Esempio n. 1
0
 /**
  * 检查用户是否有对应权限
  * @param type $map 方法[模块/控制器/方法],为空自动获取
  * @return type
  */
 public function isCompetence($map = '')
 {
     //超级管理员
     if (\Admins\Lib\Admin::getInstance()->isAdministrator()) {
         return true;
     }
     if (!is_array($map)) {
         //子角色列表
         $child = explode(',', D("Admins/Role")->getArrchildid(\Admins\Lib\Admin::getInstance()->role_id));
         if (!empty($map)) {
             $map = trim($map, '/');
             $map = explode('/', $map);
             if (empty($map)) {
                 return false;
             }
         } else {
             $map = array(MODULE_NAME, CONTROLLER_NAME, ACTION_NAME);
         }
         if (count($map) >= 3) {
             list($app, $controller, $action) = $map;
         } elseif (count($map) == 1) {
             $app = MODULE_NAME;
             $controller = CONTROLLER_NAME;
             $action = $map[0];
         } elseif (count($map) == 2) {
             $app = MODULE_NAME;
             list($controller, $action) = $map;
         }
         $map = array('role_id' => array('IN', $child), 'app' => $app, 'controller' => $controller, 'action' => $action);
     }
     $count = $this->where($map)->count();
     return $count ? true : false;
 }
Esempio n. 2
0
 public function logout()
 {
     if (Admin::getInstance()->logout()) {
         //手动登出时,清空forward
         cookie("forward", NULL);
         $this->success('注销成功!', U("index"));
     }
 }
Esempio n. 3
0
 public function index()
 {
     if (IS_AJAX) {
         $this->ajaxReturn(array('status' => 1));
         return true;
     }
     $this->assign("SUBMENU_CONFIG", json_encode(D("Admins/Menu")->getMenuList()));
     $this->assign('userInfo', Admin::getInstance()->getInfo());
     $this->assign('role_name', D('Admins/Role')->getRoleIdName(Admin::getInstance()->role_id));
     $this->display();
 }
Esempio n. 4
0
 public function public_verifypass()
 {
     $password = I("get.password");
     if (empty($password)) {
         $this->error("密码不能为空!");
     }
     //验证密码
     $user = D('Admins/Admin')->getUserInfo((int) Admin::getInstance()->id, $password);
     if (!empty($user)) {
         $this->success("密码正确!");
     } else {
         $this->error("密码错误!");
     }
 }
Esempio n. 5
0
 /**
  * 记录日志
  * @param type $message 说明
  */
 public function record($message, $status = 0)
 {
     $fangs = 'GET';
     if (IS_AJAX) {
         $fangs = 'Ajax';
     } else {
         if (IS_POST) {
             $fangs = 'POST';
         }
     }
     $data = array('uid' => \Admins\Lib\Admin::getInstance()->id ?: 0, 'status' => $status, 'info' => "提示语:{$message}<br/>模块:" . MODULE_NAME . ",控制器:" . CONTROLLER_NAME . ",方法:" . ACTION_NAME . "<br/>请求方式:{$fangs}", 'get' => $_SERVER['HTTP_REFERER']);
     $this->create($data);
     return $this->add() !== false ? true : false;
 }
Esempio n. 6
0
 protected function _initialize()
 {
     //检查是否后台登录,后台登录下优先级最高,用于权限判断
     if (\Admins\Lib\Admin::getInstance()->id) {
         define('IN_ADMIN', true);
         $this->isadmin = 1;
         $this->upname = \Admins\Lib\Admin::getInstance()->username;
         $this->upuserid = \Admins\Lib\Admin::getInstance()->id;
     } else {
         $this->upname = service('Passport')->username;
         $this->upuserid = service('Passport')->userid;
         $this->groupid = service('Passport')->groupid ? service('Passport')->groupid : 8;
     }
     parent::_initialize();
 }
 public function delete()
 {
     $id = I('get.id');
     if (empty($id)) {
         $this->error("没有指定删除对象!");
     }
     if ((int) $id == Admin::getInstance()->id) {
         $this->error("你不能删除你自己!");
     }
     //执行删除
     if (D('Admins/Admin')->deleteUser($id)) {
         $this->success("删除成功!");
     } else {
         $this->error(D('Admins/Admin')->getError() ?: '删除失败!');
     }
 }
Esempio n. 8
0
 /**
  * 按父ID查找菜单子项
  * @param integer $parentid   父菜单ID  
  * @param integer $with_self  是否包括他自己
  */
 public function adminMenu($parentid, $with_self = false)
 {
     //父节点ID
     $parentid = (int) $parentid;
     $result = $this->where(array('parentid' => $parentid, 'status' => 1))->order('listorder ASC,id ASC')->select();
