/**
* 后台日志记录
* @param $intro
*/
public static function _create(array $arr = array())
{
$session = new XSession();
$admini = $session->get('_admini');
$model = new AdminLogger();
$model->attributes = $arr;
!isset($arr['user_id']) && ($model->user_id = intval($admini['userId']));
$model->url = Yii::app()->request->getRequestUri();
$model->ip = XUtils::getClientIP();
$model->save();
}
/**
* 设置用户信息
*/
protected function SetUserInfo()
{
$this->cur_user = XSession::Get("Cur_X_User");
$this->cur_userid = $this->cur_user['id'];
$this->culture = isset($this->cur_user['culture']) ? $this->cur_user['culture'] : $this->culture;
$this->smarty->assign("Cur_X_User", $this->cur_user);
}
/**
* 设置用户信息
*/
protected function SetUserInfo()
{
$this->cur_user = XSession::Get("Cur_X_User");
$this->cur_userid = isset($this->cur_user['id']) ? $this->cur_user['id'] : 0;
$this->smarty->assign("cur_userid", $this->cur_userid);
$this->smarty->assign("cur_x_user", $this->cur_user);
}
/**
* 后台菜单过滤
*
*/
public static function filterMenu($append = ',home,home_index')
{
$session = new XSession();
$admini = $session->get('_admini');
$groupId = $admini['groupId'];
if ($groupId != 1) {
$aclModel = AdminGroup::model()->findByPk($groupId);
$acl = $aclModel->acl . $append;
$aclArr = explode(',', $acl);
foreach (self::$aclList as $k => $r) {
if (!in_array($r['acl'], $aclArr)) {
unset(self::$aclList[$k]);
} else {
self::$aclList[$k]['url'] = self::_parentRouter($k, $aclArr);
foreach ($r['action'] as $kk => $rr) {
if (!in_array($rr['acl'], explode(',', $acl))) {
unset(self::$aclList[$k]['action'][$kk]);
}
}
}
}
}
return self::$aclList;
}
/**
* 设备增加
*/
public function addAction()
{
$isadd = 0;
if ($_POST) {
//获取修改人信息
$adminuser = XSession::Get('Cur_X_User');
$_POST['cadminid'] = $adminuser['id'];
$_POST['cadmin'] = $adminuser['realname'];
$_POST['ctime'] = time();
$obj = new Psys_IpcModel();
$r = $obj->AddOne($_POST);
$isadd = $r > 0 ? 1 : -1;
}
$this->smarty->assign('isadd', $isadd);
$this->forward = "add";
}
/**
* 充值
*/
public function addAction()
{
$obj = new Psys_SmsModel();
if ($_POST) {
//获取修改人信息
$adminuser = XSession::Get('Cur_X_User');
$data['nume'] = (int) $_POST['nume'];
$data['type'] = (int) $_POST['type'];
$data['user'] = $adminuser['realname'];
$data['ctime'] = time();
$r = $obj->AddOne($data);
if ($r) {
header('location:/sms/index');
}
}
$this->forward = "add";
}
/**
*
* @do 添加新用户
*
* @access public
* @author Nick
* @copyright rockhippo
* @param -
* @return -
*
*/
public function addAction()
{
global $G_X;
$admins = XSession::Get("TA_user");
$PSys_UserModel = new PSys_UserModel();
if ($this->ispost) {
$data['username'] = reqstr("username", "");
$data['password'] = reqstr("password", "");
$data['email'] = reqstr("email", "");
$data['role_id'] = reqnum("role_id", 0);
$data['nick'] = reqstr("nick", "");
$data['phone'] = reqstr("phone", "");
$data['address'] = reqstr("address", "");
$data['photo'] = reqstr("photo", "");
$data['age'] = reqstr("age", 0);
$data['sex'] = reqnum("sex", 1);
$data['createtime'] = time();
$data['creater_id'] = $admins['id'];
if (!$data['username'] || !$data['password'] || !$data['email'] || !$data['role_id']) {
$this->jump('The user information is error.', 'errors', '/user/add');
exit;
}
$data['password'] = md5($G_X['passAddTo'] . $data['password']);
$return = $PSys_UserModel->MAddUser($data);
if ($return['output'] == 1) {
$this->operateLogs(1);
$this->jump('Create the user successed.', 'success', '/user/index');
} else {
$this->operateLogs(0);
$this->jump('Create the user failed.', 'errors', '/user/index');
}
exit;
}
