PHP version 5
public function signin()
{
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$captcha = isset($_POST['captcha']) ? $_POST['captcha'] : '';
//合法性验证
if (empty($captcha)) {
$this->failure('index.php', '验证码不能为空!');
}
if (empty($username) || empty($password)) {
$this->failure('index.php', '用户名或密码不能为空!');
}
//有效性验证
if (!Captcha::checkCaptcha($captcha)) {
$this->failure('index.php', '验证码错误!');
}
//验证用户信息(操作数据库:模型)
$admin = new AdminModel();
if ($user = $admin->checkByUsernameAndPassword($username, $password)) {
$_SESSION['user'] = $user;
$admin->updateLoginInfo($user['a_id']);
$this->success('index.php?module=index&action=index', '登录成功!');
} else {
$this->failure('index.php', '用户名或密码错误!');
}
}
public function signin(){
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$captcha = isset($_POST['captcha']) ? $_POST['captcha'] : '';
if(empty($captcha)){
$this->failure('index.php','验证码不能为空');
}
if(empty($username)){
$this->failure('index.php','用户名或者密码都不能为空');
}
if(Captcha::checkCaptcha($captcha)){
$this->failure('index.php','验证码错误');
}
$admin = new AdminModel();
if($user = $admin->checkByUsernameAndPassword($username,$password)){
$_SESSION['user'] = $user;
$admin->updateLoginInfo($user['a_id']);
$this->success('index.php?module=index&action=index','登录成功');
}else{
$this->failure('index.php','验证码错误');
}
}
/**
* 进行登录
*/
public function todoAction()
{
// 参数检查
try {
$request = $this->getRequest();
$username = $request->get('username');
$password = $request->get('password');
} catch (\Exceptions\Multi $e) {
$this->json(FALSE, '手机号或密码格式不正确', 20001);
}
// 用户检查
$adminModel = new \AdminModel();
$adminArr = $adminModel->where('username=:u and password=:p and status=1', $username, $adminModel->enctypePassword($password))->limit(1)->select()->fetchRow();
if (!$adminArr) {
$this->json(FALSE, '手机号或密码错误', 20002, $adminModel->enctypePassword($password));
}
// 获取用户权限
$groupModel = new \GroupModel();
$groupArr = $groupModel->where('id=:id', $adminArr['group_id'])->select()->fetchRow();
// 计算用户权限
if ($groupArr['id'] != '*') {
$rules = $adminArr['attach_rules'] ? explode(',', $adminArr['attach_rules']) : array();
$rules = implode(',', array_merge(explode(',', $groupArr['rules']), $rules));
}
// 保存用户权限
$session = $this->getSession();
$session->set('admin.uid', $adminArr['id']);
$session->set('admin.name', $adminArr['nickname']);
$session->set('admin.ip', IP::client());
$session->set('admin.time', time());
$session->set('admin.avatar', $adminArr['avatar']);
$session->set('admin.rules', $rules);
// 登录成功返回
$this->json(TRUE, '登录成功', 20010);
}
/**
*
* 过滤器
* @param unknown_type $filterChain
*/
public function filterCheckAdmin($filterChain)
{
//未登录,跳转
if (!($uid = $this->isAdmin())) {
$this->redirect(Yii::app()->baseUrl . "/");
}
//获取用户详细资料
$adminModel = new AdminModel();
$this->_userInfo = $adminModel->getInfoByUid($uid);
$this->username = $this->_userInfo['username'];
$this->hospital = $this->_userInfo['hospital'];
$this->role = $this->_userInfo['role'];
//账号错误
if (!$this->_userInfo) {
$this->_output("302", 'access deny', 'text');
}
$roleModel = new RoleModel();
$role = $roleModel->getInfoByCode($this->_userInfo['role']);
if ($role && $role['permission']) {
$permission = explode(',', $role['permission']);
//生成菜单
$menuModel = new MenuModel();
$this->menus = $menuModel->getInfoByGroup($permission);
