2014-11-04 09:05:21 +00:00
|
|
|
|
<?php
|
|
|
|
|
namespace Westdc\Member;
|
|
|
|
|
|
2014-12-18 13:14:30 +00:00
|
|
|
|
use Zend\ServiceManager\ServiceManager;
|
|
|
|
|
use Zend\ServiceManager\ServiceManagerAwareInterface;
|
2014-11-14 10:02:49 +00:00
|
|
|
|
use Westdc\EventModel\AbstractEventManager;
|
2014-11-04 09:05:21 +00:00
|
|
|
|
use Zend\Authentication\AuthenticationService;
|
|
|
|
|
use Zend\Authentication\Storage\Session as SessionStorage;
|
2014-11-19 04:21:05 +00:00
|
|
|
|
use Zend\Authentication\Adapter\DbTable;
|
2014-11-14 10:02:49 +00:00
|
|
|
|
use Westdc\Helpers\Assist as view;
|
2014-11-04 09:05:21 +00:00
|
|
|
|
use Westdc\Helpers\Config;
|
|
|
|
|
use Westdc\Helpers\Dbh as dbh;
|
2014-11-19 04:21:05 +00:00
|
|
|
|
use Westdc\Db\Db as Zend_Db;
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
2014-12-18 13:14:30 +00:00
|
|
|
|
class Account extends AbstractEventManager implements ServiceManagerAwareInterface
|
2014-11-04 09:05:21 +00:00
|
|
|
|
{
|
|
|
|
|
public $memberTable = "tbl_member";
|
|
|
|
|
public $FieldUsername = "username";
|
|
|
|
|
public $FieldPasword = "password";
|
|
|
|
|
public $FieldLastlogin = "ts_last_login";
|
|
|
|
|
public $FieldEmail = "email";
|
|
|
|
|
public $FieldLastloginIp = "last_login_ip";
|
|
|
|
|
public $GravatarEmailField = "gravatar_email";
|
|
|
|
|
|
|
|
|
|
public $RoleMember = "member";
|
|
|
|
|
|
|
|
|
|
private $db;
|
|
|
|
|
protected $events = NULL; //事件
|
|
|
|
|
private $config;
|
|
|
|
|
|
|
|
|
|
function __construct()
|
|
|
|
|
{
|
|
|
|
|
$this->config = Config::get();
|
|
|
|
|
}
|
2014-12-18 13:14:30 +00:00
|
|
|
|
|
|
|
|
|
public function init()
|
|
|
|
|
{
|
|
|
|
|
$dbService = $this->serviceManager->get('Db');
|
|
|
|
|
$this->db = $dbService->getPdo();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function setServiceManager(ServiceManager $serviceManager)
|
|
|
|
|
{
|
|
|
|
|
$this->serviceManager = $serviceManager;
|
|
|
|
|
|
|
|
|
|
$this->init();
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
|
|
|
|
//获取账号信息,数组
|
|
|
|
|
public function getAccountInfo($id = 0)
|
|
|
|
|
{
|
|
|
|
|
if($id == 0)
|
|
|
|
|
{
|
|
|
|
|
$id = view::User('id');
|
|
|
|
|
}
|
|
|
|
|
$sql = "SELECT * FROM {$this->memberTable} WHERE id=$id";
|
|
|
|
|
$rs = $this->db->query($sql);
|
|
|
|
|
return $rs->fetch();
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-18 16:00:34 +00:00
|
|
|
|
/**
|
|
|
|
|
* 用户注册
|
|
|
|
|
* @param $data
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
2014-11-04 09:05:21 +00:00
|
|
|
|
public function register($data)
|
|
|
|
|
{
|
|
|
|
|
$params = compact('data');
|
2015-01-18 16:00:34 +00:00
|
|
|
|
$results = $this->getEventManager()->trigger('register.pre', $this, $params);
|
2014-11-04 09:05:21 +00:00
|
|
|
|
$cache_data = $results->last();
|
|
|
|
|
|
|
|
|
|
if($cache_data !== true)
|
|
|
|
|
{
|
|
|
|
|
if(!is_array($cache_data))
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>$cache_data);
|
|
|
|
|
}else{
|
|
|
|
|
return $cache_data;
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 将数据分为两组,一组用于做注册成功后的登陆,一组用于写入数据库
|
|
|
|
|
* 写入数据库的数据需要完全重建一个新的,防止因为前端传入时有人恶意增加字段造成破坏
|
|
|
|
|
*/
|
2014-11-04 09:05:21 +00:00
|
|
|
|
$loginData = array(
|
|
|
|
|
'username'=>$data['username'],
|
|
|
|
|
'password'=>$data['password']
|
|
|
|
|
);
