/**
* 用户登录
* @author jry <*****@*****.**>
*/
public function login($username, $password, $map)
{
//去除前后空格
$username = trim($username);
//匹配登录方式
if (preg_match("/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+\$/", $username)) {
$map['email'] = array('eq', $username);
// 邮箱登陆
} elseif (preg_match("/^1\\d{10}\$/", $username)) {
$map['mobile'] = array('eq', $username);
// 手机号登陆
} else {
$map['username'] = array('eq', $username);
// 用户名登陆
}
$map['status'] = array('eq', 1);
$user_info = $this->where($map)->find();
//查找用户
if (!$user_info) {
$this->error = '用户不存在或被禁用!';
} else {
if (user_md5($password) !== $user_info['password']) {
$this->error = '密码错误!';
} else {
return $user_info;
}
}
return false;
}
/**
* 编辑用户
* @author jry <*****@*****.**>
*/
public function edit($id)
{
//获取用户信息
$info = D('User')->find($id);
if (IS_POST) {
$user_object = D('User');
//不修改密码时销毁变量
if ($_POST['password'] == '' || $info['password'] == $_POST['password']) {
unset($_POST['password']);
} else {
$_POST['password'] = user_md5($_POST['password']);
}
//不允许更改超级管理员用户组
if ($_POST['id'] == 1) {
unset($_POST['group']);
}
if ($_POST['extend']) {
$_POST['extend'] = json_encode($_POST['extend']);
}
if ($user_object->save($_POST)) {
$this->success('更新成功', U('index'));
} else {
$this->error('更新失败', $user_object->getError());
}
} else {
$user_object = D('User');
$info = $user_object->find($id);
//使用FormBuilder快速建立表单页面。
$builder = new \Common\Builder\FormBuilder();
$builder->setMetaTitle('编辑用户')->setPostUrl(U('edit'))->addFormItem('id', 'hidden', 'ID', 'ID')->addFormItem('usertype', 'radio', '用户类型', '用户类型', $user_object->user_type())->addFormItem('group', 'select', '部门', '所属部门', select_list_as_tree('UserGroup', null, '默认部门'))->addFormItem('username', 'text', '用户名', '用户名')->addFormItem('email', 'text', '邮箱', '邮箱')->addFormItem('mobile', 'text', '手机号码', '手机号码')->addFormItem('password', 'password', '密码', '密码')->addFormItem('avatar', 'picture', '用户头像', '用户头像')->addFormItem('vip', 'radio', 'VIP等级', 'VIP等级', $user_object->user_vip_level())->setFormData($info)->display();
}
}
public function signin()
{
if (IS_POST) {
$username = $this->_post('username');
$password = $this->_post('password');
$verify = $this->_post('verify');
if (!$username || !$password || !$verify) {
$this->error('参数错误!');
}
/* 检测验证码 TODO: */
if (!Verify::check(@$verify)) {
$this->error('验证码输入错误!');
}
$db = M('admins');
$map['username'] = $username;
$map['status'] = 1;
$user = $db->where($map)->find();
if (!$user) {
$this->error('帐号不存在或被禁用');
}
if ($user['password'] != user_md5($password . $user['salt'])) {
$this->error('密码错误');
}
$data = array('id' => $user['id'], 'login' => array('exp', '`login`+1'), 'last_login_time' => NOW_TIME, 'last_login_ip' => get_client_ip());
$db->save($data);
/* 记录登录SESSION和COOKIES */
$auth = array('uid' => $user['id'], 'username' => $user['username'], 'last_login_time' => $data['last_login_time']);
session('admins', $auth);
session('admins_sign', data_auth_sign($auth));
$this->success('登录成功,正在进入...', U('index/index'));
} else {
$this->redirect('index');
exit;
}
}
/**
* 修改密码
*/