foreach ($this->menus as $key => $value) {
$this->menuGroup[$value['group']] = $value['group'];
}
} else {
header("HTTP/1.1 401");
exit;
}
$filterChain->run();
}
public function loginAction()
{
if (!$this->valiCaptcha()) {
return;
}
$p = $_REQUEST;
$pName = empty($p['name']) ? Tool_Fnc::ajaxMsg('用户名不能为空') : Tool_Fnc::safe_string($p['name']);
$pPasswd = empty($p['passwd']) ? Tool_Fnc::ajaxMsg('密码不能为空') : trim($p['passwd']);
$pCaptcha = empty($p['captcha']) ? Tool_Fnc::ajaxMsg('验证码为空') : trim($p['captcha']);
$tMO = new AdminModel();
$tRow = $tMO->field('*')->where("name = '{$pName}'")->fRow();
if (!count($tRow)) {
Tool_Fnc::ajaxMsg('用户不存在');
}
if (Tool_Fnc::markmd5($pPasswd, $tRow['private_key']) != $tRow['passwd']) {
Tool_Fnc::ajaxMsg('密码不正确');
}
$_SESSION['admin'] = array('id' => $tRow['id'], 'name' => $tRow['name']);
if (isset($p['remember']) && $p['remember'] == 'remember') {
setcookie('admin[id]', $tRow['id'], time() + 60 * 60 * 24 * 365, '/');
setcookie('admin[name]', $tRow['name'], time() + 60 * 60 * 24 * 365, '/');
}
$this->showMsg('', '/admin_user');
Tool_Fnc::ajaxMsg('', 1);
}
public function signinAction()
{
$captcha_tool = new CaptchaTool();
if (!$captcha_tool->checkCaptcha($_POST['captcha'])) {
$this->jump('index.php?p=back&c=Admin&a=index', '验证码错误', 2);
}
//调用模型完成数据库操作
//利用用户名 和 密码 验证用户身份
$model_admin = new AdminModel();
if ($admin_info = $model_admin->checkByLogin($_POST['username'], $_POST['password'])) {
if (isset($_POST['remember']) && $_POST['remember'] == '1') {
setcookie('admin_id', $admin_info['admin_id'], PHP_INT_MAX);
setcookie('admin_pass', md5('demo' . $admin_info['pass'] . 'shop'), PHP_INT_MAX);
}
//setcookie('is_login','yes');
//session_start();
$_SESSION['is_login'] = '******';
//echo '合法用户';
$this->jump('index.php?p=back&c=Index&a=index');
} else {
//非法用户
//echo '非法用户';
$this->jump('index.php?p=back&c=Admin&a=index', '非法用户', 2);
}
}
public function senduiAction()
{
//获取参数
$title = $this->getRequest()->getParam('title');
$content = $this->getRequest()->getParam('content');
//获取登陆的管理员用户名
$session = new Zend_Session_Namespace('admin');
$senderName = $session->adminName;
//根据用户名获取管理员ID
$adminId = new AdminModel();
$Id = $adminId->search($senderName);
$ids = $this->getRequest()->getParam('check');
if (!empty($ids) && count($ids) > 1) {
$userid = implode(',', $ids);
} elseif (count($ids) == 1) {
$userid = $ids;
} else {
$userid = '0';
}
if (empty($title) || empty($content)) {
Zshop_Message::show($this, "发送信息不完整", "admin/message/send", 3);
return;
}
//插入数据
$data = array('user_id' => $userid, 'sender_id' => $Id, 'title' => $title, 'content' => $content, 'readed_id' => 0, 'deleted_id' => 0, 'send_time' => time());
$number = $this->alldate->insert($data);
if ($number > 0) {
$message = "发送成功";
} else {
$message = "操作出错,请从新提交!";
}
Zshop_Message::show($this, $message, "admin/message/send", 3);
}
public function savepass()
{
$model = new AdminModel();
$id = session('adminid');
if (!IS_POST) {
$this->message2('非法操作!', __APP__ . '/Admin');
}
$password = I('password', '');
if ($password == '') {
$this->message2('密码不能为空,请重新输入!', __URL__ . '/repass');
}
if ($model->create()) {
if (!empty($id)) {
$data['password'] = md5(I('password'));
if (false !== $model->where('id=\'' . $id . '\'')->data($data)->save()) {
session('adminid', NULL);
