Exemplo n.º 1
0
 /**
  * User login, identify him and authorize him.
  * 
  * @access public
  * @return void
  */
 public function login($referer = '', $from = '')
 {
     $this->setReferer($referer);
     $loginLink = $this->createLink('user', 'login');
     $denyLink = $this->createLink('user', 'deny');
     /* Reload lang by lang of get when viewType is json. */
     if ($this->app->getViewType() == 'json' and $this->get->lang and $this->get->lang != $this->app->getClientLang()) {
         $this->app->setClientLang($this->get->lang);
         $this->app->loadLang('user');
     }
     /* If user is logon, back to the rerferer. */
     if ($this->user->isLogon()) {
         if ($this->app->getViewType() == 'json') {
             $data = $this->user->getDataInJSON($this->app->user);
             die(helper::removeUTF8Bom(json_encode(array('status' => 'success') + $data)));
         }
         if (strpos($this->referer, $loginLink) === false and strpos($this->referer, $denyLink) === false and $this->referer) {
             die(js::locate($this->referer, 'parent'));
         } else {
             die(js::locate($this->createLink($this->config->default->module), 'parent'));
         }
     }
     /* Passed account and password by post or get. */
     if (!empty($_POST) or isset($_GET['account']) and isset($_GET['password'])) {
         $account = '';
         $password = '';
         if ($this->post->account) {
             $account = $this->post->account;
         }
         if ($this->get->account) {
             $account = $this->get->account;
         }
         if ($this->post->password) {
             $password = $this->post->password;
         }
         if ($this->get->password) {
             $password = $this->get->password;
         }
         if ($this->user->checkLocked($account)) {
             $failReason = sprintf($this->lang->user->loginLocked, $this->config->user->lockMinutes);
             if ($this->app->getViewType() == 'json') {
                 die(helper::removeUTF8Bom(json_encode(array('status' => 'failed', 'reason' => $failReason))));
             }
             die(js::error($failReason));
         }
         $user = $this->user->identify($account, $password);
         if ($user) {
             $this->user->cleanLocked($account);
             /* Authorize him and save to session. */
             $user->rights = $this->user->authorize($account);
             $user->groups = $this->user->getGroups($account);
             $this->session->set('user', $user);
             $this->app->user = $this->session->user;
             $this->loadModel('action')->create('user', $user->id, 'login');
             /* Keep login. */
             if ($this->post->keepLogin) {
                 $this->user->keepLogin($user);
             }
             /* Check password. */
             if (isset($this->config->safe->mode) and $this->user->computePasswordStrength($password) < $this->config->safe->mode) {
                 echo js::alert($this->lang->user->weakPassword);
             }
             /* Go to the referer. */
             if ($this->post->referer and strpos($this->post->referer, $loginLink) === false and strpos($this->post->referer, $denyLink) === false) {
                 if ($this->app->getViewType() == 'json') {
                     $data = $this->user->getDataInJSON($user);
                     die(helper::removeUTF8Bom(json_encode(array('status' => 'success') + $data)));
                 }
                 /* Get the module and method of the referer. */
                 if ($this->config->requestType == 'PATH_INFO') {
                     $path = substr($this->post->referer, strrpos($this->post->referer, '/') + 1);
                     $path = rtrim($path, '.html');
                     if (empty($path)) {
                         $path = $this->config->requestFix;
                     }
                     list($module, $method) = explode($this->config->requestFix, $path);
                 } else {
                     $url = html_entity_decode($this->post->referer);
                     $param = substr($url, strrpos($url, '?') + 1);
                     list($module, $method) = explode('&', $param);
                     $module = str_replace('m=', '', $module);
                     $method = str_replace('f=', '', $method);
                 }
                 if (common::hasPriv($module, $method)) {
                     die(js::locate($this->post->referer, 'parent'));
                 } else {
                     die(js::locate($this->createLink($this->config->default->module), 'parent'));
