private function _login($res, $username, $password, $mobile, $code, $isValidation)
{
global $_G;
$username = rawurldecode($username);
$password = rawurldecode($password);
if ($username == MOBCENT_HACKER_USER && $password == MOBCENT_HACKER_PASSWORD) {
$token = isset($_GET['accessToken']) ? $_GET['accessToken'] : '';
$secret = isset($_GET['accessSecret']) ? $_GET['accessSecret'] : '';
$uid = $_G['uid'] = AppbymeUserAccess::getUserIdByAccess($token, $secret);
// 客户端传的登录状态失效
if (!$uid) {
return $this->makeErrorInfo($res, 'mobcent_login_status');
}
$result['member'] = getuserbyuid($uid);
$_G['username'] = $result['member']['username'];
// 把登录信息写入cookie中,并且更新登录的状态
UserUtils::updateCookie($result['member'], $uid);
// 需要整理token和secret再返回给客户端
$userInfo = array('token' => $token, 'secret' => $secret);
} else {
$username = WebUtils::t($username);
$logInfo = UserUtils::login($username, $password);
if ($logInfo['errcode']) {
UserUtils::delUserAccessByUsername($username);
return $this->makeErrorInfo($res, $logInfo['message']);
}
if ($isValidation == 1) {
// 是否开启了登录手机验证
$isLoginValidation = WebUtils::getDzPluginAppbymeAppConfig('mobcent_login_validation');
if ($isLoginValidation) {
$userMobileBind = AppbymeSendsms::getBindInfoByUid($_G['uid']);
if (!$userMobileBind) {
// 当前登录的用户没有绑定手机号码
if ($mobile == '' && $code == '') {
$res['isValidation'] = 1;
return $this->makeErrorInfo($res, '', array('noError' => 0, 'alert' => 0));
}
$checkInfo = UserUtils::checkMobileCode($res, $mobile, $code);
if ($checkInfo['rs'] == 0) {
return $this->makeErrorInfo($res, $checkInfo['errcode']);
}
$updataArr = array('uid' => $_G['uid']);
AppbymeSendsms::updateMobile($mobile, $updataArr);
}
}
}
$userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password);
}
$userAvatar = UserUtils::getUserAvatar($_G['uid']);
$res['isValidation'] = 0;
$res['token'] = (string) $userInfo['token'];
$res['secret'] = (string) $userInfo['secret'];
$res['uid'] = (int) $_G['uid'];
$res['avatar'] = (string) $userAvatar;
$res['userName'] = (string) $_G['username'];
return $res;
}
private function _switchVest($res, $username)
{
global $_G;
$username = WebUtils::t(rawurldecode($username));
$_GET['username'] = $username;
$myrepeatsusergroups = (array) dunserialize($_G['cache']['plugin']['myrepeats']['usergroups']);
if (!in_array($_G['groupid'], $myrepeatsusergroups)) {
$users = C::t('#myrepeats#myrepeats')->fetch_all_by_username($_G['username']);
if (!$users) {
return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'usergroup_disabled'));
} else {
$permusers = array();
foreach ($users as $user) {
$permusers[] = $user['uid'];
}
$member = C::t('common_member')->fetch_by_username($_GET['username']);
if (!$member || !in_array($member['uid'], $permusers)) {
return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'usergroup_disabled'));
}
}
}
$user = C::t('#myrepeats#myrepeats')->fetch_all_by_uid_username($_G['uid'], $_GET['username']);
$user = current($user);
$olddiscuz_uid = $_G['uid'];
$olddiscuz_user = $_G['username'];
$olddiscuz_userss = $_G['member']['username'];
if (!$user) {
$newuid = C::t('common_member')->fetch_uid_by_username($_GET['username']);
if (C::t('#myrepeats#myrepeats')->count_by_uid_username($newuid, $olddiscuz_userss)) {
// 第一次登录,需要输入密码
}
//return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'user_nonexistence'));
} elseif ($user['locked']) {
return $this->makeErrorInfo($res, lang('plugin/myrepeats', 'user_locked', array('user' => $_GET['username'])));
}
list($password, $questionid, $answer) = explode("\t", authcode($user['logindata'], 'DECODE', $_G['config']['security']['authkey']));
$logInfo = UserUtils::login($username, $password);
if ($logInfo['errcode']) {
return $this->makeErrorInfo($res, $logInfo['message']);
}
$userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password);