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
|
|
|
|
$registerData = [
|
|
|
|
|
'username' => $data['username'],
|
|
|
|
|
'password' => md5($data['password']),
|
2015-01-19 12:18:46 +00:00
|
|
|
|
'usertype' => $this->RoleMember,
|
2015-01-18 16:00:34 +00:00
|
|
|
|
'email' => $data['email'],
|
|
|
|
|
];
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
|
|
|
|
$dbh = new dbh();
|
|
|
|
|
|
2015-01-18 16:00:34 +00:00
|
|
|
|
$id = $dbh->insert($this->memberTable,$registerData,true);
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
|
|
|
|
if(!empty($id) && is_numeric($id))
|
|
|
|
|
{
|
|
|
|
|
$this->storeLogin($loginData);
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
if(isset($state['success']))
|
|
|
|
|
{
|
2015-01-19 12:18:46 +00:00
|
|
|
|
$mb = new Member();
|
|
|
|
|
$mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]);
|
2014-11-04 09:05:21 +00:00
|
|
|
|
}
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
$params = compact('data','id');
|
2015-01-18 16:00:34 +00:00
|
|
|
|
$this->getEventManager()->trigger('register.success', $this, $params);
|
2014-11-04 09:05:21 +00:00
|
|
|
|
return array("success" => 1);
|
|
|
|
|
}else{
|
|
|
|
|
if($id === false)
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>'服务器开小差了,请稍后再试');
|
|
|
|
|
}else{
|
|
|
|
|
return array('error'=>'服务器处理中遇到错误,请联系管理员');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}//register
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 用户登陆
|
|
|
|
|
* @param $data
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
2014-11-04 09:05:21 +00:00
|
|
|
|
public function login($data)
|
|
|
|
|
{
|
2015-01-18 15:24:31 +00:00
|
|
|
|
$results = $this->getEventManager()->trigger('login.pre', $this, compact('data'));
|
2014-11-04 09:05:21 +00:00
|
|
|
|
$cache_data = $results->last();
|
|
|
|
|
|
|
|
|
|
if($cache_data !== true)
|
|
|
|
|
{
|
|
|
|
|
if(!is_array($cache_data))
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>$cache_data);
|
|
|
|
|
}else{
|
|
|
|
|
return $cache_data;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$state = $this->storeLogin($data);
|
|
|
|
|
|
|
|
|
|
if(isset($state['success']))
|
|
|
|
|
{
|
2015-01-19 12:18:46 +00:00
|
|
|
|
$mb = new Cookie();
|
|
|
|
|
$mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]);
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
2015-01-16 15:37:40 +00:00
|
|
|
|
$user = (array)$state['user'];
|
|
|
|
|
$this->getEventManager()->trigger('login.success', $this, compact('user'));
|
|
|
|
|
}else{
|
|
|
|
|
$this->getEventManager()->trigger('login.failed', $this, compact('data'));
|
|
|
|
|
}
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
2015-01-18 16:00:34 +00:00
|
|
|
|
return $state;
|
2014-11-04 09:05:21 +00:00
|
|
|
|
}//login
|
2015-01-18 16:00:34 +00:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 存储用户登陆信息
|
|
|
|
|
* 为了防止login中的用户信息检查不规范,再加入一层内置的数据库权限检查,以防通过漏洞登入系统
|
|
|
|
|
* @param $data
|
|
|
|
|
* @param bool $md5 是否对密码进行md5加密再校验
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
2014-11-04 09:05:21 +00:00
|
|
|
|
private function storeLogin($data,$md5 = true)
|
|
|
|
|
{
|
|
|
|
|
$auth = new AuthenticationService();
|
|
|
|
|
$auth->setStorage(new SessionStorage($this->config->session_namespace));
|
|
|
|
|
|
|
|
|
|
new Zend_Db($dbAdapter);
|
2014-11-19 04:21:05 +00:00
|
|
|
|
|
|
|
|
|
