/** * 插入经纪人登录日志 * * @param int $splitSuffix * @return array */ public static function insertLoginLog($userid, $usertype = 1) { //变量定义 $timestamp = time(); $date = date('Ymd'); $sql = sprintf("select LogId from `%s` where UserId=" . $userid . " and LoginDate='" . $date . "' and LoginFlag=1 limit 1", self::TABLE_NAME); $oModel = Model_Log_BrokerLogin::data_access(); try { $logInfo = $oModel->native_sql($sql, array()); } catch (Exception $e) { $logInfo = array(); } if (is_arrya($logInfo) && count($logInfo)) { $logFlag = 0; } else { $logFlag = 1; } $ip = APF::get_instance()->get_request()->get_client_ip(); $remote_port = intval($_SERVER['REMOTE_PORT']); $sqlInsert = sprintf("insert into `%s` (LogId,UserId,UserType,LoginTime,LoginDate,LoginFlag)) values('','{$userid}','{$usertype}','{$timestamp}','{$date}','{$logflag}')", static::getTableName($splitSuffix)); try { $rowCount = $oModel->native_sql($sqlInsert, array(), false); return 1 == $rowCount; } catch (Exception $e) { return false; } }
/** * 插入经纪人登录日志 * * @param int $splitSuffix * @return array */ public static function insertLoginLog($splitSuffix, $brokerId) { $timestamp = time(); $t = mktime(0, 0, 0, date("m", $timestamp), date("d", $timestamp), date("Y", $timestamp)); $sql = sprintf("select 1 from `%s` where BrokerId=" . $brokerId . " and LogTime>'{$t}' limit 1", static::getTableName($splitSuffix)); $oModel = Model_Log_BrokerLogin::data_access($splitSuffix); try { $logInfo = $oModel->native_sql($sql, array()); } catch (Exception $e) { $logInfo = array(); } if (is_array($logInfo) && count($logInfo)) { $logFlag = 0; } else { $logFlag = 1; } $ip = APF::get_instance()->get_request()->get_client_ip(); $remote_port = intval($_SERVER['REMOTE_PORT']); $sqlInsert = sprintf("insert into `%s` (`BrokerId`,`LogTime`,`LogDateValue`,`LogFlag`,`login_ip`,`login_port`) values(%d,%d,'%s',%d,'%s','%d')", static::getTableName($splitSuffix), $brokerId, $timestamp, date('Ymd', $timestamp), $logFlag, $ip, $remote_port); try { $rowCount = $oModel->native_sql($sqlInsert, array(), false); return 1 == $rowCount; } catch (Exception $e) { return false; } }
public function handle_request_internal() { $apf = APF::get_instance(); $response = $apf->get_response(); $request = APF::get_instance()->get_request(); $params = $request->get_parameters(); //加密公钥 $member_key = $apf->get_config("member_key"); //加密字符串 $key = $params['key']; //用户ID $uid = $params['uid']; //用户NAME $username = $params['name']; //用户类型 $usertype = $params['utype']; //$response->set_cookie("uid",$uid); $response->set_cookie("usertype", $usertype); //成功跳转页面 $location = base64_decode(urldecode($params['location'])); if (strpos($location, chr(13))) { $location = substr($location, 0, strpos($location, chr(13))); } if (strpos($location, '?') !== false) { $location .= '&_r=' . mt_rand(0, time()); } else { $location .= '?_r=' . mt_rand(0, time()); } //用户登录时间 $time = $params['time']; //key的过期时间 $keytime = $params['keytime']; //是否来自经纪人登陆 $frombroker = $params['frombroker']; $errmsg = htmlspecialchars(urldecode($params['errmsg'])); //错误代码 $error = $params['error']; //来源 $sid = @APF::get_instance()->get_request()->get_parameter("sid"); //登陆成功 if ($uid && Bll_Security_Member::check_key($key, $uid, $username, $member_key, $time, $keytime)) { $user = Model_Broker_Member::getAjkMembersByUserId($uid); if ($user->userType > 1) { $broker = Model_Broker_AjkBrokerExtend::getBrokerInfoByUserId($user->userId); } if ($user) { header("P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"); $brokerid = 0; $cookietime = 86400 * 365; $ucity = APF::get_instance()->get_request()->getCityId(); if ($user->userType == 2) { // 自动创建三网支付中心账号 /*$bll_account = new BLL_Acenter_AccountUser(); $bll_account->create_three_account_must($uid);*/ if (intval($broker->checkState) == 2) { // 被业务经理关闭的帐号 $errorMess = Const_Verify::CLOSE_ERROR; } if (intval($broker->accountType) == 10000) { // 被业务经理冻结帐号 $errorMess = Const_Verify::FREEZE_ERROR; } if ($broker->isLogin == 0 && $broker->punish == 2) { //黑名单经纪人不管是免费的还是续费的,立即关闭。 $errorMess = Const_Verify::BLACK_ERROR; } if ($errorMess) { $backurl = strpos($location, '?') ? $location . '&errorMess=' . $errorMess : $location . '?errmsg=' . $errorMess; Uri_Http::redirect_header($backurl, 302); return; } $ucity = @$broker->cityId; $brokerid = @$broker->brokerId; $cookietime = 0; $userTypeNew = Const_Verify::BROKER_USER; } else { //查询是用户是否门店 $AgcyInfo = Model_Broker_AgcyAccount::getAgcyByUserId($user->userId); if (is_array($AgcyInfo) && count($AgcyInfo)) { $userTypeNew = Const_Verify::COMPANY_USER; } else { $userTypeNew = Const_Verify::COMMON_USER; } } $userid = $user->userId; $username = $user->userName; $usertype = $user->userType; $fuid = $user->fuid; $emailpass = 1; if ($brokerid > 0) { Model_Log_BrokerLogin::insertLoginLog(date('Ym'), $brokerid); } $anjuke_secques = APF::get_instance()->get_config("AnjukeSecques"); $this->setLoginDataCookie($userid, $username, $usertype, $emailpass, $anjuke_secques, 0, $fuid, $ucity, $brokerid, $cookietime, $afutype = 0, $sid, $userTypeNew); $this->setLastLoinUserName($username, 86400 * 365); } //跳转用户原访问页面 if (!$params['no_redirect']) { Uri_Http::redirect_header($location, 302); } } else { //登陆失败 $backurl = strpos($location, '?') ? $location . '&errorMess=' . $errmsg . '&errorCode=' . $error : $location . '?errorMess=' . $errmsg . '&errorCode=' . $error; Uri_Http::redirect_header($backurl, 302); return; } }
/** * 规则二:如果经纪人频繁在多个IP地址上登入,则判定经纪人的帐号存在异常,经纪人加入黑名单 * */ private function rule2() { $brokerLoginInfo = Model_Log_BrokerLogin::groupByBrokerId(date('Ym')); /** TODO 循环遍历 判断经纪人是否是在多个非同一城市IP上登入 */ }