public function sendHandle($msgid = 0)
{
@set_time_limit(0);
if (I('post.openid') != 'all') {
$User = new \Weixin\Event\UserEvent();
$res = $User->sendMessage(I('post.openid'), I('post.content'));
if ($res['errcode'] == 0) {
$this->success('发送成功');
} else {
$this->error('发送失败' . $res['errmsg']);
}
} else {
$User = new \Weixin\Event\UserEvent();
$Users = D('Weixinuser');
$user_list = $Users->relation(true)->select();
$info = '';
$now = (int) current_timestamp();
foreach ($user_list as $value) {
$time_remain = $now - (int) $value['log'][0]['CreateTime'] - 60 * 60 * 24 * 2;
if ($value['log'][0]['CreateTime'] != null && $time_remain < 0) {
$res = $User->sendMessage($value['openid'], I('post.content'));
$info .= $value['openid'] . $res['errmsg'];
}
}
$this->success('发送成功:' . $info);
}
}
public function delete()
{
global $database;
//deletes the record from the database
//if the item contains an is_deleted field
if (in_array("is_deleted", static::$db_fields)) {
//cleanse the attributes
$attributes = $this->sanitized_attributes();
//if we're here, then the table does contain and is_deleted field
//so we simply need to update the is_deleted flag
$sql = "UPDATE `" . static::$table_name . "` SET `is_deleted` = 1";
//also - update last_update_dt if the object contains it
if (in_array("last_update_dt", static::$db_fields)) {
$this->last_update_dt = current_timestamp();
$sql .= ", `last_update_dt` = '" . $database->escape_value($this->last_update_dt) . "'";
}
//also - update deleted_dt if the object contains it
if (in_array("deleted_dt", static::$db_fields)) {
$this->deleted_dt = current_timestamp();
$sql .= ", `deleted_dt` = '" . $database->escape_value($this->deleted_dt) . "'";
}
$sql .= " WHERE `" . static::primary_key_field() . "`=" . $database->escape_value($this->{static::primary_key_field()});
$sql .= " LIMIT 1;";
} else {
//if we're here, then the table does not have an is_deleted field
//so we have to hard delete it
$sql = "DELETE FROM `" . static::$table_name . "`";
$sql .= " WHERE `" . static::primary_key_field() . "`=" . $database->escape_value($this->{static::primary_key_field()});
$sql .= " LIMIT 1;";
}
$database->query($sql);
return $database->affected_rows() == 1 ? true : false;
}
/**
* {
* "touser":"******",
* "msgtype":"text",
* "text":
* {
* "content":"Hello World"
* }
* }
*/
public function sendMessage($openid, $content = '', $msgtype = 'text')
{
$ACCESS_TOKEN = $this->getAccess();
if ($msgtype == 'text') {
$data['touser'] = $openid;
$data['msgtype'] = "text";
$data['text']["content"] = urlencode($content);
$json = urldecode(json_encode($data));
$url = "https://api.weixin.qq.com/cgi-bin/message/custom/send?access_token=" . $ACCESS_TOKEN;
$res = json_decode(simple_post($url, $json), true);
}
$Weixinsend = D('Weixinsend');
$send['openid'] = $openid;
$send['type'] = $msgtype;
$send['content'] = $content;
//echo date('Y-m-d h:i:s a') ;die();
$send['CreateTime'] = current_timestamp();
$Weixinsend->data($send)->add();
return $res;
}
public static function login($username = "", $password = "")
{
//will retrieve user credentials if username and password are a match
//if a match, it will spit out 1 user object
//if not a match, it will return false
global $database;
global $session;
global $page_file_name_with_get;
$username = $database->escape_value($username);
$password = sha1($database->escape_value($password));
$sql = "SELECT * FROM `" . self::$table_name . "` ";
$sql .= "WHERE username = '******' ";
$sql .= "AND hashed_password = '******' ";
$sql .= "LIMIT 1;";
$result_array = self::find_by_sql($sql);
//if soft deleted, display error message
if (!empty($result_array)) {
$user = array_shift($result_array);
if ($user->is_deleted == 1) {
//account was found, but is disabled
$session->message($user->username . ", your account has been disabled. If you feel this is an error please contact the administrator.");
redirect_head(ROOT_URL . "login.php?username="******"Successfully logged in!");
$session->login($user);
//this will determine where we redirect to
//depending on whether or not there is a $_GET['url'] superglobal set
if (isset($_GET['url'])) {
redirect_head($_GET['url']);
} else {
redirect_head(ROOT_URL);
}
}
}
//the username password combination does not exist
//so now, we need to do a couple of checks for the lockout security
//1. We need to see if the username exists.
//If it does, we ned to make a note that this username was incorrectly
//logged into X number of times
//Also - if the number of times this account has been logged into is 5 attempts
//then we need to disable the account and display a relevant error message
//If it does not exist, then do nothing
$try_to_find_user = User::find_by_name($username, "username");
if ($try_to_find_user) {
//the username does exist
//so now we need to determine the # of login attemps, and the account
if (isset($session->login_attempt)) {
$login_attempt = $session->login_attempt;
//depending on whether or not the username is the same
//we can either increment the login attempt number, or
//we set the default
if ($login_attempt['username'] == $username) {
$login_attempt['number']++;
$session->set_variable('login_attempt', $login_attempt);
} else {
//there is no previous login attempt
//set the default
$login_attempt = array();
$login_attempt['username'] = $username;
$login_attempt['number'] = 1;
//save it
$session->set_variable('login_attempt', $login_attempt);
}
//if the # of logins = 5, lockout the user account
if ($login_attempt['number'] == 5) {
$try_to_find_user->is_deleted = 1;
$try_to_find_user->deleted_dt = current_timestamp();
$try_to_find_user->save();
$session->message("You have had 5 incorrect login attempets, your account has been locked.</br>Please contact the administrator.");
$redirect = ROOT_URL . "login.php";
$redirect .= isset($_GET['url']) ? "?url=" . $_GET['url'] : '';
redirect_head($redirect);
}
} else {
//there is no previous login attempt
//set the default
$login_attempt = array();
$login_attempt['username'] = $username;
$login_attempt['number'] = 1;
//save it
$session->set_variable('login_attempt', $login_attempt);
}
} else {
//the username does not exist
$session->unset_variable('login_attempt');
}
$session->message("The username and password combination does not exist.");
$redirect = ROOT_URL . "login.php?username="******"&url=" . $_GET['url'] : '';
redirect_head($redirect);
return false;
}
