PublicAction.class.php

/Examples/Rbac/Lib/Action/PublicAction.class.php

http://thinkphp.googlecode.com/
PHP | 231 lines | 187 code | 11 blank | 33 comment | 21 complexity | 26785c4dcd39a78a9412948d9ecfe9e3 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception

<?php

// +----------------------------------------------------------------------

// | ThinkPHP [ WE CAN DO IT JUST THINK IT ]

// +----------------------------------------------------------------------

// | Copyright (c) 2009 http://thinkphp.cn All rights reserved.

// +----------------------------------------------------------------------

// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )

// +----------------------------------------------------------------------

// | Author: liu21st <liu21st@gmail.com>

// +----------------------------------------------------------------------



class PublicAction extends Action {

	// ????????



	protected function checkUser() {

		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {

			$this->assign('jumpUrl','Public/login');

			$this->error('????');

		}

	}



	// ????

	public function top() {

		C('SHOW_RUN_TIME',false);			// ??????

		C('SHOW_PAGE_TRACE',false);

		$model	=	M("Group");

		$list	=	$model->where('status=1')->getField('id,title');

		$this->assign('nodeGroupList',$list);

		$this->display();

	}

	// ????

	public function footer() {

		C('SHOW_RUN_TIME',false);			// ??????

		C('SHOW_PAGE_TRACE',false);

		$this->display();

	}

	// ????

	public function menu() {

        $this->checkUser();

        if(isset($_SESSION[C('USER_AUTH_KEY')])) {

            //?????

            $menu  = array();

            if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {



                //?????????????

                $menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];

            }else {

                //??????????????

                $node    =   M("Node");

				$id	=	$node->getField("id");

				$where['level']=2;

				$where['status']=1;

				$where['pid']=$id;

                $list	=	$node->where($where)->field('id,name,group_id,title')->order('sort asc')->select();

                $accessList = $_SESSION['_ACCESS_LIST'];

                foreach($list as $key=>$module) {

                     if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]) || $_SESSION['administrator']) {

                        //????????

                        $module['access'] =   1;

                        $menu[$key]  = $module;

                    }

                }

                //??????

                $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]]	=	$menu;

            }

            if(!empty($_GET['tag'])){

                $this->assign('menuTag',$_GET['tag']);

            }

			//dump($menu);

            $this->assign('menu',$menu);

		}

		C('SHOW_RUN_TIME',false);			// ??????

		C('SHOW_PAGE_TRACE',false);

		$this->display();

	}



    // ???? ??????

    public function main() {

        $info = array(

            '????'=>PHP_OS,

            '????'=>$_SERVER["SERVER_SOFTWARE"],

            'PHP????'=>php_sapi_name(),

            'ThinkPHP??'=>THINK_VERSION.' [ <a href="http://thinkphp.cn" target="_blank">??????</a> ]',

            '??????'=>ini_get('upload_max_filesize'),

            '??????'=>ini_get('max_execution_time').'?',

            '?????'=>date("Y?n?j? H:i:s"),

            '????'=>gmdate("Y?n?j? H:i:s",time()+8*3600),

            '?????/IP'=>$_SERVER['SERVER_NAME'].' [ '.gethostbyname($_SERVER['SERVER_NAME']).' ]',

            '????'=>round((@disk_free_space(".")/(1024*1024)),2).'M',

            'register_globals'=>get_cfg_var("register_globals")=="1" ? "ON" : "OFF",

            'magic_quotes_gpc'=>(1===get_magic_quotes_gpc())?'YES':'NO',

            'magic_quotes_runtime'=>(1===get_magic_quotes_runtime())?'YES':'NO',

            );

        $this->assign('info',$info);

        $this->display();

    }



	// ??????

	public function login() {

		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {

			$this->display();

		}else{

			$this->redirect('Index/index');

		}

	}



	public function index()

	{

		//???????????

		redirect(__APP__);

	}



	// ????

    public function logout()

    {

        if(isset($_SESSION[C('USER_AUTH_KEY')])) {

			unset($_SESSION[C('USER_AUTH_KEY')]);

			unset($_SESSION);

			session_destroy();

            $this->assign("jumpUrl",__URL__.'/login/');

            $this->success('?????');

        }else {

            $this->error('?????');

        }

    }



	// ????

	public function checkLogin() {

		if(empty($_POST['account'])) {

			$this->error('?????');

		}elseif (empty($_POST['password'])){

			$this->error('?????');

		}elseif (empty($_POST['verify'])){

			$this->error('??????');

		}

        //??????

        $map            =   array();

		// ??????????

		$map['account']	= $_POST['account'];

        $map["status"]	=	array('gt',0);

		if($_SESSION['verify'] != md5($_POST['verify'])) {

			$this->error('??????');

		}

		import ( '@.ORG.Util.RBAC' );

        $authInfo = RBAC::authenticate($map);

        //??????????????????

        if(false === $authInfo) {

            $this->error('??????????');

        }else {

            if($authInfo['password'] != md5($_POST['password'])) {

            	$this->error('?????');

            }

            $_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];

            $_SESSION['email']	=	$authInfo['email'];

            $_SESSION['loginUserName']		=	$authInfo['nickname'];

            $_SESSION['lastLoginTime']		=	$authInfo['last_login_time'];

			$_SESSION['login_count']	=	$authInfo['login_count'];

            if($authInfo['account']=='admin') {

            	$_SESSION['administrator']		=	true;

            }

            //??????

			$User	=	M('User');

			$ip		=	get_client_ip();

			$time	=	time();

            $data = array();

			$data['id']	=	$authInfo['id'];

			$data['last_login_time']	=	$time;

			$data['login_count']	=	array('exp','login_count+1');

			$data['last_login_ip']	=	$ip;

			$User->save($data);



			// ??????

            RBAC::saveAccessList();

			$this->success('?????');



		}

	}

    // ????

    public function changePwd()

    {

		$this->checkUser();

        //????????????????????

		if(md5($_POST['verify'])	!= $_SESSION['verify']) {

			$this->error('??????');

		}

		$map	=	array();

        $map['password']= pwdHash($_POST['oldpassword']);

        if(isset($_POST['account'])) {

            $map['account']	 =	 $_POST['account'];

        }elseif(isset($_SESSION[C('USER_AUTH_KEY')])) {

            $map['id']		=	$_SESSION[C('USER_AUTH_KEY')];

        }

        //????

        $User    =   M("User");

        if(!$User->where($map)->field('id')->find()) {

            $this->error('?????????????');

        }else {

			$User->password	=	pwdHash($_POST['password']);

			$User->save();

			$this->success('???????');

         }

    }

public function profile() {

		$this->checkUser();

		$User	 =	 M("User");

		$vo	=	$User->getById($_SESSION[C('USER_AUTH_KEY')]);

		$this->assign('vo',$vo);

		$this->display();

	}

	 public function verify()

    {

		$type	 =	 isset($_GET['type'])?$_GET['type']:'gif';

        import("@.ORG.Util.Image");

        Image::buildImageVerify(4,1,$type);

    }

// ????

	public function change() {

		$this->checkUser();

		$User	 =	 D("User");

		if(!$User->create()) {

			$this->error($User->getError());

		}

		$result	=	$User->save();

		if(false !== $result) {

			$this->success('???????');

		}else{

			$this->error('??????!');

		}

	}

}

?>