$PSys_RoleModel = new PSys_RoleModel();
$where = array();
$order = "role_id ASC";
$role = $PSys_RoleModel->GetList($where, $order, 1, 100, "role_id,rolename");
$timestamp = time();
$timestamp_token = md5($G_X['upload']['unique_salt'] . $timestamp);
$this->smarty->assign("timestamp", $timestamp);
$this->smarty->assign("timestamp_token", $timestamp_token);
$this->smarty->assign("role", $role);
$this->smarty->assign("active", "user/index");
$this->forward = "add";
}
public function logoutAction()
{
XSession::Get("Cur_X_User", true);
session_destroy();
if ($this->isajax) {
return array("result" => "SUCCESS");
} else {
header("Location:/account/login");
}
}
/**
*
* @do my data
*
* @access public
* @author Nick
* @copyright rockhippo
* @param -
* @return -
*
*/
public function mydataAction()
{
global $G_X;
$user = XSession::Get("TA_user");
$userModel = new PSys_UserModel();
if ($this->ispost) {
$where = array();
$where['user_id'] = $user['id'];
$data = array();
$data['nick'] = reqstr("nick", "");
$data['age'] = reqstr("age", "");
$data['phone'] = reqstr("phone", "");
$data['address'] = reqstr("address", "");
$data['photo'] = reqstr("photo", "");
$return = $userModel->UpdateOne($data, $where, "ta_user_information");
if ($return) {
$this->jump("Edit success.", "success", "/index/mydata", 1);
} else {
$this->jump("Edit failed.", "errors", "/index/mydata", 1);
}
exit;
}
$where = array();
$where['id'] = $user['id'];
$data = $userModel->GetOne($where, "*", "view_user");
$timestamp = time();
$timestamp_token = md5($G_X['upload']['unique_salt'] . $timestamp);
$this->smarty->assign("timestamp", $timestamp);
$this->smarty->assign("timestamp_token", $timestamp_token);
$this->smarty->assign("data", $data);
$this->forward = "mydata";
}
public function SetSessionInfo(array $one)
{
XSession::Set("Cur_X_User", $one);
}
public function run($prj = '')
{
$mod = '';
$act = '';
UrlParse($prj, $mod, $act);
$isnologinerr = false;
global $G_X;
$noyz = @$G_X['allow_project'][$prj]['nologin'][$mod];
if (!is_array($noyz)) {
$noyz = array();
}
$actstr = $act == '' ? 'index' : $act;
$actstr .= "Action";
//echo $G_X['modstr']."<br />";
$session = XSession::Get("TA_user");
//开发阶段取消验证
//if(!in_array($act, $noyz))
if (!in_array($act, $noyz)) {
//进行权限校验
$session = XSession::Get("TA_user");
if ($session) {
$app_array = $session['app_array'];
$session['app_array'] = $app_array == 'All' ? 'All' : eval("return {$app_array};");
if ($session['app_array'] != 'All') {
$session['app_array'] = array_merge($session['app_array'], $G_X["allow_project"][$prj]["filter"]);
}
}
if ($session == null) {
if ($mod == 'admin') {
header("Location:" . PUC_BASE_URL . "admin/login");
return;
}
if ($prj == 'psys') {
header("Location:" . PSYS_BASE_URL . "index/login");
return;
}
if (empty($prj)) {
$prj = "pweb";
}
$mod = "index";
$act = "index";
$isnologinerr = true;
} elseif (!ckAccess($session['app_array'], $prj, $mod, $act, $G_X['all_privilege']['url'])) {
if (substr($actstr, 0, 4) == "ajax" || req("ajax")) {
exit(json_encode(array('result' => 'ERROR', 'msg' => MsgInfoConst::GetMsg(2004, 'en'), 'msgcode' => 2004)));
}
echo "<script>window.location.href='/jump/index?type=errors&message=privilege';</script>";
return;
}
}
$G_X['modstr'] = $mod;
$G_X['actstr'] = $act;
$G_X['prjstr'] = $prj;
$actstr = $act . "Action";
$modstr = $mod . "Controller";
$file = constant(strtoupper($prj) . "_PATH") . "controller" . DIRECTORY_SEPARATOR . $modstr . ".php";
if (file_exists($file)) {
require_once $file;
} else {
header('HTTP/1.1 404 Not Found');
//header("status: 404 Not Found");
exit;
//print_r($G_X);
//exit("文件不存在---->".$file);
