public function login() { $systemConfig = (include WEB_ROOT . 'Common/systemConfig.php'); if (IS_POST) { $pubmod = new PublicModel(); $returnLoginInfo = $pubmod->auth(); if ($returnLoginInfo['status'] == 1) { $map = array(); // 支持使用绑定帐号登录 $map['a_name'] = $this->_post('name'); import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); $_SESSION[C('USER_AUTH_KEY')] = $authInfo['a_id']; #var_dump($_SESSION[C('USER_AUTH_KEY')]);exit; $_SESSION['a_name'] = $authInfo['a_name']; if ($authInfo['a_name'] == C('ADMIN_AUTH_KEY')) { //是否是管理员登录 $_SESSION[C('ADMIN_AUTH_KEY')] = true; } // 缓存访问权限 RBAC::saveAccessList(); $_SESSION['username'] = $authInfo['a_name']; //记录管理员log $data = array("a_id" => $authInfo['a_id'], "l_content" => "管理员[" . $authInfo['a_name'] . "]于[" . date("Y-m-d H:i:s") . "]登录了[唐亮工长俱乐部]后台管理系统!"); M("Log")->add($data); $this->success("登录成功", U("Index/index")); exit; } else { $this->error($returnLoginInfo['info']); exit; } } $this->assign("systemConfig", $systemConfig); $this->display(); }
public function doCookies() { $map['account'] = $_COOKIE['username']; $map['status'] = array('gt', 0); import('@.ORG.RBAC'); $authInfo = RBAC::authenticate($map); if (!$authInfo) { $this->error('登录错误:可能这个账户已被禁用!'); } if ($authInfo['password'] != md5($_COOKIE['password'])) { $this->error('登录失败:密码错误!'); } $model = D('User'); $model->find($authInfo['id']); $model->last_login_time = time(); $model->last_login_ip = get_client_ip(); $model->save(); Session::set(C('USER_AUTH_KEY'), $authInfo['id']); Session::set('email', $authInfo['email']); Session::set('loginUserName', !empty($authInfo['nickname']) ? $authInfo['nickname'] : $authInfo['account']); Session::set('login_count', $authInfo['login_count']); if ($authInfo['isadministrator'] == 1) { Session::set('administrator', true); } RBAC::saveAccessList(); $this->redirect('Admin/Index'); }
public function index() { if (IS_POST) { $this->checkToken(); $returnLoginInfo = D("Public")->auth(); //生成认证条件 if ($returnLoginInfo['status'] == 1) { $map = array(); // 支持使用绑定帐号登录 $map['email'] = $this->_post('email'); import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); $_SESSION[C('USER_AUTH_KEY')] = $authInfo['aid']; $_SESSION['email'] = $authInfo['email']; if ($authInfo['email'] == C('ADMIN_AUTH_KEY')) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } // 缓存访问权限 RBAC::saveAccessList(); } echo json_encode($returnLoginInfo); } else { if (isset($_COOKIE[$this->loginMarked])) { $this->redirect("Index/index"); } $systemConfig = (include WEB_ROOT . 'Common/systemConfig.php'); $this->assign("site", $systemConfig); $this->display("Common:login"); } }
function checkLogin() { if (empty($_POST['username'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['username'] = $_POST['username']; import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; if ($authInfo['username'] == 'admin') { $_SESSION['administrator'] = true; } // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!'); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } // 登录验证码获取 $verifyCodeStr = $_POST['verify']; $verifyCodeNum = array_flip($_SESSION['verifyCode']); $len = strlen(trim($_POST['verify'])); for ($i = 0; $i < $len; $i++) { $verify .= $verifyCodeNum[$verifyCodeStr[$i]]; } if ($verify != '0123456789') { $this->error('验证码错误!'); } $User = M('User'); //生成认证条件 $map = array(); $map["account"] = $_POST['account']; $map["status"] = array('gt', 0); //$authInfo = $User->find($map); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; if ($authInfo['account'] == 'admin') { $_SESSION['administrator'] = true; } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!'); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); $data = array(); $data['ip'] = get_client_ip(); $data['date'] = date("Y-m-d H:i:s"); $data['username'] = $_POST['account']; $data['module'] = MODULE_NAME; $data['action'] = ACTION_NAME; $data['querystring'] = U(MODULE_NAME . '/' . ACTION_NAME); if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $data['status'] = 0; D("Log")->add($data); $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $data['status'] = 0; D("Log")->add($data); $this->error('密码错误!'); } D("Public")->userInfo(); $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; // 站点ID设置 $_SESSION['siteid'] = 1; if ($authInfo['role_id'] == 1) { $_SESSION['administrator'] = true; } //保存登录信息 D('User')->where(array('id' => $authInfo['id']))->save(array('last_login_time' => time(), 'last_login_ip' => $data['id'])); //保存日志 $data['status'] = 1; $data['userid'] = $authInfo['id']; D("Log")->add($data); // 存储访问权限 RBAC::saveAccessList(); $this->success('登录成功!', __GROUP__ . '/Index'); } }
