Exemplo n.º 1
0
 /**
  *用户登录 
  * @param $username用户名
  * @param $password密码
  * 返回"true"为成功,不为true返回失败信息
  */
 public static function userLogin($username = NULL, $password = NULL)
 {
     $ret = array('status' => 0, 'msg' => '');
     $ret_num = 2;
     try {
         if (!empty($_SESSION['user_id'])) {
         }
         if (empty($username) || empty($password)) {
             throw new Exception("用户名或密码输入有误");
         }
         $password = md5("beubeu" . md5($password));
         $users = self::userSelectByParm("", $username, $password);
         //查询用户表用户名和密码是否正确
         if (empty($users)) {
             //大于0说明数据库查询有数据
             $ret_num = 2;
             //用户名密码错误
             throw new Exception('用户名密码错误');
         }
         $currenttime = time();
         ///echo $currenttime."  ".$users['endtime'];exit();
         if ($currenttime > strtotime($users['endtime'])) {
             //如果当前时间大于到期时间说明已过期
             $ret_num = 3;
             throw new Exception('帐号过期');
         }
         self::usermodelUpdateByUserid($users['id'], 2);
         //$ret_status=self::userSeleteStatus($users['id']);
         //print_r($ret_status);exit();
         //if($ret_status['status']==1){//说明可登录
         //	$ret_num=8;
         //	throw new Exception('帐号已登陆');
         //}
         //设置seesion和cookie
         if (!empty($users["type"]) && $users["type"] == Yii::app()->params['sub_type']) {
             $ret_num = 6;
             throw new Exception('用户访问权限不够');
         }
         //用户需要进行IP验证的就验证
         if ($users['ip_limit'] == 1) {
             $sel = Yii::app()->db->createCommand();
             $ipp2 = $sel->select('IP')->from('beu_user_ip_limit')->where('status=1 and userid=' . $users['id'])->queryAll();
             if (count($ipp2) == 0) {
                 $ret_num = 5;
                 throw new Exception('IP未设置');
             }
             $is_bool = false;
             foreach ($ipp2 as $value) {
                 if ($value['IP'] == Comm::getSourceIp()) {
                     $is_bool = true;
                     break;
                 }
             }
             if (!$is_bool) {
                 $ret_num = 5;
                 throw new Exception('当前访问IP不在设置范围内');
             }
         }
         $users['type'] = self::userTypeChange($users['type'], $users['ERP3_status']);
         //权限转换
         if ($users['type'] > 70 || $users['type'] < 51) {
             //用户权限级别不再范围表示其权限不可访问后台
             $ret_num = 6;
             throw new Exception('用户访问权限不够');
         }
         //$_SESSION ['type'] = $users['type'];
         //$_SESSION ['touchid'] = json_decode ( $userinfo ['touchid'], true );
         //$_SESSION ['permissions'] = json_decode ( $userinfo ['permissions'], true );
         $_SESSION['user_id'] = $users['id'];
         $_SESSION['userid'] = $users['id'];
         $_SESSION['user'] = $users['username'];
         //用户名
         $_SESSION['type'] = $users['type'];
         //用户类型,2为管理员,5为品牌,10为普通用户
         $_SESSION['istotalaccount'] = $users['istotalaccount'];
         //是非品牌总管理 1.是 0.否
         $_SESSION['account'] = isset($users['account']) && !empty($users['account']) ? $users['account'] : 0;
         //对应的账户类型 beu_useraccount.id
         $_SESSION['touchidd'] = isset($users['touchid']) && !empty($users['touchid']) ? implode(',', json_decode($users['touchid'], true)) : '';
         $_SESSION['xiazai_v'] = 1;
         //是有可下载图片
         $_SESSION['brandid'] = isset($users['brandid']) && !empty($users['brandid']) ? $users['brandid'] : 0;
         /************* 总分屏配置 start ********************/
         $_SESSION['clothes_table'] = 'touch_clothes';
         $_SESSION['table_where'] = '';
         $_SESSION['is_push'] = 0;
         $_SESSION['sub_id'] = 0;
         /************* 总分屏配置 end ********************/
         Yii::app()->cache->delete(CacheName::getCacheName('user_action_Info') . $users['id']);
         //清除用户的可访问页面列表缓存
         usercookie::userSet($users['id'], $username, $password);
         //删除该用户临时数据
         //self::usermodeDeleteByUserid($users['id']);
         //将该用户添加到临时表中
         //self::usermodeForAdd($users['id']);
         $ret_num = 4;
         $ret['status'] = 1;
     } catch (Exception $e) {
         $ret['msg'] = $e->getMessage();
     }
     $ret['data'] = $ret_num;
     return $ret;
 }
Exemplo n.º 2
0
 /**
  * 获取用户可访问的权限
  * @return array('status'=>0,'msg'=>'','data'=>array(),'user_type'=>0) 成功status为1 有data数据,用户权限
  */
 static function getPowerAll()
 {
     $ret = array('status' => 0, 'msg' => '');
     try {
         if (!isset($_SESSION['user_id'])) {
             throw new Exception('用户ID不能为空');
         }
         $userid = $_SESSION['user_id'];
         $ret_judge_bool = permission::judgeUserIP();
         //获取用户是否需要判断来源IP
         if ($ret_judge_bool['status'] == 0) {
             throw new Exception($ret_judge_bool['msg']);
         }
         if ($ret_judge_bool['is_bool_ip']) {
             //需要判断来源IP
             $ret_ip = self::getIpLimit($userid);
             //获取用户的IP白名单
             if ($ret_ip['status'] == 0 && !isset($ret_ip['data'])) {
                 throw new Exception($ret_ip['msg']);
             }
             $is_bool = false;
             foreach ($ret_ip['data'] as $value) {
                 if ($value['IP'] == Comm::getSourceIp()) {
                     $is_bool = true;
                     break;
                 }
             }
             if (!$is_bool) {
                 //未在IP白名单里找到来源IP
                 throw new Exception('来源IP未添加到用户的IP白名单里');
             }
         }
         $user_type = $ret_judge_bool['user_type'];
         //用户权限级别
         if ($user_type != 1) {
             //不为超级管理员时才查询其访问权限
             $cache = Yii::app()->cache->get(CacheName::getCacheName('user_action_Info') . $userid . $user_type);
             if ($cache === false) {
                 $ret_Action = self::getActionInfoByUser($userid, $user_type);
                 if ($ret_Action['status'] == 0) {
                     throw new Exception($ret_Action['msg']);
                 }
                 Yii::app()->cache->set(CacheName::getCacheName('user_action_Info') . $userid . $user_type, $ret_Action, 300);
                 //设置用户的可访问页面列表缓存
             } else {
                 $ret_Action = $cache;
             }
             if ($user_type == Yii::app()->params['main_type'] && $_SESSION['sub_id'] != 0) {
                 //当期帐号权限为总屏权限时,并且切换到了子屏
                 $ret_Action = self::getActionInfoByUser($_SESSION['sub_id'], Yii::app()->params['sub_type']);
                 //获取子屏访问权限
             }
             $ret['data'] = $ret_Action['data'];
         }
         $ret['status'] = 1;
         $ret['user_type'] = $user_type;
     } catch (Exception $e) {
         $ret['msg'] = $e->getMessage();
     }
     return $ret;
 }