session('adminname', NULL);
$this->message2('操作成功,请重新登陆系统', __APP__ . '/Admin');
} else {
$this->message2('操作失败:' . $model->getDbError());
}
} else {
$this->message2('请选择编辑用户', __APP__ . '/Admin');
}
} else {
$this->message2('操作失败:数据验证( ' . $model->getError() . ' )', __URL__ . '/repass');
}
}
function setIdentity($identity, $email, $first_name, $last_name)
{
Zend_Loader::loadClass("AdminModel");
$adminModel = new AdminModel();
$admin_info = $adminModel->fetchRow(array("gome_email =?" => trim($email)));
$session = new Zend_Session_Namespace();
$identity_arr = array('identity' => $identity, 'id' => $admin_info['id'], 'gome_email' => $email, 'first_name' => $first_name, 'last_name' => $last_name);
$session->identity = $identity_arr;
}
/**
* @return void
* Request to unblock the $user
*/
public function unblockAction()
{
$user = $_GET['id'];
$admin = new AdminModel();
if ($admin->activateUser($user) === true) {
echo $user . " Activated!!!";
} else {
echo "Activation Problem!";
}
}
/**
* @return bool
*/
public function addAdminAction()
{
$Admin = new AdminModel();
$ret = $Admin->addAdmin('rs', '123');
if ($ret[0]) {
$this->responseJson();
} else {
$this->responseJson(401, $ret[1]);
}
return false;
}
public function lists()
{
$page = intval(Input::get('page', 1));
$username = trim(Input::get('username', ''));
$args = ['username' => $username];
$model = new AdminModel();
$count = $model->getCount($args);
$rows = $model->getRows($page, $args);
$page_size = Pagination::getPageSize($count);
return View::make('admin.lists', ['rows' => $rows, 'page' => $page, 'page_size' => $page_size, 'params' => $args]);
}
public function IndexAction()
{
if ($this->_req->isXmlHttpRequest()) {
//获取post提交的参数
$name = $this->_req->getPost('usrname');
$pwd = $this->_req->getPost('pwd');
$Admin = new AdminModel();
if (!$Admin->LoginUsr($name, md5($pwd))) {
exit("101:用户名或密码错误!");
}
$this->_session->set('username', $name);
exit("100:登录成功!");
}
}
public function init()
{
parent::init();
// ---------------- 判断登录 --------------------------------------
$admin = '';
$relogin = false;
// 判断session
$admin = Tools_help::getSession('admin');
if (empty($admin)) {
// 判断cookie
$admin = Tools_help::getCookie('admin');
if (empty($admin)) {
$this->redirect('/backend/Login/index');
} else {
$relogin = true;
}
}
// cookie重新验证
if ($admin && $relogin) {
$adminModel = new AdminModel();
$data = $adminModel->getAdminById($admin['id']);
if (empty($data) || $data['roleid'] != 1 || $data['password'] != $admin['password']) {
$this->redirect('/backend/Login/index');
}
$adminModel->reMemberMe($data);
$admin = $data;
}
// E
$this->_view->assign("curr_admin", $admin);
// 用户权限判断
/*$checkTitle = strtolower($this->moduleName.'_'.$this->controllerName.'_'.$this->actionName);
$pid = Rbac_Core::getPermissions()->returnId($checkTitle);
if($pid) {
if($admin['id']!=1){
if(!Rbac_Core::getInstance()->check($pid, $admin['id'])) {
exit('您没有权限访问该网页1!<a href="javascript:window.history.back();">返回</a> ');
}
}
} else {
Rbac_Core::getPermissions()->add($checkTitle, $checkTitle);
//exit('您没有权限访问该网页2!<a href="javascript:window.history.back();">返回</a> ');
}*/
$purview = null;
// 后台菜单数组 S
$backendMenu = new \Core_CBackendMenu(ConstDefine::$backendMenu, $this->controllerName, $this->actionName, $purview);
$menustr = $backendMenu->get();
