_changepwd', 'login_logout', ''); // 数组中的Action不在强制之列 if (@$_SESSION['LOW_PASSWORD'] && !in_array($do, $superDoList)) { header('Location:?do=ps_yonghu_changepwd&nosecurity=true'); exit; } $i = $this->_maxToDo; while ($do != "" && $i-- > 0) { $do = $this->processDo($do, $v); } //如果是渠道代理商客户,传神客户,客户则记录日志 2007-7-9 john if (Pft_Session::getSession()->getRoleShortname() == "QDKH" || Pft_Session::getSession()->getRoleShortname() == "CSKH" || Pft_Session::getSession()->getRoleShortname() == "CR") { $accessLoger = new Pft_Log_Db('tpm_rizhi_fangwen'); $accessLoger->log("", 0, $_REQUEST["do"]); } }
public function setUser($user, $roleid = "") { /* $this->_obj_real_user = $user; // 每次setUser时都将将用户对象设置到 real_user 中,因此如果存在岗位时需要在 setUser 之后再次设置 real_user */ $this->setRealUser($user); $this->_userId = $user->getYhId(); $this->_userName = $user->getYhZhanghu(); $this->_groupId = $user->getZuId(); $this->_userAutoId = $user->getYhAutoId(); $this->_departmentId = $user->getBmId(); $this->_departmentIds = TpmBumen2yonghuPeer::getDepartmentIdsByUserId($this->_userId); //$this->_subDepartmentIds = TpmBumenPeer::getSubDepartmentIdsByBmId( $this->_departmentId ); $this->_subDepartmentIds = TpmBumen2yonghuPeer::getDepartmentAndSubIdsByUserId($this->_userId); $this->setYhShifouWaibuDenglu($user->getShifouWaibuDenglu()); $this->setEMail($user->getYhYouxiang()); $this->setMobilePhone(TpmYonghuPeer::getYhShoujiByYhId($this->_userId)); $this->setYhShangjiId($user->getYhShangjiId()); $juese_rels = $user->getTpmYonghu2juesesJoinTpmJuese(); $to_sel_id = ""; if ($juese_rels && count($juese_rels)) { $this->_roleCount = count($juese_rels); //$juese = new TpmJuese(); // 选择角色 如果存在首要角色,则使用首要角色,否则使用第一个角色 jute 20070813 $shouyao_juese = false; foreach ($juese_rels as $key => $val) { if ($val->getShifouShouyao() == 'y') { $shouyao_juese = $val; } } reset($juese_rels); //将数组的内部指针指向第一个单元,为了正确使用current函数 jute 20071106 if ($shouyao_juese) { $juese = $shouyao_juese->getTpmJuese(); } else { /** * 默认使用第一个角色 */ $shouyao_juese = current($juese_rels); // $shouyao_juese = current( $juese_rels ); $juese = $shouyao_juese ? $shouyao_juese->getTpmJuese() : null; } // 选择角色结束 if ($juese) { $this->_roleName = $juese->getJsMingcheng(); $this->_roleShortname = $juese->getJsJiancheng(); $this->setJsShifouWaibuDenglu($juese->getShifouWaibuDenglu()); $to_sel_id = $juese->getJsId(); if ($roleid != "") { foreach ($juese_rels as $juese_rel) { if ($roleid == $juese_rel->getTpmJuese()->getJsId()) { $to_sel_id = $roleid; $this->_roleName = $juese_rel->getTpmJuese()->getJsMingcheng(); $this->_roleShortname = $juese_rel->getTpmJuese()->getJsJiancheng(); $this->setJsShifouWaibuDenglu($juese_rel->getTpmJuese()->getShifouWaibuDenglu()); break; } } } } } $this->_roleId = $to_sel_id; //有时由于exit,redirect导致不析构,所以直接保存一下 by terry at Wed Sep 23 11:53:28 CST 2009 //$this->_saveSessionInfo(); /** * 超时订单检测 * select yh_id from tpm_yonghuzhaoquanxian * where qx_id = '55df2b32-88c3-9367-d3ba-45fb6dd80782' */ $chaoshidingdan_qx_id = '55df2b32-88c3-9367-d3ba-45fb6dd80782'; if (TpmJuesePeer::existJueseQuanxian($this->_roleId, $chaoshidingdan_qx_id)) { $this->setPreProcessOrderChecker(true); } $kehuyonghu = TpmKehuYonghuPeer::retrieveByPK($this->_userId); if ($kehuyonghu) { $this->setData('kh_zizhuxiadan', $kehuyonghu->getKhZizhuxiadan()); } }
