public static function checkIsLogin() { //自动登录验证 if (session('uid') === null && ($uid = encrytion(cookie(C('COOKIE_PREFIX') . '_AUTO')))) { //清除token unset($_SESSION[$tokenName][md5(session_id())]); if ($User = new \Admin\Model\UserModel()) { $condition['uid'] = $uid; if ($result = $User->where($condition)->find()) { session('uid', $result['uid']); session('name', $result['name']); session('head', $result['head']); session('type', $result['type']); session('msg', $result['msg']); session('tel', $result['tel']); session('email', $result['email']); } else { self::$error = '自动登录失败'; } //后续改成,ajax返回错误信息 } else { self::$error = '数据库连接失败'; } } if ($_SESSION['uid'] === null) { //如果没有设置UID,就返回false,后续再做cookie验证 self::$error = '尚未登录'; return FALSE; } else { if (in_array($_SESSION['type'], array('6', '7'))) { self::$error = '您当前已被限制登录'; return FALSE; } } self::$error = '已登录'; return TRUE; }
public function create() { //待完善 if (IS_GET) { die("<meta charset='utf-8'><h1>非法访问</h1>"); } $tokenName = C('TOKEN_NAME', null, 'token'); if (Behavior\CheckIslogin::checkIsLogin()) { //校验成功,转入后台,这里不做有效性检测,有效性检测交给用户页面 $this->success(Behavior\CheckIslogin::getError(), U('/Admin/Index/')); } else { if (IS_POST & I('post.token') == $_SESSION[$tokenName][md5(session_id())]) { //校验token成功后,清除 unset($_SESSION[$tokenName][md5(session_id())]); if ($User = new \Admin\Model\UserModel()) { $condition['uid'] = I('post.uid'); $condition['pwd'] = I('post.pwd'); $condition['name'] = I('post.name'); $condition['msg'] = 1; $condition['repwd'] = I('post.repwd'); //两次密码验证可以在模型规则验证中配置,目前尝试无效,待处理 if ($User->create($condition, 1)) { //创建成功后的操作在这里完成 $User->add(); session(null); session('uid', $condition['uid']); session('type', '2'); session('name', $condition['name']); session('msg', '1'); session('head', '/Common/defaultHead.png'); session('email', $condition['uid']); $Msg = M('Msg'); $welcome['fromid'] = C('ADMIN_NAME'); $welcome['toid'] = $condition['uid']; $welcome['content'] = C('REG_WELCOME'); $welcome['type'] = C('MSG_TYPE.ADMIN'); $Msg->create($welcome); $Msg->add(); $this->success('注册成功', U('/Home')); } else { $this->error($User->getError(), U('/Admin/Index/regist')); } //后续改成,ajax返回错误信息代码,减少传输量 } else { die('数据库连接失败'); } } else { $this->error('页面超时,请重新输入', U('/Admin/Index/regist'), 3); } } }