/**
* 登录
*/
public function login()
{
$user = $this->getR('user');
$pwd = $this->convertPwd($this->getR('pwd'));
$this->_modelUser = $this->getGlobal('model/User', 'Model_User');
$userResult = $this->_modelUser->findByUser($user);
if (!$userResult) {
return array('status' => -1, 'info' => '账号不存在', 'data' => null);
}
if ($userResult['pwd'] != $pwd) {
return array('status' => -1, 'info' => '用户名密码错误', 'data' => null);
}
$this->setLogin($userResult);
$this->_modelUser->update(array('login_count' => '@@@+1'), "id={$userResult['id']}");
//增加登录次数
return array('status' => 1, 'info' => '登录成功', 'data' => null);
}
/**
* 删除部门
*/
private function _departmentDel()
{
if ($this->_modelDepartment->delById($_GET['Id'])) {
$this->_modelUser->update(array('department_id' => '0'), "department_id={$_GET['Id']}");
//将这个部门的所有员工都更新为0,无部门
$this->_modelDepartment->createCache();
$this->_modelUser->createCache();
$this->_utilMsg->showMsg('删除部门成功');
} else {
$this->_utilMsg->showMsg('删除部门失败', -2);
}
}
public function updateAction()
{
//定义更新方法
$table = new Model_User();
//类的实例化
$set = array('tb_user' => 'mingri');
$where = 'id = 2';
//定义更新条件
if ($table->update($set, $where)) {
//执行更新操作
$this->view->update = "修改成功!";
} else {
$this->view->update = "该数据不存在或已经被修改过";
}
}
public function setlangAction()
{
$this->referer = $_SERVER['HTTP_REFERER'];
$lang = $this->_getParam("language");
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$umodel = new Model_User();
$data = (array) $auth->getIdentity();
$data['lang'] = $lang;
$umodel->update($data);
$auth->getStorage()->write((object) $data);
}
setcookie("lang", $lang, null, '/');
if ($this->hasValidReferer()) {
$new_url = explode("/", $this->referer);
if (count($new_url) > 3 && strlen($new_url[3]) > 0) {
$new_url[3] = $lang;
}
$this->_redirect(join("/", $new_url), array('code' => 301));
} else {
$this->_redirect('/', array('code' => 301));
}
}
/**
*
* Check if we need to login the user or display the form, same form for normal user and admin
*/
public function action_login()
{
//if user loged in redirect home
if (Auth::instance()->logged_in()) {
Auth::instance()->login_redirect();
} elseif ($this->request->post() and CSRF::valid('login')) {
$blocked_login = FALSE;
// Load the user
$user = new Model_User();
$user->where('email', '=', core::post('email'))->where('status', 'in', array(Model_User::STATUS_ACTIVE, Model_User::STATUS_SPAM))->limit(1)->find();
// Check if we must block this login attempt.
if ($user->loaded() and $user->failed_attempts > 2) {
// failed 2 or 3 attempts, wait 1 minute until next attempt
if ($user->failed_attempts < 5 and $user->last_failed > Date::unix2mysql(strtotime('-1 minute'))) {
$blocked_login = TRUE;
Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in a minute.'));
} elseif ($user->failed_attempts > 4 and $user->last_failed > Date::unix2mysql(strtotime('-24 hours'))) {
$blocked_login = TRUE;
Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in 24 hours.'));
}
}
//not blocked so try to login
if (!$blocked_login) {
Auth::instance()->login(core::post('email'), core::post('password'), (bool) core::post('remember'));
//redirect index
if (Auth::instance()->logged_in()) {
if ($user->loaded()) {
$user->failed_attempts = 0;
try {
// Save the user
$user->update();
} catch (ORM_Validation_Exception $e) {
Form::set_errors($e->errors(''));
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
//is an admin so redirect to the admin home
Auth::instance()->login_redirect();
} else {
Form::set_errors(array(__('Wrong email or password') . '. ' . '<a class="alert-link" href="' . Route::url('oc-panel', array('directory' => 'user', 'controller' => 'auth', 'action' => 'forgot')) . '">' . __('Have you forgotten your password?') . '</a>'));
if ($user->loaded()) {
// this is fifth failed attempt, invalidate token?