/** * 循环进行 do 的处理 * */ function dispatch() { /** * 因为Tq是用Post传递参数过来的,所以不能用$_GET */ $do = empty($_REQUEST["do"]) ? "index" : trim($_REQUEST["do"]); /** * 这是为了兼容 do=xxx&action=yyy 的形式 */ $a = empty($_REQUEST["action"]) ? "" : trim($_REQUEST["action"]); if ($a) { $do .= "_" . $a; } /** * 获取view的type */ $v = empty($_REQUEST["v"]) ? "Html" : trim($_REQUEST["v"]); //TQ任务LINK //http://testtpm.transn.net/index.php?do=if_renwu_detail&sj_id=35c55571-80bb-c18b-6078-465a87c329bd&Username=dGVzdC1wcjE=&Password=MjAyY2I5NjJhYzU5MDc1Yjk2NGIwNzE1MmQyMzRiNzA=&pwdway=md5 /** * 获取用户名和密码进行快速登录 */ $accounts = ''; $pwd = ''; if (r('pwdway')) { if (!Watt_Session::getSession()->getUserId()) { //这个判断是为了不让TQ登录后,访问此链接时,冲掉session中[是否TQ]那个设置 $accounts = iconv('GB2312', 'UTF-8', base64_decode(str_replace(' ', '+', r("Username")))); $pwd = iconv('GB2312', 'UTF-8', base64_decode(str_replace(' ', '+', r("Password")))); } } else { //if( r( 'login' ) == 'ok' ){ if (r('login')) { /** * 这是为了兼容TQ的那个点击“查收我的订单”,导致Web重登录的问题。 * @author terry * @version 0.1.0 * Thu Sep 06 16:44:53 CST 2007 */ $accounts = ''; $pwd = ''; } else { // if(r('yh_xiaoshou_id')){ // $wkh_id = r( "yh_waibukehu_id" ); // $yh_xiaoshou_id = r( "yh_xiaoshou_id" ); // $yh_xiaoshou_name = TpmYonghuPeer::getYhZhanghuByYhId($yh_xiaoshou_id); // $nkh_id = TpmKehufromkehuPeer::getNkIdByWkId($wkh_id,$yh_xiaoshou_name); // $accounts = TpmYonghuPeer::getYhZhanghuByYhId($nkh_id) ; // $pwd = r( "user_pw" ); // if($pwd==''){ // $pwd = r('yh_xiaoshou_id'); // } // }else{ $accounts = r("user_name"); $pwd = r("user_pw"); //} } } //var_dump(); //exit; if ($accounts && $pwd) { $login_rev = 0; $user = TpmYonghuPeer::checkUserLogin($accounts, $pwd, $login_rev); if ($login_rev == TpmYonghuPeer::USER_LOGIN_OK) { // 用户登陆成功后如果密码安全强度不够,跳转到修改密码页提示用户设置安全的密码 $pswdChecker = new Tpm_Passwordchecker($pwd); $cfgLevel = Watt_Config::getCfg('PSWD_CHECK_LEVEL'); if ($cfgLevel == '') { $cfgLevel = '0'; } if ($pswdChecker->getSecurityLevel() < $cfgLevel) { $_SESSION['LOW_PASSWORD'] = true; // header('Location:?do=ps_yonghu_changepwd&nosecurity=true'); // exit; } Watt_Log::addLog('Login ok, accounts[' . $accounts . '],[' . session_name() . '=' . session_id() . ']', Watt_Log::LEVEL_INFO, 'LOGIN_WEB_DIRECT_LOGIN'); } else { if ($login_rev == TpmYonghuPeer::USER_LOGIN_SHOUQUANOK) { //授权密码登录 jute 20071220 Watt_Log::addLog('Authorizepwd Login ok, accounts[' . $accounts . ']', Watt_Log::LEVEL_INFO, 'LOGIN_WEB_DIRECT_LOGIN'); } } } //如密码强度不够, 强制修改密码 $superDoList = array('ps_yonghu_changepwd', 'login_logout', ''); // 数组中的Action不在强制之列 if (@$_SESSION['LOW_PASSWORD'] && !in_array($do, $superDoList)) { header('Location:?do=ps_yonghu_changepwd&nosecurity=true'); exit; } /** * 除了译员和客户,只能从内部登录 * @author terry * @version 0.1.0 * Mon Mar 31 23:24:00 CST 2008 */ if (Watt_Session::getSession()->getUserName()) { if (!Watt_Util_Net::isLANIp($_SERVER['REMOTE_ADDR']) && r('do') != 'main_home') { if (!(Watt_Session::getSession()->getYhShifouWaibuDenglu() || Watt_Session::getSession()->getJsShifouWaibuDenglu())) { echo '您没有外部访问权限,请联系企业管理员开通'; Watt_Session::getSession()->clearUserSessionInfo(); exit; } } } $i = $this->_maxToDo; while ($do != "" && $i-- > 0) { $do = $this->processDo($do, $v); } //如果是渠道代理商客户,传神客户,客户则记录日志 2007-7-9 john if (Watt_Session::getSession()->getRoleShortname() == "QDKH" || Watt_Session::getSession()->getRoleShortname() == "CSKH" || Watt_Session::getSession()->getRoleShortname() == "CR") { $accessLoger = new Watt_Log_Db('tpm_rizhi_fangwen'); $accessLoger->log("", 0, $_REQUEST["do"]); } }