public function changePassword()
{
if (IS_POST) {
$A = M('Advertiser');
$oldPw = I('post.old_pw');
$pw = I('post.ad_pw');
$pw2 = I('post.ad_pw2');
$ad_seq = $this->getId();
$ad = $A->find($ad_seq);
if (user_md5($oldPw) !== $ad['ad_pw']) {
$this->error('旧密码输入有误', U('Advertiser/changePassword'));
}
if ($pw != $pw2) {
$this->error('新密码输入有误', U('Advertiser/changePassword'));
}
$pw = user_md5($pw);
$w = array();
$w['ad_seq'] = $this->getId();
$w['ad_pw'] = $pw;
if ($A->save($w)) {
$this->success('修改成功', U('Advertiser/changePassword'));
} else {
$this->error('修改失败', U('Advertiser/changePassword'));
}
} else {
$this->assign('changePassword', 'on');
$this->display();
}
}
function reg($data)
{
if (!$data['email']) {
return array('status' => 0, 'msg' => L('email_require'));
}
if (!$data['password']) {
return array('status' => 0, 'msg' => L('password_require'));
}
if ($this->check_user($data['email']) > 0) {
return array('status' => 0, 'msg' => '用户已经存在,登录邮箱不能重复。');
}
// 用于写入的数组
$indata = array();
$indata = $data;
$indata['regtime'] = time();
$indata['regip'] = get_client_ip();
$indata['status'] = 1;
$indata['salt'] = user_salt();
$indata['password'] = user_md5($data['password'], $indata['salt']);
$insertId = $this->add($indata);
// 写入记录
if ($insertId) {
return array('status' => 1, 'msg' => '注册成功!', 'userid' => $insertId);
}
return array('status' => 0, 'msg' => '注册失败,请重试。');
}
/**
* 用户登录
* @author jry <*****@*****.**>
*/
public function login($username, $password, $map)
{
//去除前后空格
$username = trim($username);
//匹配登录方式
if (preg_match("/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+\$/", $username)) {
$map['email'] = array('eq', $username);
//邮箱登陆
} elseif (preg_match("/^1\\d{10}\$/", $username)) {
$map['mobile'] = array('eq', $username);
//手机号登陆
} else {
$map['username'] = array('eq', $username);
//用户名登陆
}
$map['status'] = array('eq', 1);
$user = $this->where($map)->find();
//查找用户
if (!$user) {
$this->error = '用户不存在或被禁用!';
} else {
if (user_md5($password) !== $user['password']) {
$this->error = '密码错误!';
} else {
//更新登录信息
$data = array('id' => $user['id'], 'login' => array('exp', '`login`+1'), 'last_login_time' => NOW_TIME, 'last_login_ip' => get_client_ip(1));
$this->save($data);
$this->autoLogin($user);
return $user['id'];
}
}
return false;
}
function register_administrator($db, $prefix, $admin, $auth)
{
$sql = "INSERT INTO `[PREFIX]ucenter_member` VALUES " . "('1', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '[TIME]', '1')";
$password = user_md5($admin['admin_pass'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['admin_user'], $password, $admin['admin_email'], NOW_TIME, get_client_ip(1)), $sql);
//执行sql
$db->execute($sql);
$sql = "INSERT INTO `[PREFIX]member` VALUES " . "('1', '[NAME]', '0', '0000-00-00', '', '0', '1', '0', '[TIME]', '0', '[TIME]', '1','',0,0,0,0,0);";
$sql = str_replace(array('[PREFIX]', '[NAME]', '[TIME]'), array($prefix, $admin['admin_user'], NOW_TIME), $sql);
$db->execute($sql);
return true;
}
public function _before_update($data)
{
if ($data['id'] == '1' and $data['status'] == 0) {
$this->error('最后一个了,状态不能禁用哦');