$authAdapter = new DbTable(
|
2014-11-04 09:05:21 +00:00
|
|
|
|
$dbAdapter,
|
2014-11-19 04:21:05 +00:00
|
|
|
|
'users',
|
|
|
|
|
'username',
|
|
|
|
|
'password'
|
2014-11-04 09:05:21 +00:00
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if($md5 === true)
|
|
|
|
|
{
|
2014-11-19 04:21:05 +00:00
|
|
|
|
$password = md5($data['password']);
|
2014-11-04 09:05:21 +00:00
|
|
|
|
}else{
|
2014-11-19 04:21:05 +00:00
|
|
|
|
$password = $data['password'];
|
2014-11-04 09:05:21 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$authAdapter
|
2014-11-19 04:21:05 +00:00
|
|
|
|
->setIdentity($data['username'])
|
2014-11-04 09:05:21 +00:00
|
|
|
|
->setCredential($password)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
$result = $authAdapter->authenticate();
|
2015-01-16 15:37:40 +00:00
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
if(!$result->isValid())
|
|
|
|
|
{
|
|
|
|
|
return array("error"=>"用户信息验证失败");
|
|
|
|
|
}
|
2015-01-16 15:37:40 +00:00
|
|
|
|
|
|
|
|
|
$user = $authAdapter->getResultRowObject(null,array('password'));
|
|
|
|
|
$auth->getStorage()->write($user);
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
2015-01-16 15:37:40 +00:00
|
|
|
|
return array(
|
|
|
|
|
'success'=>1,
|
|
|
|
|
'user' => $user
|
|
|
|
|
);
|
2015-01-18 16:00:34 +00:00
|
|
|
|
}//storeLogin
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
|
|
|
|
public function cookieLogin($data)
|
|
|
|
|
{
|
|
|
|
|
return $this->storeLogin($data,false);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//注册信息参数
|
|
|
|
|
public function getParam(\Zend_Controller_Request_Abstract $request)
|
|
|
|
|
{
|
|
|
|
|
$data = array(
|
|
|
|
|
'username'=>$request->getParam('username'),
|
|
|
|
|
'password'=>$request->getParam('password'),
|
|
|
|
|
'confirm_password'=>$request->getParam('confirm_password'),
|
|
|
|
|
'email'=>$request->getParam('email'),
|
|
|
|
|
'realname'=>$request->getParam('realname')
|
|
|
|
|
);
|
|
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//获取用户账户修改参数
|
|
|
|
|
public function getEditParam($request)
|
|
|
|
|
{
|
|
|
|
|
$request = new \Zend\Http\PhpEnvironment\Request;
|
|
|
|
|
|
|
|
|
|
$type = $request->getPost('type');
|
|
|
|
|
|
|
|
|
|
if($type == "general")
|
|
|
|
|
{
|
|
|
|
|
$data = array(
|
|
|
|
|
'realname'=>$request->getPost('realname'),
|
|
|
|
|
'signature'=>$request->getPost('signature'),
|
|
|
|
|
'description'=>$request->getPost('description')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($type == "password")
|
|
|
|
|
{
|
|
|
|
|
$data = array(
|
|
|
|
|
'password' => $request->getPost('password'),
|
|
|
|
|
'password_new'=>$request->getPost('password_new'),
|
|
|
|
|
'password_confirm'=>$request->getPost('password_confirm')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//编辑
|
|
|
|
|
public function edit($data,$type)
|
|
|
|
|
{
|
|
|
|
|
$results = $this->getEventManager()->trigger('edit.checkParam', $this, compact('data','type'));
|
|
|
|
|
$cache_data = $results->last();
|
|
|
|
|
|
|
|
|
|
if($cache_data !== true)
|
|
|
|
|
{
|
|
|
|
|
return $cache_data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($type == "general")
|
|
|
|
|
{
|
|
|
|
|
$data['signature'] = htmlspecialchars($data['signature']);
|
|
|
|
|
$data['description'] = htmlspecialchars($data['description']);
|
|
|
|
|
}else if($type == "password")
|
|
|
|
|
