function _initialize()
{
//echo '<pre>';print_r($_SESSION);exit;
//import('@.ORG.Util.Cookie');
// 用户权限检查
if (C('USER_AUTH_ON') && !in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE')))) {
// import('@.ORG.Util.RBAC');
if (!RBAC::AccessDecision()) {
//检查认证识别号,没有登录的情况
if (!$_SESSION[C('USER_AUTH_KEY')]) {
//跳转到认证网关
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 没有权限 抛出错误
if (C('RBAC_ERROR_PAGE')) {
// 定义权限错误页面
redirect(C('RBAC_ERROR_PAGE'));
} else {
if (C('GUEST_AUTH_ON')) {
$this->assign('jumpUrl', PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 提示错误信息
unset($_SESSION[C('USER_AUTH_KEY')]);
//不然在某些情况会在,登陆页面反复跳转
$this->error(L('_VALID_ACCESS_'), PHP_FILE . C('USER_AUTH_GATEWAY'));
//$this->error(L('_VALID_ACCESS_'),__APP__ . C('USER_AUTH_GATEWAY'));
}
}
}
}
public function getAname($authId)
{
import('@.ORG.RBAC');
$groupList = RBAC::getFileGroupAccessList();
// 查询菜单分组
$model = M("group");
//管理员排除验证
if (!isset($_SESSION['a'])) {
$map['status'] = 1;
if ($groupList) {
$map['id'] = array(" in ", $groupList);
} else {
$map['id'] = 0;
}
} else {
$map['status'] = array('gt', 0);
}
$list = $model->where($map)->order("sorts asc")->select();
$pModel = D("Public");
$nlist = array();
foreach ($list as $key => $val) {
$nlist[$val['id']] = $pModel->menuLeftTree($val['id']);
}
return $nlist;
}
function _initialize()
{
// 用户权限检查
if (C('USER_AUTH_ON') && !in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE')))) {
import('ORG.Util.RBAC');
if (!RBAC::AccessDecision()) {
//检查认证识别号
if (!$_SESSION[C('USER_AUTH_KEY')]) {
//跳转到认证网关
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 没有权限 抛出错误
if (C('RBAC_ERROR_PAGE')) {
// 定义权限错误页面
redirect(C('USER_AUTH_GATEWAY'));
} else {
if (C('GUEST_AUTH_ON')) {
$this->assign('jumpUrl', PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 提示错误信息
$this->error(L('_VALID_ACCESS_'));
}
}
if (!get_magic_quotes_gpc()) {
!empty($_POST) && Add_S($_POST);
!empty($_GET) && Add_S($_GET);
!empty($_COOKIE) && Add_S($_COOKIE);
!empty($_SESSION) && Add_S($_SESSION);
}
!empty($_FILES) && Add_S($_FILES);
}
}
public static function AccessDecision($appName = APP_NAME)
{
if (RBAC::checkAccess()) {
$accessGuid = md5($appName . MODULE_NAME . ACTION_NAME);
if (empty($_SESSION[C('ADMIN_AUTH_KEY')])) {
if (C('USER_AUTH_TYPE') == 2) {
$accessList = RBAC::getAccessList($_SESSION[C('USER_AUTH_KEY')]);
} else {
if ($_SESSION[$accessGuid]) {
return true;
}
$accessList = $_SESSION['_ACCESS_LIST'];
}
$module = defined('P_MODULE_NAME') ? P_MODULE_NAME : MODULE_NAME;
if (!isset($accessList[strtoupper($appName)][strtoupper($module)][strtoupper(ACTION_NAME)])) {
$_SESSION[$accessGuid] = false;
return false;
} else {
$_SESSION[$accessGuid] = true;
}
} else {
return true;
}
}
return true;
}
function _initialize()
{
import('@.ORG.Util.Cookie');
// 用户权限检查
if (C('USER_AUTH_ON') && !in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE')))) {
import('@.ORG.Util.RBAC');
if (!RBAC::AccessDecision()) {
//检查认证识别号
if (!$_SESSION[C('USER_AUTH_KEY')]) {
//跳转到认证网关
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 没有权限 抛出错误
if (C('RBAC_ERROR_PAGE')) {
// 定义权限错误页面
redirect(C('RBAC_ERROR_PAGE'));
} else {
if (C('GUEST_AUTH_ON')) {
$this->assign('jumpUrl', PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 提示错误信息
$this->error(L('_VALID_ACCESS_'));
}
}
}
}
/**
* to get singleton instance
*
* @access public
* @return object
*/
public function &getSingleton()
{
if (self::$instance == null) {
self::$instance = new RBAC();
}
return self::$instance;
}
function checkLogin()