exit;
}
$info = $this->_mod->find($data['id']);
if ($info['password'] != $data['password']) {
!$info['salt'] && ($data['salt'] = $info['salt'] = user_salt());
$data['password'] = user_md5($data['password'] . $info['salt']);
}
return $data;
}
/**
* 下载
* @author jry <*****@*****.**>
*/
public function download($token)
{
if (empty($token)) {
$this->error('token参数错误!');
}
//解密下载token
$file_md5 = \Think\Crypt::decrypt($token, user_md5(is_login()));
if (!$file_md5) {
$this->error('下载链接已过期,请刷新页面!');
}
$public_upload_object = D('PublicUpload');
$file_id = $public_upload_object->getFieldByMd5($file_md5, 'id');
if (!$public_upload_object->download($file_id)) {
$this->error($public_upload_object->getError());
}
}
public function add_user($data)
{
if (in_array('', $data)) {
return array('status' => 0, 'msg' => '内容不完整');
}
// 再次检查是否重复
if ($this->field_exists($data['username'])) {
return array('status' => 0, 'msg' => sprintf(L('is_exist'), L('username')));
}
// 处理密码
$data['salt'] = user_salt();
$data['password'] = user_md5($data['password'], $data['salt']);
if ($this->add($data)) {
return array('status' => 1, 'msg' => L('operation_success'));
}
}
/**
* 用户登录
*/
public function login($mb_tel, $mb_pw, $map)
{
$mb_tel = trim($mb_tel);
$map['mb_tel'] = array('eq', $mb_tel);
$mb = $this->where($map)->find();
if (!$mb) {
$this->error = '用户名不存在或被禁用!';
} else {
if (user_md5($mb_pw) !== $mb['mb_pw']) {
$this->error = '密码错误!';
} else {
$data = array('mb_seq' => $mb['mb_seq'], 'mb_login' => NOW_TIME, 'mb_login_ip' => get_client_ip(1));
$this->save($data);
$this->autoLogin($mb);
return $mb['mb_seq'];
}
}
return false;
}
/**
* 用户登录
*/
public function login($ad_id, $ad_pw, $map)
{
$ad_id = trim($ad_id);
$map['ad_id'] = array('eq', $ad_id);
$map['ad_status'] = array('eq', 1);
$adv = $this->where($map)->find();
if (!$adv) {
$this->error = '用户不存在或被禁用!';
} else {
if (user_md5($ad_pw) !== $adv['ad_pw']) {
$this->error = '密码错误!';
} else {
# 更新登录信息
$data = array('ad_seq' => $adv['ad_seq'], 'ad_login_times' => array('exp', '`ad_login_times`+1'), 'ad_login' => NOW_TIME, 'ad_login_ip' => get_client_ip(1));
$this->save($data);
$this->autoLogin($adv);
return $adv['ad_seq'];
}
}
return false;
}
/**
* 用户登录
*/
public function login($adm_id, $adm_pw, $map)
{
$adm_id = trim($adm_id);
$map['adm_id'] = array('eq', $adm_id);
# 查找用户
$admin = $this->where($map)->find();
if (!$admin) {
$this->error = '管理员不存在或被禁用!';
} else {
if (user_md5($adm_pw) !== $admin['adm_pw']) {
$this->error = '密码错误!';
} else {
# 更新登录信息
$data = array('adm_seq' => $admin['adm_seq'], 'adm_login' => NOW_TIME, 'adm_login_ip' => get_client_ip(1));
$this->save($data);
$this->autoLogin($admin);
return $admin['adm_seq'];
}
}
return false;
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$sql = "UPDATE `[PREFIX]ucenter_member` " . "set `username`='[NAME]', `password`='[PASS]', `email`='[EMAIL]', `last_login_time`= '[TIME]', `last_login_ip`='[IP]', `update_time`='[TIME]'";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1)), $sql);
//执行sql
$db->execute($sql);
// $sql = "INSERT INTO `[PREFIX]member` VALUES ".
