/** * 获取该用户的浏览级权限 * * @param unknown $aname 当前action名称 * @param unknown $type $type=1 读取物理文件格式 * @param unknown $tablename 内嵌表格读取数据权限 传入内嵌表格表名 */ public function getUserMap($aname = '', $type, $tablename) { $authId = $_SESSION[C('USER_AUTH_KEY')]; $map = ""; if ($authId && $_SESSION[C('ADMIN_AUTH_KEY')] != 1) { $file = DConfig_PATH . "/BrowsecList/borwse_" . $authId . ".php"; if (!file_exists($file)) { Browse::saveBrowseList($authId); } // 查询当前用户当前模块的浏览权限,如果没获取到,要1、重新生成 2、如果未生成抛出异常 3、对生成文件再做检查权限工作 $borwseList = (require $file); // 返回當前aciton的瀏覽權限 if ($tablename) { if ($borwseList[$aname][$tablename]['formsql']) { $map = $borwseList[$aname][$tablename]['formsql']; } } else { if ($borwseList[$aname]['formsql'] || $borwseList[$aname]['extend']['formsql']) { $map = $borwseList[$aname]['formsql']; if ($borwseList[$aname]['extend']['formsql']) { if ($map) { $map .= " and " . $borwseList[$aname]['extend']['formsql']; } else { $map .= $borwseList[$aname]['extend']['formsql']; } } } } } if ($type == 1) { //物理文件样式 return $borwseList; } else { //表单sql //echo $tablename; $map2 = Browse::changerole($aname, '', $tablename); if ($map2) { $map = array($map, $map2); //$map = $map." OR (".$map2.")"; } //print_r($map); return $map; } }
/** * @Title: signin * @Description: todo(浏览器版登陆方法) * @author liminggang * @date 2014-8-28 下午4:34:10 * @throws */ public function signin() { //获取产品模块授权培 $model = D('SerialNumber'); $system = array(); $system = $model->CheckFile(); if (count($system) > 0) { //验证序列号文件是否存在,基本校验。 redirect(U("Public/serialnumber?register=" . $_POST['account'])); } //读取名人录数据 //$this->getsolidotinfor(); if ($_POST["login_type"] == "dialog") { $this->loginType = "dialog"; } if (empty($_POST['account'])) { $this->assign("jumpUrl", __URL__ . '/login/'); } elseif (empty($_POST['password'])) { $this->assign("jumpUrl", __URL__ . '/login/'); } elseif (C("VERIFICATION_CODE") && empty($_POST['verify'])) { if ($this->loginType != 'helperLogin') { $this->assign("jumpUrl", __URL__ . '/login/'); $this->error('验证码必须!'); } } elseif (C("VERIFICATION_CODE") && $_SESSION['verify'] != md5($_POST['verify'])) { if ($this->loginType != 'helperLogin') { $this->assign("jumpUrl", __URL__ . '/login/'); $this->error('验证码错误!'); } } //获取authinfo信息 $authInfo = $this->getAuthInfo(); //使用用户名、密码和状态的方式进行认证 if (false == $authInfo) { $this->assign("jumpUrl", __URL__ . '/login/'); if ($this->loginType != 'helperLogin') { $this->assign("info", "帐号不存在或已禁用!"); $this->display('login'); } else { return array('status' => 0, 'msg' => "error:帐号不存在或已禁用!"); exit; } } else { //--------------此部分为验证密码-------------------// $checkPwd = $this->checkPwd($authInfo); if ($checkPwd) { return $checkPwd; } //-----------以下部分已被分成方法-------------// $this->setSession($authInfo); //设置session $this->setUserInfoCookie($authInfo); //设置UserInfo的cookie //$this->setBBSCookie($authInfo);//设置BBS的cookie $time = time(); //保存登录信息 $ip = get_client_ip(); $data = array(); $data['last_login_time'] = $time; $data['logintime'] = $time; $data['isonline'] = 1; $data['sessionid'] = session_id(); $data['id'] = $authInfo['id']; $data['login_count'] = array('exp', 'login_count+1'); $data['login_error_count'] = 0; $data['newmsg'] = 1; $data['newmsgtype'] = 1; $data['last_login_ip'] = $ip; if (!$bindacount) { $User = M('User'); $User->save($data); $User->commit(); } //新增online信息,类型为新增 $this->setUserOnline($authInfo, $type = "insert"); // 缓存访问权限 RBAC::saveAccessList(); //写入浏览及权限 Browse::saveBrowseList(); if (isset($_SESSION[C('ADMIN_AUTH_KEY')])) { $re = $this->check_upgrade(false); } //如果是从OA客户端登录的,返回真 if ($this->loginType == 'helperLogin') { if ($_REQUEST['fromOA'] == 2) { //$this->success('登录成功!'); redirect(U('Index/index'), 0.01, '页面跳转中。。。'); } else { return array('status' => 1, 'msg' => "success:登录成功!"); exit; } } else { if ($this->loginType != 'checkLogin') { redirect(U('Index/index')); } else { $this->success('登录成功!'); } } } }
public function lookupchangec() { $companyid = $_POST['companyid']; //当前登录公司id $_SESSION['companyid'] = $companyid; //查询该用户在此公司中主岗部门 $userMap = array(); $userMap['status'] = 1; //查询该公司 $userMap['companyid'] = $companyid; //查询主岗 $userMap['typeid'] = 1; //当前用户 $userMap['userid'] = $_SESSION[C('USER_AUTH_KEY')]; $userDeptDutyModel = D("UserDeptDuty"); //查询当前登录公司主岗部门id $userDeptDutyVo = $userDeptDutyModel->where($userMap)->find(); $_SESSION['user_dep_id'] = $userDeptDutyVo['deptid']; //删除原有浏览权限 $obj_dir = new Dir(); $directory = DConfig_PATH . "/BrowsecList/borwse_" . $_SESSION[C('USER_AUTH_KEY')] . ".php"; $ret = file_exists($directory); if ($ret) { $ret = unlink($directory); } /*if(isset($directory)){ unlink($directory) $obj_dir->del($directory); }*/ //写入浏览及权限 Browse::saveBrowseList(); //修改公司后 重新读取浏览权限 echo $_SESSION['companyid']; }