if ($user->failed_attempts == 4) {
$user->token = NULL;
$user->user_agent = NULL;
$user->token_created = NULL;
$user->token_expires = NULL;
}
$user->failed_attempts = new Database_Expression('failed_attempts + 1');
$user->last_failed = Date::unix2mysql(time());
try {
// Save the user
$user->update();
} catch (ORM_Validation_Exception $e) {
Form::set_errors($e->errors(''));
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
}
}
}
//Login page
$this->template->title = __('Login');
$this->template->meta_description = __('Login to') . ' ' . Core::config('general.site_name');
$this->template->content = View::factory('pages/auth/login');
}
/**
* Allow a user to reset his password after he had forgotten it.
*
* @return void
*/
public function resetpasswordAction()
{
$this->view->title = __('reset password page title');
$authVars = Garp_Auth::getInstance()->getConfigValues();
$activationCode = $this->getRequest()->getParam('c');
$activationEmail = $this->getRequest()->getParam('e');
$expirationColumn = $authVars['forgotpassword']['activation_code_expiration_date_column'];
$userModel = new Model_User();
$activationCodeClause = 'MD5(CONCAT(' . $userModel->getAdapter()->quoteIdentifier($authVars['forgotpassword']['activation_token_column']) . ',' . 'MD5(email),' . 'MD5(' . $userModel->getAdapter()->quote($authVars['salt']) . '),' . 'MD5(id)' . ')) = ?';
$select = $userModel->select()->where($activationCodeClause, $activationCode)->where('MD5(email) = ?', $activationEmail);
$user = $userModel->fetchRow($select);
if (!$user) {
$this->view->error = __('reset password user not found');
return;
}
if (strtotime($user->{$expirationColumn}) < time()) {
$this->view->error = __('reset password link expired');
return;
}
if (!$this->getRequest()->isPost()) {
return;
}
$password = $this->getRequest()->getPost('password');
if (!$password) {
$this->view->formError = sprintf(__('%s is a required field'), ucfirst(__('password')));
return;
}
if (!empty($authVars['forgotpassword']['repeatPassword']) && !empty($authVars['forgotpassword']['repeatPasswordField'])) {
$repeatPasswordField = $this->getRequest()->getPost($authVars['forgotpassword']['repeatPasswordField']);
if ($password != $repeatPasswordField) {
$this->view->formError = __('the passwords do not match');
return;
}
}
// Update the user's password and send him along to the login page
$updateClause = $userModel->getAdapter()->quoteInto('id = ?', $user->id);
$userModel->update(array('password' => $password, $authVars['forgotpassword']['activation_token_column'] => null, $authVars['forgotpassword']['activation_code_expiration_date_column'] => null), $updateClause);
$this->_helper->flashMessenger(__($authVars['resetpassword']['success_message']));
$this->_redirect('/g/auth/login');
}
if ($_FILES["file"]["error"] > 0) {
global_common::writeLog($_FILES["file"]["error"]);
//echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
} else {
//if (file_exists("upload/" . $_FILES["file"]["name"]))
//{
$manipulator = new ImageManipulator($_FILES["file"]["tmp_name"]);
// resizing to 200x200
$manipulator->resample($_FILES["file"]["tmp_name"], $_FILES["file"]["type"], 200, 200);
//echo "after";
$fileName = global_common::FOLDER_AVATAR . $currentUser[global_mapping::UserID] . '_' . $_FILES["file"]["name"];
$userUpdate = $objUser->getUserByID($currentUser[global_mapping::UserID]);
$userUpdate[global_mapping::Avatar] = $fileName;
//echo $fileName;
//echo $userUpdate[global_mapping::IsActive];