{
if (empty($_POST['username'])) {
$this->error('帐号错误!');
} elseif (empty($_POST['password'])) {
$this->error('密码必须!');
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['username'] = $_POST['username'];
import('ORG.Util.RBAC');
$authInfo = RBAC::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($_POST['password'])) {
$this->error('密码错误!');
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
if ($authInfo['username'] == 'admin') {
$_SESSION['administrator'] = true;
}
// 缓存访问权限
RBAC::saveAccessList();
$this->success('登录成功!');
}
}
protected function _initialize()
{
$sql = "SHOW COLUMNS FROM `" . C("DB_PREFIX") . "user`";
$COLUMNS = M()->query($sql);
foreach ($COLUMNS as $vo) {
$COLUMNS_array[] = $vo["Field"];
}
if (!in_array("is_admin", $COLUMNS_array)) {
$sql = "ALTER TABLE `" . C("DB_PREFIX") . "user` ADD `is_admin` INT NOT NULL DEFAULT '0'";
M()->query($sql);
}
if (!isset($_SESSION["username"])) {
$this->error("非法操作", U("System/Admin/index"));
}
parent::_initialize();
C("NOT_AUTH_ACTION", "");
C("NOT_AUTH_MODULE", "Admin");
if (C("USER_AUTH_ON") && !in_array(MODULE_NAME, explode(",", C("NOT_AUTH_MODULE")))) {
if (!RBAC::AccessDecision()) {
if (!$_SESSION[C("USER_AUTH_KEY")]) {
redirect(PHP_FILE . C("USER_AUTH_GATEWAY"));
}
if (C("RBAC_ERROR_PAGE")) {
redirect(C("RBAC_ERROR_PAGE"));
} else {
if (C("GUEST_AUTH_ON")) {
$this->assign("jumpUrl", PHP_FILE . C("USER_AUTH_GATEWAY"));
}
$this->error(L("_VALID_ACCESS_"));
}
}
}
$this->show_menu();
}
public function login()
{
if (!IS_POST) {
halt('页面不存在');
}
//sae平台特殊处理验证码
if (md5(strtoupper($_POST['code'])) != $_SESSION['verify']) {
//验证错误处理代码
$this->error('验证码错误');
}
// if(I('code', '', 'strtolower') != session('verify')){
// $this->error('验证码错误');
// }
$db = M('user');
$user = $db->where(array('username' => I('username')))->find();
if (!$user || $user['password'] != I('password', '', 'md5')) {
$this->error('username or password wrong!');
}
//更新最后一次登录时间与IP
$data = array('id' => $user['id'], 'logintime' => time(), 'loginip' => get_client_ip());
$db->save($data);
session(C('USER_AUTH_KEY'), $user['id']);
session('username', $user['username']);
session('logintime', date('Y-m-d H:i:s', $user['logintime']));
session('loginip', $user['loginip']);
//超级管理员识别
if ($user['username'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
// p($_SESSION);
//读取用户权限
import('ORG.Util.RBAC');
RBAC::saveAccessList();
redirect(__GROUP__);
}
/**
* to get singleton instance
*
* @access public
* @return object
*/
function &getSingleton()
{
if (self::$instance == NULL) {
self::$instance = new RBAC();
}
return self::$instance;
}
public function login()
{
if (!IS_POST) {
halt('页面不存在3');
}
// if(I('code','','md5')!=session('verify')){
// $this->error('验证码错误');
// }
$username = I('username');
$pwd = I('password', '', 'md5');
$user = M('user')->where(array('username' => $username))->find();
if (!$user || $user['password'] != $pwd) {
$this->error('账号或密码错误!');
}
if ($user['lock']) {
$this->error('用户被锁了');
}
$data = array('id' => $user['id'], 'logintime' => time(), 'loginip' => get_client_ip());
M('user')->save($data);
session(C('USER_AUTH_KEY'), $user['id']);
session('username', $user['username']);
session('logintime', date('Y-m-d H:i:s', $user['logintime']));
session('loginip', $user['loginip']);
//超级管理员识别
if ($user['username'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
//读取用户权限
import('ORG.Util.RBAC');
RBAC::saveAccessList();
p($_SESSION);
die;
$this->redirect('Admin/Index/index');
}
protected function _initialize(){