}
$modobj = new $modstr();
if ($modobj->isajax) {
//判断访问为ajax请求
try {
if ($isnologinerr) {
$return = array('result' => 'ERROR', 'msg' => MsgInfoConst::GetMsg(2005, $modobj->culture), 'msgcode' => 2005);
} else {
$return = $modobj->{$actstr}();
}
} catch (Exception $e) {
$return['result'] = 'ERROR';
//SUCCESS表示成功
$return['msg'] = $e->getMessage();
}
header('Content-type: application/json');
exit(json_encode($return));
} else {
try {
$modobj->{$actstr}();
} catch (Exception $e) {
exit($e->getMessage());
}
}
if (in_array($modobj->forward, array("msg", "msg_nologin", "ajaxmsg"))) {
$modobj->smarty->display($modobj->forward . ".html");
} else {
$html = $mod . DIRECTORY_SEPARATOR . $modobj->forward . ".html";
$modobj->smarty->display($html);
}
}
/**
* 处理用户权限,根据url返回中文显示
* @return array
*/
function handle_qxlist()
{
$userinfo = XSession::Get('Cur_X_User');
if ($userinfo['id'] < 1) {
return array();
}
$priviactionModel = new PWeb_PriviActionModel();
$qxlist = $priviactionModel->GetList('', '', 0, 0, 'cnname, url');
foreach ($qxlist['allrow'] as $k => $v) {
$temp[$v['url']] = $v['cnname'];
}
foreach ($userinfo['qxlist'] as $k => $v) {
$userinfo['qxlist'][$k] = array('url' => $v, 'title' => $temp[$v]);
}
/*foreach ($userinfo['qxlist'] as $k1 => $v1) {
foreach ($qxlist['allrow'] as $k2 => $v2) {
if ($v1 == $v2['url']) {
$userinfo['qxlist'][$k1] = array('url' => $v2['url'], 'title' => $v2['cnname'],);
}
}
}*/
return $userinfo;
}
<?php
/**
* 摘 要:引导页
*/
error_reporting(E_ALL);
date_default_timezone_set('PRC');
header("Content-Type:text/html; charset=utf-8");
$curdir = dirname(__FILE__) . DIRECTORY_SEPARATOR;
require_once $curdir . 'define.php';
require_once $curdir . 'init.php';
require_once PSYS_PATH . 'controller' . DIRECTORY_SEPARATOR . "PSys_AbstractController.php";
XSession::Init();
XRun::run("psys");
public function run($prj = '')
{
$mod = '';
$act = '';
UrlParse($prj, $mod, $act);
$isnologinerr = false;
$prj = strtolower($prj);
$mod = strtolower($mod);
$act = strtolower($act);
global $G_X;
$noyz = @$G_X['allow_project'][$prj]['nologin'];
$noyz = isset($noyz[$mod]) ? $noyz[$mod] : array();
$noyz = is_array($noyz) ? $noyz : array();
$actstr = $act == '' ? 'index' : $act;
$actstr .= "Action";
//echo $G_X['modstr']."<br />";
//$session=XSession::Get("Cur_X_User");
//开发阶段取消验证
//if(!in_array($act, $noyz))
if (!in_array($act, $noyz)) {
//进行权限校验
$session = XSession::Get("TA_user") || XSession::Get("Cur_X_User");
if ($session == null) {
if ($prj == 'psys') {
$mod = "account";
$act = "login";
} else {
if (empty($prj)) {
$prj = "pc";
}
$mod = "index";
$act = "index";
$isnologinerr = true;
}
} elseif (isset($session['qxlist']) && !ckAccess($session['qxlist'], $prj, $mod, $act, $G_X['all_privilege']['url'])) {
//print_r($session['qxlist']);
//exit;
if (substr($actstr, 0, 4) == "ajax" || req("ajax")) {
exit(json_encode(array('result' => 'ERROR', 'msg' => '您没有权限', 'msgcode' => 2004)));
}
header("Location:/html/noaccess.html");
return;
}
}
$G_X['modstr'] = $mod;
$G_X['actstr'] = $act;
$G_X['prjstr'] = $prj;
$actstr = $act . "Action";
$modstr = $mod . "Controller";
$file = constant(strtoupper($prj) . "_PATH") . "controller" . DIRECTORY_SEPARATOR . $modstr . ".php";
if (file_exists($file)) {
require_once $file;
} else {
header('HTTP/1.1 404 Not Found');
//header("status: 404 Not Found");
exit;
//print_r($G_X);
//exit("文件不存在---->".$file);
}
$modobj = new $modstr();
if ($modobj->isajax) {
//判断访问为ajax请求
try {
if ($isnologinerr) {
$return = array('result' => 'ERROR', 'msg' => '您没有登录', 'msgcode' => 2005);
} else {
$return = $modobj->{$actstr}();
}
