public function checkLogin() { $username = I('post.account'); $userpswd = I('post.password'); if (empty($username)) { $this->error('用户名不能为空', U('index')); } if (empty($userpswd)) { $this->error('密码不能为空', U('index')); } // 生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $username; $map["status"] = array('gt', 0); $authInfo = Rbac::authenticate($map); // 使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($userpswd)) { $this->error('密码错误', U('index')); } $this->dologin($authInfo); } }
public function loginsubmit() { $username = I('post.username'); $password = I('post.password'); $user_group = I('post.user_group'); $verify = I('post.verify'); if (!check_verify($verify)) { $this->error('验证码输入错误!'); } $res = \Org\Util\Rbac::authenticate(array('username' => $username, 'group' => $user_group)); if (false == $res) { $this->error('帐号不存在或密码错误!'); } else { $signpassword = sign_password($password); if ($res['password'] != $signpassword) { $this->error('用户名或密码错误!'); } } $member = M('Member')->where(array('id' => $res['id']))->find(); //更新活动时间 M('Member')->where(array('id' => $res['id']))->save(array('timeupdate' => date('Y-m-d H:i:s'), 'lastip' => get_client_ip())); session('member', $member); cookie('login', true); if ($res['username'] == C('SPECIAL_USER')) { session(C('ADMIN_AUTH_KEY'), true); } session(C('USER_AUTH_KEY'), $res['id']); // 缓存访问权限 \Org\Util\Rbac::saveAccessList(); $this->success('登陆成功!'); }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('用户名是必须的!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['id'] = $_POST['account']; $map["status"] = array('gt', 0); $authInfo = \Org\Util\Rbac::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (null === $authInfo) { $this->error('用户名不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; if ($authInfo['id'] == 'admin') { $_SESSION['administrator'] = true; } else { $_SESSION['administrator'] = false; } // //保存登录信息 // $User = M('User'); // $ip = get_client_ip(); // $time = time(); // $data = array(); // $data['id'] = $authInfo['id']; // $data['last_login_time'] = $time; // $data['login_count'] = array('exp','login_count+1'); // $data['last_login_ip'] = $ip; // $User->save($data); // 缓存访问权限 \Org\Util\RBAC::saveAccessList(); $this->success('登录成功!', __APP__ . '/Home/Index/index'); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!'); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); if (!$this->check_verify(I('verify'))) { $this->error('验证码错误!'); } $authInfo = Rbac::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!'); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; if ($authInfo['account'] == 'admin') { $_SESSION['administrator'] = true; } //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 Rbac::saveAccessList(); $this->success('登录成功!'); } }
public function checkLogin() { if (empty($_POST['account'])) { $this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY')); $this->error('帐号错误!'); } elseif (empty($_POST['password'])) { $this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY')); $this->error('密码必须!'); } elseif (empty($_POST['verify'])) { $this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY')); $this->error('验证码必须!'); } // 生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); $data = array(); $data['ip'] = get_client_ip(); $data['date'] = date("Y-m-d H:i:s"); $data['username'] = $_POST['account']; $data['module'] = MODULE_NAME; $data['action'] = ACTION_NAME; $data['querystring'] = U(MODULE_NAME . '/' . ACTION_NAME); if ($_SESSION['verify'] != md5($_POST['verify'])) { $this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY')); $this->error('验证码错误!'); } $authInfo = RBAC::authenticate($map); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $data['status'] = 0; D("Log")->add($data); $this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY')); $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $data['status'] = 0; D("Log")->add($data); $this->assign('jumpUrl', __MODULE__ . C('USER_AUTH_GATEWAY')); $this->error('密码错误!'); } $_SESSION['user_info'] = $authInfo; $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; // 站点ID设置 $_SESSION['siteid'] = SITEID; if ($authInfo['role_id'] == 1) { $_SESSION['administrator'] = true; } //保存登录信息 D('User')->where(array('id' => $authInfo['id']))->save(array('last_login_time' => time(), 'last_login_ip' => $data['id'])); //保存日志 $data['status'] = 1; $data['userid'] = $authInfo['id']; D("Log")->add($data); // 存储访问权限 RBAC::saveAccessList(); $this->success('登录成功!', __MODULE__ . '/Index'); } }