                 }
             } else {
                 if ($this->app->getViewType() == 'json') {
                     $data = $this->user->getDataInJSON($user);
                     die(helper::removeUTF8Bom(json_encode(array('status' => 'success') + $data)));
                 }
                 die(js::locate($this->createLink($this->config->default->module), 'parent'));
             }
         } else {
             $fails = $this->user->failPlus($account);
             if ($this->app->getViewType() == 'json') {
                 die(helper::removeUTF8Bom(json_encode(array('status' => 'failed', 'reason' => $this->lang->user->loginFailed))));
             }
             $remainTimes = $this->config->user->failTimes - $fails;
             if ($remainTimes <= 0) {
                 die(js::error(sprintf($this->lang->user->loginLocked, $this->config->user->lockMinutes)));
             } else {
                 if ($remainTimes <= 3) {
                     die(js::error(sprintf($this->lang->user->lockWarning, $remainTimes)));
                 }
             }
             die(js::error($this->lang->user->loginFailed));
         }
     } else {
         if (!empty($this->config->global->showDemoUsers)) {
             $demoUsers = $this->user->getPairs('nodeleted, noletter, noempty, noclosed');
             $this->view->demoUsers = $demoUsers;
         }
         $this->app->loadLang('misc');
         $this->view->noGDLib = sprintf($this->lang->misc->noGDLib, common::getSysURL() . $this->config->webRoot);
         $this->view->title = $this->lang->user->login;
         $this->view->referer = $this->referer;
         $this->view->s = zget($this->config->global, 'sn');
         $this->view->keepLogin = $this->cookie->keepLogin ? $this->cookie->keepLogin : '******';
         $this->display();
     }
 }
Exemplo n.º 2
0
/* Start output buffer. */
ob_start();
/* Define the run mode as admin. */
define('RUN_MODE', 'admin');
/* Load the framework.*/
include 'loader.php';
/* Check admin entry. */
checkAdminEntry();
/* Instance the app. */
$app = router::createApp('chanzhi', $systemRoot);
$config = $app->config;
/* Check the reqeust is getconfig or not. Check installed or not. */
if (isset($_GET['mode']) and $_GET['mode'] == 'getconfig') {
    die($app->exportConfig());
}
if (!isset($config->installed) or !$config->installed) {
    die(header('location: install.php'));
}
/* Change the request settings. */
$config->frontRequestType = $config->requestType;
$config->requestType = 'GET';
$config->default->module = 'admin';
$config->default->method = 'index';
/* Run it. */
$common = $app->loadCommon();
$app->parseRequest();
$common->checkPriv();
$app->loadModule();
/* Flush the buffer. */
echo helper::removeUTF8Bom(ob_get_clean());
 /** 
  * Send data directly, for ajax requests.
  * 
  * @param  misc    $data 
  * @param  string $type 
  * @access public
  * @return void
  */
 public function send($data, $type = 'json')
 {
     if ($type == 'json') {
         echo json_encode($data);
     }
     die(helper::removeUTF8Bom(ob_get_clean()));
 }
Exemplo n.º 4
0
 /**
  * Send data directly, for ajax requests.
  * 
  * @param  misc    $data 
  * @param  string $type 
  * @access public
  * @return void
  */
 public function send($data, $type = 'json')
 {
     $data = (array) $data;
     if ($type == 'json') {
         if (!helper::isAjaxRequest()) {
             if (isset($data['result']) and $data['result'] == 'success') {
                 if (!empty($data['message'])) {
                     echo js::alert($data['message']);
                 }
                 $locate = isset($data['locate']) ? $data['locate'] : (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
                 if (!empty($locate)) {
                     die(js::locate($locate));
                 }
                 die(isset($data['message']) ? $data['message'] : 'success');
             }
             if (isset($data['result']) and $data['result'] == 'fail') {
                 if (!empty($data['message'])) {
                     $message = json_decode(json_encode((array) $data['message']));
                     foreach ((array) $message as $item => $errors) {
                         $message->{$item} = implode(',', $errors);
                     }
                     echo js::alert(strip_tags(implode(" ", (array) $message)));
                     die(js::locate('back'));
                 }
             }
         }
         echo json_encode($data);
     }
     die(helper::removeUTF8Bom(ob_get_clean()));
 }