public function actionLogin()
{
$name = $_POST['name'];
$password = $_POST['password'];
$captcha = $_REQUEST['captcha'];
session_start();
if (empty($_SESSION['captcha']) || trim(strtolower($captcha)) != $_SESSION['captcha']) {
$this->redirect('index?error=3');
} else {
$member = $this->connection->createCommand("select u.*,g.* from xm_user u left join xm_group g on u.group_id = g.group_id where u.loginname = '{$name}'")->queryRow();
if ($member == null) {
//不存在用户
$this->redirect('index?error=1');
} else {
if ($member['loginpass'] == md5($password)) {
$loginstat = new LoginStat();
$loginnum = $member['login_num'] + 1;
$this->connection->createCommand("update xm_user set last_loginip = '" . $loginstat->GetIP() . "',last_logintime=now(),login_num= " . $loginnum . " where user_id = " . $member['user_id'])->query();
Yii::app()->session['member'] = $member;
$this->redirect('../member/index');
} else {
$this->redirect('index?error=2');
}
}
}
}
public function actionLogin()
{
$loginname = $_REQUEST['loginname'];
$loginpass = $_REQUEST['loginpass'];
$logincaptcha = $_REQUEST['logincaptcha'];
if ($this->createAction('captcha_login')->validate($logincaptcha, false)) {
$row = $this->connection->createCommand("select * from xm_user where loginname = '" . $loginname . "' and isadmin = 1 ")->queryRow();
if ($row != null) {
if ($row['loginpass'] == md5($loginpass)) {
$loginstat = new LoginStat();
$loginnum = $row['login_num'] + 1;
$this->connection->createCommand("update xm_user set last_loginip = '" . $loginstat->GetIP() . "',last_logintime=now(),login_num= " . $loginnum . " where user_id = " . $row['user_id'])->query();
session_start();
$user = $this->connection->createCommand("select * from xm_user where user_id = " . $row['user_id'])->queryRow();
$permissions = Yii::app()->db->createCommand("select permission from xm_role_permission where role_id = " . $row['user_id'])->queryAll();
$permissionslist = array();
if (sizeof($permissions) > 0) {
foreach ($permissions as $p) {
$permissionslist[] = $p['permission'];
}
}
$user['permissions'] = $permissionslist;
$deflangs = Yii::app()->db->createCommand("select * from xm_lang where mark !='xmcms' and isdefault = 1")->queryAll();
if (sizeof($deflangs) > 0) {
Yii::app()->session['mgrlang'] = $deflangs[0]['lang'];
} else {
Yii::app()->session['mgrlang'] = null;
}
Yii::app()->session['user'] = $user;
/*用于CKFINDER验证*/
$_SESSION['IsAuthorized'] = 1;
$this->message(true, null, null);
} else {
$this->message(false, '密码输入有误', null);
}
} else {
$this->message(false, '用户名不存在', null);
}
} else {
$this->message(false, '验证码不正确', null);
}
}
public function preFilter($filterChain)
{
return true;
// $requesturi = Yii::app()->request->url;
$r = $_REQUEST['r'];
$requesturi = "/index.php?r=" . $r;
$neednotfilter = array('/index.php?r=admin/default/index', '/index.php?r=admin/default/captcha', '/index.php?r=admin/default/login');
if (in_array($requesturi, $neednotfilter)) {
return true;
} else {
$user = Yii::app()->session['user'];
if ($user['loginname'] == 'administrator') {
return true;
}
$validate = true;
if ($user != null) {
//当管理员处于登入状态的时候,需要判断当前的地址是否在用户的权限中
if (in_array($requesturi, $user['permissions'])) {
return true;
} else {
$validate = false;
}
} else {
$member = Yii::app()->session['member'];
if ($member['isadmin'] == 1) {
$loginstat = new LoginStat();
$loginnum = $member['login_num'] + 1;
Yii::app()->db->createCommand("update xm_user set last_loginip = '" . $loginstat->GetIP() . "',last_logintime=now(),login_num= " . $loginnum . " where user_id = " . $member['user_id'])->query();
session_start();
$user = Yii::app()->db->createCommand("select * from xm_user where user_id = " . $member['user_id'])->queryRow();
$permissions = Yii::app()->db->createCommand("select permission from xm_role_permission where role_id = " . $member['role_id'])->queryAll();
$permissionslist = array();
if (sizeof($permissions) > 0) {
foreach ($permissions as $p) {
$permissionslist[] = $p['permission'];
}
}
$user['permissions'] = $permissionslist;
Yii::app()->session['user'] = $user;
$deflangs = Yii::app()->db->createCommand("select * from xm_lang where mark !='xmcms'")->queryAll();
if (sizeof($deflangs) > 0) {
Yii::app()->session['mgrlang'] = $deflangs[0]['lang'];
} else {
Yii::app()->session['mgrlang'] = null;
}
header("Location:" . Yii::app()->request->baseUrl . "/index.php?r=admin/console/index");
} else {
$validate = false;
}
}
if ($validate == false) {
//判断是异步请求还是,同步请求
if (!Yii::app()->getRequest()->getIsAjaxRequest()) {
//非异步请求
throw new CHttpException(1000, '你没有权限进行操作');
exit;
} else {
//异步请求
echo json_encode(array('type' => false, 'message' => "你没有权限进行操作!"));
exit;
}
}
}
}
public function actionIp()
{
$loginstat = new LoginStat();
exit($loginstat->GetIP());
}