public function checkLogin() { //如果用户名密码(可在此外加验证码)为空则直接阻止用户访问 if (empty($_POST['username'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录,将获得到用户名放到$map中 $map['username'] = $_POST['username']; $map['active'] = 1; //加载RBAC类 import('ORG.Util.RBAC'); //通过authenticate去读取出来所有的用户信息,仅传用户名即可 $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 //如果没有获取到信息 if (false === $authInfo || $authInfo == "") { $this->error('帐号不存在或已禁用!'); } else { //通过$authinfo获取的信息与post当中的md5密码进行对比 if (strtolower($authInfo['password']) != strtolower(md5($_POST['password']))) { $this->error('密码错误!'); } //激活用户标识号 $_SESSION[C('USER_AUTH_KEY')] = $authInfo['user_id']; $_SESSION['user'] = $authInfo; //如果用户标识号是管理员,则激活管理员标识,具有一切可访问权限 if (in_array($authInfo['username'], array('admin', 'system'))) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } // 通过RBAC类中的静态方法saveAccessList缓存访问权限 RBAC::saveAccessList(); // dump($_SESSION[C('USER_AUTH_KEY')]); // die(); //判断密码过期 if (D('user')->check_password()) { $this->assign("jumpUrl", '?m=user&a=password'); $this->success('登录成功!但是密码已经过期,请修改'); } else { //判断用户从哪进入登陆页面,登陆成功后返回前一个页面 $url = explode("?", $_POST['url']); $url = explode("&", $url[1]); if (isset($_POST['url']) && !empty($_POST['url']) && $url['0'] != "m=public" && $url['0'] != "m=public" && $url['0'] != "m=public" && $url['0'] != "m=public" && $url['0'] != "m=public") { $this->assign("jumpUrl", $_POST['url']); } else { $this->assign("jumpUrl", '?m=dashboard&a=index'); } $this->assign("waitSecond", "2"); $this->success('登录成功!'); } } }
function checkLogin() { if (empty($_POST['username'])) { $this->error("帐号错误"); } elseif (empty($_POST['password'])) { $this->error("密码必须!"); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } if (md5($_POST['verify']) != $_SESSION['verify']) { $this->error('验证码错误!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['username'] = inject_check($_POST['username']); $map["status"] = array('gt', 0); import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在!'); } if (empty($authInfo)) { $this->error('帐号不存在或已禁用!'); } $pwdinfo = strcmp($authInfo['password'], md5('wk' . trim($_POST['password']) . 'cms')); if ($pwdinfo != 0) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['username'] = $_POST['username']; $_SESSION['cookietime'] = time(); $role = M('role_admin'); $authInfo['role_id'] = $role->where('user_id=' . $authInfo['id'])->getField('role_id'); if ($authInfo['role_id'] == '1') { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //保存登录信息 $admin = M('admin'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['lastlogintime'] = $time; $data['lastloginip'] = $ip; $admin->save($data); // 缓存访问权限 RBAC::saveAccessList(); //保存cookie信息 import('ORG.Util.Cookie'); Cookie::set($_SESSION['cookietime'], '1', 60 * 60 * 3); //dump($_SESSION); $this->index(); }
public function checkLogin() { if (empty($_POST['username'])) { $this->error('请填写用户名!'); } elseif (empty($_POST['pwd'])) { $this->error('请填写密码!'); } elseif (empty($_POST['verify'])) { $this->error('请填写验证码!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['username'] = $_POST['username']; //$map["status"] = array('gt',0); if (session('verify') != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在!'); } else { if ($authInfo['pwd'] != md5($_POST['pwd'])) { $this->error('密码错误!'); } //是否禁用 if ($authInfo['status'] == 0) { $this->error('账号已被管理员禁用!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['uid']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['username']; $_SESSION['lastLoginTime'] = $authInfo['logintime']; //$_SESSION['login_count'] = $authInfo['login_count']; //若是管理员开启管理员权限 if ($authInfo['isadmin'] == 1) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //保存登录信息 $User = M('Users'); $ip = get_client_ip(); $time = time(); $data = array(); $data['uid'] = $authInfo['uid']; $data['logintime'] = $time; //$data['login_count'] = array('exp','login_count+1'); $data['loginip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!', __APP__ . '/Index/index'); } }
