/**
* 会员登录
*/
public function actionLogin()
{
$model = new Admin('login');
if (XUtils::method() == 'POST') {
$model->attributes = $_POST['Admin'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$model->addError('username', '用户不存在');
AdminLogger::_create(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . CHtml::encode($model->username), 'user_id' => 0));
} elseif (!$model->validatePassword($data->password)) {
$model->addError('password', '密码不正确');
AdminLogger::_create(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . CHtml::encode($model->username) . ',使用密码:' . CHtml::encode($model->password), 'user_id' => 0));
} elseif ($data->group_id == 2) {
$model->addError('username', '用户被锁定,请联系网站管理');
} else {
parent::_stateWrite(array('userId' => $data->id, 'userName' => $data->username, 'groupId' => $data->group_id, 'super' => $data->group_id == 1 ? 1 : 0), array('prefix' => '_admini'));
$data->last_login_ip = XUtils::getClientIP();
$data->last_login_time = time();
$data->login_count = $data->login_count + 1;
$data->save();
AdminLogger::_create(array('catalog' => 'login', 'intro' => '用户登录成功:' . CHtml::encode($model->username)));
$this->redirect(array('default/index'));
}
}
}
$this->render('login', array('model' => $model));
}
public function actionLogin()
{
$model = new Admin('login');
if (XUtils::method() == 'POST') {
$model->attributes = $_POST['Admin'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$model->addError('username', '用户不存在');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . CHtml::encode($model->username), 'user_id' => 0));
} elseif (!$model->validatePassword($data->password)) {
$model->addError('password', '密码不正确');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . CHtml::encode($model->username) . ',使用密码:' . CHtml::encode($model->password), 'user_id' => 0));
} elseif ($data->group_id == 2) {
$model->addError('username', '用户已经锁定,请联系管理');
} else {
$this->_sessionSet('_backendGroupId', $data->group_id);
if (isset($data->group_id) && $data->group_id == 1) {
$this->_sessionSet('_backendPermission', 'backendstrator');
}
$data->last_login_ip = XUtils::getClientIP();
$data->last_login_time = time();
$data->login_count = $data->login_count + 1;
$data->save();
parent::_sessionSet('uid', $data->id);
parent::_sessionSet('uname', $data->username);
parent::_backendLogger(array('catalog' => 'login', 'intro' => '用户登录成功:' . $data->username));
$this->redirect(array('default/index'));
XUtils::message('success', '登录成功', $this->createUrl('default/index'), 2);
}
}
}
$this->render('login', array('model' => $model));
}
public function actionAdd()
{
$model = new Admin();
$model->status = 1;
$model->attributes = Yii::app()->request->getParam('Admin');
if (Yii::app()->request->getParam('Admin') && $model->validate()) {
$get = Yii::app()->request->getParam('Admin');
$model->password = md5($get['password']);
if ($model->save()) {
Yii::app()->user->setFlash('success', '添加成功');
$this->redirect(array('user/index'));
} else {
Yii::app()->user->setFlash('error', '修改失败');
}
}
$this->render('add', array('model' => $model));
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$model = new Admin('login');
$model->attributes = $_POST['LoginForm'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
$model->addError('username', '用户不存在');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,用户不存在:' . $model->username, 'user_id' => 0));
} elseif (!$this->validatePassword($data->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$model->addError('password', '密码不正确');
parent::_backendLogger(array('catalog' => 'login', 'intro' => '登录失败,密码不正确:' . $model->username . ',使用密码:' . $model->password, 'user_id' => 0));
} elseif ($data->group_id == 2) {
$this->errorCode = self::ERROR_UNKNOWN_IDENTITY;
$model->addError('username', '用户已经锁定,请联系管理');
} else {
$this->errorCode = self::ERROR_NONE;
}
}
return $this->errorCode;
}
public function actionIndex()
{
$model = new Admin('login');
if (isset($_POST['Admin'])) {
$model->attributes = $_POST['Admin'];
if ($model->validate()) {
$data = $model->find('username=:username', array('username' => $model->username));
if ($data === null) {
$model->addError('username', '用户不存在');
} elseif (!$model->validatePassword($data->password)) {
$model->addError('password', '密码不正确');
} elseif ($data->group_id == 2) {
$model->addError('username', '用户被锁定,请联系网站管理');
} else {
$_SESSION['_admini'] = array('userId' => $data->id, 'userName' => $data->username, 'groupId' => $data->group_id, 'super' => $data->group_id == 1 ? 1 : 0);
$data->last_login_time = time();
$data->login_count = $data->login_count + 1;
$data->save();
$this->redirect(array('main/index'));
}
}
}
$this->render('index', array('model' => $model));
}
/**
* method alterainfo : altera uma info qualquer de uma dada tabela com um dado valor
* @param string $token email do gestor
* @param string $email token do gestor
* @param string $tabela id do sujeito a alterar
* @param string $campo tabela onde está o campo a alterar
* @param string $valor campo a alterar
* @param string $id valor novo a colocar
* @access public
* @author <*****@*****.**>
* @return String
*/
public static function alterainfo($token, $email, $tabela, $campo, $valor, $id)
{
$resultado = Admin::validate($token, $email);
if ($token == $resultado) {
$conn = Admin::connection();
// $query = "UPDATE `dbws1`.`".$tabela."` SET `".$campo."`='".$value."' WHERE `id`='".$id."';";
//$query="select id from veiculo where nomecondutor='Pinito';";
$query = "UPDATE `dbws1`.`" . $tabela . "` SET `" . $campo . "`='" . $valor . "' WHERE `id`='" . $id . "';";
$result = mysqli_query($conn, $query);
mysqli_close($conn);
if ($result) {
return "Alterado com sucesso!";
} else {
return "Nao alterado!";
}
}
return "nao validado!";
}