// "('1', '[NAME]','', '[NAME]', '0', '0', '', '0', '1', '0', '[TIME]', '0', '[TIME]','[TIME]', '1');";
// $sql = str_replace(
// array('[PREFIX]', '[NAME]', '[TIME]'),
// array("common_", $admin['username'], NOW_TIME),
// $sql);
// $db->execute($sql);
show_msg('创始人帐号注册完成!');
}
/**
*
* 找回密码
*/
public function find()
{
if (IS_POST) {
$code = $_POST['verify_code'];
unset($_POST['verify_code']);
// 验证码判断
$verify = session('shop_verify_find_code');
if (empty($verify)) {
$this->error('没有获取验证码');
}
$verifyCode = $verify['code'];
$verifyTime = $verify['time'];
if (time() > $verifyTime + 60) {
//$this->error('验证码过期');
}
// 验证码判断
if ($code != $verifyCode) {
$this->error('验证码不正确');
}
$ad_tel = I('post.ad_tel');
// 验证码判断
//echo '='.$ad_tel.'='.$verify['mobile'].'=';exit;
if ($ad_tel != $verify['mobile']) {
$this->error('验证码与手机号不匹配');
session('shop_verify_find_code', null);
}
session('shop_verify_find_code', null);
$Ad = D('Advertiser');
$tel = I('post.ad_tel');
$pw = I('post.ad_pw');
$pw2 = I('post.ad_pw2');
if (!$tel) {
$this->error('请输入手机号', U('Login/find'));
}
if (mb_strlen($pw) < 6 || mb_strlen($pw) > 24) {
$this->error('密码长度为6-24位', U('Login/find'));
}
if ($pw != $pw2) {
$this->error('两次输入的密码不一致', U('Login/find'));
}
if (!preg_match("/^1\\d{10}\$/", $tel)) {
$this->error("手机格式不正确", U('Login/find'));
}
$pattern = '/(?!^(\\d+|[a-zA-Z]+|[~!@#$%^&*()_+{}:"<>?\\-=[\\];\',.\\/]+)$)^[\\w~!@#$%^&*()_+{}:"<>?\\-=[\\];\',.\\/]+$/';
if (!preg_match($pattern, $pw)) {
$this->error('密码至少由数字、字符、特殊字符三种中的两种组成', U('Login/find'));
}
$where = array('ad_tel' => $tel);
$adInfo = $Ad->where($where)->find();
if (count($adInfo)) {
$data = array();
$data['ad_seq'] = $adInfo['ad_seq'];
$data['ad_pw'] = user_md5($pw);
$result = $Ad->save($data);
if ($result) {
$this->success("修改密码成功", U('Login/login'));
} else {
$this->error("修改密码失败", U('Login/find'));
}
} else {
$this->error("不存在此手机号", U('Login/find'));
}
} else {
//$verify = session('shop_verify_find_code');
//p($verify);
$this->display();
}
}
public function step4()
{
$this->assign('meta_title', "step4");
$this->display();
//连接数据库
$db_config = session('db_config');
$db_instance = Db::getInstance($db_config);
//创建数据表
create_tables($db_instance, $db_config['DB_PREFIX']);
//生成加密字符串
$add_chars .= '`~!@#$%^&*()_+-=[]{};:"|,.<>/?';
$auth = \Org\Util\String::randString(64, '', $add_chars);
//生成随机数
//创建配置文件
$conf = write_config($db_config, $auth);
//根据加密字符串更新admin密码的加密结果
$sql = 'UPDATE `' . $db_config["DB_PREFIX"] . 'user` SET `password`="' . user_md5('admin', $auth) . '" WHERE `id` = 1';
$result = $db_instance->execute($sql);
if (!$result) {
$this->error('写入加密后密码出错!');
}
if (session('error')) {
$this->error('安装出错', 'step1');
} else {
session('step', 4);
$this->redirect('complete');
}
}
public function login()
{
if (IS_POST) {
$email = $this->_post('email');
$password = $this->_post('password');
$verify = $this->_post('verify');
/* 检测验证码 TODO: */
if (!Verify::check(@$verify)) {
$this->error('验证码输入错误!');
}
$map['email'] = trim($email);
$map['status'] = 1;
$this->_mod = $this->_mod;
$user = $this->_mod->where($map)->find();
if (!$user) {
$this->error('用户不存在或已被禁用!');
//应用级别禁用
exit;
}
if (user_md5($password, $user['salt']) !== $user['password']) {
$this->error('密码不正确');
}
/* 登录用户 */
if ($this->_mod->login($user['id'], $email, $password)) {
//登录用户
//TODO:跳转到登录前页面
$this->success('登录成功!', session('rebackurl'));
} else {
$this->error($this->_mod->getError());
}
} else {
if ($this->_userid) {
$this->redirect('index');
