Exemplo n.º 1
0
 protected function pwdHash()
 {
     if (isset($_POST['password'])) {
         return pwdHash($_POST['password']);
     } else {
         return false;
     }
 }
 public function pwdHash($passwd)
 {
     if ($passwd) {
         return pwdHash($passwd);
     } else {
         return false;
     }
 }
Exemplo n.º 3
0
 protected function pwdHash()
 {
     if (isset($_POST['password'])) {
         $password = $_POST['password'] . getSalt();
         return pwdHash($password);
     } else {
         return false;
     }
 }
 public function checkLogin()
 {
     if (empty($_POST['account'])) {
         $this->error('Bạn chưa nhập tài khoản!');
     } elseif (empty($_POST['password'])) {
         $this->error('Ban chưa nhập mật khẩu!');
     } elseif ('' === trim($_POST['verify'])) {
         $this->error('Bạn chưa nhập mã xác thực!');
     }
     //Generate the certification requirements
     $map = array();
     // Support the use of binding account login
     $map['account'] = $_POST['account'];
     $map["status"] = array('gt', 0);
     if ($_SESSION['verify'] != md5($_POST['verify'])) {
         $this->error('Mã xác thực không đúng!');
     }
     import('ORG.Util.RBAC');
     $authInfo = RBAC::authenticate($map);
     //Authentication using the user name, password, and the state
     if (false === $authInfo) {
         $this->error('Tài khoản không tồn tại hoặc đã bị khoá!');
     } else {
         if ($authInfo['password'] != pwdHash($_POST['password'])) {
             $this->error('Mật khẩu không đúng!');
         }
         $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
         $_SESSION['loginUserName'] = $authInfo['nickname'];
         $_SESSION['lastLoginTime'] = $authInfo['last_login_time'];
         $_SESSION['login_count'] = $authInfo['login_count'];
         $_SESSION['user_type'] = $authInfo['type_id'];
         if ($authInfo['account'] == 'admin') {
             $_SESSION['administrator'] = true;
         }
         //Save login information
         $User = M('User');
         $ip = get_client_ip();
         $time = time();
         $data = array();
         $data['id'] = $authInfo['id'];
         $data['last_login_time'] = $time;
         $data['login_count'] = array('exp', '(login_count+1)');
         $data['last_login_ip'] = $ip;
         $User->save($data);
         $_SESSION['loginId'] = $loginId;
         // Cache access rights
         RBAC::saveAccessList();
         $this->success('Đăng nhập thành công');
     }
 }
Exemplo n.º 5
0
 public function changePwd()
 {
     $this->checkUser();
     //对表单提交处理进行处理或者增加非表单数据
     $map = array();
     $map['password'] = pwdHash($_POST['oldpassword']);
     if (isset($_POST['email'])) {
         $map['email'] = $_POST['email'];
     } elseif (isset($_SESSION[C('USER_AUTH_KEY')])) {
         $map['id'] = $_SESSION[C('USER_AUTH_KEY')];
     }
     if (trim($_POST['repassword']) != trim($_POST['password'])) {
         $this->error('两次密码不一致!');
     }
     //检查用户
     $User = M("User");
     $aa = $User->where($map)->find();
     //echo $aa['id'];die();
     if ($aa['id'] == '') {
         $this->error('旧密码不符!');
     } else {
         $User->password = pwdHash($_POST['password']);
         $User->save();
         //echo "<script>alert('密码修改成功!');window.parent.location.reload();</script>";
         $this->assign('jumpUrl', U("index"));
         $this->success('密码修改成功!');
     }
 }
Exemplo n.º 6
0
     try {
         $query->execute([$_POST['newDpt'], $_POST['dept']]);
     } catch (PDOException $e) {
         if ($e->errorInfo[0] != 23000) {
             // Ignoring if department already exists, reporting otherwise
             postResponse("error", $e->errorInfo[2]);
         }
     }
     $dept_code = strtoupper($_POST['newDpt']);
 } else {
     rangeCheck('dept', 2, 5);
     $dept_code = strtoupper($_POST['dept']);
 }
 // Add faculty to the databases
 $query = $db->prepare('INSERT INTO faculty(uName,fac_name,pswd,dept_code,dateRegd) VALUES (?,?,?,?,?)');
 $pswd = pwdHash($uName, $_POST['pswd']);
 try {
     $query->execute(array($uName, $_POST['fullName'], $pswd, $dept_code, date("d M Y  h:i A")));
 } catch (PDOException $e) {
     if ($e->errorInfo[0] == 23000) {
         postResponse("error", "Username already exists");
     } else {
         postResponse("error", $e->errorInfo[2]);
     }
 }
 if ($newAdmin) {
     changeUserLevel($uName, 'dean');
     $_SESSION['logged_in'] = true;
     $_SESSION['uName'] = $uName;
     $_SESSION['level'] = "dean";
     $_SESSION['fName'] = $_POST['fullName'];
Exemplo n.º 7
0
 /**
  * @Title: guiUserImport
  * @Description: todo(后台用户导入excel)
  * @author renling
  * @date 2013-6-26 下午4:48:21
  * @throws
  */
 public function guiUserImport()
 {
     //读取配置字段
     $MisImportFieldconfigModel = D('MisImportSpecial');