public function insert(){ $username = $this->_post('username'); $password = $this->_post('password','md5'); if(empty($username)||empty($password)){ $this->error('请输入帐号密码',U('Admin/index')); } $code=$this->_post('code','intval,md5',0); if($code != $_SESSION['verify']){ $this->error('验证码错误',U('Admin/index')); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['username'] = $username; $map['status'] = 1; $authInfo = RBAC::authenticate($map,'User'); //exit; //使用用户名、密码和状态的方式进行认证 if($authInfo['password']!=$password)$this->error('账号密码不匹配,请认真填写'); if((false == $authInfo)) { $this->error('帐号不存在或已禁用!'); }else { session(C('USER_AUTH_KEY'), $authInfo['id']); session('userid',$authInfo['id']); //用户ID session('username',$authInfo['username']); //用户名 session('roleid',$authInfo['role']); //角色ID if($authInfo['username']==C('SPECIAL_USER')) { session(C('ADMIN_AUTH_KEY'), true); } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $data = array(); if($ip){ //如果获取到客户端IP,则获取其物理位置 $Ip = new IpLocation(); // 实例化类 $location = $Ip->getlocation($ip); // 获取某个IP地址所在的位置 $data['last_location'] = ''; if($location['country'] && $location['country']!='CZ88.NET') $data['last_location'].=$location['country']; if($location['area'] && $location['area']!='CZ88.NET') $data['last_location'].=' '.$location['area']; } $data['id'] = $authInfo['id']; $data['last_login_time'] = time(); $data['last_login_ip'] = get_client_ip(); $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); redirect(U('System/index')); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('Bạn chưa nhập tài khoản!'); } elseif (empty($_POST['password'])) { $this->error('Ban chưa nhập mật khẩu!'); } elseif ('' === trim($_POST['verify'])) { $this->error('Bạn chưa nhập mã xác thực!'); } //Generate the certification requirements $map = array(); // Support the use of binding account login $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('Mã xác thực không đúng!'); } import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //Authentication using the user name, password, and the state if (false === $authInfo) { $this->error('Tài khoản không tồn tại hoặc đã bị khoá!'); } else { if ($authInfo['password'] != pwdHash($_POST['password'])) { $this->error('Mật khẩu không đúng!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['loginUserName'] = $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; $_SESSION['user_type'] = $authInfo['type_id']; if ($authInfo['account'] == 'admin') { $_SESSION['administrator'] = true; } //Save login information $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', '(login_count+1)'); $data['last_login_ip'] = $ip; $User->save($data); $_SESSION['loginId'] = $loginId; // Cache access rights RBAC::saveAccessList(); $this->success('Đăng nhập thành công'); } }
/** * 登录验证 * * @author Vonwey <*****@*****.**> * @CreateDate: 2013-12-19 下午2:41:40 */ public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['username'] = $_POST['account']; $map["status"] = array('gt', 0); if (session('verify') != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['username']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['username']; if ($authInfo['username'] == 'admin') { $_SESSION['administrator'] = true; } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->redirect('?m=Index&a=index'); } }