if(!isset($_SESSION['username'])){$this->error('非法操作',U('System/Adminsaivi/index'));}
parent::_initialize();
if (C('USER_AUTH_ON') && !in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE')))) {
if (!RBAC::AccessDecision()) {
//检查认证识别号
if (!$_SESSION [C('USER_AUTH_KEY')]) {
//跳转到认证网关
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 没有权限 抛出错误
if (C('RBAC_ERROR_PAGE')) {
// 定义权限错误页面
redirect(C('RBAC_ERROR_PAGE'));
} else {
if (C('GUEST_AUTH_ON')) {
$this->assign('jumpUrl', PHP_FILE . C('USER_AUTH_GATEWAY'));
}
// 提示错误信息
$this->error(L('_VALID_ACCESS_'));
}
}
}
$this->show_menu();
}
public function login()
{
if (!IS_POST) {
_404('页面不存在');
}
/*if(I('code', '', 'md5') != session('verify')){
$this->error('验证码错误');
}*/
$username = I('username');
$pwd = I('password', '', 'md5');
$user = M('user')->where(array('username' => $username))->find();
if (!$user || $user['password'] != $pwd) {
$this->error('账号或密码错误');
} else {
if ($user['lock']) {
$this->error('用户被锁定');
}
}
//更新数据库
$data = array('id' => $user['id'], 'loginTime' => time(), 'loginIp' => get_client_ip());
M('user')->save($data);
//读取权限
session(C('USER_AUTH_KEY'), $user['id']);
session('username', $user['username']);
session('loginTime', date('y-m-d H:i:s'), $user['loginTime']);
session('loginIp', $user['loginIp']);
if ($user['username'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
import('ORG.Util.RBAC');
RBAC::saveAccessList();
//P($_SESSION);
//die();
$this->redirect('Admin/Index/index');
}
function metodillo()
{
$sSQL = "SELECT * FROM PM_PARAMETERS WHERE PRM_ID = 'CAS_URL' ";
$aResSQL = executeQuery($sSQL);
if (count($aResSQL)) {
$sURL = $aResSQL[1]['PRM_VALUE'];
$sURI = $aResSQL[1]['PRM_VALUE_2'];
$res = false;
$RBAC = RBAC::getSingleton();
$RBAC->initRBAC();
require_once 'CAS-1.2.2/CAS.php';
phpCAS::client(CAS_VERSION_2_0, $sURL, 443, $sURI, false);
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
if (phpCAS::isAuthenticated() == true) {
$sCasUser = phpCAS::getUser();
$sSQL = "SELECT USR_UID FROM USERS WHERE USR_USERNAME = '******' ";
$aResSQL = executeQuery($sSQL);
if (count($aResSQL)) {
$nUserId = $aResSQL[1]['USR_UID'];
$RBAC->singleSignOn = true;
$RBAC->userObj->fields['USR_UID'] = $nUserId;
$RBAC->userObj->fields['USR_USERNAME'] = $sCasUser;
$res = true;
} else {
$res = false;
}
} else {
$res = false;
}
} else {
$res = false;
}
return $res;
}
public function login()
{
$systemConfig = (include WEB_ROOT . 'Common/systemConfig.php');
if (IS_POST) {
$pubmod = new PublicModel();
$returnLoginInfo = $pubmod->auth();
if ($returnLoginInfo['status'] == 1) {
$map = array();
// 支持使用绑定帐号登录
$map['a_name'] = $this->_post('name');
import('ORG.Util.RBAC');
$authInfo = RBAC::authenticate($map);
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['a_id'];
#var_dump($_SESSION[C('USER_AUTH_KEY')]);exit;
$_SESSION['a_name'] = $authInfo['a_name'];
if ($authInfo['a_name'] == C('ADMIN_AUTH_KEY')) {
//是否是管理员登录
$_SESSION[C('ADMIN_AUTH_KEY')] = true;
}
// 缓存访问权限
RBAC::saveAccessList();
$_SESSION['username'] = $authInfo['a_name'];
//记录管理员log
$data = array("a_id" => $authInfo['a_id'], "l_content" => "管理员[" . $authInfo['a_name'] . "]于[" . date("Y-m-d H:i:s") . "]登录了[唐亮工长俱乐部]后台管理系统!");
M("Log")->add($data);
$this->success("登录成功", U("Index/index"));
exit;
} else {
$this->error($returnLoginInfo['info']);
exit;
}
}
$this->assign("systemConfig", $systemConfig);
$this->display();
}
public function login()
{
$user = M('user')->where(array('user_name' => $_POST['user_name']))->find();
