/** * 登录 */ public function actionLogin() { if ($this->_isPost()) { #------验证码------# $this->_loadCore('Help_ImgCode'); $helpImgCode = new Help_ImgCode(); if (!$helpImgCode->check($_POST['verify_code'])) { $this->_utilMsg->showMsg('您输入的验证码不正确', -1); } #------验证码------# $userName = trim($_POST['user_name']); $userInfo = $this->_modelUser->findByUserName($userName); if ($userInfo['password'] == md5($_POST['password'])) { //如果密码正确 $this->_utilRbac->setLogin($userName); $utilOnline = $this->_getGlobalData('Util_Online', 'object'); $utilOnline->setOnlineUser($userName); //设置在线用户 $this->_utilMsg->showMsg(false, 1, Tools::url(CONTROL, 'Index')); } else { $this->_utilMsg->showMsg('您输入的密码不正确,或账号不存在', -2); } } else { $this->_view->display($this->_view->get_curPage()); } }
/** * 超管登录其他用户的账号 */ public function actionLoginOthers() { $userClass = $this->_getGlobalData('Util_Rbac', 'object')->getUserClass(); if (in_array($userClass['_userName'], explode(',', MasterAccount))) { //判断是否超管 $userName = trim($_REQUEST['user_name']); $userInfo = $this->_modelUser->findByUserName($userName); if ($userInfo) { $this->_utilRbac->setLogin($userName); $utilOnline = $this->_getGlobalData('Util_Online', 'object'); $utilOnline->setOnlineUser($userName); //设置在线用户 $this->_utilMsg->showMsg(false, 1, Tools::url(CONTROL, 'Index')); } } else { $this->_utilMsg->showMsg('不是超级管理员', -2); } }
/** * 登录 */ public function actionLogin() { //获取passport发过来的参数 $uname = $_GET['uname']; //用户名 $password = $_GET['pwd']; //密码 $sign = $_GET['sign']; //签名 $sys = $_GET['sys']; //子系统标识名 $pwds = $this->_authcode($password, 'DECODE', self::$_API_KEY); //加密后的密码 $destime = $this->_authcode($_GET['desTime'], 'DECODE', self::$_API_KEY); $sign2 = md5($uname . $pwds . $destime . self::$_MD5_KEY); $check_uname_url = "http://pass.uwan.com/validate.aspx?uname=" . urlencode($uname) . "&destime=" . urlencode($_GET['desTime']) . "&despwd=" . urlencode($password) . "&sys=" . $sys; $apply = file_get_contents($check_uname_url); if ($apply == "1") { //passport验证成功 if ($sign == $sign2) { //签名正确 //本系统进行用户验证 $uname = strtolower($uname); //小写 $userInfo = $this->_modelUser->findByUserName($uname); if (!is_array($userInfo)) { //用户不存在 //创建最低权限用户 $user = array(); $user['org_id'] = 0; //组ID $user['department_id'] = 0; //部门ID $user['roles'] = 'guest'; //角色 $user['nick_name'] = $uname; //昵称 $user['user_name'] = $uname; //用户名 $user['password'] = md5($password); $user['date_created'] = time(); //创建时间 $user['date_updated'] = $user['date_created']; //更新时间 $user['order_vip_level'] = '0,1,2,3,4,5,6'; if (!$this->_utilRbac->createUser($user)) { //创建用户失败 echo "validate('" . $sys . "'," . self::$_API_FAILED . ");"; exit; } } //设置成已登录 $this->_utilRbac->setLogin($uname); $utilOnline = $this->_getGlobalData('Util_Online', 'object'); $utilOnline->setOnlineUser($uname); //设置在线用户 Tools::setHeadP3P(); //header ( 'P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"' ); echo "validate('" . $sys . "'," . self::$_API_SUCCESS . ");"; } else { //登录失败 echo "validate('" . $sys . "'," . self::$_API_FAILED . ");"; exit; } } else { //验证失败 echo "validate('" . $sys . "'," . self::$_API_FAILED . ");"; exit; } }