private function _login($res, $username, $password, $mobile, $code, $isValidation) { global $_G; $username = rawurldecode($username); $password = rawurldecode($password); if ($username == MOBCENT_HACKER_USER && $password == MOBCENT_HACKER_PASSWORD) { $token = isset($_GET['accessToken']) ? $_GET['accessToken'] : ''; $secret = isset($_GET['accessSecret']) ? $_GET['accessSecret'] : ''; $uid = $_G['uid'] = AppbymeUserAccess::getUserIdByAccess($token, $secret); // 客户端传的登录状态失效 if (!$uid) { return $this->makeErrorInfo($res, 'mobcent_login_status'); } $result['member'] = getuserbyuid($uid); $_G['username'] = $result['member']['username']; // 把登录信息写入cookie中,并且更新登录的状态 UserUtils::updateCookie($result['member'], $uid); // 需要整理token和secret再返回给客户端 $userInfo = array('token' => $token, 'secret' => $secret); } else { $username = WebUtils::t($username); $logInfo = UserUtils::login($username, $password); if ($logInfo['errcode']) { UserUtils::delUserAccessByUsername($username); return $this->makeErrorInfo($res, $logInfo['message']); } if ($isValidation == 1) { // 是否开启了登录手机验证 $isLoginValidation = WebUtils::getDzPluginAppbymeAppConfig('mobcent_login_validation'); if ($isLoginValidation) { $userMobileBind = AppbymeSendsms::getBindInfoByUid($_G['uid']); if (!$userMobileBind) { // 当前登录的用户没有绑定手机号码 if ($mobile == '' && $code == '') { $res['isValidation'] = 1; return $this->makeErrorInfo($res, '', array('noError' => 0, 'alert' => 0)); } $checkInfo = UserUtils::checkMobileCode($res, $mobile, $code); if ($checkInfo['rs'] == 0) { return $this->makeErrorInfo($res, $checkInfo['errcode']); } $updataArr = array('uid' => $_G['uid']); AppbymeSendsms::updateMobile($mobile, $updataArr); } } } $userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password); } $userAvatar = UserUtils::getUserAvatar($_G['uid']); $res['isValidation'] = 0; $res['token'] = (string) $userInfo['token']; $res['secret'] = (string) $userInfo['secret']; $res['uid'] = (int) $_G['uid']; $res['avatar'] = (string) $userAvatar; $res['userName'] = (string) $_G['username']; return $res; }
private function _switchVest($res, $username) { global $_G; $username = WebUtils::t(rawurldecode($username)); $_GET['username'] = $username; $myrepeatsusergroups = (array) dunserialize($_G['cache']['plugin']['myrepeats']['usergroups']); if (!in_array($_G['groupid'], $myrepeatsusergroups)) { $users = C::t('#myrepeats#myrepeats')->fetch_all_by_username($_G['username']); if (!$users) { return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'usergroup_disabled')); } else { $permusers = array(); foreach ($users as $user) { $permusers[] = $user['uid']; } $member = C::t('common_member')->fetch_by_username($_GET['username']); if (!$member || !in_array($member['uid'], $permusers)) { return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'usergroup_disabled')); } } } $user = C::t('#myrepeats#myrepeats')->fetch_all_by_uid_username($_G['uid'], $_GET['username']); $user = current($user); $olddiscuz_uid = $_G['uid']; $olddiscuz_user = $_G['username']; $olddiscuz_userss = $_G['member']['username']; if (!$user) { $newuid = C::t('common_member')->fetch_uid_by_username($_GET['username']); if (C::t('#myrepeats#myrepeats')->count_by_uid_username($newuid, $olddiscuz_userss)) { // 第一次登录,需要输入密码 } //return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'user_nonexistence')); } elseif ($user['locked']) { return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'user_locked', array('user' => $_GET['username']))); } list($password, $questionid, $answer) = explode("\t", authcode($user['logindata'], 'DECODE', $_G['config']['security']['authkey'])); $logInfo = UserUtils::login($username, $password); if ($logInfo['errcode']) { return $this->makeErrorInfo($res, $logInfo['message']); } $userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password); $userAvatar = UserUtils::getUserAvatar($_G['uid']); $res['token'] = (string) $userInfo['token']; $res['secret'] = (string) $userInfo['secret']; $res['uid'] = (int) $_G['uid']; $res['avatar'] = (string) $userAvatar; $res['userName'] = (string) $_G['username']; return $res; }