if (!$user || $user['user_password'] != I('user_password', '', 'md5')) {
$this->error('账号或密码错误', U('Admin/Login/index'));
}
if (!$user['user_status']) {
$this->error('非法用户', U('Index/Index/index'));
} else {
session('user_organization', $user['user_nikename']);
}
//更新最后一次登陆ip
$user = array('user_id' => $user['user_id'], 'user_name' => $user['user_name'], 'user_password' => I('user_password', '', 'md5'), 'login_ip' => get_client_ip());
M('user')->save($user);
//往session中写入数据
session(C('USER_AUTH_KEY'), $user['user_id']);
session('username', $user['user_name']);
session('userpwd', I('user_password', '', 'md5'));
//超级管理员识别
if ($user['user_name'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
//读取用户权限
import('ORG.Util.RBAC');
RBAC::saveAccessList();
$this->redirect('Admin/Index/index');
}
public function index()
{
if (IS_POST) {
$this->checkToken();
$returnLoginInfo = D("Public")->auth();
//生成认证条件
if ($returnLoginInfo['status'] == 1) {
$map = array();
// 支持使用绑定帐号登录
$map['email'] = $this->_post('email');
import('ORG.Util.RBAC');
$authInfo = RBAC::authenticate($map);
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['aid'];
$_SESSION['email'] = $authInfo['email'];
if ($authInfo['email'] == C('ADMIN_AUTH_KEY')) {
$_SESSION[C('ADMIN_AUTH_KEY')] = true;
}
// 缓存访问权限
RBAC::saveAccessList();
}
echo json_encode($returnLoginInfo);
} else {
if (isset($_COOKIE[$this->loginMarked])) {
$this->redirect("Index/index");
}
$systemConfig = (include WEB_ROOT . 'Common/systemConfig.php');
$this->assign("site", $systemConfig);
$this->display("Common:login");
}
}
protected function _initialize()
{
$sql = 'SHOW COLUMNS FROM `' . C('DB_PREFIX') . 'user`';
$COLUMNS = M()->query($sql);
foreach ($COLUMNS as $vo) {
$COLUMNS_array[] = $vo['Field'];
}
if (!in_array('is_admin', $COLUMNS_array)) {
$sql = 'ALTER TABLE `' . C('DB_PREFIX') . 'user` ADD `is_admin` INT NOT NULL DEFAULT \'0\'';
M()->query($sql);
}
if (!isset($_SESSION['username'])) {
$this->error('非法操作', U('System/Admin/index'));
}
parent::_initialize();
C('NOT_AUTH_ACTION', '');
C('NOT_AUTH_MODULE', 'Admin');
if (C('USER_AUTH_ON') && !in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE')))) {
if (!RBAC::AccessDecision()) {
if (!$_SESSION[C('USER_AUTH_KEY')]) {
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
}
if (C('RBAC_ERROR_PAGE')) {
redirect(C('RBAC_ERROR_PAGE'));
} else {
if (C('GUEST_AUTH_ON')) {
$this->assign('jumpUrl', PHP_FILE . C('USER_AUTH_GATEWAY'));
}
$this->error(L('_VALID_ACCESS_'));
}
}
}
$this->show_menu();
}
public function login()
{
//判断是否使用post方法传值
if (!IS_POST) {
halt('页面错误');
}
//读取数据库账号信息
$db = M('user');
$user = $db->where(array('username' => I('username')))->find();
if (!$user || $user['password'] != I('password')) {
$this->error('账号或密码错误');
}
//更新最后一次登录时间与IP
$data = array('id' => $user['id'], 'logintime' => time(), 'loginip' => get_client_ip());
$db->save($data);
//设置session
session(C('USER_AUTH_KEY'), $user['id']);
session('username', $user['username']);
session('logintime', date('Y-m-d H:i:s', $user['logintime']));
session('loginip', $user['loginip']);
//超级管理员识别
if ($user['username'] == C('RBAC_SUPPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
//读取用户权限
import('ORG.Util.RBAC');
RBAC::saveAccessList();
redirect(__GROUP__);
}
/**
* @Title: getSysGroupList
* @Description: todo(生成系统首页菜单分组方法)
* @author liminggang
* @date 2014-8-29 上午10:56:35
* @throws
*/
public function getSysGroupList()
{
$pannels = "";
// 实例化换成模型
$mMisRuntimeData = D('MisRuntimeData');
// 从当前登录用户获取group的换成
$pannels = $mMisRuntimeData->getRuntimeCache("Group", 'grouplist');
