public function checkLogin()
{
$username = I('post.account');
$userpswd = I('post.password');
if (empty($username)) {
$this->error('用户名不能为空', U('index'));
}
if (empty($userpswd)) {
$this->error('密码不能为空', U('index'));
}
// 生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['account'] = $username;
$map["status"] = array('gt', 0);
$authInfo = Rbac::authenticate($map);
// 使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($userpswd)) {
$this->error('密码错误', U('index'));
}
$this->dologin($authInfo);
}
}
public function loginsubmit()
{
$username = I('post.username');
$password = I('post.password');
$user_group = I('post.user_group');
$verify = I('post.verify');
if (!check_verify($verify)) {
$this->error('验证码输入错误!');
}
$res = \Org\Util\Rbac::authenticate(array('username' => $username, 'group' => $user_group));
if (false == $res) {
$this->error('帐号不存在或密码错误!');
} else {
$signpassword = sign_password($password);
if ($res['password'] != $signpassword) {
$this->error('用户名或密码错误!');
}
}
$member = M('Member')->where(array('id' => $res['id']))->find();
//更新活动时间
M('Member')->where(array('id' => $res['id']))->save(array('timeupdate' => date('Y-m-d H:i:s'), 'lastip' => get_client_ip()));
session('member', $member);
cookie('login', true);
if ($res['username'] == C('SPECIAL_USER')) {
session(C('ADMIN_AUTH_KEY'), true);
}
session(C('USER_AUTH_KEY'), $res['id']);
// 缓存访问权限
\Org\Util\Rbac::saveAccessList();
$this->success('登陆成功!');
}
public function checkLogin()
{
if (empty($_POST['account'])) {
$this->error('用户名是必须的!');
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['id'] = $_POST['account'];
$map["status"] = array('gt', 0);
$authInfo = \Org\Util\Rbac::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (null === $authInfo) {
$this->error('用户名不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($_POST['password'])) {
$this->error('密码错误!');
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
if ($authInfo['id'] == 'admin') {
$_SESSION['administrator'] = true;
} else {
$_SESSION['administrator'] = false;
}
// //保存登录信息
// $User = M('User');
// $ip = get_client_ip();
// $time = time();
// $data = array();
// $data['id'] = $authInfo['id'];
// $data['last_login_time'] = $time;
// $data['login_count'] = array('exp','login_count+1');
// $data['last_login_ip'] = $ip;
// $User->save($data);
// 缓存访问权限
\Org\Util\RBAC::saveAccessList();
$this->success('登录成功!', __APP__ . '/Home/Index/index');
}
}
public function checkLogin()
{
if (empty($_POST['account'])) {
$this->error('帐号错误!');
} elseif (empty($_POST['password'])) {
$this->error('密码必须!');
} elseif (empty($_POST['verify'])) {
$this->error('验证码必须!');
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['account'] = $_POST['account'];
$map["status"] = array('gt', 0);
if (!$this->check_verify(I('verify'))) {
$this->error('验证码错误!');
}
$authInfo = Rbac::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($_POST['password'])) {
$this->error('密码错误!');
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['email'] = $authInfo['email'];
$_SESSION['loginUserName'] = $authInfo['nickname'];
$_SESSION['lastLoginTime'] = $authInfo['last_login_time'];
$_SESSION['login_count'] = $authInfo['login_count'];
if ($authInfo['account'] == 'admin') {
$_SESSION['administrator'] = true;
}
//保存登录信息
$User = M('User');
$ip = get_client_ip();
$time = time();
$data = array();
$data['id'] = $authInfo['id'];
$data['last_login_time'] = $time;
$data['login_count'] = array('exp', 'login_count+1');
$data['last_login_ip'] = $ip;
$User->save($data);
// 缓存访问权限
Rbac::saveAccessList();
$this->success('登录成功!');
}
}
public function checkLogin()
{
if (empty($_POST['account'])) {
$this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY'));
$this->error('帐号错误!');
} elseif (empty($_POST['password'])) {
$this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY'));
$this->error('密码必须!');
} elseif (empty($_POST['verify'])) {
$this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY'));
$this->error('验证码必须!');
}
// 生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['account'] = $_POST['account'];
$map["status"] = array('gt', 0);
$data = array();
$data['ip'] = get_client_ip();
$data['date'] = date("Y-m-d H:i:s");
$data['username'] = $_POST['account'];
$data['module'] = MODULE_NAME;
$data['action'] = ACTION_NAME;
$data['querystring'] = U(MODULE_NAME . '/' . ACTION_NAME);
if ($_SESSION['verify'] != md5($_POST['verify'])) {
$this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY'));
$this->error('验证码错误!');
}
$authInfo = RBAC::authenticate($map);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$data['status'] = 0;
D("Log")->add($data);
$this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY'));
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($_POST['password'])) {
$data['status'] = 0;
D("Log")->add($data);
$this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY'));
$this->error('密码错误!');
}
$_SESSION['user_info'] = $authInfo;