$result = $objUser->update($userUpdate[global_mapping::UserID], $userUpdate[global_mapping::UserName], $userUpdate[global_mapping::Password], $userUpdate[global_mapping::FullName], $userUpdate[global_mapping::BirthDate], $userUpdate[global_mapping::Address], $userUpdate[global_mapping::Phone], $userUpdate[global_mapping::Email], $userUpdate[global_mapping::Sex], $userUpdate[global_mapping::Identity], $userUpdate[global_mapping::RoleID], $userUpdate[global_mapping::UserRankID], $userUpdate[global_mapping::Avatar], $userUpdate[global_mapping::AccountID], $userUpdate[global_mapping::IsActive]);
//echo $result;
$_SESSION[global_common::SES_C_USERINFO] = $currentUser = $userUpdate;
move_uploaded_file($_FILES["file"]["tmp_name"], $fileName);
//}
//else
//{
// move_uploaded_file($_FILES["file"]["tmp_name"],
// global_common::FOLDER_AVATAR . $currentUser[global_mapping::UserID].$_FILES["file"]["name"]);
//}
}
} else {
global_common::writeLog("Invalid file");
//echo "Invalid file";
}
//return;
public function change2Action()
{
$request = $this->getRequest();
$aNamespace = new Zend_Session_Namespace('Nolotiro');
$locationtemp = $aNamespace->locationTemp;
$this->view->page_title .= $this->view->translate('change location');
//if is get overwrite the localtemp value
if ($_GET['location']) {
$locationtemp = $_GET['location'];
}
$places = $this->getYahooGeoWoeidList($locationtemp, $this->view->lang);
//check if we got response from yahoo geo api
if ($places === false) {
$this->_helper->_flashMessenger->addMessage($this->view->translate('I can not connect to Yahoo geo service, sorry!'));
$this->_redirect('/' . $this->view->lang . '/woeid/' . $aNamespace->location . '/give');
}
//check if the yahoo geo api returns no results!
if (count($places->place) == 0) {
$this->_helper->_flashMessenger->addMessage($this->view->translate('No location found named:') . ' "' . $locationtemp . '"');
$this->_redirect('/' . $this->view->lang . '/woeid/' . $aNamespace->location . '/give');
}
//if just one result then jump straight to change location
if (count($places->place) == 1) {
//if the user is logged then update the woeid value in ddbb, if not just update the session location value
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
require_once APPLICATION_PATH . '/models/User.php';
$model = new Model_User();
$data['id'] = $auth->getIdentity()->id;
$data['woeid'] = (int) $places->place->woeid;
$userUpdateLocation = $model->update($data);
}
$aNamespace = new Zend_Session_Namespace('Nolotiro');
$aNamespace->location = (int) $places->place->woeid;
//woeid
setcookie('location', (int) $places->place->woeid, null, '/');
$name = $places->place->name . ', ' . $places->place->admin1 . ', ' . $places->place->country;
$aNamespace->locationName = $name;
//location name
$this->_helper->_flashMessenger->addMessage($this->view->translate('Location changed successfully to:') . ' ' . $name);
$this->_redirect('/' . $this->view->lang . '/woeid/' . $places->place->woeid . '/give');
}
$form = $this->_getLocationChange2Form($locationtemp);
// assign the form to the view
$this->view->locationtemp = $locationtemp;
$this->view->places = $places;
$this->view->form = $form;
$counter = 0;
//*** here add the select values to the form from yahoo xml result
foreach ($places->place as $item) {
$name = $item->name . ', ' . $item->admin1 . ', ' . $item->country;
$woeid = (string) $item->woeid;
//we have to cast to string item to not disturb the zend form translate parser!