if (empty($pannels)) {
import('@.ORG.RBAC');
$groupList = RBAC::getFileGroupAccessList();
// 查询菜单分组
$model = M("group");
// 管理员排除验证
if (!isset($_SESSION['a'])) {
$map['status'] = 1;
if ($groupList) {
$map['id'] = array(" in ", $groupList);
} else {
$map['id'] = 0;
}
} else {
$map['status'] = array('gt', 0);
}
$list = $model->where($map)->order("sorts asc")->select();
if (isset($_SESSION[C('USER_AUTH_KEY')])) {
$i = 0;
$h .= "<ul class=\"clearfix\">";
foreach ($list as $k => $v) {
$i++;
$h .= "<li>";
$sysh = "<li class=\"mainlist\">";
if (!$v["icon"]) {
$v["icon"] = "appbtn_61.png";
}
if ($v['indexlink']) {
//$h .= "<a href='__APP__/Public/nvigateTO/groupid/" . $v ["id"] . "' target='navTab' rel='" . $v ["name"] . "'>";
$h .= "<a href='__APP__/Common/nvigateTO/groupid/" . $v["id"] . "' target='navTab' rel='" . $v["name"] . "'>";
//$sysh .= '<a href="#" url="__APP__/Public/nvigateTO/id/' . $v ["id"] . '" targets="navTab" rel="' . $v ["name"] . '" title="' . $v ["name"] . '"><img alt="' . $v ["name"] . '" height="64" src="__PUBLIC__/Images/xyicon/' . $v ["icon"] . '" width="64" /><span>' . $v ["name"] . '</span></a>';
$sysh .= '<a href="#" url="__APP__/Common/nvigateTO/id/' . $v["id"] . '" targets="navTab" rel="' . $v["name"] . '" title="' . $v["name"] . '"><img alt="' . $v["name"] . '" height="64" src="__PUBLIC__/Images/xyicon/' . $v["icon"] . '" width="64" /><span>' . $v["name"] . '</span></a>';
} else {
$h .= "<a href='#'>";
$sysh .= '<a class="maina" href="#" title="' . $v["name"] . '"><img alt="' . $v["name"] . '" height="64" src="__PUBLIC__/Images/xyicon/' . $v["icon"] . '" width="64" /><span>' . $v["name"] . '</span></a>';
}
$h .= '<img alt="' . $v["title"] . '" height="32" src="__PUBLIC__/Images/xyicon/' . $v["icon"] . '" width="32" />';
$h .= "<span>" . $v["name"] . "</span></a>";
$h .= "</li>";
}
$h .= "</ul>";
if ($i > 0) {
$pannels .= $h;
}
}
// 如果pannels不为空,就写入当前用户换成中
if ($pannels) {
$mMisRuntimeData->setRuntimeCache($pannels, "Group", 'grouplist');
}
}
return $pannels;
}
/**
* @name checkLogin
* @access
* @const 指明常量
* @module Home
* @param
* @return $info[ "info" => "xxxx",
"state" => x0x,
]
* @throws
* @todo 保证安全,滑动式验证码
* @var 加密md5(hash('sha256', ($goal_stu['salt'] % 3))).sha1(I('post.password'))
* @version 1.0
*/
public function checkLogin()
{
$user = M('user');
$salt_condition = array("username" => I('post.user_name'), "statis" => 1);
$goal_salt = $user->where($salt_condition)->find();
if (!session("?testtime")) {
session('testtime', 0);
}
if (session("testtime") > 4) {
$info = array("info" => "尝试次数过多,请稍后再试", "state" => 400);
echo json_encode($info);
} else {
if (!$goal_salt) {
$student = M('student');
$stu_condition = array('stu_id' => I('post.user_name'), 'status' => 1);
$goal_stu = $student->where($stu_condition)->find();
if (!$goal_stu) {
$info = array("info" => "用户不存在", "state" => 401);
session('testtime', session('testtime') + 1);
echo json_encode($info);
} elseif ($goal_stu) {
if ($goal_stu['password'] == md5(hash('sha256', $goal_stu['salt'] % 3)) . sha1(I('post.password'))) {
$info = array("info" => "success", "state" => 200);
session('type', 'stu');
session('stu_id', $goal_stu['stu_id']);
session('username', $goal_stu['stu_name']);
echo json_encode($info);
} else {
session('testtime', session('testtime') + 1);
$info = array("info" => "密码错误", "state" => 404);
echo json_encode($info);
}
} else {
$info = array("info" => "用户不存在", "state" => 401);
session('testtime', session('testtime') + 1);
echo json_encode($info);