$userAvatar = UserUtils::getUserAvatar($_G['uid']);
$res['token'] = (string) $userInfo['token'];
$res['secret'] = (string) $userInfo['secret'];
$res['uid'] = (int) $_G['uid'];
$res['avatar'] = (string) $userAvatar;
$res['userName'] = (string) $_G['username'];
return $res;
}
public function actionLogin()
{
if (UserUtils::isInAppbymeAdminGroup()) {
$this->redirect(Yii::app()->createAbsoluteUrl('admin/index'));
}
if (!empty($_POST)) {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$result = UserUtils::login($username, $password);
$errorMsg = '';
if ($result['errcode']) {
$errorMsg = WebUtils::u($result['message']);
} else {
if (UserUtils::isInAppbymeAdminGroup()) {
$this->redirect(Yii::app()->createAbsoluteUrl('admin/index'));
} else {
$errorMsg = '用户不是管理员,也不在允许登录的范围内!';
}
}
}
$this->renderPartial('login', array('errorMsg' => $errorMsg, 'username' => $username));
}
private function _login($res, $username, $password)
{
global $_G;
$username = rawurldecode($username);
$password = rawurldecode($password);
if ($username == MOBCENT_HACKER_USER && $password == MOBCENT_HACKER_PASSWORD) {
$token = isset($_GET['accessToken']) ? $_GET['accessToken'] : '';
$secret = isset($_GET['accessSecret']) ? $_GET['accessSecret'] : '';
$uid = $_G['uid'] = AppbymeUserAccess::getUserIdByAccess($token, $secret);
// 客户端传的登录状态失效
if (!$uid) {
return $this->makeErrorInfo($res, 'mobcent_login_status');
}
$result['member'] = getuserbyuid($uid);
$_G['username'] = $result['member']['username'];
// 把登录信息写入cookie中,并且更新登录的状态
UserUtils::updateCookie($result['member'], $uid);
// 需要整理token和secret再返回给客户端
$userInfo = array('token' => $token, 'secret' => $secret);
} else {
$username = WebUtils::t($username);
$logInfo = UserUtils::login($username, $password);
if ($logInfo['errcode']) {
UserUtils::delUserAccessByUsername($username);
return $this->makeErrorInfo($res, $logInfo['message']);
}
$userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password);
}
$userAvatar = UserUtils::getUserAvatar($_G['uid']);
$res['token'] = (string) $userInfo['token'];
$res['secret'] = (string) $userInfo['secret'];
$res['uid'] = (int) $_G['uid'];
$res['avatar'] = (string) $userAvatar;
$res['userName'] = (string) $_G['username'];
return $res;
}
private function _saveWxInfo($res, $username, $oauthToken, $password, $openId, $email, $gender, $act, $platformId)
{
if ($act == 'register') {
$regInfo = UserUtils::register($username, $password, $email);
if ($regInfo['errcode']) {
return $this->makeErrorInfo($res, $regInfo['message']);
}
$uid = $regInfo['info']['uid'];
$member = UserUtils::getUserInfo($uid);
$userInfo = AppbymeUserAccess::registerProcess($regInfo['info']['uid'], $password);
$data = array('uid' => $uid, 'openid' => $openId, 'status' => 1, 'type' => 1);
AppbymeConnection::insertMobcentWx($data);
$res['body']['uid'] = (int) $uid;
$res['body']['token'] = (string) $userInfo['token'];
$res['body']['secret'] = (string) $userInfo['secret'];
} elseif ($act == 'bind') {
global $_G;
$logInfo = UserUtils::login($username, $password);
if ($logInfo['errcode']) {
UserUtils::delUserAccessByUsername($username);
return $this->makeErrorInfo($res, 'mobcent_bind_error');
}
$isBind = AppbymeConnection::getUserBindInfo($_G['uid']);
if ($isBind) {
return $this->makeErrorInfo($res, 'mobcent_bind_error_repeat');
}
$data = array('uid' => $_G['uid'], 'openid' => $openId, 'status' => 1, 'type' => 1);
AppbymeConnection::insertMobcentWx($data);
$userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password);
$userAvatar = UserUtils::getUserAvatar($_G['uid']);
$res['body']['token'] = (string) $userInfo['token'];
$res['body']['secret'] = (string) $userInfo['secret'];
$res['body']['uid'] = (int) $_G['uid'];
$res['body']['avatar'] = (string) $userAvatar;
$res['body']['userName'] = (string) $_G['username'];
}
return $res;
}