//glue together woeid and text to parse after with *
$woeid = $woeid . '*' . $name;
$location_options[$woeid] = $name;
//check the first value of the array results to show the first selected to form
$counter++;
if ($counter == 1) {
$firstitem = $woeid;
}
}
$form->addElement('select', 'location', array('validators'))->getElement('location')->addMultiOptions($location_options)->setValue($firstitem)->setRegisterInArrayValidator(false)->setIsArray(true);
//this set select expanded
// add the submit button
$form->addElement('submit', 'submit', array('label' => 'Choose your location'));
// check to see if this action has been POST'ed to
if ($this->getRequest()->isPost()) {
if ($form->isValid($request->getPost())) {
$formulario = $form->getValues();
//parse the location value
$values = explode("*", $formulario['location'][0]);
//if the user is logged then update the woeid value in ddbb, if not just update the session location value
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
require_once APPLICATION_PATH . '/models/User.php';
$model = new Model_User();
$data['id'] = $auth->getIdentity()->id;
$data['woeid'] = $values[0];
$userUpdateLocation = $model->update($data);
}
$aNamespace = new Zend_Session_Namespace('Nolotiro');
$aNamespace->location = $values[0];
//woeid
setcookie('location', $values[0], null, '/');
$name = $item->name . ', ' . $item->admin1 . ', ' . $item->country;
$aNamespace->locationName = $values[1];
//location name
$this->_helper->_flashMessenger->addMessage($this->view->translate('Location changed successfully to:') . ' ' . $values[1]);
$this->_redirect('/' . $this->view->lang . '/woeid/' . $values[0] . '/give');
}
}
}
public function lockAction()
{
$id = (int) $this->getRequest()->getParam('id');
$this->view->userRole = $this->_helper->checkUserRole->check();
//only admins have access to this action
if ($this->view->userRole == 1) {
$modelUser = new Model_User();
$this->view->userToLock = $modelUser->fetchUser($id)->username;
if ($this->view->userToLock == null) {
//the user does not exists
$this->_helper->_flashMessenger->addMessage($this->view->translate('This user does not exists'));
$this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give');
}
if ($this->getRequest()->isPost()) {
$lock = $this->getRequest()->getPost('lock');
if ($lock == 'Yes') {
//bye bye troll
$data['locked'] = 1;
$data['id'] = $id;
$modelUser->update($data);
$this->_helper->_flashMessenger->addMessage($this->view->translate('User locked successfully.'));
$this->_redirect('/' . $this->view->lang . '/woeid/' . $this->location . '/give');
return;
}
}
} else {
$this->_helper->_flashMessenger->addMessage($this->view->translate('You are not allowed to view this page'));
$this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give');
return;
}
}
$userRankID = $_pgR['UserRankID'];
$userRankID = global_editor::rteSafe(html_entity_decode($userRankID, ENT_COMPAT, 'UTF-8'));
$avatar = $_pgR['Avatar'];
$avatar = global_editor::rteSafe(html_entity_decode($avatar, ENT_COMPAT, 'UTF-8'));
$accountID = $_pgR['AccountID'];
$accountID = global_editor::rteSafe(html_entity_decode($accountID, ENT_COMPAT, 'UTF-8'));
$isActived = $_pgR['IsActived'];
$isActived = global_editor::rteSafe(html_entity_decode($isActived, ENT_COMPAT, 'UTF-8'));
//$checkProduct = $objMenu->getMenuByName($_pgR['name']);
//if ($checkProduct && $checkProduct['menu_id']!= $strID) {
// echo global_common::convertToXML($arrHeader, array("rs",'info'), array(0,global_common::STRING_NAME_EXIST), array(0,1));
// return;
//}
//$strName = $_pgR['name'];
//$strDetail= $_pgR['detail'];
$resultID = $objUser->update($userID, $userName, $password, $fullname, $birthDate, $address, $phone, $email, $sex, $identity, $roleID, $userRankID, $avatar, $accountID, $isActived);
if ($resultID) {
$arrHeader = global_common::getMessageHeaderArr($banCode);
//$banCode
echo global_common::convertToXML($arrHeader, array("rs", "inf"), array(1, $result), array(0, 1));
return;
} else {
echo global_common::convertToXML($arrHeader, array("rs"), array(0), array(0));
return;
}
} else {
echo global_common::convertToXML($arrHeader, array("rs", 'info'), array(0, global_common::STRING_REQUIRE_LOGIN), array(0, 1));
}
return;
} elseif ($_pgR['act'] == model_User::ACT_CHANGE_PAGE) {
$intPage = $_pgR['p'];