} else {
// 登录后返回登录前页面
$reback = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : '/';
if (stripos($reback, 'login') || stripos($reback, 'register') || stripos($reback, 'logout')) {
$reback = U('index');
}
session('rebackurl', $reback);
$seo['title'] = '会员登录';
$this->_seo($seo);
$this->theme('login', 'user');
}
}
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$sql = "INSERT INTO `[PREFIX]user` (`uid`, `nickname`, `login_name`, `password`, `email`, `mobile`, `reg_time`, `reg_ip`, `last_login_time`, `last_login_ip`, `status`,`is_init`,`is_audit`) VALUES " . "('1', '[NAME]', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '1',0,1)";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1)), $sql);
//执行sql
$res = $db->execute($sql);
// dump($sql);
// dump($res);
show_msg('创始人帐号注册完成!');
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$sql = "INSERT INTO `[PREFIX]ucenter_member` VALUES " . "('1', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '[TIME]', '1')";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1)), $sql);
//执行sql
$db->execute($sql);
$sql = "INSERT INTO `[PREFIX]member` VALUES " . "('1', '[NAME]','', '0', '0', '', '0', '1', '0', '[TIME]', '0', '[TIME]', '1');";
$sql = str_replace(array('[PREFIX]', '[NAME]', '[TIME]'), array($prefix, $admin['username'], NOW_TIME), $sql);
$db->execute($sql);
show_msg('创始人帐号注册完成!');
}
/**
* 找回密码
*/
public function find()
{
//session('adv_verify_find_code', null);
if (IS_POST) {
//P($_POST);
//p($_SESSION);EXIT;
$code = $_POST['verify_code'];
unset($_POST['verify_code']);
// 验证码判断
$verify = session('member_verify_find_code');
if (empty($verify)) {
$info['msg'] = "重新获取验证码";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
$verifyCode = $verify['code'];
$verifyTime = $verify['time'];
if (time() > $verifyTime + 60 * 10) {
$info['msg'] = "验证码已过期";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
// 验证码判断
if ($code != $verifyCode) {
$info['msg'] = "验证码不正确";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
$mb_tel = I('post.mb_tel');
// 验证码判断
if ($mb_tel != $verify['mobile']) {
session('member_verify_find_code', null);
$info['msg'] = "验证码与手机号不匹配";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
session('adv_verify_find_code', null);
$Mem = D('Member');
$tel = I('post.mb_tel');
$pw = I('post.mb_pw');
$pw2 = I('post.mb_pw2');
if (!$tel) {
$info['msg'] = "请输入手机号";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
if (mb_strlen($pw) < 6 || mb_strlen($pw) > 24) {
$info['msg'] = "密码长度为6-24位";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
if ($pw != $pw2) {
$info['msg'] = "两次输入的密码不一致";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
if (!preg_match("/^1\\d{10}\$/", $tel)) {
$info['msg'] = "手机格式不正确";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
$pattern = '/(?!^(\\d+|[a-zA-Z]+|[~!@#$%^&*()_+{}:"<>?\\-=[\\];\',.\\/]+)$)^[\\w~!@#$%^&*()_+{}:"<>?\\-=[\\];\',.\\/]+$/';
if (!preg_match($pattern, $pw)) {
$info['msg'] = "密码至少由数字、字符、特殊字符三种中的两种组成";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
$where = array('mb_tel' => $tel);
$memInfo = $Mem->where($where)->find();
if (count($memInfo)) {
$data = array();
$data['mb_seq'] = $memInfo['mb_seq'];
$data['mb_pw'] = user_md5($pw);
$result = $Mem->save($data);
if ($result) {
$info['msg'] = "修改密码成功";
$info['result'] = 0;
$info['title'] = '找回密码';
$info['url'] = U('Login/login');
$this->ajaxReturn($info);
} else {
$info['msg'] = "修改密码失败";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
