public function saveconfigAction() { $config = $this->adminService->getSystemConfig(); $params = $this->_getAllParams(); $newConfig = array_merge($config, $params); $this->log->debug("Config updated to " . print_r($params, true)); $this->adminService->saveConfig($newConfig); // exit(); $this->redirect('admin'); }
/** * 权限验证 */ protected function chekcAuth() { $admin_service = new AdminService(); $controller = $this->request->getControllerName(); $action = $this->request->getActionName(); //登录页面和验证码不需要权限验证 if ($controller == 'admin' && ($action == 'login' || $action == 'captcha') || $controller == 'index' || empty($controller)) { return true; } //验证用户是否登录 if ($admin_service->checkLogin() == false) { return $this->redirect('/admin/login'); } if ($admin_service->checkAuth($controller, $action) == false) { if ($this->request->isAjax()) { return $this->showJson(403, '对不起,您没有权限。'); } else { echo "对不起,您没有权限。"; exit; } } }
<?php require_once 'AdminService.class.php'; $id = $_POST['id']; $password = $_POST['password']; $adminService = new AdminService(); $name=$adminService->checkAdmin($id,$password); if($name!="") { header("Location: empManage.php?name=$name"); exit(); } else { header("Location:login.php?errno=1"); exit(); } ?>
</li> </ul> <div class="move-bg"></div> </div> </div> <div class="daohang"> <div class="menu"> <ul> <li class="menu-item_cur"><a href="http://localhost/healthyone/view/accountManage.php">审核认证</a></li> </ul> </div> </div> <div class="content"> <?php require '../model/adminService.class.php'; $res = AdminService::findAllSpecial(); while ($item = $res->fetchArray(SQLITE3_ASSOC)) { echo "\t<div class='item'> \n\t\t<form name='consult' method='post' action='http://localhost/healthyOne/controller/accountProcess.php?operation=2'>\n\t\t\t<p class='name'><b>" . $item['USERNAME'] . " (" . $item['TYPE'] . ")" . "</b></p>\n\t\t\t<p class='profile'>" . $item['INTRODUCTION'] . "</p>"; echo "<input type='hidden' name='id' value='" . $item['USERNAME'] . "'></input>"; if ($item['ISPASS'] != 1) { echo "<input class='pass_submit' type='submit' value='通过'/>"; } else { echo "<input class='pass_submit' type='button' value='已通过'/>"; } echo "</form>"; echo "</div>"; } ?> </div> <script language="javascript"> function firm() {
/** * Created by PhpStorm. * User: 宏 * Date: 2016/2/1 * Time: 20:56 */ session_start(); require_once $_SERVER['DOCUMENT_ROOT'] . '/lavender/model/AdminService.class.php'; if (isset($_POST['username']) && isset($_POST['password']) && $_POST['checkcode']) { $username = $_POST['username']; $password = $_POST['password']; $checkcode = $_POST['checkcode']; } else { echo "请求非法"; exit; } if ($checkcode != 520) { echo "<script type='text/javascript'>history.go(-1);alert('内部验证码错误!');</script>"; exit; } $adminService = new AdminService(); $res_class = $adminService->AdminLogin($username, $password); if ($res_class->getUsername()) { $_SESSION['adminname'] = $res_class->getUsername(); $_SESSION['adminlevel'] = $res_class->getLevel(); header("location:../admin.php"); exit; } else { echo "<script type='text/javascript'>history.go(-1);alert('用户名或密码错误!');</script>"; exit; }
/** * 登录日志 */ public function loginlogAction() { $request = $this->getRequest(); $admin_service = new AdminService(); $page = (int) $request->getParam('page'); $username = Star_String::escape($request->getParam('username')); $start_date = trim($request->getParam('start_date')); $end_date = trim($request->getParam('end_date')); $start_date = Star_Date::isDate($start_date) == false ? date('Y-m-01') : $start_date; $end_date = Star_Date::isDate($end_date) == false ? date('Y-m-d') : $end_date; $start_time = Star_Date::dateToTime($start_date); $end_time = Star_Date::dateToTime($end_date, false); $page_size = 20; $params = array('username' => $username, 'start_time' => $start_time, 'end_time' => $end_time); $login_data = $admin_service->getLoginLogByPage($page, $page_size, $params); $this->view->assign(array('page' => $login_data['page'], 'login_logs' => $login_data['login_logs'], 'start_date' => $start_date, 'end_date' => $end_date, 'username' => $username)); }
/** * 设置csrf_token */ protected function _initCsrfToken() { $csrf_token = AdminService::getCsrfToken(); $this->view->assign('csrf_token', $csrf_token); }
<?php require_once "../service/AdminService.class.php"; //接受用户数据 //1.用户username $username = $_POST['username']; //2.密码 $password = $_POST['password']; //实例化一个AdminService对象 $adminService = new AdminService(); if ($name = $adminService->checkAdmin($username, $password)) { //合法 session_start(); $_SESSION['username'] = $name; header("location:/main.php"); } else { //非法 header("location:/login.php?errno=1"); } //$res=mysql_query($sql,$conn);