     $MisImportFieldconfigList = $MisImportFieldconfigModel->where(" tablename='User' and status=1")->find();
     $fieldAll = explode(',', $MisImportFieldconfigList['fieldname']);
     //获得操作类型
     $operation = $_POST['operation'];
     import('@.ORG.UploadFile');
     if ($_FILES) {
         $upload = new UploadFile();
         // 实例化上传类
         $upload->savePath = UPLOAD_PATH . "user_excel/";
         //C('savePath'); // 上传目录
         $upload->saveRule = date("Y_m_d_H_i_s") . rand(1000, 9999);
         $upload->allowExts = array("xls", "xlsx");
         if (!$upload->upload()) {
             // 上传错误提示错误信息
             $this->error($upload->getErrorMsg());
         } else {
             // 上传成功 获取上传文件信息
             $info = $upload->getUploadFileInfo();
         }
         $filetype = end(explode(".", $info[0]['savename']));
         if ($filetype == "xls") {
             import('@.ORG.PHPExcel.IOFactory', '', $ext = '.php');
             $inputFileName = UPLOAD_PATH . "user_excel/" . $info[0]['savename'];
             if ($filetype == "xls") {
                 $inputFileType = 'Excel5';
             }
             $objReader = PHPExcel_IOFactory::createReader($inputFileType);
             $objPHPExcel = $objReader->load($inputFileName);
             $objPHPExcel->setActiveSheetIndex(0);
             $sheetData = $objPHPExcel->getActiveSheet()->toArray(null, true, true, true);
             $dataList = $sheetData;
             $excel = true;
             //部门表模型
             $MisSystemDepartmentModel = D('MisSystemDepartment');
             //人事模型
             $MisHrBasicEmployeeModel = D('MisHrBasicEmployee');
             //用户表模型
             $UserModel = D('User');
             //职务表
             $DutyModel = D('Duty');
             //用户基础权限角色表
             $RoleUserModel = D('RoleUser');
             //基础权限组
             $role = C('USER_BASIC_ROLE_GROUP');
             //用户高级权限角色表
             $RolegroupUserModel = D('RolegroupUser');
             //高级权限组
             $roleGroup = C('USER_SENIOR_ROLE_GROUP');
             $i = 0;
             $parentMap = array();
             foreach ($dataList as $k => $v) {
                 //把标题列除外
                 if ($i >= 1) {
                     //判断名称是否存在部门表
                     $list = $MisSystemDepartmentModel->where("status=1 and name='" . $v['D'] . "'")->find();
                     if (!$list) {
                         $this->error("第" . ($i + 1) . "条" . $v['D'] . "部门不存在,请先新建部门再导入数据!");
                         exit;
                     }
                     //查询后台用户的员工编号 通过身份证号码
                     $employeid = $MisHrBasicEmployeeModel->where(" status=1 and working=1  and chinaid='" . $v['H'] . "'")->find();
                     if (!$employeid) {
                         $this->error("第" . ($i + 1) . "条" . $v['C'] . "人事基本资料不存在,请先新建此人人事基本资料再导入数据!");
                         exit;
                     }
                     // 					判断此后台用户是否已存在
                     $UserList = $UserModel->where("status=1 and  account='" . $v['A'] . "'")->find();
                     //查看职务是否存在
                     $Duty = $DutyModel->where(" status=1  and  name='" . $v['E'] . "'")->find();
                     if (!$Duty) {
                         $this->error("第" . ($i + 1) . "条" . $v['E'] . "职务不存在,请先新建该职务再导入数据!");
                         exit;
                     }
                     //获得相同职务的审批职级
                     $auditduty = $UserModel->where(" status=1  and duty_id='" . $Duty['id'] . "'")->find();
                     if ($MisImportFieldconfigList) {
                         //用户已配置导入字段
                         if (in_array('A', $fieldAll)) {
                             $saveMap['account'] = $v['A'];
                             //用户名
                         }
                         if (in_array('B', $fieldAll)) {
                             //姓名
                             $saveMap['name'] = $v['B'];
                         }
                         if (in_array('C', $fieldAll)) {
                             //性别
                             if ($v['C'] == "男") {
                                 $saveMap['sex'] = 1;
                             } else {
                                 if ($v['C'] == "女") {
                                     $saveMap['sex'] = 0;
                                 } else {
                                     $saveMap['sex'] = "";
                                 }
                             }
                         }
                         if (in_array('D', $fieldAll)) {
                             //部门
                             $saveMap['dept_id'] = $list['id'];
                         }
                         if (in_array('E', $fieldAll)) {
                             $saveMap['duty_id'] = $Duty['id'];
                             //职务