} else {
$info['msg'] = "不存在此手机号";
$info['result'] = 0;
$info['title'] = '找回密码';
$this->ajaxReturn($info);
}
} else {
$this->display();
}
}
/**
* 短信验证码,用于注册
* @author jry <*****@*****.**>
*/
public function sendMobileVerify()
{
$receiver = I('post.mobile');
$user_object = D('User');
$result = $user_object->create($_POST, 5);
//调用自动验证
if (!$result) {
$this->error($user_object->getError());
}
$reg_verify = \Org\Util\String::randString(6, 1);
//生成验证码
session('reg_verify', user_md5($reg_verify, $receiver));
$body = $title . '验证码:' . $reg_verify;
if (send_mobile_message($receiver, $title, $body)) {
$this->success('发送成功,请查收!');
} else {
$this->error('发送失败!');
}
}
/**
* 修改密码
* @author jry <*****@*****.**>
*/
public function password()
{
$uid = $this->is_login();
if (IS_POST) {
$validate = array(array('password', 'require', '请填写旧密码', 1, 'regex'), array('newpassword', '6,30', '密码长度为6-30位', 1, 'length'), array('newpassword', '/(?!^(\\d+|[a-zA-Z]+|[~!@#$%^&*()_+{}:"<>?\\-=[\\];\',.\\/]+)$)^[\\w~!@#$%^&*()_+{}:"<>?\\-=[\\];\',.\\/]+$/', '密码至少由数字、字符、特殊字符三种中的两种组成', 1, 'regex'), array('repassword', 'newpassword', '两次输入的密码不一致', 1, 'confirm'));
$user_object = D('User/User');
$user_object->setProperty("_validate", $validate);
$data = $user_object->create();
if ($data) {
$password = user_md5(I('password'));
$newpassword = user_md5(I('newpassword'));
if ($password === get_user_info($uid, 'password')) {
$result = $user_object->where(array('id' => $uid))->setField('password', $newpassword);
if ($result) {
$this->success('密码修改成功', U('User/User/logout'));
} else {
$this->error('密码修改失败' . $user_object->getError());
}
} else {
$this->error('旧密码输入错误');
}
} else {
$this->error('错误:' . $user_object->getError());
}
} else {
// 使用FormBuilder快速建立表单页面。
$builder = new \Common\Builder\FormBuilder();
$builder->setMetaTitle('修改密码')->setPostUrl(U(''))->addFormItem('password', 'password', '旧密码')->addFormItem('newpassword', 'password', '新密码')->addFormItem('repassword', 'password', '重复新密码')->setTemplate(C('USER_CENTER_FORM'))->display();
}
}
/**
* 获取文章详情
* @author jry <*****@*****.**>
*/
public function detail($id, $map = null)
{
//获取基础表信息
$con = array();
$con['id'] = $id;
$con['status'] = array('egt', 1);
// 正常、隐藏两种状态是可以访问的
if ($map) {
$con = array_merge($con, $map);
}
$info = $this->where($con)->find();
if (!is_array($info)) {
$this->error = '文章被禁用或已删除!';
return false;
}
// 阅读量加1
$result = $this->where(array('id' => $id))->SetInc('view');
// 获取作者信息
$info['user'] = get_user_info($info['uid']);
// 获取发帖数量
$info['user']['post_count'] = $this->where(array('uid' => $info['uid']))->count();
// 获取文档模型相关信息
$doc_type_info = D($this->moduleName . '/Type')->find($info['category_info']['doc_type']);
if ($doc_type_info['system']) {
$this->error = '文档类型错误!';
return false;
}
$info['doc_type_info'] = $doc_type_info;
// 根据文章模型获取扩展表的息
$extend_table_object = D($this->moduleName . '/' . $this->moduleName . ucfirst($doc_type_info['name']));
$extend_data = $extend_table_object->find($id);
// 基础信息与扩展信息合并
if (is_array($extend_data)) {
$info = array_merge($info, $extend_data);
}
// 获取筛选字段
$con = array();
$con['id'] = array('in', $doc_type_info['filter_field']);
$attribute_object = D($this->moduleName . '/Attribute');
$filter_field_list = $attribute_object->where($con)->select();
$new_filter_field_list = array();
foreach ($filter_field_list as $key => $val) {
$val['options'] = parse_attr($val['options']);
$new_filter_field_list[$val['name']] = $val;
}