<?php require '../model/adminService.class.php'; $username = $_POST['username']; $password = $_POST['password']; $res = AdminService::check($username, $password); echo $res; if ($res) { $type = AdminService::checkType($username); Session_start(); $_SESSION['username'] = $username; $_SESSION['password'] = $password; $_SESSION['type'] = $type; if ($type == 1) { header("Location: http://localhost/healthyone/view/health.php"); } else { if ($type == 2) { header("Location: http://localhost/healthyone/view/consultManage.php"); } else { if ($type == 3) { header("Location: http://localhost/healthyone/view/activityManage.php"); } } } exit; } else { header("Location: http://localhost/healthyone/index.php?errno=0"); exit; }
public function actionManageAdmin() { $oper = $_POST['oper']; $vcosAdmin = new VcosAdmin(); $vcosAdmin->admin_id = empty($_POST['admin_id']) ? $_POST['id'] : $_POST['admin_id']; $vcosAdmin->admin_name = $_POST['admin_name']; $vcosAdmin->admin_password = $_POST['admin_password']; $vcosAdmin->admin_email = $_POST['admin_email']; $vcosAdmin->real_name = $_POST['real_name']; $vcosAdmin->admin_post = $_POST['admin_post']; $vcosAdmin->role_id = $_POST['role_name']; $vcosAdmin->admin_state = $_POST['admin_state']; switch ($oper) { case 'add': AdminService::addAdmin($vcosAdmin); break; case 'edit': AdminService::editAdmin($vcosAdmin); break; case 'del': AdminService::delAdmin($vcosAdmin); break; default: break; } }
/** * 退出 */ public function loginoutAction() { $admin_service = new AdminService(); $admin_service->loginOut(); $this->redirect('/admin/login'); }
<li class="menu-item_cur"><a href="http://localhost/healthyone/view/setting.php">基本信息</a></li> <li class="menu-item"><a href="http://localhost/healthyone/view/avataSetting.php">头像设置</a></li> <li class="menu-item"><a href="http://localhost/healthyone/view/passwordSetting.php">修改密码</a></li> </ul> </div> </div> <?php require '../model/adminService.class.php'; $name = ""; $sex = 0; $year = 1915; $month = 1; $day = 1; $hobby = "跑步"; $declaration = ""; $res = AdminService::findAccount($username); if ($item = $res->fetchArray(SQLITE3_ASSOC)) { $name = $item['NAME']; $sex = $item['SEX']; $array = explode("-", $item['BIRTHDAY']); $year = $array[0]; $month = $array[1]; $day = $array[2]; $hobby = $item['HOBBY']; $declaration = $item['DECLARATION']; } ?> <div class="content"> <form name="information" method="post" action="http://localhost/healthyOne/controller/accountProcess.php?operation=0"> <p class="item"><b>姓名</b><input id="name_input" type="text" name="name" value="<?php echo $name;
<?php require '../model/adminService.class.php'; $username = $_POST['username']; $password = $_POST['password']; $type = 1; if (is_array($_GET) && count($_GET) > 0) { if (isset($_GET["type"])) { $type = $_GET["type"]; } } $res = AdminService::add($username, $password, $type); if ($res) { if ($type == 1) { AdminService::addCommonUser($username); header("Location: http://localhost/healthyone/index.php?success=1"); } elseif ($type == 2) { $introduction = $_POST['introduction']; $job = $_POST['job']; echo $job; AdminService::addSpecialUser($username, $job, $introduction); header("Location: http://localhost/healthyone/index.php?success=2"); } exit; } else { header("Location: http://localhost/healthyone/view/signUp.php?errno=0"); exit; }
<?php try { $adminOnly = true; require_once $_SERVER['DOCUMENT_ROOT'] . '/com/initialize.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/com/class/adminService.php'; $adminService = new AdminService(); $errorFields = array(); $ajaxReturn = array('validation' => false, 'error' => false); if (!isset($_GET['function'])) { throw new Exception('No function was given.'); } elseif ($_GET['function'] === 'activateJob') { if (!isset($_GET['jobID']) || !$adminService->isIntR($_GET['jobID'])) { $errorFields[] = 'jobID'; throw new Exception('validation'); } $ajaxReturn['data'] = $adminService->activateJob($_GET['jobID']); } elseif ($_GET['function'] === 'activateUser') { if (!isset($_GET['userID']) || !$adminService->isIntR($_GET['userID'])) { $errorFields[] = 'userID'; throw new Exception('validation'); } $ajaxReturn['data'] = $adminService->activateUser($_GET['userID']); } elseif ($_GET['function'] === 'createJob') { if (!isset($_GET['location']) || !$adminService->isStringR($_GET['location'])) { $errorFields[] = 'location'; } if (!isset($_GET['job']) || !$adminService->isStringR($_GET['job'])) { $errorFields[] = 'job'; } if (!isset($_GET['account']) || !$adminService->isStringR($_GET['account'])) {