                         }
                         if (in_array('F', $fieldAll)) {
                             if ($v['F']) {
                                 $saveMap['work_date'] = strtotime($v['F']);
                                 //入职时间
                             } else {
                                 $saveMap['work_date'] = "";
                             }
                         }
                         if (in_array('G', $fieldAll)) {
                             //手机号码
                             $saveMap['mobile'] = $v['G'];
                         }
                         if (in_array('I', $fieldAll)) {
                             //电子邮件
                             $saveMap['email'] = $v['I'];
                         }
                         if (in_array('J', $fieldAll)) {
                             $saveMap['remark'] = $v['J'];
                         }
                         if ($auditduty) {
                             //有该职务的审核职级
                             $saveMap['auditduty'] = $auditduty['auditduty'];
                             //审核职级
                         } else {
                             if (in_array('K', $fieldAll)) {
                                 $saveMap['auditduty'] = $Duty['id'];
                                 //职位相同的审核职级
                             } else {
                                 $saveMap['auditduty'] = "";
                                 //审核职级留空
                             }
                         }
                     } else {
                         //用户没有配置导入字段默认全部导入
                         $saveMap['account'] = $v['A'];
                         //用户名
                         $saveMap['name'] = $v['B'];
                         //姓名
                         if ($v['C'] == "男") {
                             //性别
                             $saveMap['sex'] = 1;
                         } else {
                             if ($v['C'] == "女") {
                                 $saveMap['sex'] = 0;
                             } else {
                                 $saveMap['sex'] = "";
                             }
                         }
                         $saveMap['dept_id'] = $list['id'];
                         //部门
                         $saveMap['duty_id'] = $Duty['id'];
                         //职务
                         if ($v['F']) {
                             $saveMap['work_date'] = strtotime($v['F']);
                             //入职时间
                         } else {
                             $saveMap['work_date'] = "";
                         }
                         $saveMap['mobile'] = $v['G'];
                         $saveMap['email'] = $v['I'];
                         $saveMap['remark'] = $v['J'];
                         if ($auditduty) {
                             //有该职务的审核职级
                             $saveMap['auditduty'] = $auditduty['auditduty'];
                             //审核职级
                         } else {
                             $saveMap['auditduty'] = $Duty['id'];
                             //职位相同的审核职级
                         }
                     }
                     $saveMap['password'] = pwdHash(C('USER_DEFAULT_PASSWORD'));
                     if ($operation == "add") {
                         //操作类型是 新增
                         $saveMap['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                         $saveMap['createtime'] = time();
                         $saveMap['employeid'] = $employeid['id'];
                         $result = $UserModel->add($saveMap);
                         //插入用户表
                         if (C('SWITCH_BASIC_ROLE_GROUP') == "On") {
                             foreach ($role as $rk => $rv) {
                                 $roleMap["role_id"] = $rv;
                                 $roleMap['user_id'] = $result;
                                 $roleMap['companyid'] = $company['id'];
                                 $roleMap['createtime'] = time();
                                 $roleMap['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                                 $RoleUserModel->add($roleMap);
                                 //插入基础权限组
                                 unset($roleMap);
                             }
                         }
                         if (C('SWITCH_SENIOR_ROLE_GROUP') == "On") {
                             foreach ($roleGroup as $k1 => $v1) {
                                 $roleGroupMap["rolegroup_id"] = $v1;
                                 $roleGroupMap['user_id'] = $result;
                                 $roleGroupMap['companyid'] = $company['id'];
                                 $roleGroupMap['createtime'] = time();
