PageRenderTime 39ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 0ms

/firstrend/src/admin/Lib/Action/PublicAction.class.php

http://ownerpress.googlecode.com/
PHP | 165 lines | 109 code | 16 blank | 40 comment | 11 complexity | 0063c81d20ac42788725ef993f795235 MD5 | raw file
Possible License(s): Apache-2.0, AGPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.1 
    

  1. <?php

    2. 

  2. // +----------------------------------------------------------------------

    3. 

  3. // | ?????????? (Build on ThinkPHP)

    4. 

  4. // +----------------------------------------------------------------------

    5. 

  5. // | Copyright (c) 2011 http://fanwe.com All rights reserved.

    6. 

  6. // +----------------------------------------------------------------------

    7. 

  7. // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )

    8. 

  8. // +----------------------------------------------------------------------

    9. 

  9. // | Author: awfigq <awfigq@qq.com>

    10. 

  10. // +----------------------------------------------------------------------

    11. 

  11. /**

    12. 

  12.  +------------------------------------------------------------------------------

    13. 

  13.  * ??

    14. 

  14.  +------------------------------------------------------------------------------

    15. 

  15.  */

    16. 

  16. class PublicAction extends CommonAction

    17. 

  17. {

    18. 

  18. 	/**

    19. 

  19.      +----------------------------------------------------------

    20. 

  20. 	 * ????????

    21. 

  21.      +----------------------------------------------------------

    22. 

  22. 	 */

    23. 

  23. 	public function checkUser()

    24. 

  24. 	{

    25. 

  25. 		if (!isset($_SESSION[C('USER_AUTH_KEY')]))

    26. 

  26. 		{

    27. 

  27. 			$this->assign('jumpUrl', 'Public/login');

    28. 

  28. 			$this->error(L('NOT_LOGIN'));

    29. 

  29. 		}

    30. 

  30. 	}

    31. 

  31. 

    32. 

  32. 	/**

    33. 

  33.      +----------------------------------------------------------

    34. 

  34. 	 * ??????

    35. 

  35.      +----------------------------------------------------------

    36. 

  36. 	 */

    37. 

  37. 	public function login()

    38. 

  38. 	{

    39. 

  39. 		if (!isset($_SESSION[C('USER_AUTH_KEY')]))

    40. 

  40. 		{

    41. 

  41. 			$this->display();

    42. 

  42. 		}

    43. 

  43. 		else

    44. 

  44. 		{

    45. 

  45. 			$this->redirect('Index/index');

    46. 

  46. 		}

    47. 

  47. 	}

    48. 

  48. 

    49. 

  49. 	public function index()

    50. 

  50. 	{

    51. 

  51. 		//???????????

    52. 

  52. 		redirect(__APP__);

    53. 

  53. 	}

    54. 

  54. 

    55. 

  55. 	/**

    56. 

  56.      +----------------------------------------------------------

    57. 

  57. 	 * ????

    58. 

  58.      +----------------------------------------------------------

    59. 

  59. 	 */

    60. 

  60. 	public function logout()

    61. 

  61. 	{

    62. 

  62. 		if (isset($_SESSION[C('USER_AUTH_KEY')]))

    63. 

  63. 		{

    64. 

  64. 			$loginout_success = L('LOGOUT_SUCCESS');

    65. 

  65. 			unset($_SESSION[C('USER_AUTH_KEY')]);

    66. 

  66. 			unset($_SESSION);

    67. 

  67. 			session_destroy();

    68. 

  68. 			$this->assign("jumpUrl", U("Public/login"));

    69. 

  69. 			$this->success($loginout_success);

    70. 

  70. 		}

    71. 

  71. 		else

    72. 

  72. 		{

    73. 

  73. 			$this->error(L('LOGOUT_ALREADY'));

    74. 

  74. 		}

    75. 

  75. 	}

    76. 

  76. 

    77. 

  77. 	/**

    78. 

  78.      +----------------------------------------------------------

    79. 

  79. 	 * ????

    80. 

  80.      +----------------------------------------------------------

    81. 

  81. 	 */

    82. 

  82. 	public function checkLogin()

    83. 

  83. 	{

    84. 

  84. 		if (empty($_POST['admin_name']))

    85. 

  85. 		{

    86. 

