/** * 检查用户是否可以访问 * @return string|bool */ private static function checkUser() { if (!isset($_COOKIE['fuser'])) { return false; } $user = new \firegit\app\mod\user\Grant(); $info = $user->getUserFromCookie($_COOKIE['fuser']); if ($info && isset($info['username'])) { return $info['username']; } return false; }
/** * 删除评论 * @param $commentId * @param $username * @throws \Exception comment.u_notfound 评论不存在 * @throws \Exception comment.u_power 不是评论创建者且不是管理员 */ function delComment($commentId, $username) { $db = Db::get('firegit'); $addUsername = $db->table('fg_comment')->field('username')->where(array('comment_id' => $commentId, 'comment_status' => 1))->getOne(); if (!$addUsername) { throw new \Exception('comment.u_notfound'); } if ($addUsername != $username) { $grant = new \firegit\app\mod\user\Grant(); if (!$grant->isAdmin($username)) { throw new \Exception('comment.u_power'); } } $db->table('fg_comment')->where(array('comment_id' => intval($commentId), 'username' => $username))->saveBody(array('comment_status' => -1))->update(); }
function login_action() { $token = $this->get('token'); if ($token) { $userId = $this->get('user_id'); $username = $this->get('username'); $time = $this->get('time'); $token = $this->get('token'); if (time() - $time > 60) { throw new \Exception('auth.expired'); } $uapi = new \firegit\app\mod\user\User(); if (!$uapi->checkUserToken($userId, $username, $time, $token)) { throw new \Exception('auth.failed'); } $user = new \firegit\app\mod\user\Grant(); $cookieValue = $user->packSession($username, 24 * 3600); setcookie('fuser', $cookieValue, time() + 24 * 3600, '/', null, null, true); $this->response->redirect(isset($_COOKIE['rurl']) ? $_COOKIE['rurl'] : '/'); } $u = $this->get('u'); setcookie('rurl', $u, null, '/'); $this->setLayout('layout/common.phtml')->setView('user/login.phtml'); }