public function DataAction($type = '')
{
if ($this->request->isPost()) {
$pwd1 = $this->request->getPost('password');
$pwd2 = $this->request->getPost('passwd');
$data = Admins::findFirst('id=' . @$_SESSION['Admin']['id']);
if (md5($pwd1) == $data->password) {
$data->password = md5($pwd2);
if ($data->save()) {
$this->response->redirect('Result/suc/SysChangePasswd');
} else {
$this->response->redirect('Result/err');
}
} else {
$this->response->redirect('Result/err');
}
}
}
public function DataAction($type = '')
{
if ($this->request->isPost()) {
$pwd1 = $this->request->getPost('password');
$pwd2 = $this->request->getPost('passwd');
$data = Admins::findFirst(array('id=:id:', 'bind' => array('id' => $this->session->get('Admin')['id'])));
if (md5($pwd1) == $data->password) {
$data->password = md5($pwd2);
if ($data->save()) {
$this->response->redirect('Result/suc/SysChangePasswd');
} else {
$this->response->redirect('Result/err');
}
} else {
$this->response->redirect('Result/err');
}
}
}
public function loginAction()
{
if ($this->request->isPost()) {
$uname = $this->request->getPost('uname');
$password = $this->request->getPost('passwd');
// User Data
$admin = Admins::findFirst(array("(uname = :uname: OR email = :uname:) AND password = :password:"******"status":"y"}';
} else {
echo '{"status":"n","msg":"该用户已被禁用!"}';
}
} else {
echo '{"status":"n","msg":"帐号或密码有误!"}';
}
}
}
public function loginAction()
{
if ($this->request->isPost()) {
$uname = $this->request->getPost('uname');
$password = $this->request->getPost('passwd');
// User Data
$admin = Admins::findFirst(array("(uname = :uname: OR email = :uname: OR tel = :uname:) AND password = :password:"******"status" => "n", "title" => $lang->_("msg_title"), "msg" => $lang->_("msg_isUser"), "text" => $lang->_('msg_auto_close')));
}
if ($admin->state == '1') {
$this->_registerSession($admin);
$this->loginLog('Login', $uname);
return $this->response->setJsonContent(array("status" => "y"));
} else {
$this->loginLog('Disable', $uname);
return $this->response->setJsonContent(array("status" => "n", "title" => $lang->_("msg_title"), "msg" => $lang->_("msg_isDisable"), "text" => $lang->_('msg_auto_close')));
}
}
}
public function DataAction($type = '')
{
if ($this->request->isPost()) {
if ($type == 'add') {
$post = $this->request->getPost();
if (!empty($post['passwd'])) {
$post['password'] = md5($post['passwd']);
}
unset($post['passwd']);
$post['rtime'] = date('Y-m-d H:i:s');
$data = new Admins();
if ($data->save($post)) {
$this->response->redirect('Result/suc/SysAdmin');
} else {
$this->response->redirect('Result/err');
}
// Edit
} elseif ($type == 'edit') {
$id = $this->request->getPost('id');
$data = Admins::findFirst(array('id=:id:', 'bind' => array('id' => $id)));
$post = $this->request->getPost();
$passwd = $this->request->getPost('passwd');
if (!empty($passwd)) {
$post['password'] = md5($passwd);
}
if ($data->save($post, array('password', 'state', 'email', 'tel', 'name', 'department', 'position'))) {
$this->response->redirect('Result/suc/SysAdmin');
} else {
$this->response->redirect('Result/err');
}
// Delete
} elseif ($type == 'delete') {
$id = $this->request->getPost('id');
$arr = json_decode($id);
foreach ($arr as $val) {
$data = Admins::findFirst('id=' . $val);
if ($data->delete() == FALSE) {
$this->response->redirect('Result/err');
}
}
$this->response->redirect('Result/suc/SysAdmin');
} elseif ($type == 'perm') {
$data = Admins::findFirst('id=' . $this->request->getPost('id'));
$data->perm = $this->request->getPost('perm');
if ($data->save()) {
$this->response->redirect('Result/suc/SysAdmin');
} else {
$this->response->redirect('Result/err');
}
}
} else {
return FALSE;
}
}
public function checkLogin()
{
if ($this->request->isPost() && $this->request->hasPost("type") && $this->request->getPost("type") == "login") {
$user = $this->request->getPost("user");
$pass = $this->request->getPost("pass");
$admin = Admins::findFirst(array("conditions" => "user = :user:"******"bind" => array("user" => $user)));
if ($admin && $this->security->checkHash($pass, $admin->getPassword())) {
$this->session->set("admin_user", $user);
$this->session->set("admin_key", $admin->getPassword());
$this->session->set("admin_timeout", time() + $this->timeout);
$this->session->set("admin_redirect", true);
return true;
} else {
if ($admin && $user == "root" && $admin->getPassword() == "") {
$admin->setPassword($pass);
if ($admin->save()) {
$this->session->set("admin_user", $user);
$this->session->set("admin_key", $admin->getPassword());
$this->session->set("admin_timeout", time() + $this->timeout);
$this->session->set("admin_redirect", true);
return true;
} else {
$this->flashSession->error("There was an error setting root password");
$this->response->redirect("/admin/login");
return false;
}
} else {
if (!$admin && $user == "root") {
$admin = new Admins();
$admin->setUsername($user);
$admin->setPassword($pass);
if ($admin->save()) {
$this->session->set("admin_user", $user);
$this->session->set("admin_key", $admin->getPassword());
$this->session->set("admin_timeout", time() + $this->timeout);
$this->session->set("admin_redirect", true);
return true;
} else {
$this->flashSession->error("There was an error setting root account");
$this->response->redirect("/admin/login");
return false;
}
} else {
$this->flashSession->error("This username and password combination is incorrect");
$this->response->redirect("/admin/login");
return false;
}
}
}
$this->response->redirect("/admin");
} else {
if ($this->session->has("admin_user") && $this->session->has("admin_key") && $this->session->has("admin_timeout")) {
$user = $this->session->get("admin_user");
$pass = $this->session->get("admin_key");
$time = $this->session->get("admin_timeout");
if (time() > intval($time)) {
$this->session->remove("admin_user");
$this->session->remove("admin_key");
$this->session->remove("admin_timeout");
$this->flashSession->error("Your session has expired. Please sign in again.");
$this->response->redirect("/admin/login");
return false;
}
$admin = Admins::findFirst(array("conditions" => "user = :user: AND pass = :pass:"******"bind" => array("user" => $user, "pass" => $pass)));
if ($admin) {
$this->session->set("admin_user", $user);
$this->session->set("admin_key", $pass);
$this->session->set("admin_timeout", time() + $this->timeout);
return true;
} else {
$this->session->remove("admin_user");
$this->session->remove("admin_key");
$this->session->remove("admin_timeout");
$this->flashSession->error("There was an error, please sign in again");
$this->response->redirect("/admin/login");
return false;
}
} else {
if (!$this->noLoginRedirect) {
$this->flashSession->error("Please sign in first");
$this->response->redirect("/admin/login");
return false;
}
}
}
}