                                 $roleGroupMap['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                                 $RolegroupUserModel->add($roleGroupMap);
                                 //插入高级权限组
                                 unset($roleGroupMap);
                             }
                         }
                     } else {
                         //操作类型是新增及修改
                         if ($UserList) {
                             //修改数据
                             $saveMap['id'] = $UserList['id'];
                             $saveMap['updateid'] = $_SESSION[C('USER_AUTH_KEY')];
                             $saveMap['updatetime'] = time();
                             $saveMap['employeid'] = $employeid['id'];
                             $result = $UserModel->save($saveMap);
                         } else {
                             //新增
                             $saveMap['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                             $saveMap['createtime'] = time();
                             $saveMap['employeid'] = $employeid['id'];
                             $result = $UserModel->add($saveMap);
                             $result = $UserModel->add($saveMap);
                             //插入部门表
                             if (C('SWITCH_BASIC_ROLE_GROUP') == "On") {
                                 foreach ($role as $rk => $rv) {
                                     $roleMap["role_id"] = $rv;
                                     $roleMap['user_id'] = $result;
                                     $roleMap['companyid'] = $company['id'];
                                     $roleMap['createtime'] = time();
                                     $roleMap['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                                     $RoleUserModel->add($roleMap);
                                     //插入基础权限组
                                     unset($roleMap);
                                 }
                             }
                             if (C('SWITCH_SENIOR_ROLE_GROUP') == "On") {
                                 foreach ($roleGroup as $k1 => $v1) {
                                     $roleGroupMap["rolegroup_id"] = $v1;
                                     $roleGroupMap['user_id'] = $result;
                                     $roleGroupMap['companyid'] = $company['id'];
                                     $roleGroupMap['createtime'] = time();
                                     $roleGroupMap['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                                     $RolegroupUserModel->add($roleGroupMap);
                                     //插入高级权限组
                                     unset($roleGroupMap);
                                 }
                             }
                         }
                     }
                     if (!$result) {
                         $this->error("第" . ($i + 1) . "条数据有误,请查看!");
                         exit;
                     }
                 }
                 $i++;
             }
             $this->success("导入成功!");
         } else {
             $this->error('文件格式不正确,请上传后缀为xls的文件!');
         }
     }
 }
Exemplo n.º 8
0
 public function chgpwd()
 {
     if (!$this->isPost()) {
         $this->user('修改密码');
         exit;
     }
     $id = getUserId();
     $oldpassword = $this->_post('oldpassword', 'mysql_escape_string');
     $password = $this->_post('password', 'mysql_escape_string');
     $model = D("User");
     $data = $model->where("id={$id}")->find();
     //校验
     if ($data['password'] == pwdHash($oldpassword . $data['salt'])) {
         $data['salt'] = getSalt();
         $data['password'] = pwdHash($password . $data['salt']);
         $model->where("id={$id}")->save($data);
         $this->success($model->getError());
     } else {
         $this->error("原密码错误!");
     }
 }
Exemplo n.º 9
0
 public function SetSystem()
 {
     $EmployeeId = $_GET['id'];
     if ($EmployeeId) {
         $User = D("User");
         $Employee = D("Employee");
         $EmployeeName = $Employee->where('id = ' . $EmployeeId)->getField('employeeName');
         $data['account'] = $EmployeeName;
         $data['userName'] = $EmployeeName;
         $data['password'] = pwdHash('111111');
         $data['create_time'] = time();
         $data['status'] = '1';
         $data['employeeID'] = $EmployeeId;
         $UserId = $User->add($data);
         $EmployeeData['id'] = $EmployeeId;
         $EmployeeData['isSystemUser'] = 1;
         $Employee->save($EmployeeData);
         $this->assign('jumpUrl', Cookie::get('_currentUrl_'));
         $this->success('设置成功!');
     } else {
         $this->error('设置失败!');
     }
 }
Exemplo n.º 10
0
 public function changePwd()
 {
     $this->checkUser();
     //对表单提交处理进行处理或者增加非表单数据
