/**
* 管理员登录
*/
public function loginAction()
{
$request = $this->getRequest();
$admin_service = new AdminService();
//用户已登录跳转到后台首页
if ($admin_service->checkLogin() == true) {
return $this->redirect('/admin');
}
if ($request->isPost()) {
$username = trim($request->getParam('username'));
$password = $request->getParam('password');
$captcha = $request->getParam('captcha');
$remember = $request->getParam('remember');
if (empty($username)) {
return $this->showJson(1, '请输入用户名');
}
if (empty($password) || strlen($password) < 6) {
return $this->showJson(2, '请输入6位以上密码');
}
if ($admin_service->checkCaptcha($captcha) == false) {
return $this->showJson(3, '帐号或密码有误,请重新输入');
}
$admin = $admin_service->getAdminByUsername($username);
if (empty($admin)) {
return $this->showJson(403, '帐号或密码有误,请重新输入');
}
//当天密码错误超过500次
if ($admin['error_times'] > 500) {
return $this->showJson(4, '帐号密码输入错误次数过多,请明日再试。');
}
//验证密码是否正确
if ($admin['password'] == Password::Encryption($username, $password)) {
$admin_service->adminLogin($username, '', $remember);
} else {
$admin_data = array();
if (Star_Date::getDate() == $admin['error_date']) {
$admin_data = array('error_date' => Star_Date::getDate(), 'error_times' => 'error_times + 1');
} else {
$admin_data = array('error_date' => Star_Date::getDate(), 'error_times' => 1);
}
$admin_service->updateAdmin($admin['admin_id'], $admin_data, false);
return $this->showJson(403, '帐号或密码有误,请重新输入');
}
return $this->showJson(0, '登录成功');
}
}
/**
* 添加管理员
*/
public function addadminAction()
{
$request = $this->getRequest();
$admin_service = new AdminService();
if ($request->isPost()) {
$username = Star_String::escape($request->getParam('username'));
$admin_name = Star_String::escape($request->getParam('admin_name'));
$department_id = (int) $request->getParam('department_id');
$password = $request->getParam('password');
if (empty($password)) {
return $this->showWarning('对不起,密码不能为空。');
}
if (Star_String::strLength($password) < 6) {
return $this->showWarning('对不起,密码不能少于6个字符。');
}
if (empty($username)) {
return $this->showWarning('对不起,用户名不能为空。');
}
if ($admin_service->getAdminByUsername($username)) {
return $this->showWarning('对不起,用户名已经存在了。');
}
$admin_data = array('department_id' => $department_id, 'username' => $username, 'admin_name' => $admin_name ? $admin_name : $username, 'password' => Password::Encryption($username, $password), 'error_times' => 0, 'error_date' => Star_Date::getDate(), 'last_login' => time(), 'add_time' => time(), 'update_time' => time());
$admin_id = $admin_service->insertAdmin($admin_data);
if ($admin_id) {
$menu_ids = $request->getParam('menu_ids');
if (!empty($menu_ids)) {
$menu_ids = array_unique($menu_ids);
foreach ($menu_ids as $menu_id) {
$auth_data = array('menu_id' => (int) $menu_id, 'department_id' => 0, 'admin_id' => $admin_id, 'add_time' => time(), 'update_time' => time());
//添加权限
$admin_service->insertAuth($auth_data);
}
}
return $this->showMessage('恭喜您,成功添加管理员。', '/system/adminmanage');
} else {
return $this->showWarning('很遗憾,添加管理员失败。');
}
}
$departments = $admin_service->getDepartmentOption();
$this->view->assign(array('departments' => $departments, 'admin' => array()));
$this->render('admininfo');
}
