public function _initialize() { $userInfo = unserialize(cookie('WYmanage_Alogin')['userInfo']); if (adminPwdEncryptVerify(C('ADMIN_AUTH_CODE'), cookie('WYmanage_Alogin')['auth']) === false) { if (cookie('referer') != 'Manage' . date('DFt', time())) { header('HTTP/1.0 404 Not Found'); $this->display('Public:404'); die; } else { $this->redirect('Login/index'); } } if (empty($_SESSION['menuData'])) { if (!empty($userInfo)) { $roleId = $userInfo['role_id']; $nodeList = M('Node')->where('FIND_IN_SET(' . $roleId . ',role_id) AND status=1')->select(); } $result = array(); if (!empty($nodeList)) { foreach ($nodeList as $key => $val) { if ($val['pid'] == 0) { $result[$val['id']] = array('title' => $val['title'], 'data' => array()); } } foreach ($nodeList as $key => $val) { if ($val['pid'] > 0 && isset($val['pid'])) { $result[$val['pid']]['data'][$key]['title'] = $val['title']; $result[$val['pid']]['data'][$key]['module'] = '/Admin/' . $val['module']; } } $_SESSION['menuData'] = $result; } } $accessResult = false; if (!empty($_SESSION['menuData'])) { foreach ($_SESSION['menuData'] as $k => $v) { foreach ($v['data'] as $key => $val) { preg_match('#\\/(\\w+)\\/(\\w+)\\/#iUs', $val['module'], $accessNode); $pathInfo = explode('/', $_SERVER['REQUEST_URI']); $resultUri = explode('/', $_SERVER['REQUEST_URI']); $resultUri = strtolower('/' . $resultUri[1] . '/' . $resultUri[2] . '/' . $resultUri[3]); $publicAccessStatus = array_search($resultUri, C('ROLE_PUBLIC_NODE')); if (strtolower('/' . $pathInfo[1] . '/' . $pathInfo[2] . '/') == strtolower($accessNode[0]) || $publicAccessStatus !== false) { $accessResult = true; } } } } if ($accessResult === false) { $this->error('没有权限操作此模块!'); die; } }
function login_user() { Load('extend'); $condition['account'] = array('eq', $_POST['username']); $condition['status'] = array('eq', 1); $condition['_logic'] = 'and'; $userInfo = M('Admin')->where($condition)->find(); $_SESSION['userInfo'] = $userInfo; $status = adminPwdEncryptVerify($_POST['password'], $userInfo['password']); if (!$status) { $this->ajaxReturn(array('status' => 0, 'msg' => '密码错误')); } else { $ip = get_client_ip(); $time = time(); $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; M('Admin')->where(array('id' => $userInfo['id']))->save($data); cookie('Alogin', array('auth' => adminPwdEncrypt(C('ADMIN_AUTH_CODE')), 'userInfo' => serialize($userInfo)), 'expire=3600&prefix=WYmanage_'); $this->ajaxReturn(array('status' => 1, 'msg' => '密码正确')); } }