}
} else {
$condition = array("username" => I('post.user_name'), "password" => md5(hash('sha256', $goal_salt['salt'] % 3)) . sha1(I('post.password')), "status" => 1);
$goal_user = $user->where($condition)->find();
if (!$goal_user) {
session('testtime', session('testtime') + 1);
$info = array("info" => "密码错误", "state" => 404);
echo json_encode($info);
} else {
$info = array("info" => "success", "state" => 200);
session('testtime', 0);
session(C("USER_AUTH_KEY"), $goal_user["id"]);
session('username', $goal_user['username']);
if ($goal_user['username'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
RBAC::saveAccessList();
echo json_encode($info);
}
}
}
}
/**
* 左侧菜单
*
* @author Vonwey <*****@*****.**>
* @CreateDate: 2013-12-23 上午11:09:49
*/
public function left()
{
$id = intval($_REQUEST['id']) ? intval($_REQUEST['id']) : 1;
if (isset($_SESSION[C('USER_AUTH_KEY')])) {
//显示菜单项
$menu = array();
if (isset($_SESSION['menu' . $_SESSION[C('USER_AUTH_KEY')]])) {
//如果已经缓存,直接读取缓存
$menu = $_SESSION['menu' . $_SESSION[C('USER_AUTH_KEY')]];
} else {
//读取数据库模块列表生成菜单项
$node = M("Node");
$where['is_menu'] = 1;
$where['status'] = 1;
$where['pid'] = $id;
$list = $node->where($where)->field('id,action,module,module_name')->order('sort asc')->select();
if (isset($_SESSION['_ACCESS_LIST']) && !$_SESSION[C('ADMIN_AUTH_KEY')]) {
$accessList = $_SESSION['_ACCESS_LIST'];
} else {
if (!$_SESSION[C('ADMIN_AUTH_KEY')]) {
import('@.ORG.Util.RBAC');
$accessList = RBAC::getAccessList($_SESSION[C('USER_AUTH_KEY')]);
}
}
foreach ($list as $key => $module) {
$data['pid'] = $module['id'];
$data['is_menu'] = 1;
$second = $node->where($data)->field('id,action,module,module_name')->order('sort asc')->select();
if (isset($accessList[strtoupper(APP_NAME)][strtoupper($module['module'])]) || $_SESSION[C('ADMIN_AUTH_KEY')]) {
//设置模块访问权限
$module['access'] = 1;
$menu[$key] = $module;
}
foreach ($second as $i => $value) {
if (isset($accessList[strtoupper(APP_NAME)][strtoupper($value['module'])]) || $_SESSION[C('ADMIN_AUTH_KEY')]) {
//设置操作访问权限
$value['access'] = 1;
$item[$i] = $value;
}
if (!isset($item[$i]['access'])) {
unset($item[$i]);
}
}
if (!isset($menu[$key]['access'])) {
unset($menu[$key]);
} else {
$menu[$key]['nodes'] = $item;
}
unset($item);
}
//缓存菜单访问
//$_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]] = $menu;
}
$this->assign('menus', $menu);
}
$this->display();
}
public function checkLogin()
{
if (empty($_POST['account'])) {
$this->error('帐号错误!');
} elseif (empty($_POST['password'])) {
$this->error('密码必须!');
} elseif (empty($_POST['verify'])) {
$this->error('验证码必须!');
}
// 登录验证码获取
$verifyCodeStr = $_POST['verify'];
$verifyCodeNum = array_flip($_SESSION['verifyCode']);
$len = strlen(trim($_POST['verify']));
for ($i = 0; $i < $len; $i++) {
$verify .= $verifyCodeNum[$verifyCodeStr[$i]];
}
if ($verify != '0123456789') {
$this->error('验证码错误!');
}
$User = M('User');
//生成认证条件
$map = array();
$map["account"] = $_POST['account'];
$map["status"] = array('gt', 0);
//$authInfo = $User->find($map);
$authInfo = RBAC::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($_POST['password'])) {
$this->error('密码错误!');
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['email'] = $authInfo['email'];
$_SESSION['loginUserName'] = $authInfo['nickname'];
$_SESSION['lastLoginTime'] = $authInfo['last_login_time'];
$_SESSION['login_count'] = $authInfo['login_count'];
if ($authInfo['account'] == 'admin') {
$_SESSION['administrator'] = true;
}
//保存登录信息
$User = M('User');
$ip = get_client_ip();