     if (md5($_POST['verify']) != $_SESSION['verify']) {
         $this->error('验证码错误!');
     }
     $map = array();
     $map['password'] = pwdHash(I('oldpassword'));
     if (isset($_SESSION['id'])) {
         $map['id'] = $_SESSION['id'];
     }
     //检查用户
     $User = M("Member");
     if (!$User->where($map)->field('id')->find()) {
         $this->error('输入的旧密码不正确!');
     } else {
         $User->password = pwdHash(I('password'));
         $User->save();
         $this->success('密码修改成功!');
     }
 }
Exemplo n.º 11
0
 public function checkPassword()
 {
     $this->checkUser();
     //验证码
     if (isset($_POST['verify'])) {
         if ($_SESSION['verify'] != md5($_POST['verify'])) {
             $this->error('验证码错误!');
         }
     } else {
         //印象码
         $YinXiangMa_response = $this->YinXiangMa_ValidResult(@$_POST['YinXiangMa_challenge'], @$_POST['YXM_level'][0], @$_POST['YXM_input_result']);
         if ($YinXiangMa_response !== "true") {
             $this->ajaxReturn('验证码错误', '验证码错误', 0);
         }
     }
     $id = session('id');
     if (empty($id)) {
         $this->error('没有登录', U('Member/login'));
     }
     $password = I('password', '');
     if ('' === $password) {
         $this->error('新密码不能为空!');
     }
     $oldpassword = I('oldpassword', '');
     if ('' === $oldpassword) {
         $this->error('旧密码不能为空!');
     }
     //检查用户
     $User = M("Member");
     if (!$User->where(array('id' => $id, 'password' => pwdHash($oldpassword)))->find()) {
         $this->error('旧密码输入错误!');
     } else {
         $data = array('password' => pwdHash($password));
         if (false !== $User->where(array('id' => $id))->save($data)) {
             $this->success('密码修改成功!');
         } else {
             $this->success('密码修改失败!');
         }
     }
 }
Exemplo n.º 12
0
 /**
  * 修改自己的密码和其它信息
  *
  */
 public function edit_self()
 {
     $db_user = M('user');
     $info = $this->_param();
     $info['id'] = $_SESSION[C('USER_AUTH_KEY')];
     if ($info['act'] == 'todo') {
         if ($info['old_password']) {
             if ($info['old_password'] == $info['new_password']) {
                 $this->error('新密码与旧密码不能相同,请更换!');
             }
             $password = pwdHash($info['old_password']);
             $rs = $db_user->where("id='{$info['id']}' AND password='******'")->count();
             if (!$rs) {
                 $this->error('原密码不正确!不能修改信息');
             }
             $info['password'] = pwdHash($info['new_password']);
         }
         $rs = $db_user->data($info)->save();
         if ($rs) {
             $this->success('修改成功!');
         } else {
             $this->error('操作失败!');
         }
     } else {
         $info = $db_user->where("id='{$_SESSION[C('USER_AUTH_KEY')]}'")->find();
         $db_role_user = M('role_user');
         $pre = C('DB_PREFIX');
         $list_role = $db_role_user->join("{$pre}role ON {$pre}role.id={$pre}role_user.role_id")->where("user_id='{$_SESSION[C('USER_AUTH_KEY')]}'")->select();
         $this->assign('list_role', $list_role);
         $this->assign('info', $info);
         $this->display();
     }
 }
Exemplo n.º 13
0
 public function changePwd()
 {
     $this->checkUser();
     //对表单提交处理进行处理或者增加非表单数据
     if (md5($_POST['verify']) != $_SESSION['verify']) {
         echo $this->returnajax(300, "验证码错误!");
         die;
     }
     $map = array();
     $map['pass'] = pwdHash($_POST['oldpass']);
     if (isset($_POST['user'])) {
         $map['user'] = $_POST['user'];
     } elseif (isset($_SESSION['shop_id'])) {
         $map['id'] = $_SESSION['shop_id'];
     }
     //检查用户
     $User = M("shop_user");
     if (!$User->where($map)->field('id')->find()) {
         echo $this->returnajax(300, "旧密码不符或者用户名错误!");
         die;
     } else {
         $User->pass = pwdHash($_POST['pass']);
         $User->save();
         $this->success('密码修改成功!');
     }
 }
Exemplo n.º 14
0
 public function lookupresat()
 {
     //根据用户名查询用户信息
     $account = $_POST['account'];
     $UserModel = D('User');
     $UserVo = $UserModel->where("status=1 and account ='" . $account . "' or  zhname='" . $account . "'")->find();
     //随机生成6位数
     $rand = rand(100000, 999999);
     $date['password'] = pwdHash($rand);
     //修改该用户名密码
     $userResult = $UserModel->where("id=" . $UserVo['id'])->save($date);
     $UserModel->commit();
     if (!$userResult) {
         $this->error("密码修改失败,请联系系统管理员!");
     }
     $CommonAction = A("Common");
     if ($_POST['resetValidate'] == 'mobile') {
         //第二,发送手机验证信息内容
         $content = "您在特米洛企业信息化管理平台,重置密码为" . $rand;
         //验证手机号码是否有重复的。
         $count = $UserModel->where('mobile = ' . $UserVo['mobile'] . " and id neq " . $UserVo['id'])->count("*");
         if ($count > 1) {
             $this->error("手机号码重复,请更换!");
             exit;
         }