$this->_view->assign('backendMenu', $menustr);
// E
}
public function init()
{
session_start();
$requestUri = $_SERVER['REQUEST_URI'];
if (!in_array($requestUri, $this->whiteUri)) {
$this->adminId = $_SESSION['adminid'];
if (empty($this->adminId)) {
header('Location:/admin/index');
}
$Admin = new AdminModel();
$this->adminInfo = $Admin->getAdminInfo($this->adminId);
$this->getView()->assign('base_adminid', $this->adminId);
$this->getView()->assign('base_admininfo', $this->adminInfo);
}
}
public function resetPasswd()
{
parent::checkAdmin();
if (isset($_POST['send'])) {
$model = new AdminModel();
$model->oldPassword = sha1(trim($_POST['oldPassword']));
$model->password = sha1(trim($_POST['password']));
if ($model->resetPasswd()) {
Tool::alert('密码修改成功');
} else {
Tool::alertBackNoRefresh('原密码不正确或密码修改失败:(');
}
}
$this->render('default/resetPasswd');
}
function __construct()
{
parent::__construct();
$this->load->helper('date');
$this->load->library('email');
$this->load->model('RoleModel');
}
/**
* @return mpAPISource
*/
private function getAPISource()
{
if (!self::$apiSource) {
self::$apiSource = ConnectionManager::getDataSource('mpAPI');
}
return self::$apiSource;
}
public function loginAction()
{
//获取表单值
$user = $this->_getParam('user');
$pass = $this->_getParam('pass');
//实例化后台模型
$admin = new AdminModel();
//实例化session后台命名空间
$isValid = $admin->login($user, $pass);
if ($isValid) {
$this->session->adminName = $user;
$this->_redirect('/admin/index/index');
} else {
$this->_redirect('/admin/login/index');
}
}
public function login()
{
if ($_POST) {
$loginName = $_POST['loginName'];
$password = $_POST['password'];
if (isset($loginName) && isset($password)) {
$adminModel = new AdminModel();
$_SESSION['admin'] = $adminModel->login($loginName, $password);
if ($_SESSION['admin']) {
R('Admin', 'setting');
} else {
E('用户名或密码错误!');
}
}
}
$this->display();
}
public static function ActionChangeStandartTheme()
{
if (AdminModel::isAdmin() and isset($_POST['theme'])) {
$newTheme = $_POST['theme'];
AdminModel::changeStandartTheme($newTheme);
}
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
function __construct()
{
parent::__construct();
$this->load->helper('date');
$this->load->library('email');
$this->load->library('encrypt');
$this->load->helper('security');
}
function __construct()
{
parent::__construct();
$this->load->helper('date');
$this->load->library('email');
$this->load->model('MembershipModel');
$this->load->model('PaymentModel');
}
/**
* 保存
*/
public function saveSettingAction()
{
if (!$this->getRequest()->isPost()) {
$this->responseJson(401, '请求方式不正确');
}
$password = $_POST['password'];
if (empty($password)) {
$this->responseJson(401, '密码不能为空');
}
$admin = new AdminModel();
$ret = $admin->saveSetting($this->adminid, $password);
if ($ret[0]) {
$this->responseJson(200, $ret[1]);
} else {
$this->responseJson(401, $ret[1]);
}
return false;
}
protected function checkLogin()
{
$allow_action = array('login', 'signin', 'captcha', 'test');
if (CONTROLLER == 'Admin' && in_array(ACTION, $allow_action)) {
} else {
if (isset($_SESSION['uname']) and $_SESSION['is_login'] == 'yes') {
return true;
} else {
$admin_model = new AdminModel();
if ($admin_info = $admin_model->checkCookie()) {
$_SESSION['uname'] = $admin_info['admin_name'];
$_SESSION['is_login'] = '******';
} else {