  86. 			$this->error(L('ADMIN_NAME_REQUIRE'));

    87. 

  87. 		}

    88. 

  88. 		elseif (empty($_POST['admin_pwd']))

    89. 

  89. 		{

    90. 

  90. 			$this->error(L('ADMIN_PWD_REQUIRE'));

    91. 

  91. 		}

    92. 

  92. 		elseif (empty($_POST['verify']))

    93. 

  93. 		{

    94. 

  94. 			$this->error(L('VERIFY_REQUIRE'));

    95. 

  95. 		}

    96. 

  96. 

    97. 

  97. 		//??????

    98. 

  98. 

    99. 

  99. 		$map = array();

    100. 

  100. 

    101. 

  101. 		// ??????????

    102. 

  102. 		$map['admin_name'] = $_POST['admin_name'];

    103. 

  103. 		$map["status"] = array('gt' , 0);

    104. 

  104. 

    105. 

  105. 		if ($_SESSION['verify'] != md5($_POST['verify']))

    106. 

  106. 		{

    107. 

  107. 			$this->error(L('VERIFY_ERROR'));

    108. 

  108. 		}

    109. 

  109. 

    110. 

  110. 		import('@.ORG.RBAC');

    111. 

  111. 		$auth_info = RBAC::authenticate($map);

    112. 

  112. 

    113. 

  113. 		//??????????????????

    114. 

  114. 		if (false === $auth_info)

    115. 

  115. 		{

    116. 

  116. 			$this->saveLog(0, 0);

    117. 

  117. 			$this->error(L('ADMIN_NAME_NOT_EXIST'));

    118. 

  118. 		}

    119. 

  119. 		else

    120. 

  120. 		{

    121. 

  121. 			if ($auth_info['admin_pwd'] != md5($_POST['admin_pwd']))

    122. 

  122. 			{

    123. 

  123. 				$this->saveLog(0, 0);

    124. 

  124. 				$this->error(L('ADMIN_PWD_ERROR'));

    125. 

  125. 			}

    126. 

  126. 

    127. 

  127. 			Session::setExpire(time() + fanweC("EXPIRED_TIME") * 60);

    128. 

  128. 

    129. 

  129. 			$_SESSION[C('USER_AUTH_KEY')] = $auth_info['id'];

    130. 

  130. 			$_SESSION['admin_name'] = $auth_info['admin_name'];

    131. 

  131. 			$_SESSION['last_time'] = $auth_info['last_time'];

    132. 

  132. 			$_SESSION['login_count'] = $auth_info['login_count'];

    133. 

  133. 

    134. 

  134. 			if ($auth_info['admin_name'] == fanweC('SYS_ADMIN'))

    135. 

  135. 			{

    136. 

  136. 				$_SESSION[C('ADMIN_AUTH_KEY')] = true;

    137. 

  137. 			}

    138. 

  138. 

    139. 

  139. 			//??????

    140. 

  140. 			$admin = M(C('USER_AUTH_MODEL'));

    141. 

  141. 			$ip = getClientIp();

    142. 

  142. 			$time = gmtTime();

    143. 

  143. 			$data = array();

    144. 

  144. 			$data['id'] = $auth_info['id'];

    145. 

  145. 			$data['last_login_time'] = $time;

    146. 

  146. 			$data['login_count'] = array('exp' , 'login_count + 1');

    147. 

  147. 			$data['last_login_ip'] = $ip;

    148. 

  148. 			$admin->save($data);

    149. 

  149. 

    150. 

  150. 			// ??????

    151. 

  151. 			RBAC::saveAccessList();

    152. 

  152. 			$this->saveLog(1, 0);

    153. 

  153. 			$this->success(L('LOGIN_SUCCESS'));

    154. 

  154. 		}

    155. 

  155. 	}

    156. 

  156. 

    157. 

  157. 	public function verify ()

    158. 

  158. 	{

    159. 

  159. 		$type = isset($_GET['type']) ? $_GET['type'] : 'png';

    160. 

  160. 		$type = 'png';

    161. 

  161. 		import("@.ORG.Image");

    162. 

  162. 		Image::buildImageVerify(4, 1, $type);

    163. 

  163. 	}

    164. 

  164. }

    165. 

  165. ?>
    166.