/** * 登陆验证操作. * * @version 0.0.2 去掉验证码机制 by GenialX * @since 0.0.1 * * @author 水木清华 * @author GenialX */ function checklogin() { //此处多余可自行改为Model自动验证 if (empty(I('post.email', ''))) { $this->error('请输入登陆邮箱!'); } elseif (empty(I('post.password', ''))) { $this->error('密码必须!'); } $map = array(); $map['email'] = I('post.email'); $map['status'] = array('gt', 0); import('ORG.Util.RBAC'); //C('USER_AUTH_MODEL','User'); //验证账号密码 $authInfo = RBAC::authenticate($map); if (empty($authInfo)) { $this->error('账号不存在或者被禁用!'); } else { if ($authInfo['password'] != I("post.password")) { $this->error('密码错误!'); } else { $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; //记录认证标记,必须有。其他信息根据情况取用。 $_SESSION['user'] = $authInfo['username']; //判断是否为管理员 //if($authInfo['username']=='admin'){ //$_SESSION[C('ADMIN_AUTH_KEY')]=true; } //以下操作为记录本次登录信息 $user = M('Member'); $data = array(); $data['id'] = $authInfo['id']; $lasttime = date('Y-m-d H:i:s'); $data['last_login_time'] = $lasttime; $user->save($data); RBAC::saveAccessList(); //用于检测用户权限的方法,并保存到Session中 if (I('post.callBackUrl', '')) { $callBackUrl = I("post.callBackUrl", ''); } else { $callBackUrl = '/'; } $this->assign('jumpUrl', $callBackUrl); $this->success('登录成功!'); } } }
function checklogin() { //此处多余可自行改为Model自动验证 if (empty($_POST['username'])) { $this->error('请输入帐号!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } $map = array(); $map['username'] = $_POST['username']; $map['status'] = array('gt', 0); if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('ORG.Util.RBAC'); //C('USER_AUTH_MODEL','User'); //验证账号密码 $authInfo = RBAC::authenticate($map); if (empty($authInfo)) { $this->error('账号不存在或者被禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } else { $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; //记录认证标记,必须有。其他信息根据情况取用。 $_SESSION['user'] = $authInfo['username']; //判断是否为管理员 //if($authInfo['username']=='admin'){ //$_SESSION[C('ADMIN_AUTH_KEY')]=true; } //以下操作为记录本次登录信息 $user = M('Member'); $data = array(); $data['id'] = $authInfo['id']; $lasttime = date('Y-m-d H:i:s'); $data['last_login_time'] = $lasttime; $user->save($data); RBAC::saveAccessList(); //用于检测用户权限的方法,并保存到Session中 $this->assign('jumpUrl', __APP__ . '/User/index'); $this->success('登录成功!'); } } }
public function checkLogin() { if (empty($_POST['username'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } //生成认证条件 $map = array(); $map['username'] = $_POST['username']; //用户账号 $map["status"] = array('gt', 0); //大于0 import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //按照条件查找所有用户信息 //使用用户名、密码和状态的方式进行认证 if ($authInfo === false) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { //Md5验证密码 $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; //生成用户标识id SESSION if ($authInfo['username'] == 'admin') { //如果是管理员用户 $_SESSION['administrator'] = true; //开启管理员标识,拥有所有访问权限 } //更新登录信息 $User = M('User'); //用户表 $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = time(); $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = get_client_ip(); $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!', __APP__ . '/Index/index'); } }
function checklogin() { if (empty($_POST['ChrName'])) { $this->assign('waitSecond', 3); $this->error('帐号错误!'); } elseif (empty($_POST['ChrPwd'])) { $this->assign('waitSecond', 3); $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->assign('waitSecond', 3); $this->error('验证码必须!'); } $map = array(); $map['username'] = $_POST['ChrName']; $map['if_lock'] = 0; if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->assign('waitSecond', 3); $this->error('验证码错误!'); } import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); if (empty($authInfo)) { $this->assign('waitSecond', 3); $this->error('账号不存在或者被禁用!'); } else { if ($authInfo['password'] != md5($_POST['ChrPwd'] . C('USER_PASSWORD_CODE'))) { $this->assign('waitSecond', 3); $this->error('账号密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['USER_Name'] = $authInfo['username']; $user = M('Admin'); $data = array(); $data['id'] = $authInfo['id']; $data['login_time'] = time(); $data['login_ip'] = get_client_ip(); $user->save($data); $user->where('id=' . $authInfo['id'])->setInc('login_times'); $_SESSION[C('ADMIN_AUTH_KEY')] = true; RBAC::saveAccessList(); $this->assign('jumpUrl', __APP__ . '/Index/index'); $this->success('登录成功!'); } }
