public function registerActAction() { $m['username'] = $this->getParam('username'); $m['password'] = $this->getParam('password'); if (!$m['username'] || !$m['password']) { $error = 'Username and password are required !'; $this->showError($error, 'index'); } // Username exists ? $where = array('username' => $m['username']); $num = $this->m_user->Where($where)->Total(); if ($num) { $msg = '注册名已存在, 请更换'; $this->showError($msg, 'index'); } $userID = $this->m_user->Insert($m); if (!$userID) { $error = '注册失败,请重试'; $this->showError($error, 'index'); } else { $msg = '注册成功,请登录'; $url = '/login'; } jsAlert($msg); jsRedirect($url); }
public function seckillAction() { $eId = $this->getParam('eid'); $reqTime = $_SERVER['REQUEST_TIME']; $eventInfo = $this->event->checkEventDate($eId, $reqTime); if ($eventInfo == -1) { jsAlert('该场抢购过期了,下次再来吧!'); } elseif ($eventInfo == -2) { jsAlert('抢购还未开始,再等等吧!'); } elseif ($eventInfo == 0) { $this->goHome(); } else { if (is_array($eventInfo)) { $secRow = $this->event->seckill($eventInfo['num'], $eId); if ($secRow == -1) { jsAlert('抢购失败,再试一次!'); } elseif ($secRow == 0) { jsAlert("已经抢光了"); } elseif ($secRow == 1) { jsAlert('恭喜您,抢到了!'); } } } $this->goHome(); }
public function delAction() { $articleID = $this->getQuery('articleID'); $code = $this->m_article->DeleteById($articleID); if (!$code) { jsAlert('删除文章失败, 请重试'); } $this->redirect('/user/profile'); }
public function delAction() { $id = $this->getParam('id'); if ($id) { $row = $this->goodsModel->delGoodsByID($id); } if (false === $row) { jsAlert('删除失败'); } $this->goHome(); }
/** * 函数名称:editAction * 功能描述:载入编辑 */ public function editAction() { $ruleid = $this->get('ruleid'); $groupid = $this->getSession('groupid'); $checkResult = $this->checkIsHaveAuth($ruleid, $groupid); if ($checkResult) { $this->addAction(); $authModel = new Admin_AuthModel(); $result = $authModel->loadEdit($ruleid); $this->assign('editParam', $result); } else { jsAlert('您不具有该权限'); } }
public function checkLoginAction() { $username = $this->getPost('username'); $password = $this->getPost('password'); $captcha = $this->getPost('captcha'); if (!$username || !$password || !$captcha) { jsAlert('信息不完整!'); jsRedirect($this->homeUrl); } else { if (strtolower($captcha) != strtolower($this->getSession('adminCaptcha'))) { jsAlert('验证码不正确!'); jsRedirect($this->homeUrl); } } // 管理员登陆 if ($this->adminAccount == $username) { $data = $this->m_admin->checkLogin($username, $password); } else { // 普通角色登陆 $data = $this->m_role->checkRole($username, $password); } if (!$data) { // Login fail $log['status'] = 0; jsAlert('账号或密码不正确!'); jsRedirect($this->homeUrl); } else { // Login OK, log this action and find privileges $this->setSession('adminID', $data['id']); $this->setSession('adminName', $username); // admin 拥有所有的权限 if ($this->adminAccount == $username) { $this->setSession('priv', 'ALL'); } else { // 不是管理员, 记录其 roleID, 用于查找权限 // 1: 取得登录的角色所拥有的权限 $priv = $this->m_role->getPrivilegeByRoleID($data['id']); // 如果角色没有分配到任何权限, 提示, 并且退出, 有则 SESSION 记录其所有的权限,供进一步处理 if (!$priv['privilege']) { jsAlert('您还没有任何权限, 请联系管理员!'); jsRedirect($this->homeUrl); } else { $this->setSession('priv', $priv); } } } jsRedirect('/admin/index/main'); }
public function registerActAction() { $m['username'] = $this->getPost('username'); $m['password'] = $this->getPost('password'); if (!$m['username'] || !$m['password']) { $error = 'Username and password are required !'; $this->showError($error, 'index'); } $userID = $this->m_user->Insert($m); if (!$userID) { $error = '注册失败,请重试'; $this->showError($error, 'index'); } else { $msg = '注册成功,请登录'; $url = '/login'; } jsAlert($msg); jsRedirect($url); }