$info['filter_field_list'] = $new_filter_field_list;
// 给文档主要字段赋值,如:文章标题、商品名称
$type_main_field = $attribute_object->getFieldById($doc_type_info['main_field'], 'name');
$info['main_field'] = $info[$type_main_field];
// 下载文件地址加密
if ($info['file']) {
$file_list = explode(',', $info['file']);
foreach ($file_list as &$file) {
$file = D('Home/Upload')->find($file);
$uid = is_login();
if ($uid) {
$file['token'] = \Think\Crypt::encrypt($file['md5'], user_md5($uid), 3600);
} else {
$file['token'] = 'please login';
}
}
$info['file_list'] = $file_list;
}
// 获取上一篇和下一篇文章信息
$info['previous'] = $this->getPrevious($info);
$info['next'] = $this->getNext($info);
return $info;
}
public function step4()
{
if (session('step') !== '3') {
$this->error('请按顺序安装', U('step3'));
}
session('step', '4');
session('error', false);
$this->assign('meta_title', "step4");
$this->display();
//连接数据库
$db_config = session('db_config');
$db_instance = Db::getInstance($db_config);
//创建数据表
create_tables($db_instance, $db_config['DB_PREFIX']);
//生成加密字符串
$add_chars .= '`~!@#$%^&*()_+-=[]{};:"|,.<>/?';
$auth = String::randString(64, '', $add_chars);
//生成随机数
//创建配置文件
$conf = write_config($db_config, $auth);
//根据加密字符串更新admin密码的加密结果
$new_admin_password = user_md5('admin', $auth);
$sql = <<<SQL
UPDATE `{$db_config["DB_PREFIX"]}admin_config` SET `value`='{$auth}' WHERE `name` = 'AUTH_KEY';
UPDATE `{$db_config["DB_PREFIX"]}admin_user` SET `password`='{$new_admin_password}' WHERE `id` = 1;
SQL;
$result = $db_instance->execute($sql);
if (!$result) {
$this->error('写入系统加密KEY或管理员新密码出错!');
}
if (session('error')) {
$this->error('安装出错', 'index');
} else {
$this->redirect('complete');
}
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$sql = "INSERT INTO `[PREFIX]ucenter_member` (`id`, `username`, `password`, `email`, `mobile`, `reg_time`, `reg_ip`, `last_login_time`, `last_login_ip`, `update_time`, `status`) VALUES " . "('1', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '[TIME]', '1')";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1)), $sql);
//执行sql
$res = $db->execute($sql);
// dump($sql);
// dump($res);
$sql = "INSERT INTO `[PREFIX]member` (`uid`, `nickname`, `sex`, `birthday`, `qq`, `score`, `login`, `reg_ip`, `reg_time`, `last_login_ip`, `last_login_time`, `status`, `public_count`, `extra_field`) VALUES " . "('1', '[NAME]', '0', '0000-00-00', '', '0', '1', '0', '[TIME]', '0', '[TIME]', '1',NULL, NULL);";
$sql = str_replace(array('[PREFIX]', '[NAME]', '[TIME]'), array($prefix, $admin['username'], NOW_TIME), $sql);
$res = $db->execute($sql);
// dump($sql);
// dump($res);
show_msg('创始人帐号注册完成!');
}
/**
* 短信验证码,用于注册
* @author jry <*****@*****.**>
*/
public function sendMobileVerify()
{
// 生成验证码
$reg_verify = \Org\Util\String::randString(6, 1);
session('reg_verify', user_md5($reg_verify, I('post.mobile')));
// 构造短信数据
$msg_data['receiver'] = I('post.mobile');
$msg_data['message'] = '短信验证码:' . $reg_verify;
$result = D('Addons://Message/Message')->sendMessage($msg_data);
if ($result) {
$this->success('发送成功,请查收!');
} else {
$this->error('发送失败!');
}
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$uid = 1;
/*插入用户*/
$sql = <<<sql
REPLACE INTO `[PREFIX]ucenter_member` (`id`, `username`, `password`, `email`, `mobile`, `reg_time`, `reg_ip`, `last_login_time`, `last_login_ip`, `update_time`, `status`, `type`) VALUES
('[UID]', '[NAME]', '[PASS]','[EMAIL]', '', '[TIME]', '[IP]', '[TIME]', '[IP]', '[TIME]', 1, 1);
sql;
/* "REPLACE INTO `[PREFIX]ucenter_member` VALUES " .