public function login($username, $password) { if (empty($username) || empty($password)) { $res["code"] = "101"; $res["msg"] = "参数不全!"; return $res; } $map['account'] = $username; $map['status'] = array('gt', 0); import('@.ORG.RBAC'); $authInfo = RBAC::authenticate($map); if (!$authInfo) { $res["code"] = "101"; // $res["msg"] = "登录错误:可能这个账户已被禁用!"; return $res; } if ($authInfo['password'] != md5($password)) { $res["code"] = "102"; // $res["msg"] = "登录失败:密码错误!"; return $res; } $model = D('User'); $model->find($authInfo['id']); $model->last_login_time = time(); $model->last_login_ip = get_client_ip(); $model->save(); //保存Session $session_id = md5(uniqid(rand())); $dao = D("Session"); $list = $dao->where("adminid=" . $authInfo['id'])->find(); if ($list) { $session_id = $list["sessionid"]; $data["dateline"] = time(); $dao->where("adminid=" . $authInfo['id'])->save($data); } else { $dao->AddSession($session_id, $authInfo['id']); } $res["code"] = 0; $res["sessionid"] = $session_id; $res["adminid"] = $authInfo['id']; return $res; }
/** * 认证用户,传入where查询 $map['user表字段'] * @param $map * @return string */ public function auth($map) { $authInfo = RBAC::authenticate($map); if (false === $authInfo || $authInfo == null) { $log['log_user_id'] = -1; $log['log_user_name'] = I('post.username'); $log['log_password'] = I('post.password'); $log['log_ip'] = get_client_ip(); $log['log_status'] = -1; D('login_log')->data($log)->add(); return $this->jsonResult(0, "用户名或者密码错误"); } else { $_SESSION[C('USER_AUTH_KEY')] = $authInfo['user_id']; if ($authInfo['user_login'] == get_opinion('Admin') || $authInfo['user_id'] == 1) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //记住我 if (I('post.remember') == 1) { if ($authInfo['user_session'] != '') { cookie('user_session', $authInfo['user_session'], 3600000); } else { if ($authInfo['user_session'] == '') { $user_session = D('User', 'Logic')->genHash($authInfo); cookie('user_session', $user_session, 3600000); } } } // 缓存访问权限 RBAC::saveAccessList(); $log['log_user_id'] = $authInfo['user_id']; $log['log_user_name'] = I('post.username'); $log['log_password'] = encrypt(I('post.password')); $log['log_ip'] = get_client_ip(); $log['log_status'] = 1; D('login_log')->data($log)->add(); return $this->jsonResult(1, "登录成功", U("Admin/Index/index")); } }
public function login() { // $ipLocation = new IpLocation(); // $ip_info = $ipLocation->getIpInfo(); $verify = new \Think\Verify(); if (!$verify->check(I('post.vertify'))) { $this->error("验证码错误"); } $map = array(); $map['user_login'] = $_POST['username']; $map['user_status'] = array('gt', 0); $authInfo = RBAC::authenticate($map); if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['user_pass'] != encrypt($_POST['password'])) { $this->error('密码错误或者帐号已禁用'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['user_id']; if ($authInfo['user_login'] == get_opinion('Admin')) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //记住我 if (I('post.remember') == 1) { if ($authInfo['user_session'] != '') { cookie('user_session', $authInfo['user_session'], 36000); } else { if ($authInfo['user_session'] == '') { $user_session = D('User', 'Logic')->genHash($authInfo); cookie('user_session', $user_session, 36000); } } } // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!', U("Weixin/Home/index"), false); } }
public function checkLogin() { if (empty($_POST['username'])) { $this->error('请输入用户名'); } elseif (empty($_POST['password'])) { $this->error('请输入密码'); } if (empty($_POST['verify'])) { $this->error('请输入验证码!'); } if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('验证码错误!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['username'] = $_POST['username']; $map["status"] = array("eq", 0); import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (NULL === $authInfo) { $this->error('用户名不存在或已经列入黑名单,请联系管理员!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error("密码错误"); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['uid']; $_SESSION["username"] = $authInfo['username']; $_SESSION["mobile"] = $authInfo['mobile']; $_SESSION["truename"] = $authInfo['truename']; $_SESSION['administrator'] = true; // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!', U('home/room/index/')); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('请输入用户名'); } elseif (empty($_POST['password'])) { $this->error('请输入密码'); } if (empty($_POST['verify'])) { $this->error('请输入验证码!'); } if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('验证码错误!