     if (empty($result)) {
         $result = array();
     }
     if ($with_self) {
         $parentInfo = $this->where(array('id' => $parentid))->find();
         $result2[] = $parentInfo ? $parentInfo : array();
         $result = array_merge($result2, $result);
     }
     //是否超级管理员
     if (\Admins\Lib\Admin::getInstance()->isAdministrator()) {
         //如果角色为 1 直接通过
         return $result;
     }
     $array = array();
     //子角色列表
     $child = explode(',', D("Admins/Role")->getArrchildid(\Admins\Lib\Admin::getInstance()->role_id));
     foreach ($result as $v) {
         //方法
         $action = $v['action'];
         //条件
         $where = array('app' => $v['app'], 'controller' => $v['controller'], 'action' => $action, 'role_id' => array('IN', $child));
         //如果是菜单项
         if ($v['type'] == 0) {
             $where['controller'] .= $v['id'];
             $where['action'] .= $v['id'];
         }
         //public开头的通过
         if (preg_match('/^public_/', $action)) {
             $array[] = $v;
         } else {
             if (preg_match('/^ajax_([a-z]+)_/', $action, $_match)) {
                 $action = $_match[1];
             }
             //是否有权限
             if (D('Admins/Access')->isCompetence($where)) {
                 $array[] = $v;
             }
         }
     }
     return $array;
 }
Esempio n. 9
0
 public function changyong()
 {
     if (IS_POST) {
         //被选中的菜单项
         $menuidAll = explode(',', I('post.menuid', ''));
         if (is_array($menuidAll) && count($menuidAll) > 0) {
             //取得菜单数据
             $menu_info = cache('Menu');
             $addPanel = array();
             //检测数据合法性
             foreach ($menuidAll as $menuid) {
                 if (empty($menu_info[$menuid])) {
                     continue;
                 }
                 $info = array('mid' => $menuid, 'userid' => Admin::getInstance()->id, 'name' => $menu_info[$menuid]['name'], 'url' => "{$menu_info[$menuid]['app']}/{$menu_info[$menuid]['controller']}/{$menu_info[$menuid]['action']}");
                 $addPanel[] = $info;
             }
             if (D('Admins/AdminPanel')->addPanel($addPanel)) {
                 $this->success("添加成功!", U("Public/changyong"));
             } else {
                 $error = D('Admins/AdminPanel')->getError();
                 $this->error($error ? $error : '添加失败!');
             }
         } else {
             D('Admins/AdminPanel')->where(array("userid" => \Admins\Lib\Admin::getInstance()->id))->delete();
             $this->error("常用菜单清除成功!");
         }
     } else {
         //菜单缓存
         $result = cache("Menu");
         $json = array();
         foreach ($result as $rs) {
             if ($rs['status'] == 0) {
                 continue;
             }
             $data = array('id' => $rs['id'], 'nocheck' => $rs['type'] ? 0 : 1, 'checked' => $rs['id'], 'parentid' => $rs['parentid'], 'name' => $rs['name'], 'checked' => D("Admins/AdminPanel")->isExist($rs['id']) ? true : false);
             $json[] = $data;
         }
         $this->assign('json', json_encode($json))->display();
     }
 }
Esempio n. 10
0
 /**
  * 验证登录
  * @return boolean
  */
 private function competence()
 {
     //检查是否登录
     $uid = (int) Admin::getInstance()->isLogin();
     if (empty($uid)) {
         return false;
     }
     //获取当前登录用户信息
     $userInfo = Admin::getInstance()->getInfo();
     if (empty($userInfo)) {
         Admin::getInstance()->logout();
         return false;
     }
     //是否锁定
     if (!$userInfo['status']) {
         Admin::getInstance()->logout();
         $this->error('您的帐号已经被锁定!', U('/Admins/Login'));
         return false;
     }
     return $userInfo;
 }
Esempio n. 11
0
 /**
  * ueditor编辑器设置
  * @param int $textareaid 字段名
  * @param int $toolbar 标准型 full 简洁型 basic
  * @param string $module 模块名称
  * @param int $catid 栏目id
  * @param boole $allowupload  是否允许上传
  * @param boole $allowbrowser 是否允许浏览文件
  * @param string $alowuploadexts 允许上传类型
  * @param string $allowuploadnum 每次允许上传的文件数量
  * @param string $height 编辑器高度
  * @param string $disabled_page 是否禁用分页和子标题
  * 附件上传,要引入这两个JS content_addtop.js swf2ckeditor.js
  * 注意:使用这个,需另外单独增加编辑的实例化代码!