         $result = $CommonAction->SendTelmMsg($content, $UserVo['mobile']);
         if ($result) {
             $_SESSION['msg'] = "手机" . $UserVo['mobile'];
             $this->display("findpasswordnotice");
         } else {
             $this->error("操作失败!");
         }
     } else {
         //邮箱发送
         $title = "[特米洛企业信息化管理平台]请查收您的密码";
         $content = "亲爱的用户,您好! 您在[特米洛企业信息化管理平台]的密码已重置为" . $rand;
         $configEmailModel = D('MisSystemEmail');
         $vo['name'] = C("EMAIL_SERVERNAME");
         $vo['address'] = "brianl_yang";
         $vo['server'] = "163.com";
         $vo['email'] = C("EMAIL_SERVERADDRESS");
         $vo['pop3'] = "pop.163.com";
         $vo['smtp'] = "smtp.163.com";
         $vo['password'] = C("EMAIL_PASSWORD");
         $vo['pop3port'] = 110;
         $vo['smtpport'] = 25;
         $email = array($UserVo['email']);
         $result = $CommonAction->SendEmail($title, $content, $email, "", $vo, 1);
         if ($result) {
             $_SESSION['msg'] = "邮箱" . $UserVo['email'];
             $this->display("findpasswordnotice");
         } else {
             $this->error("操作失败!");
         }
     }
 }
Exemplo n.º 15
0
 /**
  * @Title: 密码修改
  * @Description: todo(密码修改)
  * @author qchlian
  * @date 2013-3-29
  */
 public function changePwd()
 {
     $step = intval($_POST['step']);
     if ($step) {
         //对表单提交处理进行处理或者增加非表单数据
         if (md5($_POST['verify']) != $_SESSION['verify']) {
             $this->error('验证码错误!');
         }
         $map = array();
         $map['password'] = pwdHash($_POST['oldpassword']);
         if (isset($_POST['account'])) {
             $map['account'] = $_POST['account'];
         } elseif (isset($_SESSION[C('USER_AUTH_KEY')])) {
             $map['id'] = $_SESSION[C('USER_AUTH_KEY')];
         }
         //检查用户
         $User = M("User");
         if (!$User->where($map)->field('id')->find()) {
             $this->error('旧密码不符或者用户名错误!');
         } else {
             $User->password = pwdHash($_POST['repassword']);
             $result = $User->save();
             if (!$result) {
                 $this->error(L('_ERROR_'));
             } else {
                 $this->success('密码修改成功!');
             }
         }
     }
     $this->display();
 }
Exemplo n.º 16
0
 /**
  * 更新数据
  * (non-PHPdoc)
  * @see CommonAction::update()
  */
 public function update()
 {
     $id = intval($_REQUEST['id']);
     $name = $this->getActionName();
     $model = D($name);
     $RoleUser = M("role_user");
     $data['user_id'] = $_REQUEST['id'];
     $data['role_id'] = $_REQUEST['role_id'];
     if (!$RoleUser->find($data['user_id'])) {
         $role = $RoleUser->where("user_id = {$data['user_id']}")->save($data);
     } else {
         $role = $RoleUser->add($data);
     }
     $model->update_time = time();
     $model->id = $_REQUEST['id'];
     $model->status = $_REQUEST['status'];
     $model->username = $_REQUEST['account'];
     if ($_REQUEST['password']) {
         $model->password = pwdHash($_POST['password']);
     }
     // 更新数据
     $list = $model->save();
     if (false != $list || $role != false) {
         $this->success("更新成功!", C('SITE_URL') . "?m=User");
     } else {
         //错误提示
         $this->error("修改失败!", C('SITE_URL') . "?m=User");
     }
 }
Exemplo n.º 17
0
 /**
  * 更新会员信息
  *
  * @author Vonwey <*****@*****.**>
  * @CreateDate: 2013-12-12 下午4:05:22
  */
 public function update()
 {
     $model = M("Member");
     if ($_POST['password']) {
         $_POST['password'] = pwdHash($_POST['password']);
     }
     if (false === $model->create()) {
         $this->error($model->getError());
     }
     // 更新数据
     $list = $model->save();
     if (false !== $list) {
         $detail = M("member_detail");
         $condition['uid'] = $_POST['id'];
         $_POST['uid'] = $_POST['id'];
         $data['id_card'] = $_POST['id_card'] ? $_POST['id_card'] : '';
         $data['bank_short'] = $_POST['bank_short'] ? $_POST['bank_short'] : '';
         $data['card_author'] = $_POST['card_author'] ? $_POST['card_author'] : '';
         $data['card_number'] = $_POST['card_number'] ? $_POST['card_number'] : '';
         $data['uid'] = $_POST['id'];
         // 更新数据
         $list = $detail->where($condition)->save($data);
         if ($detail->where("uid = " . $_POST['id'])->find()) {
             $list = $detail->where($condition)->save($data);
         } else {
             $list = $detail->where($condition)->add($data);
         }
         if (false !== $list) {
             //成功提示
             $this->success('编辑成功!');
         } else {
             //错误提示
             $this->error('编辑失败!');
         }
     } else {
         //错误提示
         $this->error('编辑失败!');
     }
 }
Exemplo n.º 18
0
 public function changePwd()
 {
     $this->checkUser();
     //对表单提交处理进行处理或者增加非表单数据