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array("eq", 1); import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('用户名不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error("密码错误"); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION["account"] = $authInfo['account']; $_SESSION["type_id"] = $authInfo['type_id']; $_SESSION['administrator'] = true; // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!', U('admin/appoint/index/')); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } /*elseif (empty($_POST['verify'])){ $this->error('验证码必须!'); }*/ //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; /*$map["status"] = array('gt',0); if(session('verify') != md5($_POST['verify'])) { $this->error('验证码错误!'); }*/ import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //dump($authInfo); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['userName'] = $authInfo['account']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; /*if($authInfo['account']=='admin') { $_SESSION['administrator'] = true; }*/ $menu = array(); if (isset($_SESSION['menu' . $_SESSION[C('USER_AUTH_KEY')]])) { //如果已经缓存,直接读取缓存 $menu = $_SESSION['menu' . $_SESSION[C('USER_AUTH_KEY')]]; } else { //读取数据库模块列表生成菜单项 $node = M("Node"); $id = $node->getField("id"); $where['level'] = 2; $where['status'] = 1; $where['pid'] = $id; $list = $node->where($where)->field('id,name,group_id,title')->order('sort asc')->select(); if (isset($_SESSION['_ACCESS_LIST'])) { $accessList = $_SESSION['_ACCESS_LIST']; } else { import('@.ORG.Util.RBAC'); $accessList = RBAC::getAccessList($_SESSION[C('USER_AUTH_KEY')]); } foreach ($list as $key => $module) { if (isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]) || $_SESSION['administrator']) { //设置模块访问权限 $module['access'] = 1; $menu[$key] = $module; } } //缓存菜单访问 $_SESSION['menu' . $_SESSION[C('USER_AUTH_KEY')]] = $menu; } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); //dump($_SESSION); //exit(0); $this->success('登录成功!', U('Projects/index')); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->ajaxReturn($_POST, '帐号必须!'); } elseif (empty($_POST['password'])) { $this->ajaxReturn($_POST, '密码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map['password'] = md5($_POST['password']); //$map["status"]='1'; //if($_SESSION['verify'] != md5($_POST['verify'])) { // $this->error('验证码错误!'); //} import('ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 //dump($map); //dump($authInfo); if (!$authInfo) { $this->ajaxReturn($authInfo, '帐号或密码错误', 0); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->ajaxReturn($authInfo, '密码错误!', 0); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['nickname'] = $authInfo['nickname']; $_SESSION['password'] = $authInfo['password']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['remark'] = $authInfo['remark']; $_SESSION['status'] = $authInfo['status']; $_SESSION['last_login_ip'] = $authInfo['last_login_ip']; //取出相关角色信息 $ru = M('role_user'); $con['user_id'] = $authInfo['id']; $rul = $ru->where($con)->select(); $role = M('role'); $con1['id'] = $rul[0]['role_id']; $rl = $role->where($con1)->select(); $_SESSION['role'] = $rl[0]['name']; //取出相关可访问资源信息 $ac = M('access'); $con2['role_id'] = $rl[0]['id']; $acl = $ac->where($con2)->select(); for ($i = 0; $i < count($acl); $i++) { $resourceIds[$i] = $acl[$i]['node_id']; } $resourceIds = implode(",", $resourceIds); //把数组转化成字符串 //dump($resourceIds); $_SESSION['resourceIds'] = $resourceIds; //$_SESSION['login_count'] = $authInfo['login_count']; if ($authInfo['account'] == 'admin') { $_SESSION['administrator'] = true; } //保存登录信息 //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 $_SESSION['_ACCESS_LIST'] = RBAC::getAccessList($authInfo['id']); //dump($_SESSION); RBAC::saveAccessList(); $this->ajaxReturn($authInfo, '登录成功!', 1); } }
