/**
+----------------------------------------------------------
* 模板站点配置
+----------------------------------------------------------
* @access private
+----------------------------------------------------------
* @return void
+----------------------------------------------------------
*/
private static function checkUser()
{
global $ts;
//邀请
if ($_GET['validationcode'] && $_GET['validationid']) {
service('Validation')->dispatchValidation();
}
//检查用户是否登录
$passport = service('Passport');
//验证登陆
if (!$passport->isLogged()) {
//未登录 - 给游客赋予ID
if (APP_NAME == 'home' && MODULE_NAME == 'Index' && ACTION_NAME == 'index' && isset($_REQUEST['invite'])) {
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=register&invite=' . $_REQUEST['invite']);
}
// 是否开启游客访问
if (APP_NAME == 'home' && MODULE_NAME == 'Space' && !$ts['site']['site_anonymous']) {
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=login');
}
//游客访问控制
$acl = C('access');
if ($acl[APP_NAME . '/' . MODULE_NAME . '/' . ACTION_NAME] === true) {
} elseif ($acl[APP_NAME . '/' . MODULE_NAME . '/' . ACTION_NAME] === false) {
App::__remeberReferUrl();
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=login');
} elseif ($acl[APP_NAME . '/' . MODULE_NAME . '/*'] === true) {
} elseif ($acl[APP_NAME . '/' . MODULE_NAME . '/*'] === false) {
App::__remeberReferUrl();
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=login');
} elseif ($acl[APP_NAME . '/*/*'] === true) {
} elseif ($acl[APP_NAME . '/*/*'] === false) {
App::__remeberReferUrl();
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=login');
} else {
App::__remeberReferUrl();
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=login');
}
} else {
//已登录 - 检查用户禁止 - 检查用户访问应用的权限
// 设为在线
setOnline($_SESSION['mid']);
// 检查用户权限. 管理后台的权限由它自己控制.
global $ts;
if (!service('SystemPopedom')->hasPopedom()) {
if (APP_NAME == 'admin') {
exit('您无权查看');
} else {
redirect(U('home'), 5, '您无权查看');
}
}
}
//获取appid
//检查app的各种权限
return;
}
/**
+----------------------------------------------------------
* 用户访问权限验证
+----------------------------------------------------------
* @access private
+----------------------------------------------------------
* @return void
+----------------------------------------------------------
*/
private static function checkUser()
{
global $ts;
// 邀请
if ($_GET['validationcode'] && $_GET['validationid']) {
service('Validation')->dispatchValidation();
}
// 验证登陆
if (!service('Passport')->isLogged()) {
// 未登陆
// 邀请
if (APP_NAME == 'home' && MODULE_NAME == 'Index' && ACTION_NAME == 'index' && isset($_REQUEST['invite'])) {
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=register&invite=' . $_REQUEST['invite']);
}
// 是否开启游客访问
if (APP_NAME == 'home' && MODULE_NAME == 'Space' && !$ts['site']['site_anonymous']) {
redirect(U('home/Public/login'));
}
// 匿名访问控制
if (!canAccess()) {
if (App::isAjax() || strpos($_SERVER['REQUEST_URI'], "addon") != FALSE) {
// Ajax访问禁止匿名的资源时, 不做自动跳转
exit;
} else {
// 记录登陆前的url地址
$_SESSION['refer_url'] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
redirect(U('home/Public/login'));
}
}
} else {
// 已登录
// 设为在线
setOnline($_SESSION['mid']);
// 检查用户权限. 管理后台的权限由它自己控制.
if (!service('SystemPopedom')->hasPopedom()) {
if (APP_NAME == 'admin') {
redirect(U('home/Public/adminlogin'), 5, '您无权查看');
} else {
redirect(U('home'), 5, '您无权查看');
}
}
}
return;
}
}
if (isset($_POST['enter'])) {
//validate admin using username and password
$user = $_POST['username'];
$pass = $_POST['password'];
$hash_pass = sha1($pass);
$query = "SELECT * from admin LIMIT 1";
$result = mysqli_query($connection, $query);
$flag = 0;
while ($row = mysqli_fetch_array($result)) {
if ($user == $row['user'] && $hash_pass == $row['password']) {
$_SESSION['admin_id'] = $row['id'];
$_SESSION['adminname'] = $row['user'];
$flag = 1;
}
}
if ($flag == 1) {
setOnline($connection);
header("Location: index.php");
exit;
} else {
header("Location: index.php?attempt=1");
exit;
}
}
?>
<?php
if (isset($_GET['attempt'])) {
echo '<span class="error">Invalid User Id/Password</span>';
}