} catch (Exception $e) {
$return['result'] = 'ERROR';
//SUCCESS表示成功
$return['msg'] = $e->getMessage();
}
header('Content-type: application/json');
exit(json_encode($return));
} else {
try {
$modobj->{$actstr}();
} catch (Exception $e) {
exit($e->getMessage());
}
}
if (in_array($modobj->forward, array("msg", "msg_nologin", "ajaxmsg"))) {
$html = 'shared' . DIRECTORY_SEPARATOR . $modobj->forward . ".html";
} else {
$html = $mod . DIRECTORY_SEPARATOR . $modobj->forward . ".html";
}
$modobj->smarty->display($html);
}
* 修 改 者:$LastChangedBy: tony_ren $
* 版本地址:$HeadURL: http://192.168.1.100:12000/svn/rocktrain/trunk/RockAdmin/public/psys/v.php $
* 摘 要:验证码
*/
$pubcomm = dirname(dirname(dirname(__FILE__))) . DIRECTORY_SEPARATOR . "protected" . DIRECTORY_SEPARATOR . "publib" . DIRECTORY_SEPARATOR . "comm" . DIRECTORY_SEPARATOR;
require_once $pubcomm . 'XSession.php';
//随机生成一个4位数的数字验证码
$num = "";
for ($i = 0; $i < 4; $i++) {
$num .= rand(0, 9);
}
//4位验证码也可以用rand(1000,9999)直接生成
//将生成的验证码写入session,备验证页面使用
//Session_start();
XSession::Init();
XSession::Set("avacode", $num);
//创建图片,定义颜色值
//Header("Content-type: image/PNG");
srand((double) microtime() * 1000000);
$im = imagecreatetruecolor(60, 20);
$black = ImageColorAllocate($im, 0, 0, 0);
$gray = ImageColorAllocate($im, 200, 200, 200);
imagefill($im, 0, 0, $gray);
//随机绘制两条虚线,起干扰作用
$style = array($black, $black, $black, $black, $black, $gray, $gray, $gray, $gray, $gray);
imagesetstyle($im, $style);
$y1 = rand(0, 20);
$y2 = rand(0, 20);
$y3 = rand(0, 20);
$y4 = rand(0, 20);
imageline($im, 0, $y1, 60, $y3, IMG_COLOR_STYLED);
function __construct()
{
self::$_begin = microtime(true);
}
/**
* 添加系统日志
* @param string $Message 系统日志
* @param array $UserInfo 用户信息
*/
public function AddSysLog($Message, array $UserInfo = array())
{
$cr = $this->GetClassObj();
if (count($UserInfo) == 0) {
$UserInfo = XSession::Get("Cur_X_User");
}
$data['CreateUid'] = $UserInfo['id'];
$data['Creator'] = $UserInfo['nickname'];
$data['OpContent'] = $Message;
$data['CreateTime'] = time();
$data['OpUrl'] = @$_SERVER['REQUEST_URI'];
return $cr->Insert($data);
}
/**
*
* @do 操作记录
*
* @access public
* @author Nick
* @copyright rockhippo
* @param -
* @return -
*
*/
public function operateLogs($status)
{
global $G_X;
//操作人
$user = XSession::Get("TA_user");
$data = array();
$data['userid'] = $user['id'];
$data['username'] = $user['username'];
$data['operate'] = $G_X['modstr'] . "-" . $G_X['actstr'];
$data['values'] = var_export($_REQUEST, true);
$data['logtime'] = time();
$data['status'] = $status;
$PSys_LogsModel = new PSys_LogsModel();
$PSys_LogsModel->AddOne($data);
}
* 修 改 者:$LastChangedBy$
* 版本地址:$HeadURL$
* 摘 要:验证码
*/
$pubcomm = dirname(dirname(dirname(__FILE__))) . DIRECTORY_SEPARATOR . "protected" . DIRECTORY_SEPARATOR . "publib" . DIRECTORY_SEPARATOR . "comm" . DIRECTORY_SEPARATOR;
require_once $pubcomm . 'XSession.php';
//随机生成一个4位数的数字验证码
$num = "";
for ($i = 0; $i < 4; $i++) {
$num .= rand(0, 9);
}
//4位验证码也可以用rand(1000,9999)直接生成
//将生成的验证码写入session,备验证页面使用
//Session_start();
XSession::Init();
XSession::Set("AdminLoginVcode", $num);
//创建图片,定义颜色值
//Header("Content-type: image/PNG");
srand((double) microtime() * 1000000);
$im = imagecreatetruecolor(60, 20);
$black = ImageColorAllocate($im, 0, 0, 0);
$gray = ImageColorAllocate($im, 200, 200, 200);
imagefill($im, 0, 0, $gray);
//随机绘制两条虚线,起干扰作用
$style = array($black, $black, $black, $black, $black, $gray, $gray, $gray, $gray, $gray);
imagesetstyle($im, $style);
$y1 = rand(0, 20);
$y2 = rand(0, 20);
$y3 = rand(0, 20);
$y4 = rand(0, 20);
imageline($im, 0, $y1, 60, $y3, IMG_COLOR_STYLED);