public function checkLogin() { $reg = "^([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)\$"; if (empty($_POST['username'])) { $this->error('用户名必须!'); } elseif (!ereg($reg, $_POST['username'])) { $this->error('用户名格式不正确!'); } else { if (empty($_POST['password'])) { $this->error('密码必须!'); } } // else if (empty($_REQUEST['verify'])) { // $this->error('验证码必须!'); // } $map = array(); //生成认证条件 $map['username'] = $_POST['username']; // 支持使用绑定帐号登录 // if ($_SESSION['verify'] != md5($_REQUEST['verify'])) { // $this->error('验证码错误!'); // } import('@.ORG.RBAC'); $authInfo = RBAC::authenticate($map); if (false === $authInfo) { //使用用户名、密码和状态的方式进行认证 $this->error('用户名不存在!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } //缓存数据 $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; if (!empty($authInfo['name'])) { $_SESSION['loginUserName'] = $authInfo['name']; } else { $position = strpos($authInfo['username'], '@'); $_SESSION['loginUserName'] = substr($authInfo['username'], 0, $position); } $_SESSION['lastLoginTime'] = $authInfo['update_time']; if ($authInfo['part_id'] == 1 or $authInfo['part_id'] == 2) { $_SESSION['administrator'] = true; } //保存登录信息 $User = M('AdminUser'); $data = array(); $data['id'] = $authInfo['id']; $data['update_time'] = time(); $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->assign('jumpUrl', U("AdminUser/")); $this->success('登录成功!'); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); if (session('verify') != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['nickname'] = $authInfo['nickname']; $_SESSION['account'] = $authInfo['account']; $db_role_user = M('role_user'); $list_role_user = $db_role_user->where("user_id='{$authInfo['id']}'")->select(); foreach ($list_role_user as $val) { $roles[] = $val['role_id']; } $_SESSION['roles'] = $roles; if (in_array('1', $roles)) { $_SESSION['administrator'] = true; } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); //var_dump($_SESSION);exit; $this->success('登录成功!', __APP__ . '/Index/Index/index'); } }
/** * 提交登录 * */ public function doLogin() { $dao = M('User'); $ip = get_client_ip(); if (empty($this->sysConfig['ADMIN_ACCESS'])) { $this->error(L('NO SYSTEM CONFIG FILE')); } $username = get_safe_replace(trim($_POST['username'])); $password = get_safe_replace(trim($_POST['password'])); $verifyCode = trim($_POST['verifyCode']); if (empty($username) || empty($password)) { $this->error(L('empty_username_empty_password')); } elseif ($_SESSION['verify'] && $this->sysConfig['ADMIN_VERIFY'] && md5($verifyCode) != $_SESSION['verify']) { $this->error(L('error_verify')); } $time = time(); $logwhere = array(); $logwhere['time'] = array('EGT', $time - 1800); $logwhere['ip'] = array('eq', $ip); $logwhere['error'] = 1; $lognum = M('Log')->where($logwhere)->count(); if ($lognum >= 100) { $this->error(L('Login_error_count')); } $condition = array(); $condition['username'] = array('eq', $username); import('@.ORG.RBAC'); $authInfo = RBAC::authenticate($condition); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $data = array(); $data['username'] = $username; $data['ip'] = $ip; $data['time'] = $time; $data['note'] = L('empty_userid'); $data['error'] = 1; M('Log')->add($data); $this->error(L('empty_userid')); } else { if ($authInfo['password'] != sysmd5($password)) { $data = array(); $data['username'] = $username; $data['ip'] = $ip; $data['time'] = $time; $data['note'] = L('password_error') . ':' . $password; $data['error'] = 1; M('Log')->add($data); $this->error(L('password_error')); } $_SESSION['username'] = $authInfo['username']; $_SESSION['adminid'] = $_SESSION['userid'] = $authInfo['id']; $_SESSION['groupid'] = $authInfo['groupid']; $_SESSION['adminaccess'] = C('ADMIN_ACCESS'); $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['lastLoginTime'] = $authInfo['last_logintime']; $_SESSION['login_count'] = $authInfo['login_count'] + 1; if ($authInfo['groupid'] == 1) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //保存登录信息 $data = array(); $data['id'] = $authInfo['id']; $data['last_logintime'] = $time; $data['last_ip'] = get_client_ip(); $data['login_count'] = array('exp', 'login_count+1'); $dao->save($data); // 缓存访问权限 RBAC::saveAccessList(); $data = array(); $data['username'] = $username; $data['ip'] = $ip; $data['time'] = $time; $data['note'] = L('login_ok'); M('Log')->add($data); if ($_POST['ajax']) { $this->ajaxReturn($authInfo, L('login_ok'), 1); } else { $this->assign('jumpUrl', U('Index/index')); $this->success(L('login_ok')); } } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('用户名不能为空!'); } elseif (empty($_POST['password'])) { $this->error('密码不能为空!'); } elseif (empty($_POST['verify'])) { $this->error('验证码不能为空!'); } if (!extension_loaded('curl')) { $this->error('抱歉,您的服务器,还不支持curl扩展,请配置后登录,如有问题,请咨询www.yufu5.com!