public function resetActAction() { $t = $this->getPost('t'); $m = array(); $m['password'] = md5($t['newPass']); if ($this->adminAccount == $_SESSION['adminName']) { $where = array('username' => $_SESSION['adminName']); $data = $this->load('Admin')->Where($where)->UpdateOne($m); } if ($data !== FALSE) { unset($_SESSION['admin'], $_SESSION['priv'], $_SESSION['adminID'], $_SESSION['adminName']); $msg = '密码修改成功,请重新登录!'; $url = '/admin/login'; } else { $msg = '密码修改失败!'; $url = '/admin/index/reset'; } jsAlert($msg); jsRedirect($url); }
/** * 函数名称:gotoURL * 功能描述:js跳转并提示信息 * @param string $message * @param string $URL */ function gotoURL($message = '', $URL = '') { if (!isset($URL)) { $URL = $_SERVER['HTTP_REFERER']; } if (isset($message)) { jsAlert($message); } echo "<script type='text/javascript'>window.location.href='{$URL}'</script>"; }
public function profileActAction() { $m['realname'] = $this->getPost('realname'); $m['provinceID'] = $this->getPost('areaProvince'); $m['cityID'] = $this->getPost('areaCity'); $m['regionID'] = $this->getPost('areaRegion'); $m['province'] = $this->load('Province')->getProvinceNameByID($m['provinceID']); $m['city'] = $this->load('City')->getCityNameByID($m['cityID']); if ($m['regionID']) { $m['region'] = $this->load('Region')->getRegionNameByID($m['regionID']); } $code = $this->m_user->UpdateByID($m, USER_ID); // Upload avatar if selected if ($_FILES['avatar']['name']) { Helper::import('File'); Yaf_Loader::import('L_Upload.class.php'); $fileName = CUR_TIMESTAMP; $up = new L_Upload($_FILES['avatar'], UPLOAD_PATH . '/'); $result = $up->upload($fileName); if ($result == 1) { $m['avatar'] = $fileName . '.' . $up->extension; $this->m_user->UpdateByID($m, USER_ID); } else { jsAlert($result); } } if (FALSE === $code && $result != 1) { jsAlert('编辑个人信息失败, 请重试'); } $this->redirect('/user/profile/edit'); }
public function delAction() { $id = $this->getParam('id'); if ($id) { $this->eventsModel->beginTransaction(); //删除场次,将剩余数量恢复到总剩余库存中 $oldEvents = $this->eventsModel->SelectByID(array('goods_id', 'num'), $id); if ($oldEvents['num']) { $fields = array('current_stock'); $goodsData = $this->goodsModel->getGoodsByID($fields, $oldEvents['goods_id']); $this->goodsModel->updateCurrentStockByGoodsID($oldEvents['goods_id'], $goodsData['current_stock'] + $oldEvents['num']); } $eventsRow = $this->eventsModel->delEventsByID($id); if ($eventsRow) { $this->eventsModel->Commit(); } else { $this->eventsModel->Rollback(); jsAlert('删除失败'); } } $this->goHome(); }
// invoke OnManagerAuthentication event $rt = $modx->invokeEvent("OnManagerAuthentication", array("userid" => $internalKey, "username" => $username, "userpassword" => $givenPassword, "savedpassword" => $dbasePassword, "rememberme" => $rememberme)); // check if plugin authenticated the user if (!$rt || is_array($rt) && !in_array(TRUE, $rt)) { // check user password - local authentication if ($dbasePassword != md5($givenPassword)) { jsAlert($e->errors[901]); $newloginerror = 1; } } if ($use_captcha == 1) { if (!isset($_SESSION['veriword'])) { jsAlert('Captcha is not configured properly.'); return; } elseif ($_SESSION['veriword'] != $captcha_code) { jsAlert($e->errors[905]); $newloginerror = 1; } } if ($newloginerror) { //increment the failed login counter $failedlogins += 1; $sql = "update {$dbase}.`" . $table_prefix . "user_attributes` SET failedlogincount='{$failedlogins}' where internalKey={$internalKey}"; $rs = mysql_query($sql); if ($failedlogins >= $failed_allowed) { //block user for too many fail attempts $sql = "update {$dbase}.`" . $table_prefix . "user_attributes` SET blockeduntil='" . (time() + $blocked_minutes * 60) . "' where internalKey={$internalKey}"; $rs = mysql_query($sql); } else { //sleep to help prevent brute force attacks $sleep = (int) $failedlogins / 2;
