Пример #1
0
 public function adminLogin($username, $admin_name = '', $remember = false)
 {
     $admin_info = $this->admin_model->getAdminByUsername($username);
     $auth_list = array();
     if (empty($admin_info)) {
         $now_time = time();
         $password = Password::Encryption($username, mt_rand(100000, 9999999999));
         //密码加密
         $admin_data = array('username' => $username, 'admin_name' => $admin_name, 'password' => $password, 'department_id' => 0, 'last_login' => $now_time, 'error_times' => 0, 'error_date' => Star_Date::getDate(), 'add_time' => $now_time, 'update_time' => $now_time);
         $admin_id = $this->admin_model->insert($admin_data);
         $admin_info = $this->admin_model->getAdminById($admin_id);
     } else {
         $admin_data = array('last_login' => time());
         $admin_id = $admin_info['admin_id'];
         $this->updateAdmin($admin_info['admin_id'], $admin_data);
     }
     $admin_login_data = array('admin_id' => $admin_id, 'login_ip' => ip2long(Star_Http_Request::getIp()), 'add_time' => time());
     $admin_login_model = new AdminLoginModel();
     $admin_login_model->insert($admin_login_data);
     //添加登录记录
     //返回部门权限
     $department_auth = $this->auth_model->getAuthByDepartment($admin_info['department_id']);
     //返回管理员权限
     $admin_auth = $this->auth_model->getAuthByAdmin($admin_info['admin_id']);
     if ($department_auth) {
         foreach ($department_auth as $auth) {
             $menu_id = $auth['menu_id'];
             $controller = $auth['controller'];
             $action = $auth['action'];
             $auth_list[$menu_id] = $this->getUrl($controller, $action);
         }
     }
     if ($admin_auth) {
         foreach ($admin_auth as $auth) {
             $menu_id = $auth['menu_id'];
             $controller = $auth['controller'];
             $action = $auth['action'];
             $auth_list[$menu_id] = $this->getUrl($controller, $action);
         }
     }
     $auth_token = $this->makeAuthSign($auth_list);
     $token = $this->makeLoginSign($admin_info['admin_id'], $admin_info['username'], $admin_info['department_id'], $admin_info['last_login'], $auth_token);
     $admin_data = array('admin_id' => $admin_info['admin_id'], 'department_id' => $admin_info['department_id'], 'username' => $admin_info['username'], 'last_login' => $admin_info['last_login'], 'token' => $token, 'auth_token' => $auth_token, 'admin_name' => $admin_info['admin_name']);
     $this->setLoginInfo($admin_data, $remember);
     //设置用户登录信息
     Star_Cookie::set('auth', base64_encode(json_encode($auth_list)), time() + 86400 * 30, '/', '', false, true);
     //设置用户权限信息
 }
 /**
  * 管理员登录 
  */
 public function loginAction()
 {
     $request = $this->getRequest();
     $admin_service = new AdminService();
     //用户已登录跳转到后台首页
     if ($admin_service->checkLogin() == true) {
         return $this->redirect('/admin');
     }
     if ($request->isPost()) {
         $username = trim($request->getParam('username'));
         $password = $request->getParam('password');
         $captcha = $request->getParam('captcha');
         $remember = $request->getParam('remember');
         if (empty($username)) {
             return $this->showJson(1, '请输入用户名');
         }
         if (empty($password) || strlen($password) < 6) {
             return $this->showJson(2, '请输入6位以上密码');
         }
         if ($admin_service->checkCaptcha($captcha) == false) {
             return $this->showJson(3, '帐号或密码有误,请重新输入');
         }
         $admin = $admin_service->getAdminByUsername($username);
         if (empty($admin)) {
             return $this->showJson(403, '帐号或密码有误,请重新输入');
         }
         //当天密码错误超过500次
         if ($admin['error_times'] > 500) {
             return $this->showJson(4, '帐号密码输入错误次数过多,请明日再试。');
         }
         //验证密码是否正确
         if ($admin['password'] == Password::Encryption($username, $password)) {
             $admin_service->adminLogin($username, '', $remember);
         } else {
             $admin_data = array();
             if (Star_Date::getDate() == $admin['error_date']) {
                 $admin_data = array('error_date' => Star_Date::getDate(), 'error_times' => 'error_times + 1');
             } else {
                 $admin_data = array('error_date' => Star_Date::getDate(), 'error_times' => 1);
             }
             $admin_service->updateAdmin($admin['admin_id'], $admin_data, false);
             return $this->showJson(403, '帐号或密码有误,请重新输入');
         }
         return $this->showJson(0, '登录成功');
     }
 }
 /**
  * 添加管理员 
  */
 public function addadminAction()
 {
     $request = $this->getRequest();
     $admin_service = new AdminService();
     if ($request->isPost()) {
         $username = Star_String::escape($request->getParam('username'));
         $admin_name = Star_String::escape($request->getParam('admin_name'));
         $department_id = (int) $request->getParam('department_id');
         $password = $request->getParam('password');
         if (empty($password)) {
             return $this->showWarning('对不起,密码不能为空。');
         }
         if (Star_String::strLength($password) < 6) {
             return $this->showWarning('对不起,密码不能少于6个字符。');
         }
         if (empty($username)) {
             return $this->showWarning('对不起,用户名不能为空。');
         }
         if ($admin_service->getAdminByUsername($username)) {
             return $this->showWarning('对不起,用户名已经存在了。');
         }
         $admin_data = array('department_id' => $department_id, 'username' => $username, 'admin_name' => $admin_name ? $admin_name : $username, 'password' => Password::Encryption($username, $password), 'error_times' => 0, 'error_date' => Star_Date::getDate(), 'last_login' => time(), 'add_time' => time(), 'update_time' => time());
         $admin_id = $admin_service->insertAdmin($admin_data);
         if ($admin_id) {
             $menu_ids = $request->getParam('menu_ids');
             if (!empty($menu_ids)) {
                 $menu_ids = array_unique($menu_ids);
                 foreach ($menu_ids as $menu_id) {
                     $auth_data = array('menu_id' => (int) $menu_id, 'department_id' => 0, 'admin_id' => $admin_id, 'add_time' => time(), 'update_time' => time());
                     //添加权限
                     $admin_service->insertAuth($auth_data);
                 }
             }
             return $this->showMessage('恭喜您,成功添加管理员。', '/system/adminmanage');
         } else {
             return $this->showWarning('很遗憾,添加管理员失败。');
         }
     }
     $departments = $admin_service->getDepartmentOption();
     $this->view->assign(array('departments' => $departments, 'admin' => array()));
     $this->render('admininfo');
 }