$time = time();
$data = array();
$data['id'] = $authInfo['id'];
$data['last_login_time'] = $time;
$data['login_count'] = array('exp', 'login_count+1');
$data['last_login_ip'] = $ip;
$User->save($data);
// 缓存访问权限
RBAC::saveAccessList();
$this->success('登录成功!');
}
}
/**
*
*/
protected function _initialize()
{
if (!RBAC::AccessDecision('Weixin')) {
// 登录检查
RBAC::checkLogin();
// 提示错误信息 无权限
$this->error(L('_VALID_ACCESS_'));
// TODO 如何防止循环无权限
}
}
public function checkLogin()
{
//如果用户名密码(可在此外加验证码)为空则直接阻止用户访问
if (empty($_POST['username'])) {
$this->error('帐号错误!');
} elseif (empty($_POST['password'])) {
$this->error('密码必须!');
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录,将获得到用户名放到$map中
$map['username'] = $_POST['username'];
$map['active'] = 1;
//加载RBAC类
import('ORG.Util.RBAC');
//通过authenticate去读取出来所有的用户信息,仅传用户名即可
$authInfo = RBAC::authenticate($map);
//使用用户名、密码和状态的方式进行认证
//如果没有获取到信息
if (false === $authInfo || $authInfo == "") {
$this->error('帐号不存在或已禁用!');
} else {
//通过$authinfo获取的信息与post当中的md5密码进行对比
if (strtolower($authInfo['password']) != strtolower(md5($_POST['password']))) {
$this->error('密码错误!');
}
//激活用户标识号
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['user_id'];
$_SESSION['user'] = $authInfo;
//如果用户标识号是管理员,则激活管理员标识,具有一切可访问权限
if (in_array($authInfo['username'], array('admin', 'system'))) {
$_SESSION[C('ADMIN_AUTH_KEY')] = true;
}
// 通过RBAC类中的静态方法saveAccessList缓存访问权限
RBAC::saveAccessList();
// dump($_SESSION[C('USER_AUTH_KEY')]);
// die();
//判断密码过期
if (D('user')->check_password()) {
$this->assign("jumpUrl", '?m=user&a=password');
$this->success('登录成功!但是密码已经过期,请修改');
} else {
//判断用户从哪进入登陆页面,登陆成功后返回前一个页面
$url = explode("?", $_POST['url']);
$url = explode("&", $url[1]);
if (isset($_POST['url']) && !empty($_POST['url']) && $url['0'] != "m=public" && $url['0'] != "m=public" && $url['0'] != "m=public" && $url['0'] != "m=public" && $url['0'] != "m=public") {
$this->assign("jumpUrl", $_POST['url']);
} else {
$this->assign("jumpUrl", '?m=dashboard&a=index');
}
$this->assign("waitSecond", "2");
$this->success('登录成功!');
}
}
}
public function login()
{
if (!IS_POST) {
halt("页面不存在");
}
if (!IS_AJAX) {
halt('页面不存在');
}
$data = array('unum' => I('username'), 'upassword' => md5(I('password')), 'verify_code' => I('verify_code', '', 'md5'));
if ($data['verify_code'] != session('verify')) {
//验证码错误
$this->ajaxReturn(array('status' => 2), 'json');
} else {
if ($data['unum'] == '' || $data['upassword'] == '') {
//服务器端未能接收到用户名或密码
$this->ajaxReturn(array('status' => 0), 'json');
} else {
//验证用户名密码
$map['unum'] = $data['unum'];
$map['upassword'] = $data['upassword'];
$result = M('user')->where($map)->find();
if ($result == null) {
//数据库中没有这个用户
$this->ajaxReturn(array('status' => 1), 'json');
} else {
//登陆成功处理
if (!$result['ustatus']) {
$this->ajaxReturn(array('status' => 4), 'json');
} else {
$data = array('uid' => $result['uid'], 'ulogintime' => time(), 'uloginip' => get_client_ip());
M('user')->save($data);
session('uid', $result['uid']);
session('unum', $result['unum']);
session('uname', $result['uname']);
session('upassword', $result['upassword']);
session('uphone', $result['uphone']);
session('umale', $result['umale']);
session('ubirth', $result['ubirth']);
session('udate', $result['udate']);
session('ustatus', $result['ustatus']);
session('ulogintime', date('Y-m-d H:i:s', $result['ulogintime']));
session('uloginip', $result['uloginip']);
//超级管理员识别
if ($result['unum'] == C('RBAC_SUPERADMIN')) {
session(C('ADMIN_AUTH_KEY'), true);
}
//读取用户权限
import('ORG.Util.RBAC');
