public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
$uri = $request->getRequestUri();
if (substr_count($uri, '/') == 2) {
$request->setRequestUri($uri . '/index');
}
}
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
//不需要权限验证的模块
$no_require = array('Login' => null);
//不需要管理员权限的模块
$admin_require = array('Log' => null, 'Orders' => null, 'Accountgroup' => null, 'Index' => null);
$is_admin = Yaf\Session::getInstance()->get('is_admin');
//权限控制
if (in_array($request->getControllerName(), array_keys($no_require))) {
return;
}
if (!in_array($request->getControllerName(), array_keys($admin_require)) && $is_admin !== '1') {
$request->setModuleName('Index');
$request->setControllerName('Login');
$request->setActionName('get');
echo 3;
die;
return;
}
if (!in_array($request->getControllerName(), array_keys($admin_require)) && $is_admin === '0') {
$request->setModuleName('Index');
$request->setControllerName('Error');
$request->setActionName('auth');
return;
}
}
public function routerStartup(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
if (Yaf\Registry::get('config')->application->url_suffix) {
if (strtolower(substr($_SERVER['REQUEST_URI'], -strlen(Yaf\Registry::get('config')->application->url_suffix))) == strtolower(Yaf\Registry::get('config')->application->url_suffix)) {
$request->setRequestUri(substr($_SERVER['REQUEST_URI'], 0, -strlen(Yaf\Registry::get('config')->application->url_suffix)));
}
}
}
public function routerStartup(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
//记录请求信息
$logger = Logkit\Logger::ins('_request');
//增加web请求信息
$processor = new Monolog\Processor\WebProcessor();
$logger->pushProcessor($processor);
$logger->info('', $request->getPost());
}
public function routerStartup(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
$this->_logFileName = 'syslog_' . date('Ymd');
Logger::startLogging($this->_logFileName);
Logger::getLogger($this->_logFileName)->log("[{$request->getRequestUri()}]");
}
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
/* 验证是否为命令行方式 */
if ($request->isCli()) {
$action = $request->getActionName();
$locate_param = strpos($request->getRequestUri(), '?');
$locate = strpos($request->getActionName(), '?');
/* 验证action是否有传参 */
if ($locate !== false) {
$query_list = array();
//重新设置action
$request->setActionName(substr($action, 0, $locate));
//截取query_string
$query_string = substr($request->getRequestUri(), $locate_param + 1);
//解析query_string
parse_str($query_string, $query_list);
//循环set到param
foreach ($query_list as $key => $value) {
$request->setParam($key, $value);
}
}
}
$request_uri = strtolower($request->getModuleName() . '/' . $request->getControllerName() . '/' . $request->getActionName());
$request->setRequestUri($request_uri);
$request->setModuleName(ucfirst($request->getModuleName()));
$request->setControllerName(underline_to_camel(ucfirst($request->getControllerName())));
$request->setActionName(underline_to_camel($request->getActionName()));
/* 保存请求地址 */
Yaf\Registry::set('request_uri', $request_uri);
}
public function routerStartup(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
Logger::startLogging();
Logger::getLogger()->log("[{$request->getRequestUri()}]");
}
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
echo $request->getControllerName();
}
public function routerShutdown(Yaf\Request_Abstract $request, Yaf\Response_Abstract $response)
{
// 路由之后才能获取这三个值
$module = strtolower($request->getModuleName());
$controller = strtolower($request->getControllerName());
$action = strtolower($request->getActionName());
$default = Registry::get("session");
// 可以传入Zend\Authentication\Storage\Session对象,实际关联一个SESSION容器
$auth = new AuthenticationService();
$storage = $auth->getStorage();
Registry::set('auth', $storage);
if ($auth->hasIdentity()) {
$storageData = $storage->read();
$access_time = 0;
if (!empty($storageData->access_time)) {
$access_time = (int) $storageData->access_time;
}
// 已经半小时没有活动了 实际SESSION可能并没有清除
if (time() - $access_time > 1800) {
$auth->clearIdentity();
$response->clearBody()->setRedirect("/auth/login");
exit;
} else {
$storageData->access_time = time();
$storage->write($storageData);
}
if ($controller === "auth") {
if ($action === "logout") {
$auth->clearIdentity();
$response->clearBody()->setRedirect("/auth/login");
exit;
}
if ($action === "login") {
$response->clearBody()->setRedirect("/");
exit;
}
}
} else {
if ($request->isPost()) {
// 验证token
if (!isset($_POST['securityToken']) || $_POST['securityToken'] !== $default->offsetGet('securityToken')) {
//$response->clearBody()->setRedirect("/auth/login");
//exit;
}
// 需要验证的数据
$email = trim($_POST['email']);
$password = trim($_POST['password']);
if (empty($email) || empty($password)) {
$default->offsetSet("freshMessage", "邮件地址或密码不能为空");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
// 匹配邮件地址 和 密码
$user = new Table\UserModel();
$userRow = $user->getUserByEmail($email);
if (!empty($userRow)) {
// 查看是否已经被禁用
if ((int) $userRow['active'] < 1) {
$default->offsetSet("freshMessage", "账户已经禁用.");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
$hashPassword = trim($userRow['password']);
$salt = Ifeeline\Password::getPasswordSaltByHash($hashPassword);
$nowPassword = Ifeeline\Password::getPasswordHash($salt, $password);
if ($nowPassword !== $hashPassword) {
$default->offsetSet("freshMessage", "密码不正确");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
} else {
$default->offsetSet("freshMessage", "邮件地址不存在");
$response->clearBody()->setRedirect("/auth/login");
exit;
}
// 实际上,以上的密码比较已经结束 这里使用它的会话持久化功能
$dbAdapter = Registry::get('db');
$authAdapter = new CredentialTreatmentAdapter($dbAdapter);
$authAdapter->setTableName('user')->setIdentityColumn('email')->setCredentialColumn('password');
// 这里应该使用自定义的密码哈希算法,然后再传递进行比较
$authAdapter->setIdentity($email)->setCredential($nowPassword);
$result = $auth->authenticate($authAdapter);
// 这个IF应该永不会进入
if (!$result->isValid()) {
switch ($result->getCode()) {
case Result::FAILURE_IDENTITY_NOT_FOUND:
//break;
//break;
case Result::FAILURE_CREDENTIAL_INVALID:
//break;
//case Result::SUCCESS:
// break;
//break;
//case Result::SUCCESS:
// break;
default:
//$result->getMessages()
$default->offsetSet("freshMessage", "用户名或密码不正确.");
break;
}
$response->clearBody()->setRedirect("/auth/login");
exit;
} else {
$row = $authAdapter->getResultRowObject(null, array('password'));
// 账户被禁用(这不会执行)
if ((int) $row->active < 1) {
// 清楚认证信息
$auth->clearIdentity();
$default->offsetSet("freshMessage", "用户名已经被禁用.");
$response->clearBody()->setRedirect("/auth/login");
exit;
} else {
$row->access_time = time();
$storage = $auth->getStorage();
$storage->write($row);
// 成功登录
$response->clearBody()->setRedirect("/");
exit;
}
}
} else {
if ($controller !== "auth" || $controller === "auth" && $action !== "login") {
$response->clearBody()->setRedirect("/auth/login");
exit;
}
}
}
}