public function modPass() { $type = I('type'); $oldpass = I('oldpass'); $newpass = I('newpass'); if ('menu' == $type) { $this->display(); exit; } // 生成认证条件 $map = array(); // 支持使用绑定帐号登录 $ses = $_SESSION; $map['account'] = $_SESSION['login_count']; $map["status"] = array('gt', 0); $authInfo = Rbac::authenticate($map); // 使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($oldpass)) { echoJson('1', '原密码输入错误'); } else { $where['id'] = $_SESSION['authId']; $passdata['password'] = md5($newpass); $user = M('User'); $res = $user->where($where)->save($passdata); if ($res) { echoJson('0', '密码修改成功'); } else { echoJson('1', ' 服务器忙'); } } } }
public function checkLogin() { if (empty($_POST['account'])) { $this->error('帐号错误!', __CONTROLLER__ . '/login', 2); } elseif (empty($_POST['password'])) { $this->error('密码必须!', __CONTROLLER__ . '/login', 2); } elseif (empty($_POST['verify'])) { $this->error('验证码必须!', __CONTROLLER__ . '/login', 2); } //生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $_POST['account']; $map["status"] = array('gt', 0); //3.2.1 的 验证码 检验方法 $verify = $_POST['verify']; if (!$this->check_verify($verify)) { $this->error('验证码输入错误!', __CONTROLLER__ . '/login', 2); } $authInfo = Rbac::authenticate($map); //使用用户名、密码和状态 的方式进行认证 if (false === $authInfo) { $this->error('帐号不存在或已禁用!'); } else { if ($authInfo['password'] != md5($_POST['password'])) { $this->error('密码错误!', __CONTROLLER__ . '/login', 2); } $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['loginUserName'] = empty($authInfo['nickname']) ? $authInfo['account'] : $authInfo['nickname']; $_SESSION['lastLoginTime'] = $authInfo['last_login_time']; $_SESSION['login_count'] = $authInfo['login_count']; if ($authInfo['account'] == 'admin') { $_SESSION['administrator'] = true; } // $log['vc_operation']="用户登录:登录成功!"; // $log['vc_module']="系统管理"; // $log['creator_id']=$authInfo['id']; // $log['creator_name']=$authInfo['account']; // $log['vc_ip']=get_client_ip(); // $log['createtime']=time(); // M("Log")->add($log); //保存登录信息 $User = M('User'); $ip = get_client_ip(); $time = time(); $data = array(); $data['id'] = $authInfo['id']; $data['last_login_time'] = $time; $data['login_count'] = array('exp', 'login_count+1'); $data['last_login_ip'] = $ip; $User->save($data); // 缓存访问权限 //RBAC::saveAccessList(); $this->redirect('Admin/Index/index'); } }
public function checkLogin($username, $password, $verify) { $this->jumpUrl = __MODULE__ . C('USER_AUTH_GATEWAY'); if (empty($username) || empty($password) || empty($verify)) { $this->errorCode = 10001; $this->errorMessage = '用户名|密码|验证码都必须!'; return false; } if (session('verify') != md5($verify)) { $this->errorCode = 10001; $this->errorMessage = '验证码错误!'; return false; } // 生成认证条件 $map = array(); // 支持使用绑定帐号登录 $map['account'] = $username; $map["status"] = array('gt', 0); $authInfo = RBAC::authenticate($map); $allow_try_error_time = C('ALLOW_TRY_ERROR_TIME', null, 5); if ($authInfo['try_time'] >= $allow_try_error_time) { $this->errorCode = 10002; $this->errorMessage = '登录失败次数过多,帐号已被禁用,请与管理员联系!'; return false; } model('User')->where(array('id' => $authInfo['id']))->save(array('try_time' => array('exp', '`try_time` + 1'))); $data = array(); $data['ip'] = get_client_ip(); $data['date'] = date("Y-m-d H:i:s"); $data['username'] = $username; $data['module'] = MODULE_NAME; $data['action'] = ACTION_NAME; $data['querystring'] = U(MODULE_NAME . '/' . ACTION_NAME); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $data['status'] = 0; model("Log")->add($data); $this->errorCode = 10003; $this->errorMessage = '帐号不存在或已禁用!'; return false; } else { if ($authInfo['password'] != md5($password)) { $data['status'] = 0; model("Log")->add($data); $this->errorCode = 10003; $this->errorMessage = '密码错误!你还有' . ($allow_try_error_time - 1 - $authInfo['try_time']) . '尝试次机会'; return false; } // 保存Session session('user_info', $authInfo); session(C('USER_AUTH_KEY'), $authInfo['id']); session('lastLoginTime', $authInfo['last_login_time']); if ($authInfo['role_id'] == 1) { session('administrator', true); } //保存登录信息 model('User')->where(array('id' => $authInfo['id']))->save(array('last_login_time' => time(), 'last_login_ip' => $data['id'], 'try_time' => 0)); //保存日志 $data['status'] = 1; $data['userid'] = $authInfo['id']; model("Log")->add($data); // 存储访问权限 RBAC::saveAccessList(); // 设置默认站点 $sites = logic('site')->getAccessibleSites(); $current_site = current($sites); set_siteid($current_site['id']); return true; } }