"('1', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '[TIME]', '1',1,'finish')";*/
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]', '[UID]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1), $uid), $sql);
//执行sql
$db->execute($sql);
/*插入用户资料*/
$sql = <<<sql
REPLACE INTO `[PREFIX]member` (`uid`, `nickname`, `sex`, `birthday`, `qq`, `login`, `reg_ip`, `reg_time`, `last_login_ip`, `last_login_role`, `show_role`, `last_login_time`, `status`, `signature`) VALUES
('[UID]','[NAME]', 0, '0', '', 1, 0, '[TIME]', 0, 1, 1, '[TIME]', 1, '');
sql;
$sql = str_replace(array('[PREFIX]', '[NAME]', '[TIME]', '[UID]'), array($prefix, $admin['username'], NOW_TIME, $uid), $sql);
$db->execute($sql);
/*初始化角色表*/
$sql = <<<sql
REPLACE INTO `[PREFIX]role` (`id`, `group_id`, `name`, `title`, `description`, `user_groups`, `invite`, `audit`, `sort`, `status`, `create_time`, `update_time`) VALUES
(1, 0, 'default', '普通用户', '普通用户', '1', 0, 0, 0, 1, [TIME], [TIME]);
sql;
$sql = str_replace(array('[PREFIX]', '[TIME]', '[UID]'), array($prefix, NOW_TIME, $uid), $sql);
$db->execute($sql);
/*插入角色和用户对应关系*/
$sql = <<<sql
REPLACE INTO `[PREFIX]user_role` (`id`, `uid`, `role_id`, `status`, `step`, `init`) VALUES
(1, [UID], 1, 1, 'finish', 1);
sql;
$sql = str_replace(array('[PREFIX]', '[UID]'), array($prefix, $uid), $sql);
$db->execute($sql);
/*初始化用户角色end*/
show_msg('创始人帐号注册完成!');
}
function register_editor($db, $prefix, $auth)
{
show_msg('开始注册编辑帐号...');
$sql = "INSERT INTO `" . $prefix . "ucenter_member` VALUES " . "('2', 'editor', '" . user_md5('editor', $auth) . "', '*****@*****.**', '', '" . NOW_TIME . "', '" . get_client_ip(1) . "', 0, 0, '" . NOW_TIME . "', '1')";
$db->execute($sql);
$sql = "INSERT INTO `" . $prefix . "member` VALUES " . "('2', 'editor','','','0', '0', '', '0', '1', '0', '" . NOW_TIME . "', '0', '" . NOW_TIME . "', '1');";
$db->execute($sql);
//编辑组授权
$sql = "INSERT INTO `" . $prefix . "auth_group_access` (`uid`, `group_id`) VALUES (2, 2);";
$db->execute($sql);
show_msg('编辑帐号注册完成!');
}
function register_administrator($db, $prefix, $admin, $auth){
show_msg('开始注册帐号和密码');
$sql = "INSERT INTO `[PREFIX]admin` VALUES " .
"('1', '[NAME]', '[NICK]','[PASS]', '[EMAIL]', '', '[TIME]')";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(
array('[PREFIX]', '[NAME]', '[NICK]','[PASS]', '[TIME]', '[IP]'),
array($prefix, $admin['name'], $admin['nickname'],$password, NOW_TIME),
$sql);
//执行sql
$db->execute($sql);
show_msg('创始人帐号注册完成!');
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$sql = "INSERT INTO u_user VALUES (1,'[NAME]','[PASS]','','[EMAIL]','[TIME]','',1,0)";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[NAME]', '[PASS]', '[EMAIL]', '[TIME]'), array($admin['username'], $password, $admin['email'], NOW_TIME), $sql);
//执行sql
if ($db->execute($sql)) {
show_msg('创始人帐号注册完成!');
} else {
show_msg('创始人帐号注册失败!');
}
}