public static function verify_login_in($username, $password, $logintype = 2)
{
if ($logintype == 1) {
$password_md5 = md5($password);
} elseif ($logintype == 2) {
$password_md5 = $password;
} elseif ($logintype == 3) {
$password_md5 = $password;
}
$select = "SELECT * FROM gamebi_admin_user WHERE `user_name`='{$username}' and `password`='{$password_md5}'";
if (pm_db::query($select)) {
$data = pm_db::num_rows();
if ($data > 0) {
$auth_key = self::get_user_agent();
$auth_password = $password;
$auth_username = $username;
$cookie_value = authcode($auth_username . ':' . $auth_key . ':' . $auth_password, $operation = 'ENCODE');
$cookie_expire = time() + 7200;
//20分钟
$cook_pre = AUTH_KEY . '_admin_auth';
$_COOKIE[$cook_pre] = $cookie_value;
setcookie(AUTH_KEY . '_admin_auth', $cookie_value, $cookie_expire, PATH_COOKIE);
defined('USERNAME') || define('USERNAME', $username);
$row_info = pm_db::fetch_one();
defined('TRUENAME') || define('TRUENAME', $row_info['truename']);
defined('ADMINLEVEL') || define('ADMINLEVEL', $row_info['level']);
defined('ADMINUSERID') || define('ADMINUSERID', $row_info['user_id']);
defined('ISSUPERADMIN') || define('ISSUPERADMIN', $row_info['is_super']);
if (ADMINLEVEL == 1) {
defined('If_manager') || define('If_manager', 1);
$rightset = array();
} else {
defined('If_manager') || define('If_manager', 0);
$rightset = array();
$rightset = r_unserialize($row_info['rights']);
$crmi = strpos($row_info['rights'], "crmhome_index");
$summary = strpos($row_info['rights'], 'summarybutton');
defined('CRM') || define('CRM', $crmi);
defined('SUMMARY') || define('SUMMARY', $summary);
$sys_con = self::get_control();
//用户当前进行的操作
if (empty($sys_con) || $sys_con['c'] == 'login' || $sys_con['c'] == 'securimage' || globalrt($sys_con) || $_GET['c'] == 'tweet') {
} else {
$if_auth = false;
foreach ($rightset as $k => $v) {
if (is_int(strrpos($k, 'fl111'))) {
$ka = explode('fl111', $k);
foreach ($ka as $v) {
$rt = self::getrt($v);
if ($rt == $sys_con) {
$if_auth = true;
}
}
} else {
$rt = self::getrt($k);
if ($rt == $sys_con) {
$if_auth = true;
}
}
}
if ($if_auth) {
return true;
} else {
$sourceurl = $_SERVER['HTTP_REFERER'];
if ($sourceurl == 'http://gamebi.feiliu.com/?c=login&a=menu' || $sourceurl == '?c=login&a=menu') {
$sourceurl = '?c=login&a=welcome';
}
$error = '抱歉,您没有对应的操作权限,如有所需,请联系管理员。';
$http = $sourceurl;
$stop_loop = 0;
//没权限不跳转
self::message($error, $http);
exit;
}
}
}
$admin_recordfile = PATH_ADMIN_LOG_PATH . "/admin_log_" . date('Y-m-d') . ".php";
$onlineip = get_client_ip();
$new_record = "<?die;?>|{$username}|***|Logging Failed|{$onlineip}|" . time() . "|\n";
//登陆次数限制
//writeover($admin_recordfile,$new_record,"ab");
return true;
} else {
self::log_error_login($username, $password);
setcookie(AUTH_KEY . '_admin_auth', 0, 100, '/', PATH_COOKIE);
pm_tpl::assign('error', '账号或密码错误');
pm_tpl::display('login');
exit;
}
}
}
public function allot()
{
$username = $_GET['user'];
$user_id = $_GET['user_id'];
$uinfo = mod_member::get_oneamdinbyuser_id($user_id);
if ($uinfo['user_name'] != $username) {
mod_login::message('对不起,非法操作');
}
if ($_POST['submit']) {
$sright = r_serialize(forrightserialize($_POST['action_code']));
mod_member::saverights($sright, $user_id);
mod_login::message('权限赋予成功');
} else {
$rightlist = mod_menu::get_user_action();
$haveright = mod_member::get_right($user_id);
$role['action_list'] = forunrightserialize(r_unserialize($haveright));
pm_tpl::assign('priv_arr', $rightlist);
pm_tpl::assign('role', $role);
pm_tpl::assign('uinfo', $uinfo);
pm_tpl::assign('ur_here', '分派权限');
$action_link = array('href' => '?c=member&a=member_list', 'text' => '管理员列表');
pm_tpl::assign('action_link', $action_link);
pm_tpl::display('member_allot');
}
}
function r_unserialize($str, $array = array(), $i = 1)
{
$str = explode("\n{$i}\n", $str);
foreach ($str as $key => $value) {
$k = substr($value, 0, strpos($value, "\t"));
$v = substr($value, strpos($value, "\t") + 1);
if (strpos($v, "\n") !== false) {
$next = $i + 1;
$array[$k] = r_unserialize($v, $array[$k], $next);
} elseif (strpos($v, "\t") !== false) {
$array[$k] = r_array($array[$k], $v);
} else {
$array[$k] = $v;
}
}
return $array;
}
public static function get_user_menus($user_id, $r = false)
{
$right = forunrightserialize(r_unserialize(self::get_right($user_id)));
$menu = array();
foreach ($right as $v) {
$nv = explode('fl111', $v);
foreach ($nv as $nvv) {
$menuinfo = pm_db::fetch_result("SELECT * FROM iosadm_menu WHERE actioncode='{$nvv}' AND status=1");
if (!$menuinfo) {
continue;
}
/*if($menuinfo['parent_id']) $menu[$menuinfo['parent_id']] = 1;
$menu[$menuinfo['menu_id']] = 1;*/
$menu[] = $menuinfo;
}
}
return $menu;
}