public function loginAction()
{
session_start();
if (IS_POST) {
$username = I('post.username');
$password = I('post.password');
if (empty($username) || empty($password)) {
$this->error('请输入用户名及密码');
}
$acl = new Acl();
$user = $acl->getUser($username, true);
if (!empty($user)) {
$pwd = Utility::encodePassword($password, $user['salt']);
if ($pwd != $user['password']) {
$this->error('您输入的密码错误');
}
if ($user['status'] == Acl::STATUS_DISABLED) {
$this->error('您的账号已经被禁用, 请联系系统管理员');
}
$user = coll_elements(array('uid', 'username', 'role'), $user);
session('user', $user);
$forward = I('get.forward');
if (empty($forward)) {
$forward = U('bench/welcome/index');
} else {
$forward = base64_decode($forward);
}
$this->success('成功登陆', $forward);
} else {
$this->error('您输入的用户名或密码错误');
}
exit;
}
$this->display('Wander/login');
}
public function run(&$params)
{
$module = MODULE_NAME;
$controller = CONTROLLER_NAME;
$action = ACTION_NAME;
if (in_array($module, array('Wander', 'Api'))) {
return;
}
session_start();
$user = session('user');
if (!empty($user)) {
$session = array();
$session['USER'] = array_change_key_case($user, CASE_UPPER);
$acl = new Acl();
$roles = $acl->getRoles();
$roles = coll_key($roles, 'id');
$role = $roles[$user['role']];
if (empty($role)) {
$role = $roles[0];
}
$role = coll_elements(array('id', 'title'), $role);
$session['ROLE'] = array_change_key_case($role, CASE_UPPER);
$session['ACL'] = array();
C('SESSION', $session);
}
//无用户身份, 只能访问Wander
if ((empty($session) || empty($session['USER'])) && !in_array($module, array('Wander', 'Api'))) {
redirect(U('/wander/account/login?forward=' . base64_encode($_SERVER['REQUEST_URI'])));
exit;
}
}
public function deleteAction($uid)
{
$uid = intval($uid);
$ret = $this->acl->removeUser($uid);
if (is_error($ret)) {
$this->error($ret['message']);
} else {
$this->success('删除成功');
exit;
}
}
public function rolesAction()
{
$roles = $this->acl->getRoles(true);
$roles = coll_key($roles, 'id');
$id = I('get.id');
if (!empty($id)) {
$id = intval($id);
if ($id > 0) {
$role = $roles[$id];
$this->assign('entity', $role);
if (!empty($role)) {
if (I('get.do') == 'delete') {
if ($this->acl->removeRole($id)) {
$this->success('成功删除用户组', U('control/acl/roles'));
exit;
} else {
$this->error('操作失败, 请稍后重试');
}
}
}
}
if (IS_POST) {
$input = coll_elements(array('title', 'status', 'remark'), I('post.'));
$input['title'] = trim($input['title']);
if (empty($input['title'])) {
$this->error('请输入用户组名称');
}
$input['status'] = $input['status'] == '-1' ? '-1' : '0';
$input['parent'] = '0';
if (!empty($role)) {
//编辑组
$ret = $this->acl->table('__USR_ROLES__')->data($input)->where("`id`={$id}")->save();
if (empty($ret)) {
$this->error('保存用户组失败, 请稍后重试');
} else {
$this->success('成功保存用户组', U('control/acl/roles'));
exit;
}
} else {
//新增组
$ret = $this->acl->table('__USR_ROLES__')->data($input)->add();
if (empty($ret)) {
$this->error('保存新增用户组失败, 请稍后重试');
} else {
$this->success('成功新增用户组', U('control/acl/roles'));
exit;
}
}
}
}
$this->assign('roles', $roles);
$this->display();
}
public function profileAction()
{
$user = session('user');
$u = new Acl();
$user = $u->getUser($user['username']);
if (IS_POST) {
$user['password'] = I('post.password');
$ret = $u->modifyUser($user['uid'], $user);
if ($ret === false) {
$this->error('保存用户信息失败, 请稍后重试');
} else {
$this->success('保存成功');
exit;
}
}
$this->assign('user', $user);
$this->display('profile');
}
public function deleteAction($uid)
{
$uid = intval($uid);
if ($uid == '1') {
$this->error('创建用户不能删除');
}
$user = $this->acl->getUser($uid, true);
if (empty($user)) {
$this->error('访问错误');
}
$ret = $this->acl->table('__USR_USERS__')->where("`uid`={$uid}")->delete();
if (empty($ret)) {
$this->error('删除用户信息失败, 请稍后重试');
} else {
$this->success('删除成功');
}
}
