public function initLogin() { App::import('vendor', array('db', 'api.basic_auth')); $id = BasicAuth::getCurrentUser(); if (false === $id) { $this->controller->error(ECode::$LOGIN_ERROR); } $this->isLogin = $id !== 'guest'; if ('guest' !== $id) { $ret = Forum::checkBanIP($id, $this->from); switch ($ret) { case 1: $this->controller->error(ECode::$LOGIN_IPBAN); break; case 2: $this->controller->error(ECode::$LOGIN_EPOS); break; case 3: $this->controller->error(ECode::$LOGIN_ERROR); break; } } $db = DB::getInstance(); if ($u = $db->one('select id, utmpnum, utmpkey from pl_api_session where id=?', array($id))) { if (Forum::initUser($u['id'], intval($u['utmpnum']), intval($u['utmpkey']))) { $val = array('expire' => time() + $this->_expire); $db->update('pl_api_session', $val, 'where id=?', array($u['id'])); return; } } $ret = Forum::setUser(true); switch ($ret) { case -1: $this->controller->error(ECode::$LOGIN_MULLOGIN); case 1: $this->controller->error(ECode::$LOGIN_MAX); case 3: $this->controller->error(ECode::$LOGIN_IDBAN); case 4: $this->controller->error(ECode::$LOGIN_IPBAN); case 5: $this->controller->error(ECode::$LOGIN_FREQUENT); case 7: $this->controller->error(ECode::$LOGIN_NOPOS); } User::update(); $user = User::getInstance(); if ($u) { $val = array('utmpnum' => $user->index, 'utmpkey' => $user->utmpkey, 'expire' => time() + $this->_expire); $db->update('pl_api_session', $val, 'where id=?', array($user->userid)); } else { $val = array('k' => array('id', 'utmpnum', 'utmpkey', 'expire'), 'v' => array(array($user->userid, $user->index, $user->utmpkey, time() + $this->_expire))); $db->insert('pl_api_session', $val); } }
public function login($id, $pwd, $md5 = true, $cookieTime = null) { if ($this->isLogin || $this->isGuest) { Forum::kickUser(); } $ret = Forum::checkBanIP($id, $this->from); switch ($ret) { case 1: throw new LoginException(ECode::$LOGIN_IPBAN); break; case 2: throw new LoginException(ECode::$LOGIN_EPOS); break; case 3: throw new LoginException(ECode::$LOGIN_ERROR); break; } if ($id != 'guest' && !Forum::checkPwd($id, $pwd, $md5, true)) { throw new LoginException(ECode::$LOGIN_ERROR); } $ret = Forum::setUser(true); switch ($ret) { case -1: throw new LoginException(ECode::$LOGIN_MULLOGIN); case 1: throw new LoginException(ECode::$LOGIN_MAX); case 3: throw new LoginException(ECode::$LOGIN_IDBAN); case 4: throw new LoginException(ECode::$LOGIN_IPBAN); case 5: throw new LoginException(ECode::$LOGIN_FREQUENT); case 7: throw new LoginException(ECode::$LOGIN_NOPOS); } User::update(); $u = User::getInstance(); $utmpkey = $u->utmpkey; $pass = base64_encode($u->md5passwd); if (Configure::read("cookie.encryption")) { $utmpkey = $this->encrypt($utmpkey); $pass = $this->encrypt($pass); } $this->isLogin = true; $this->Cookie->write("UTMPUSERID", $u->userid, false, $cookieTime); $this->Cookie->write("UTMPKEY", $utmpkey, false); $this->Cookie->write("UTMPNUM", $u->index, false); $this->Cookie->write("PASSWORD", $pass, false, $cookieTime); }