  */
 public static function editor($textareaid = 'content', $toolbar = 'basic', $allowupload = 0, $allowbrowser = 1, $alowuploadexts = '', $allowuploadnum = '10', $height = 400, $disabled_page = 0)
 {
     $str = "";
     //加载编辑器所需JS,多编辑器字段防止重复加载
     if (!defined('EDITOR_INIT')) {
         $str .= '
             <script type="text/javascript">
             //编辑器路径定义
             var editorURL = GV.DIMAUB;
             </script>
             <script type="text/javascript"  src="' . CONFIG_SITEURL_MODEL . 'static/js/ueditor/editor_config.js"></script>
             <script type="text/javascript"  src="' . CONFIG_SITEURL_MODEL . 'static/js/ueditor/editor_all_min.js"></script>';
         define('EDITOR_INIT', 1);
     }
     //编辑器类型
     if ($toolbar == 'basic') {
         //简洁型
         $toolbar = "['FullScreen', 'Source', '|', 'Undo', 'Redo', '|','FontSize','Bold', 'forecolor', 'Italic', 'Underline', 'Link',  '|',  'InsertImage', \n                 'ClearDoc',  'CheckImage', " . ($allowupload && $allowbrowser ? "'attachment'," : "") . ", 'WordImage','RemoveFormat', 'FormatMatch','AutoTypeSet']\n                ";
         $height = 200;
     } elseif ($toolbar == 'full') {
         //标准型
         $toolbar = "[\n            'fullscreen', 'source', '|', 'undo', 'redo', '|',\n            'bold', 'italic', 'underline', 'fontborder', 'strikethrough', 'superscript', 'subscript', 'removeformat', 'formatmatch', 'autotypeset', 'blockquote', 'pasteplain', '|', 'forecolor', 'backcolor', 'insertorderedlist', 'insertunorderedlist', 'selectall', 'cleardoc', '|',\n            'rowspacingtop', 'rowspacingbottom', 'lineheight', '|',\n            'customstyle', 'paragraph', 'fontfamily', 'fontsize', '|',\n            'directionalityltr', 'directionalityrtl', 'indent', '|',\n            'justifyleft', 'justifycenter', 'justifyright', 'justifyjustify', '|', 'touppercase', 'tolowercase', '|',\n            'link', 'unlink', 'anchor', '|', 'imagenone', 'imageleft', 'imageright', 'imagecenter', '|',\n            'simpleupload', 'insertimage', 'emotion', 'scrawl', 'insertvideo', 'music', 'attachment', 'map', 'insertframe', 'pagebreak', 'template', 'background', '|',\n            'horizontal', 'date', 'time', 'spechars', 'snapscreen', 'wordimage', '|',\n            'inserttable', 'deletetable', 'insertparagraphbeforetable', 'insertrow', 'deleterow', 'insertcol', 'deletecol', 'mergecells', 'mergeright', 'mergedown', 'splittocells', 'splittorows', 'splittocols', 'charts', '|',\n            'print', 'preview', 'searchreplace', 'drafts'\n        ]";
     }
     $sess_id = time();
     $isadmin = \Admins\Lib\Admin::getInstance()->id ? 1 : 0;
     if ($isadmin) {
         $userid = \Admins\Lib\Admin::getInstance()->id;
     } else {
         $userid = service('User')->userid;
     }
     $authkey = md5(C("AUTHCODE") . $sess_id . $userid . $isadmin);
     $str .= "\r\n<script type=\"text/javascript\">\r\n";
     $str .= " var editor{$textareaid} = UE.getEditor('{$textareaid}',{  \n                            textarea:'" . $textareaid . "',\n                            toolbars:[{$toolbar}],\n                      });\n                      editor{$textareaid}.ready(function(){\n                            editor{$textareaid}.execCommand('serverparam', {\n                                  '_https':'" . CONFIG_SITEURL_MODEL . "',\n                                  'isadmin':'{$isadmin}',\n                                  'uid':'{$userid}',\n                                  'sessid':'{$sess_id}',\n                                  'authkey':'{$authkey}',\n                                  'allowupload':'{$allowupload}',\n                                  'allowbrowser':'{$allowbrowser}',\n                                  'alowuploadexts':'{$alowuploadexts}'\n                             });\n                             editor{$textareaid}.setHeight({$height});\n                      });\n                      ";