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false == $authInfo) { $this->error('用户名或密码错误!'); } else { $error = D('Set')->find(); $errorcount = $error['errorcount']; $errorinterval = $error['errorinterval']; $ip = get_client_ip(); $time = time(); $error_count = $authInfo['error_count']; //ip相同 if ($authInfo['last_login_ip'] == $ip && $authInfo['error_count'] > $errorcount - 1) { if ($time - $authInfo['error_login_time'] < $errorinterval) { $this->error('用户名或密码错误超过' . $errorcount . '次,请' . $errorinterval / 60 . '分钟后再试!'); } else { D('User')->where($map)->setField('error_count', 0); $error_count = 0; } } if ($authInfo['password'] != md5($_POST['password'])) { D('User')->where($map)->setInc('error_count', 1); //密码错误次数 D('User')->where($map)->setField('error_login_time', $time); $this->error('用户名或密码错误,您还有' . ($errorcount - $error_count) . '次尝试机会!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; if ($authInfo['role_id'] == 0) { $_SESSION['administrator'] = true; } //保存登录信息 $User = M('User'); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['error_count'] = 0; $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!'); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); $Verify = new Verify(); if (!$Verify->check($_POST['verify'])) { $this->error("亲,验证码输错了哦!", $this->site_url, 9); } // import ( '@.ORG.Util.RBAC' ); //提取登陆账户信息 $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false == $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; $_SESSION['role_id'] = M('role_user')->where('user_id=' . $authInfo['id'])->getField('role_id'); //超级用户判断 if ($authInfo['account'] == C('ADMIN_AUTH_VALUE')) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); //如果没有权限,又登陆成功了,会在这两个页面来回跳转,所以在权限读取时,读取失败之后加销毁session if ($_SESSION[C('ADMIN_AUTH_KEY')]) { $this->success('登录成功!', __MODULE__ . '/Index/index'); } else { $this->success('登录成功!', '/HOme/Goods/index'); } //print_r($_SESSION['_ACCESS_LIST']); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->error('验证码错误!'); } import('@.ORG.Util.RBAC'); $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (null === $authInfo) { $this->error('帐号不存在或已被禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; if ($authInfo['account'] == 'admin') { $_SESSION['adminstudent'] = true; } //保存登录日志 $log['vc_operation'] = "学生登录:登录成功!"; $log['vc_module'] = "学生查询登陆"; $log['creator_id'] = $authInfo['id']; $log['creator_name'] = $authInfo['account']; $log['vc_ip'] = get_client_ip(); $log['createtime'] = time(); M("Log")->add($log); //保存登录信息 $User = M('Student'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 RBAC::saveAccessList(); $this->success('登录成功!'); } }
/** * @Title: getAuthInfo * @Description: todo(在signin方法中调用,此方法作用为,获取当前用的部门,部门及子部门。存入session中) * @param array 当前登录用户数据 $authInfo * @author liminggang * @date 2014-8-28 下午6:50:41 * @throws */ private function getAuthInfo() { //生成认证条件 $map = array(); $map["status"] = 1; //$map['loginnumstatus'] = 0; //如果一个账号登陆失败N次,将锁定此账号 loginnumstatus则为1 $where = array(); $where['account'] = $_POST['account']; $where['zhname'] = $_POST['account']; $where['_logic'] = 'or'; $map['_complex'] = $where; $where = array(); $authInfo = RBAC::authenticate($map); if ($_POST['account'] != 'admin') { $UserDeptDutymap = array(); $UserDeptDutymap['userid'] = $authInfo['id']; //当前用户id $UserDeptDutymap['typeid'] = 1; //获取主岗信息 $UserDeptDutymap['status'] = 1; //获取状态为1 //$UserDeptDutymap['companyid']=$_POST['companyid'];//选择登陆公司 $companyid = RBAC::authenticate($UserDeptDutymap, 'UserDeptDuty'); // if(!$companyid){ // $this->assign("jumpUrl",__URL__.'/login/'); // $this->error('您还没有该公司权限,请重新选择公司登陆!'); // } //获取公司 $authInfo['companyid'] = $companyid['companyid'] ? $companyid['companyid'] : 0; //获取部门 $authInfo['dept_id'] = $companyid['deptid'] ? $companyid['deptid'] : 0; //获取岗位 $authInfo['sysworktype'] = $companyid['worktype'] ? $companyid['worktype'] : 0; //获取职级 $authInfo['sysdutyid'] = $companyid['dutyid'] ? $companyid['dutyid'] : 0; } return $authInfo; }