{
|
|
|
|
|
$data['password'] = md5($data['password_new']);
|
|
|
|
|
unset($data['password_new']);
|
|
|
|
|
unset($data['password_confirm']);
|
|
|
|
|
}else{
|
|
|
|
|
return "参数错误";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$dbh = new dbh();
|
|
|
|
|
$uid = view::User('id');
|
|
|
|
|
if($dbh->update($this->memberTable,$data," id=$uid") === true)
|
|
|
|
|
{
|
|
|
|
|
return true;
|
|
|
|
|
}else{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//找回密码
|
|
|
|
|
public function getMyPassword($email)
|
|
|
|
|
{
|
|
|
|
|
$pwdListener = new PwdListener;
|
|
|
|
|
$this->getEventManager()->attachAggregate($pwdListener);
|
|
|
|
|
|
|
|
|
|
$results = $this->getEventManager()->trigger('pwd.forgot.checkParam', $this, compact('email'));
|
|
|
|
|
$cache_data = $results->last();
|
|
|
|
|
|
|
|
|
|
if($cache_data !== true)
|
|
|
|
|
{
|
|
|
|
|
return $cache_data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT * FROM {$this->memberTable} WHERE email='$email'";
|
|
|
|
|
$rs = $this->db->query($sql);
|
|
|
|
|
$row = $rs->fetch();
|
|
|
|
|
|
|
|
|
|
if(!isset($row['username']) || empty($row['username']))
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>"此邮箱并未注册",'place'=>'email');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$salt = md5($email.'---'.$row['username']);
|
|
|
|
|
|
|
|
|
|
$sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}";
|
|
|
|
|
$state = $this->db->exec($sql);
|
|
|
|
|
|
|
|
|
|
if($state<1)
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>"处理中出现错误,请重试",'place'=>'email');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$mail_template = "forgotpassword";
|
|
|
|
|
$mail_data = array(
|
|
|
|
|
'name'=>$row['realname'],
|
|
|
|
|
'link'=> view::getHostLink().'/account/getpassword/?salt='.$salt
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
try{
|
|
|
|
|
$mail = new Mail();
|
|
|
|
|
|
|
|
|
|
$mail->loadTemplate($mail_template,$mail_data);
|
|
|
|
|
$mail->addTo($email,$row['realname']);
|
|
|
|
|
$mail->send();
|
|
|
|
|
}catch(Exception $e)
|
|
|
|
|
{
|
|
|
|
|
echo "".$e->getMessage();
|
|
|
|
|
}
|
|
|
|
|
return array("success"=>1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//重置密码
|
|
|
|
|
public function resetPassword($data)
|
|
|
|
|
{
|
|
|
|
|
$results = $this->getEventManager()->trigger('pwd.reset.checkParam', $this, compact('data'));
|
|
|
|
|
$cache_data = $results->last();
|
|
|
|
|
|
|
|
|
|
if($cache_data !== true)
|
|
|
|
|
{
|
|
|
|
|
return $cache_data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT * FROM {$this->memberTable} WHERE salt=?";
|
|
|
|
|
$sth = $this->db->prepare($sql);
|
|
|
|
|
$sth->execute(array($data['salt']));
|
|
|
|
|
$row = $sth->fetch();
|
|
|
|
|
|
|
|
|
|
if(!isset($row['username']) || empty($row['username']))
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($row['username'] !== $data['username'])
|
|
|
|
|
{
|
|
|
|
|
return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}";
|
|
|
|
|
$this->db->exec($sql);
|
|
|
|
|
|
|
|
|
|
$mail_template = "getpassworded";
|
|
|
|
|
$mail_data = array(
|
|
|
|
|
'name'=>$row['realname'],
|
|
|
|
|
);
|
|
|
|
|
$mail = new Mail();
|
|
|
|
|
$mail->loadTemplate($mail_template,$mail_data);
|
|
|
|
|
$mail->addTo($row['email'],$row['realname']);
|
|
|
|
|
$mail->send();
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|