     if (md5($_POST['verify']) != $_SESSION['verify']) {
         $this->error('验证码错误!');
     }
     $map = array();
     $map['password'] = pwdHash($_POST['oldpassword']);
     if (isset($_POST['account'])) {
         $map['account'] = $_POST['account'];
     } elseif (isset($_SESSION[C('USER_AUTH_KEY')])) {
         $map['id'] = $_SESSION[C('USER_AUTH_KEY')];
     }
     //检查用户
     $User = M("User");
     if (!$User->where($map)->field('id')->find()) {
         $this->error('旧密码不符或者用户名错误!');
     } else {
         $User->password = pwdHash($_POST['password']);
         $User->save();
         $this->success('密码修改成功!');
     }
 }
Exemplo n.º 19
0
/**
 * Provides interface and back end routines that handle user logins
 * @author Avin E.M; Kunal Dahiya
 */
require_once 'connect_db.php';
require_once 'functions.php';
if ($_POST) {
    if (!empty($_POST['uName']) && !empty($_POST['pswd'])) {
        $uName = strtolower($_POST['uName']);
        $query = $db->prepare('SELECT * FROM faculty WHERE uName = ?');
        $query->execute([$uName]);
        $faculty = $query->fetch();
        if (!$faculty) {
            postResponse("error", "Username is not registered!");
        }
        if ($faculty['pswd'] == pwdHash($uName, $_POST['pswd']) || @ldap_bind(ldap_connect($config['ldap_host']), "uid={$uName}," . $config['ldap_dn'], $_POST['pswd'])) {
            $_SESSION['logged_in'] = true;
            $_SESSION['fName'] = $faculty['fac_name'];
            $_SESSION['uName'] = $uName;
            $_SESSION['level'] = $faculty['level'];
            $_SESSION['dept'] = $faculty['dept_code'];
        } else {
            postResponse("error", "Invalid credentials");
        }
    }
}
if (sessionCheck('logged_in')) {
    $home = "faculty.php";
    if ($_SESSION['level'] == "dean") {
        $home = "dean.php";
    }
Exemplo n.º 20
0
 /**
  *
  * @Title: addUser
  * @Description: todo(添加后台用户W函数)
  * @param unknown_type $id
  * @param unknown_type $type
  * @author renling
  * @date 2014-9-10 上午10:16:18
  * @throws
  */
 public function addUser($id, $type = 1)
 {
     if ($_POST['isaddUser'] == 1) {
         //登陆地址不存在,将登陆地址保存入公司信息
         if (!$_POST['loginurl']) {
             $MisSystemCompanyModel = D('MisSystemCompany');
             $loginurlResult = $MisSystemCompanyModel->where("status=1")->setField("loginurl", $_POST['userurl']);
             if (!$loginurlResult) {
                 $this->error("登陆地址修改失败。");
             }
         }
         $mis_hr_personnel_person_infoDao = M("mis_hr_personnel_person_info");
         $personnelData = $mis_hr_personnel_person_infoDao->where("id = " . $id)->find();
         $userModel = D('User');
         $userdate['account'] = $_POST['account'];
         $userdate['employeid'] = $id;
         $userdate['email'] = $personnelData['email'];
         $userdate['mobile'] = $_POST['phone'];
         $userdate['zhname'] = $_POST['zhname'];
         $userdate['name'] = $personnelData['name'];
         $userdate['sex'] = $personnelData['sex'];
         $userdate['duty_id'] = $personnelData['dutylevelid'];
         $userdate['dept_id'] = $personnelData['deptid'];
         //获取人事岗位对应的角色
         $rolegroup_id = getFieldBy($personnelData['worktype'], 'id', 'rolegroup_id', 'mis_hr_job_info');
         $userdate['role_id'] = $rolegroup_id;
         $userdate['attachrole'] = $rolegroup_id;
         $userdate['password'] = pwdHash(C('USER_DEFAULT_PASSWORD'));
         $userdate['createid'] = $_SESSION[C('USER_AUTH_KEY')];
         $userdate['createtime'] = time();
         $userResultid = $userModel->add($userdate);
         if (C('SWITCH_SENIOR_ROLE_GROUP') == 'On') {
             // 插入用户初始化高级权限组
             $this->addRolegroup($userResultid, C("USER_SENIOR_ROLE_GROUP"));
         }
         if ($userResultid) {
             //反写userid到人事表 by xyz 2015-10-22
             $pimap['id'] = $id;
             $pidata['userid'] = $userResultid;
             $pret = $mis_hr_personnel_person_infoDao->where($pimap)->save($pidata);
             if (false === $pret) {
                 $this->error("反写userid到人事表失败");
             }
             //
             $companyid = $_REQUEST['companyid'];
             $UserDeptDutyModel = D('UserDeptDuty');
             $RolegroupUserModel = D("RolegroupUser");
             $companyList = array();
             if ($type == 1) {
                 foreach ($companyid as $key => $val) {
                     if (in_array($val, array_keys($companyList))) {
                         $this->error(getFieldBy($val, "id", "name", "mis_system_company") . "添加重复,请查证后提交!");
                     }
                     $UserDeptDuty = array();
                     $UserDeptDuty['userid'] = $userResultid;
                     $UserDeptDuty['deptid'] = $_POST['deptid'][$key];
                     $UserDeptDuty['dutyid'] = $_POST['dutylevelid'][$key];
