/**
* User login, identify him and authorize him.
*
* @access public
* @return void
*/
public function login($referer = '', $from = '')
{
$this->setReferer($referer);
$loginLink = $this->createLink('user', 'login');
$denyLink = $this->createLink('user', 'deny');
/* Reload lang by lang of get when viewType is json. */
if ($this->app->getViewType() == 'json' and $this->get->lang and $this->get->lang != $this->app->getClientLang()) {
$this->app->setClientLang($this->get->lang);
$this->app->loadLang('user');
}
/* If user is logon, back to the rerferer. */
if ($this->user->isLogon()) {
if ($this->app->getViewType() == 'json') {
$data = $this->user->getDataInJSON($this->app->user);
die(helper::removeUTF8Bom(json_encode(array('status' => 'success') + $data)));
}
if (strpos($this->referer, $loginLink) === false and strpos($this->referer, $denyLink) === false and $this->referer) {
die(js::locate($this->referer, 'parent'));
} else {
die(js::locate($this->createLink($this->config->default->module), 'parent'));
}
}
/* Passed account and password by post or get. */
if (!empty($_POST) or isset($_GET['account']) and isset($_GET['password'])) {
$account = '';
$password = '';
if ($this->post->account) {
$account = $this->post->account;
}
if ($this->get->account) {
$account = $this->get->account;
}
if ($this->post->password) {
$password = $this->post->password;
}
if ($this->get->password) {
$password = $this->get->password;
}
if ($this->user->checkLocked($account)) {
$failReason = sprintf($this->lang->user->loginLocked, $this->config->user->lockMinutes);
if ($this->app->getViewType() == 'json') {
die(helper::removeUTF8Bom(json_encode(array('status' => 'failed', 'reason' => $failReason))));
}
die(js::error($failReason));
}
$user = $this->user->identify($account, $password);
if ($user) {
$this->user->cleanLocked($account);
/* Authorize him and save to session. */
$user->rights = $this->user->authorize($account);
$user->groups = $this->user->getGroups($account);
$this->session->set('user', $user);
$this->app->user = $this->session->user;
$this->loadModel('action')->create('user', $user->id, 'login');
/* Keep login. */
if ($this->post->keepLogin) {
$this->user->keepLogin($user);
}
/* Check password. */
if (isset($this->config->safe->mode) and $this->user->computePasswordStrength($password) < $this->config->safe->mode) {
echo js::alert($this->lang->user->weakPassword);
}
/* Go to the referer. */
if ($this->post->referer and strpos($this->post->referer, $loginLink) === false and strpos($this->post->referer, $denyLink) === false) {
if ($this->app->getViewType() == 'json') {
$data = $this->user->getDataInJSON($user);
die(helper::removeUTF8Bom(json_encode(array('status' => 'success') + $data)));
}
/* Get the module and method of the referer. */
if ($this->config->requestType == 'PATH_INFO') {
$path = substr($this->post->referer, strrpos($this->post->referer, '/') + 1);
$path = rtrim($path, '.html');
if (empty($path)) {
$path = $this->config->requestFix;
}
list($module, $method) = explode($this->config->requestFix, $path);
} else {
$url = html_entity_decode($this->post->referer);
$param = substr($url, strrpos($url, '?') + 1);
list($module, $method) = explode('&', $param);
$module = str_replace('m=', '', $module);
$method = str_replace('f=', '', $method);
}
if (common::hasPriv($module, $method)) {
die(js::locate($this->post->referer, 'parent'));
} else {
die(js::locate($this->createLink($this->config->default->module), 'parent'));
}
} else {
if ($this->app->getViewType() == 'json') {
$data = $this->user->getDataInJSON($user);
die(helper::removeUTF8Bom(json_encode(array('status' => 'success') + $data)));
}
die(js::locate($this->createLink($this->config->default->module), 'parent'));
}
} else {
$fails = $this->user->failPlus($account);
if ($this->app->getViewType() == 'json') {
die(helper::removeUTF8Bom(json_encode(array('status' => 'failed', 'reason' => $this->lang->user->loginFailed))));
}
$remainTimes = $this->config->user->failTimes - $fails;
if ($remainTimes <= 0) {
die(js::error(sprintf($this->lang->user->loginLocked, $this->config->user->lockMinutes)));
} else {
if ($remainTimes <= 3) {
die(js::error(sprintf($this->lang->user->lockWarning, $remainTimes)));
}
}
die(js::error($this->lang->user->loginFailed));
}
} else {
if (!empty($this->config->global->showDemoUsers)) {
$demoUsers = $this->user->getPairs('nodeleted, noletter, noempty, noclosed');
$this->view->demoUsers = $demoUsers;
}
$this->app->loadLang('misc');
$this->view->noGDLib = sprintf($this->lang->misc->noGDLib, common::getSysURL() . $this->config->webRoot);
$this->view->title = $this->lang->user->login;
$this->view->referer = $this->referer;
$this->view->s = zget($this->config->global, 'sn');
$this->view->keepLogin = $this->cookie->keepLogin ? $this->cookie->keepLogin : '******';
$this->display();
}
}
/* Start output buffer. */
ob_start();
/* Define the run mode as admin. */
define('RUN_MODE', 'admin');
/* Load the framework.*/
include 'loader.php';
/* Check admin entry. */
checkAdminEntry();
/* Instance the app. */
$app = router::createApp('chanzhi', $systemRoot);
$config = $app->config;
/* Check the reqeust is getconfig or not. Check installed or not. */
if (isset($_GET['mode']) and $_GET['mode'] == 'getconfig') {
die($app->exportConfig());
}
if (!isset($config->installed) or !$config->installed) {
die(header('location: install.php'));
}
/* Change the request settings. */
$config->frontRequestType = $config->requestType;
$config->requestType = 'GET';
$config->default->module = 'admin';
$config->default->method = 'index';
/* Run it. */
$common = $app->loadCommon();
$app->parseRequest();
$common->checkPriv();
$app->loadModule();
/* Flush the buffer. */
echo helper::removeUTF8Bom(ob_get_clean());
/**
* Send data directly, for ajax requests.
*
* @param misc $data
* @param string $type
* @access public
* @return void
*/
public function send($data, $type = 'json')
{
if ($type == 'json') {
echo json_encode($data);
}
die(helper::removeUTF8Bom(ob_get_clean()));
}
/**
* Send data directly, for ajax requests.
*
* @param misc $data
* @param string $type
* @access public
* @return void
*/
public function send($data, $type = 'json')
{
$data = (array) $data;
if ($type == 'json') {
if (!helper::isAjaxRequest()) {
if (isset($data['result']) and $data['result'] == 'success') {
if (!empty($data['message'])) {
echo js::alert($data['message']);
}
$locate = isset($data['locate']) ? $data['locate'] : (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
if (!empty($locate)) {
die(js::locate($locate));
}
die(isset($data['message']) ? $data['message'] : 'success');
}
if (isset($data['result']) and $data['result'] == 'fail') {
if (!empty($data['message'])) {
$message = json_decode(json_encode((array) $data['message']));
foreach ((array) $message as $item => $errors) {
$message->{$item} = implode(',', $errors);
}
echo js::alert(strip_tags(implode(" ", (array) $message)));
die(js::locate('back'));
}
}
}
echo json_encode($data);
}
die(helper::removeUTF8Bom(ob_get_clean()));
}