$this->redirect('index.php?act=login');
}
}
}
}
public function check()
{
$db = new AdminModel();
$map['username'] = $_POST['userName'];
$map['psd'] = MD5($_POST['pwd'] . q13as21345fdga);
if ($_SESSION['verify'] != md5($_POST['verify'])) {
$this->ajaxReturn(0, '验证码错误!', 0);
} elseif (!$db->where($map)->find()) {
$_SESSION['username'] = $_POST['userName'];
$_SESSION['user_login_flag'] = true;
$this->ajaxReturn(2, '登陆成功!正在跳转...', 2);
$this->ajaxReturn(1, '用户名密码错误!', 1);
} else {
$_SESSION['username'] = $_POST['userName'];
$_SESSION['user_login_flag'] = true;
$this->ajaxReturn(2, '登陆成功!正在跳转...', 2);
}
}
public function init()
{
parent::init();
// ---------------- 判断登录 --------------------------------------
$admin = '';
$relogin = false;
// 判断session
$admin = Tools_help::getSession('admin');
if (empty($admin)) {
// 判断cookie
$admin = Tools_help::getCookie('admin');
if (empty($admin)) {
$this->redirect('/backend/Login/index');
} else {
$relogin = true;
}
}
// cookie重新验证
if ($admin && $relogin) {
$adminModel = new AdminModel();
$data = $adminModel->getAdminById($admin['id']);
if (empty($data) || $data['roleid'] != 1 || $data['password'] != $admin['password']) {
$this->redirect('/backend/Login/index');
}
$adminModel->reMemberMe($data);
$admin = $data;
}
// E
$this->_view->assign("curr_admin", $admin);
$this->admin = $admin;
$rbac = new Rbac_Core();
if ($admin['rid']) {
$checkTitle = strtolower($this->moduleName . '/' . $this->controllerName . '/' . $this->actionName);
$pid = $rbac->check($admin['rid'], $checkTitle);
if (empty($pid)) {
exit('您没有权限访问该网页!<a href="javascript:window.history.back();">返回</a> ');
}
}
$menu = $rbac->getMenu($admin['rid'], false);
// 后台菜单数组 S
$menustr = new \Core_CBackendMenu($menu, $this->controllerName, $this->actionName);
$this->_view->assign('backendMenu', $menustr);
// E
}
public function init()
{
//must check that the user has the required capability
if (!current_user_can('manage_options')) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
// See if the user has posted us some information
// If they did, this hidden field will be set to 'Y'
if (isset($_POST["hw2cf_email"])) {
$this->model->storeConf($_POST["hw2cf_email"]);
$this->data = $this->model->loadData();
// reload confs
// Put a "settings saved" message on the screen
?>
<div class="updated"><p><strong>Option saved</strong></p></div>
<?php
}
echo $this->getView()->getRender();
}
public function init()
{
session_start();
$requestUri = $_SERVER['REQUEST_URI'];
if (!in_array($requestUri, $this->whiteUri)) {
// 获取session
$adminid = $_SESSION['adminid'];
if (empty($adminid)) {
$this->redirect();
}
$Admin = new AdminModel();
$admininfo = $Admin->getAdminInfo($adminid);
$this->adminid = $adminid;
$this->admininfo = $admininfo;
$this->getView()->assign('adminid', $adminid);
$this->getView()->assign('admininfo', $admininfo);
$this->getView()->assign('layer_nav_first', '主面板');
}
}
public function actionAccountSettings()
{
if (Request::post('suspension') > 0 || Request::post('softDelete') == "on") {
AdminModel::setAccountSuspensionAndDeletionStatus(Request::post('suspension'), Request::post('softDelete'), Request::post('user_id'));
}
if (Request::post('resetUser') == "on") {
AdminModel::setActiveUserAndResetLoginFailed(Request::post('user_id'), Request::post('resetUser'));
}
Redirect::to("admin");
}