RBAC::saveAccessList();
$this->ajaxReturn(array('status' => 3), 'json');
}
}
}
}
}
public function _initialize()
{
if (!isset($_SESSION[C('USER_AUTH_KEY')])) {
$this->redirect('Admin/Login/index');
}
$notAuth = in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE'))) || in_array(ACTION_NAME, explode(',', C('NOT_AUTH_ACTION')));
//file_put_contents('./action.php', ACTION_NAME);
if (C('USER_AUTH_ON') && !$notAuth) {
RBAC::AccessDecision() || $this->error('没有权限');
}
}
public function _initialize()
{
if (!isset($_SESSION[C('USER_AUTH_KEY')])) {
$this->redirect('Admin/Login/index');
}
$notAuth = in_array(MODULE_NAME, explode(',', C('NOT_AUTH_MODULE'))) || in_array(ACTION_NAME, explode(',', C('NOT_AUTH_ACTION')));
if (C('USER_AUTH_ON') && !$notAuth) {
import('ORG.Util.RBAC');
RBAC::AccessDecision(GROUP_NAME) || $this->error('没有权限');
}
}
public function checkLogin()
{
if (empty($_POST['username'])) {
$this->error('请填写用户名!');
} elseif (empty($_POST['pwd'])) {
$this->error('请填写密码!');
} elseif (empty($_POST['verify'])) {
$this->error('请填写验证码!');
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['username'] = $_POST['username'];
//$map["status"] = array('gt',0);
if (session('verify') != md5($_POST['verify'])) {
$this->error('验证码错误!');
}
import('ORG.Util.RBAC');
$authInfo = RBAC::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在!');
} else {
if ($authInfo['pwd'] != md5($_POST['pwd'])) {
$this->error('密码错误!');
}
//是否禁用
if ($authInfo['status'] == 0) {
$this->error('账号已被管理员禁用!');
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['uid'];
$_SESSION['email'] = $authInfo['email'];
$_SESSION['loginUserName'] = $authInfo['username'];
$_SESSION['lastLoginTime'] = $authInfo['logintime'];
//$_SESSION['login_count'] = $authInfo['login_count'];
//若是管理员开启管理员权限
if ($authInfo['isadmin'] == 1) {
$_SESSION[C('ADMIN_AUTH_KEY')] = true;
}
//保存登录信息
$User = M('Users');
$ip = get_client_ip();
$time = time();
$data = array();
$data['uid'] = $authInfo['uid'];
$data['logintime'] = $time;
//$data['login_count'] = array('exp','login_count+1');
$data['loginip'] = $ip;
$User->save($data);
// 缓存访问权限
RBAC::saveAccessList();
$this->success('登录成功!', __APP__ . '/Index/index');
}
}
function checkLogin()
{
if (empty($_POST['username'])) {
alert("帐号错误", 1);
} elseif (empty($_POST['password'])) {
alert("密码必须!", 1);
} elseif (empty($_POST['verify'])) {
alert('验证码必须!', 1);
}
if (md5($_POST['verify']) != $_SESSION['verify']) {
alert('验证码错误!', 1);
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['username'] = trim($_POST['username']);
$map["status"] = array('gt', 0);
import('@.ORG.RBAC');
$authInfo = RBAC::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
alert('帐号不存在!', 1);
}
if (empty($authInfo)) {
alert('帐号不存在或已禁用!', 1);
}
$pwdinfo = strcmp($authInfo['password'], md5('wk' . trim($_POST['password']) . 'cms'));
if ($pwdinfo != 0) {
alert('密码错误!', 1);
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['username'] = $_POST['username'];
$_SESSION['cookietime'] = time();
$role = M('role_admin');
$authInfo['role_id'] = $role->where('user_id=' . $authInfo['id'])->getField('role_id');
if ($authInfo['role_id'] == '1') {
$_SESSION['administrator'] = true;
}
//保存登录信息
$admin = M('admin');
$ip = get_client_ip();
$time = time();
$data = array();
$data['id'] = $authInfo['id'];
$data['lastlogintime'] = $time;
$data['lastloginip'] = $ip;
$admin->save($data);
// 缓存访问权限
RBAC::saveAccessList();
//保存cookie信息
Cookie::set($_SESSION['cookietime'], '1', 60 * 60 * 3);
//dump($_SESSION);
$this->index();
}