     $str .= "\r\n</script>";
     return $str;
 }
Esempio n. 12
0
 /**
  +----------------------------------------------------------
 * 取得当前认证号的所有权限列表
  +----------------------------------------------------------
 * @param integer $authId 用户ID
  +----------------------------------------------------------
 * @access public
  +----------------------------------------------------------
 */
 public static function getAccessList($authId)
 {
     //用户信息
     $userInfo = Admin::getInstance()->getInfo();
     if (empty($userInfo)) {
         return false;
     }
     //角色ID
     $role_id = $userInfo['role_id'];
     //检查角色
     $roleinfo = D('Admins/Role')->where(array('id' => $role_id))->find();
     if (empty($roleinfo) || empty($roleinfo['status'])) {
         return false;
     }
     //该角色全部权限
     $access = D('Admins/Access')->getAccessList($role_id);
     $accessList = array();
     foreach ($access as $acc) {
         $app = strtoupper($acc['app']);
         $controller = strtoupper($acc['controller']);
         $action = strtoupper($acc['action']);
         $accessList[$app][$controller][$action] = $action;
     }
     return $accessList;
 }
Esempio n. 13
0
 /**
  * 检查该菜单是否已经添加过
  * @param type $mid 菜单ID
  * @return boolean
  */
 public function isExist($mid)
 {
     return $this->where(array('mid' => $mid, "userid" => \Admins\Lib\Admin::getInstance()->id))->count();
 }
Esempio n. 14
0
 public function public_album_load()
 {
     if (IS_POST) {
         $this->redirect('public_album_load', $_POST);
     }
     $config = cache('Config');
     $where = array();
     $db = M("Attachment");
     $filename = I('get.filename', '', '');
     $args = I('get.args', '', '');
     $args = explode(",", $args);
     empty($filename) ?: ($where['filename'] = array('like', '%' . $filename . '%'));
     $uploadtime = I('get.uploadtime', '', '');
     if (!empty($uploadtime)) {
         $start_uploadtime = strtotime($uploadtime . ' 00:00:00');
         $stop_uploadtime = strtotime($uploadtime . ' 23:59:59');
         if ($start_uploadtime) {
             $where['uploadtime'] = array('EGT', $start_uploadtime);
         }
         if ($stop_uploadtime) {
             $where['uploadtime'] = array(array('EGT', $start_uploadtime), array('ELT', $stop_uploadtime), 'and');
         }
     }
     //获取总数
     $where['module'] = array("eq", 'works');
     $isadmin = \Admins\Lib\Admin::getInstance()->id;
     if (!$isadmin) {
         $where['userid'] = array("eq", service('Passport')->userid);
     }
     $count = $db->where($where)->count();
     //启用分页
     $page = $this->page($count, 12);
     $data = $db->where($where)->order(array("uploadtime" => "DESC"))->limit($page->firstRow . ',' . $page->listRows)->select();
     foreach ($data as $k => $v) {
         $data[$k]['filepath'] = $config['sitefileurl'] . $data[$k]['filepath'];
     }
     $this->assign("Page", $page->show());
     $this->assign("data", $data);
     $this->assign("file_upload_limit", $args[0]);
     $this->display();
 }