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['lastLoginTime'] = $authInfo['last_login_time'];
// 站点ID设置
$_SESSION['siteid'] = SITEID;
if ($authInfo['role_id'] == 1) {
$_SESSION['administrator'] = true;
}
//保存登录信息
D('User')->where(array('id' => $authInfo['id']))->save(array('last_login_time' => time(), 'last_login_ip' => $data['id']));
//保存日志
$data['status'] = 1;
$data['userid'] = $authInfo['id'];
D("Log")->add($data);
// 存储访问权限
RBAC::saveAccessList();
$this->success('登录成功!', __MODULE__ . '/Index');
}
}
public function modPass()
{
$type = I('type');
$oldpass = I('oldpass');
$newpass = I('newpass');
if ('menu' == $type) {
$this->display();
exit;
}
// 生成认证条件
$map = array();
// 支持使用绑定帐号登录
$ses = $_SESSION;
$map['account'] = $_SESSION['login_count'];
$map["status"] = array('gt', 0);
$authInfo = Rbac::authenticate($map);
// 使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($oldpass)) {
echoJson('1', '原密码输入错误');
} else {
$where['id'] = $_SESSION['authId'];
$passdata['password'] = md5($newpass);
$user = M('User');
$res = $user->where($where)->save($passdata);
if ($res) {
echoJson('0', '密码修改成功');
} else {
echoJson('1', ' 服务器忙');
}
}
}
}
public function checkLogin()
{
if (empty($_POST['account'])) {
$this->error('帐号错误!', __CONTROLLER__ . '/login', 2);
} elseif (empty($_POST['password'])) {
$this->error('密码必须!', __CONTROLLER__ . '/login', 2);
} elseif (empty($_POST['verify'])) {
$this->error('验证码必须!', __CONTROLLER__ . '/login', 2);
}
//生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['account'] = $_POST['account'];
$map["status"] = array('gt', 0);
//3.2.1 的 验证码 检验方法
$verify = $_POST['verify'];
if (!$this->check_verify($verify)) {
$this->error('验证码输入错误!', __CONTROLLER__ . '/login', 2);
}
$authInfo = Rbac::authenticate($map);
//使用用户名、密码和状态 的方式进行认证
if (false === $authInfo) {
$this->error('帐号不存在或已禁用!');
} else {
if ($authInfo['password'] != md5($_POST['password'])) {
$this->error('密码错误!', __CONTROLLER__ . '/login', 2);
}
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['email'] = $authInfo['email'];
$_SESSION['loginUserName'] = empty($authInfo['nickname']) ? $authInfo['account'] : $authInfo['nickname'];
$_SESSION['lastLoginTime'] = $authInfo['last_login_time'];
$_SESSION['login_count'] = $authInfo['login_count'];
if ($authInfo['account'] == 'admin') {
$_SESSION['administrator'] = true;
}
// $log['vc_operation']="用户登录:登录成功!";
// $log['vc_module']="系统管理";
// $log['creator_id']=$authInfo['id'];
// $log['creator_name']=$authInfo['account'];
// $log['vc_ip']=get_client_ip();
// $log['createtime']=time();
// M("Log")->add($log);
//保存登录信息
$User = M('User');
$ip = get_client_ip();
$time = time();
$data = array();
$data['id'] = $authInfo['id'];
$data['last_login_time'] = $time;
$data['login_count'] = array('exp', 'login_count+1');
$data['last_login_ip'] = $ip;
$User->save($data);
// 缓存访问权限
//RBAC::saveAccessList();
$this->redirect('Admin/Index/index');
}
}
public function checkLogin($username, $password, $verify)
{
$this->jumpUrl = __MODULE__ . C('USER_AUTH_GATEWAY');
if (empty($username) || empty($password) || empty($verify)) {
$this->errorCode = 10001;
$this->errorMessage = '用户名|密码|验证码都必须!';
return false;
}
if (session('verify') != md5($verify)) {
$this->errorCode = 10001;
$this->errorMessage = '验证码错误!';
return false;
}
// 生成认证条件
$map = array();
// 支持使用绑定帐号登录
$map['account'] = $username;
$map["status"] = array('gt', 0);
$authInfo = RBAC::authenticate($map);
$allow_try_error_time = C('ALLOW_TRY_ERROR_TIME', null, 5);
if ($authInfo['try_time'] >= $allow_try_error_time) {
$this->errorCode = 10002;
$this->errorMessage = '登录失败次数过多,帐号已被禁用,请与管理员联系!';
return false;
}
model('User')->where(array('id' => $authInfo['id']))->save(array('try_time' => array('exp', '`try_time` + 1')));
$data = array();
$data['ip'] = get_client_ip();
$data['date'] = date("Y-m-d H:i:s");
$data['username'] = $username;
$data['module'] = MODULE_NAME;
$data['action'] = ACTION_NAME;
$data['querystring'] = U(MODULE_NAME . '/' . ACTION_NAME);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$data['status'] = 0;
model("Log")->add($data);
$this->errorCode = 10003;
$this->errorMessage = '帐号不存在或已禁用!';
return false;
} else {
if ($authInfo['password'] != md5($password)) {
$data['status'] = 0;
model("Log")->add($data);
$this->errorCode = 10003;
$this->errorMessage = '密码错误!你还有' . ($allow_try_error_time - 1 - $authInfo['try_time']) . '尝试次机会';
return false;
}
// 保存Session
session('user_info', $authInfo);
session(C('USER_AUTH_KEY'), $authInfo['id']);
session('lastLoginTime', $authInfo['last_login_time']);
if ($authInfo['role_id'] == 1) {
session('administrator', true);
}
//保存登录信息
model('User')->where(array('id' => $authInfo['id']))->save(array('last_login_time' => time(), 'last_login_ip' => $data['id'], 'try_time' => 0));
//保存日志
$data['status'] = 1;
$data['userid'] = $authInfo['id'];
model("Log")->add($data);
// 存储访问权限
RBAC::saveAccessList();
// 设置默认站点
$sites = logic('site')->getAccessibleSites();
$current_site = current($sites);
set_siteid($current_site['id']);
return true;
}
}