/** * Assign or update privilege action */ public function assignActAction() { // 1: 取得选择的权限 $finalArr = array(); foreach ($_POST as $key => $val) { if (is_array($val)) { foreach ($val as $k => $v) { $finalArr[] = $v; } } } $roleID = $this->getPost('roleID'); $privilege = implode(',', $finalArr); $data = $this->m_role->updatePrivilegeByRoleID($roleID, $privilege); if ($data === FALSE) { jsAlert('更新权限失败'); } jsRedirect($this->homeUrl); }
if ($dbasePassword != md5($givenPassword)) { jsAlert($_lang["login_processor_wrong_password"]); $newloginerror = 1; } else { $field = array(); $field['password'] = $modx->manager->genHash($givenPassword, $internalKey); $modx->db->update($field, $tbl_manager_users, "username='******'"); } } } if ($use_captcha == 1) { if (!isset($_SESSION['veriword'])) { jsAlert($_lang["login_processor_captcha_config"]); return; } elseif ($_SESSION['veriword'] != $captcha_code) { jsAlert($_lang["login_processor_bad_code"]); $newloginerror = 1; } } if ($newloginerror) { //increment the failed login counter $failedlogins += 1; $fields = array('failedlogincount' => $failedlogins); if ($failedlogins >= $failed_allowed) { //block user for too many fail attempts $fields['blockeduntil'] = time() + $blocked_minutes * 60; } $modx->db->update($fields, $tbl_user_attributes, "internalKey='{$internalKey}'"); if ($failedlogins < $failed_allowed) { //sleep to help prevent brute force attacks $sleep = (int) $failedlogins / 2;
public function staticAction() { jsAlert('该菜单功能没有实现,只用于演示多个子菜单如何添加'); jsRedirect('/admin/article'); }
public function checkLoginAction() { $username = $this->getPost('username'); $password = $this->getPost('password'); if (!$username || !$password) { jsAlert('信息不完整!'); jsRedirect($this->homeUrl); } // 管理员登陆 if (SUPER_ADMIN == $username) { $data = $this->m_admin->checkLogin($username, $password); } else { // 普通角色登陆 $data = $this->m_role->checkRole($username, $password); } if (!$data) { // Login fail $log['status'] = 0; jsAlert('账号或密码不正确!'); jsRedirect($this->homeUrl); } else { // Login OK, log this action and find privileges $this->setSession('adminID', $data['id']); $this->setSession('adminName', $username); // admin 拥有所有的权限 if (SUPER_ADMIN == $username) { $this->setSession('priv', 'ALL'); } else { // 不是管理员, 记录其 roleID, 用于查找权限 // 1: 取得登录的角色所拥有的权限 $priv = $this->m_role->getPrivilegeByRoleID($data['id']); // 如果角色没有分配到任何权限, 提示, 并且退出, 有则 SESSION 记录其所有的权限,供进一步处理 if (!$priv['privilege']) { jsAlert('您还没有任何权限, 请联系管理员!'); jsRedirect($this->homeUrl); } else { $this->setSession('priv', $priv); } } } // Privileges include APP_PATH . '/application/modules/Admin/menu.php'; if (SUPER_ADMIN != $this->getSession('adminName')) { $priv = $this->getSession('priv'); $priv = explode(',', $priv['privilege']); // 1: 与大菜单对比, 删除会员没有权限的菜单 foreach ($menu as $k => $v) { foreach ($v as $kk => $vv) { if (is_array($vv)) { foreach ($vv as $kkk => $vvv) { if (!in_array($kkk, $priv)) { unset($menu[$k][$kk][$kkk]); } } } } } // 2: 进一步处理: 删除没有子菜单的项 foreach ($menu as $k => $v) { if (!$v['sub']) { unset($menu[$k]); } } } $this->setSession('menu', $menu); jsRedirect('/admin/dashboard'); }