public function actionLogin() { if (UserUtils::isInAppbymeAdminGroup()) { $this->redirect(Yii::app()->createAbsoluteUrl('admin/index')); } if (!empty($_POST)) { $username = isset($_POST['username']) ? $_POST['username'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; $result = UserUtils::login($username, $password); $errorMsg = ''; if ($result['errcode']) { $errorMsg = WebUtils::u($result['message']); } else { if (UserUtils::isInAppbymeAdminGroup()) { $this->redirect(Yii::app()->createAbsoluteUrl('admin/index')); } else { $errorMsg = '用户不是管理员,也不在允许登录的范围内!'; } } } $this->renderPartial('login', array('errorMsg' => $errorMsg, 'username' => $username)); }
private function _login($res, $username, $password) { global $_G; $username = rawurldecode($username); $password = rawurldecode($password); if ($username == MOBCENT_HACKER_USER && $password == MOBCENT_HACKER_PASSWORD) { $token = isset($_GET['accessToken']) ? $_GET['accessToken'] : ''; $secret = isset($_GET['accessSecret']) ? $_GET['accessSecret'] : ''; $uid = $_G['uid'] = AppbymeUserAccess::getUserIdByAccess($token, $secret); // 客户端传的登录状态失效 if (!$uid) { return $this->makeErrorInfo($res, 'mobcent_login_status'); } $result['member'] = getuserbyuid($uid); $_G['username'] = $result['member']['username']; // 把登录信息写入cookie中,并且更新登录的状态 UserUtils::updateCookie($result['member'], $uid); // 需要整理token和secret再返回给客户端 $userInfo = array('token' => $token, 'secret' => $secret); } else { $username = WebUtils::t($username); $logInfo = UserUtils::login($username, $password); if ($logInfo['errcode']) { UserUtils::delUserAccessByUsername($username); return $this->makeErrorInfo($res, $logInfo['message']); } $userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password); } $userAvatar = UserUtils::getUserAvatar($_G['uid']); $res['token'] = (string) $userInfo['token']; $res['secret'] = (string) $userInfo['secret']; $res['uid'] = (int) $_G['uid']; $res['avatar'] = (string) $userAvatar; $res['userName'] = (string) $_G['username']; return $res; }
private function _saveWxInfo($res, $username, $oauthToken, $password, $openId, $email, $gender, $act, $platformId) { if ($act == 'register') { $regInfo = UserUtils::register($username, $password, $email); if ($regInfo['errcode']) { return $this->makeErrorInfo($res, $regInfo['message']); } $uid = $regInfo['info']['uid']; $member = UserUtils::getUserInfo($uid); $userInfo = AppbymeUserAccess::registerProcess($regInfo['info']['uid'], $password); $data = array('uid' => $uid, 'openid' => $openId, 'status' => 1, 'type' => 1); AppbymeConnection::insertMobcentWx($data); $res['body']['uid'] = (int) $uid; $res['body']['token'] = (string) $userInfo['token']; $res['body']['secret'] = (string) $userInfo['secret']; } elseif ($act == 'bind') { global $_G; $logInfo = UserUtils::login($username, $password); if ($logInfo['errcode']) { UserUtils::delUserAccessByUsername($username); return $this->makeErrorInfo($res, 'mobcent_bind_error'); } $isBind = AppbymeConnection::getUserBindInfo($_G['uid']); if ($isBind) { return $this->makeErrorInfo($res, 'mobcent_bind_error_repeat'); } $data = array('uid' => $_G['uid'], 'openid' => $openId, 'status' => 1, 'type' => 1); AppbymeConnection::insertMobcentWx($data); $userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password); $userAvatar = UserUtils::getUserAvatar($_G['uid']); $res['body']['token'] = (string) $userInfo['token']; $res['body']['secret'] = (string) $userInfo['secret']; $res['body']['uid'] = (int) $_G['uid']; $res['body']['avatar'] = (string) $userAvatar; $res['body']['userName'] = (string) $_G['username']; } return $res; }