$password = $_POST['password']; $captch_code = $_POST['yzm']; session_start(); if ($captch_code != $_SESSION['yzm']) { header("Location:login.php?errno=2"); exit; } //3.获取用户是否选中保存id if (empty($_POST['keep'])) { if (!empty($_COOKIE['id'])) { setcookie("id", $id, time() - 100); } } else { setcookie("id", $id, time() + 7 * 2 * 24 * 3600); } //实例一个adminService方法 $adminService = new AdminService(); $name = $adminService->chekcAdimn($id, $password); if ($name != "") { //合法 // header("Location:empManage.php?name=$name"); session_start(); $_SESSION['loginuser'] = $name; header("Location:index.php?name={$name}"); //header("Location:top.php?name=$name"); exit; } else { //非法 header("Location:login.php?errno=1"); exit; }
<?php require_once "../model/adminService.class.php"; $id = $_POST['id']; $pwd = $_POST['pwd']; if (!empty($_POST['save_user'])) { setcookie("id", $id, time() + 3600, "/empManage/views/user"); } else { //if(!empty($_COOKIE['id'])){ setcookie("id", $id, time() - 200, "/empManage/views/user"); //} } $adminService = new AdminService(); if ($adminService->checkAdmin($id, $pwd)) { header("Location: /empManage/views/user/empManage.php?name=admin"); exit; } else { header("Location: /empManage/views/user/login.php?error=1"); exit; }
<li class="menu-item_cur"><a href="http://localhost/healthyone/view/SpecialSetting.php">基本信息</a></li> <li class="menu-item"><a href="http://localhost/healthyone/view/specialAvataSetting.php">头像设置</a></li> <li class="menu-item"><a href="http://localhost/healthyone/view/SpecialPasswordSetting.php">修改密码</a></li> </ul> </div> </div> <?php require '../model/adminService.class.php'; $name = ""; $sex = 0; $year = 1915; $month = 1; $day = 1; $hobby = "跑步"; $declaration = ""; $res = AdminService::findSpecailAccount($username); if ($item = $res->fetchArray(SQLITE3_ASSOC)) { $name = $item['NAME']; $sex = $item['SEX']; $array = explode("-", $item['BIRTHDAY']); $year = $array[0]; $month = $array[1]; $day = $array[2]; $hobby = $item['HOBBY']; $declaration = $item['INTRODUCTION']; } ?> <div class="content"> <form name="information" method="post" action="http://localhost/healthyOne/controller/accountProcess.php?operation=3"> <p class="item"><b>姓名</b><input id="name_input" type="text" name="name" value="<?php echo $name;
} else { if ($_GET['operation'] == 2) { $username = $_POST['id']; $res = AdminService::passSpecialUser($username); header("Location: http://localhost/healthyone/view/accountManage.php"); exit; } else { if ($_GET['operation'] == 3) { session_start(); $username = $_SESSION["username"]; $name = $_POST['name']; $sex = $_POST['sex']; $birthday = $_POST['year'] . "-" . $_POST['month'] . "-" . $_POST['day']; $hobby = $_POST['hobby']; $introduction = $_POST['introduction']; $res = AdminService::modifySpecialUser($username, $name, $sex, $birthday, $hobby, $introduction); if ($res) { header("Location: http://localhost/healthyone/view/specialSetting.php?success=1"); exit; } else { header("Location: http://localhost/healthyone/view/specailSetting.php?errno=1"); exit; } } else { if ($_GET['operation'] == 4) { session_start(); $username = $_SESSION["username"]; $file = $_POST['uploadfile']; echo $file; } }
require_once "../service/AdminService.class.php"; //接受用户数据 $oldPassword = $_POST['oldpassword']; $newPassword = $_POST['newpassword']; $newPassword2 = $_POST['newpassword2']; if ($oldPassword == '') { header("location:/changePassword.php?err=请输入原始密码!"); exit; } if ($newPassword == '') { header("location:/changePassword.php?err=请输入新密码!"); exit; } if ($newPassword2 == '') { header("location:/changePassword.php?err=请输入确认新密码!"); exit; } if ($newPassword != $newPassword2) { header("location:/changePassword.php?err=2次新密码输入不一致!"); exit; } //实例化一个AdminService对象 $adminService = new AdminService(); session_start(); $username = $_SESSION['username']; if ($adminService->ChangePassword($username, $oldPassword, $newPassword)) { //合法 header("location:/changePassword.php?err=更新成功"); } else { header("location:/changePassword.php?err=" . $adminService->getErrMessage()); }
<?php /** * Created by PhpStorm. * User: Administrator * Date: 2016/1/14 0014 * Time: 下午 1:29 */ header("Content-type: text/html; charset=utf-8"); require_once "AdminService.class.php"; //接收用户的数据 $id = $_POST['id']; $password = $_POST['password']; $adminservice = new AdminService(); if ($name = $adminservice->checkAdmin($id, $password)) { header("Location:empMain.php?name={$name}"); exit; } else { header("Location:login.php?errno=1"); exit; } /* $conn = mysqli_connect("localhost","root","090324","empmanage"); if(!$conn){ die("连接失败".mysql_error()); } $sql = "select password,name from admin where id=$id"; $res = mysqli_query($conn,$sql); if($row=mysqli_fetch_assoc($res)){