                     $UserDeptDuty['worktype'] = $_POST['worktype'][$key];
                     $UserDeptDuty['employeid'] = $id;
                     $UserDeptDuty['typeid'] = 1;
                     $UserDeptDuty['companyid'] = $_POST['companyid'][$key];
                     $UserDeptDuty['createid'] = $_SESSION[C('USER_AUTH_KEY')];
                     $UserDeptDuty['createtime'] = time();
                     if ($type == 2) {
                         $UserDeptUserResult = $UserDeptDutyModel->where('employeid=' . $id)->save($UserDeptDuty);
                     } else {
                         $UserDeptUserResult = $UserDeptDutyModel->add($UserDeptDuty);
                     }
                     $UserDeptDutyModel->commit();
                     $companyList[$val] = 1;
                     $RolegroupDate = array();
                     $RolegroupDate['user_id'] = $userResultid;
                     $RolegroupDate['companyid'] = $_POST['companyid'][$key];
                     $RolegroupDate['rolegroup_id'] = getFieldBy($_POST['worktype'][$key], "id", "rolegroup_id", "mis_hr_job_info");
                     $RolegroupUserResult = $RolegroupUserModel->add($RolegroupDate);
                     if (!$RolegroupUserResult) {
                         $this->error("权限组插入错误!");
                     }
                     if (!$UserDeptUserResult) {
                         $this->error("数据异常");
                     }
                 }
             } else {
                 //列表新增用户调用方法
                 $UserDeptDutyMap['employeid'] = $id;
                 $UserDeptDutyMap['status'] = 1;
                 $result = $UserDeptDutyModel->where($UserDeptDutyMap)->setField('userid', $userResultid);
                 $UserDeptDutyList = $UserDeptDutyModel->where($UserDeptDutyMap)->select();
                 foreach ($UserDeptDutyList as $key => $val) {
                     $RolegroupDate = array();
                     $RolegroupDate['user_id'] = $userResultid;
                     $RolegroupDate['rolegroup_id'] = getFieldBy($val['worktype'], "id", "rolegroup_id", "mis_hr_job_info");
                     $RolegroupDate['companyid'] = $val['companyid'];
                     $RolegroupUserResult = $RolegroupUserModel->add($RolegroupDate);
                     if (!$RolegroupUserResult) {
                         $this->error("权限组插入错误!");
                     }
                 }
             }
         }
         if ($userResultid && $_POST['issendemail']) {
             $email = array($_POST['useremail']);
             //邮箱发送
             $title = "[" . C('COPYRIGHT') . "]请查收您的用户信息";
             $content = "亲爱的用户,您好!<br/> 您在[" . C('COPYRIGHT') . "]注册信息如下: <br/>英文登陆名为:'" . $_POST['account'] . "'";
             if ($_POST['zhname']) {
                 $content .= "<br/>中文登陆名为: '" . $_POST['zhname'] . "'";
             }
             $content .= "<br/>初始密码为: '" . C('USER_DEFAULT_PASSWORD') . "' <br/> 请点击<a href='" . $_POST['userurl'] . "'> " . $_POST['userurl'] . "</a>登陆系统修改您的密码!";
             $vo['name'] = C("EMAIL_SERVERNAME");
             $vo['address'] = "brianl_yang";
             $vo['server'] = "163.com";
             $vo['email'] = C("EMAIL_SERVERADDRESS");
             $vo['pop3'] = "pop.163.com";
             $vo['smtp'] = "smtp.163.com";
             $vo['password'] = C("EMAIL_PASSWORD");
             $vo['pop3port'] = 110;
             $vo['smtpport'] = 25;
             $result = $this->SendEmail($title, $content, $email, "", $vo, 1, false);
             if ($type != 1) {
                 if (!$result) {
                     $this->error("操作失败!");
                 } else {
                     $this->success("创建成功!");
                 }
             } else {
                 if (!$result) {
                     $this->error("操作失败!");
                 }
             }
         } else {
             if ($type != 1) {
                 if ($userResultid) {
                     $this->success("创建成功!");
                 }
             }
         }
     }
 }
Exemplo n.º 21
0
 public function change_pwd()
 {
     $this->checkUser();
     //对表单提交处理进行处理或者增加非表单数据
     //if(md5($_POST['verify'])	!= $_session['verify']) {
     //	$this->error('验证码错误!');
     //}
     $map = array();
     $map['password'] = pwdHash($_POST['oldpassword']);
     if (isset($_POST['account'])) {
         $map['account'] = $_POST['account'];
     } elseif (get_user_id()) {
         $map['id'] = get_user_id();
     }
     //检查用户
     $User = M("User");
     if (!$User->where($map)->field('id')->find()) {
         $this->error('旧密码不符或者用户名错误!');
     } else {
         $User->password = pwdHash($_POST['password']);
         $User->save();
         $this->assign('jumpUrl', $this->_get_return_url());
         $this->success('密码修改成功!');
     }
 }