diff --git a/Westdc/Authentication/AuthenticationService.php b/Westdc/Authentication/AuthenticationService.php index 80216aa..00a80b8 100644 --- a/Westdc/Authentication/AuthenticationService.php +++ b/Westdc/Authentication/AuthenticationService.php @@ -15,6 +15,7 @@ class AuthenticationService protected $role; public $loginRouterName = "login"; + public $logoutRouterName = "logout"; function __construct() { @@ -47,7 +48,8 @@ class AuthenticationService // view::Dump($e->getRouteMatch()->getMatchedRouteName() . ":" . $controller."-".$action,false); - $this->preCookieCheck(); + if($rsp = $this->preCookieCheck($e) !== false) + return $rsp; try{ if(!$this->acl->hasResource($controller)) @@ -68,14 +70,13 @@ class AuthenticationService } } }catch (Exception $e) { - //echo 'Caught exception: ', $e->getMessage(), "\n"; $this->badRequest($e); return; } } - public function preCookieCheck() + public function preCookieCheck($e) { if(!view::User()) { @@ -85,8 +86,40 @@ class AuthenticationService { $account = new Account(); $account->cookieLogin(array('username'=>$mb->user)); + + $response = $e->getResponse(); + $response->setStatusCode(200); + $response->sendHeaders(); + + $layout = $e->getViewModel(); + + $viewHelperManager = $e->getApplication()->getServiceManager()->get('viewHelperManager'); + $partial = $viewHelperManager->get('partial'); + + $page_content = $partial( + 'layout/layout/message', + array( + 'message' => '您的账号已自动登陆', + 'url'=> [ + ['title' => '立即跳转', 'url' => $_SERVER['REQUEST_URI']], + ['title'=>'退出登陆','url'=>$e->getRouter()->assemble(array(), array('name' => $this->logoutRouterName))] + ], + ) + ); + + $layout->setVariable('content',$page_content); + $layout->setTemplate('layout/layout'); + + $e->stopPropagation(); + + return $response; + } } + else + { + return false; + } } public function response($e) diff --git a/Westdc/Member/Account.php b/Westdc/Member/Account.php index 7150fa1..ce6c771 100644 --- a/Westdc/Member/Account.php +++ b/Westdc/Member/Account.php @@ -11,8 +11,6 @@ use Westdc\Helpers\Assist as view; use Westdc\Helpers\Config; use Westdc\Helpers\Dbh as dbh; use Westdc\Db\Db as Zend_Db; -use Westdc\Mail\Mail; -use Westdc\User\Member; class Account extends AbstractEventManager implements ServiceManagerAwareInterface { @@ -95,17 +93,8 @@ class Account extends AbstractEventManager implements ServiceManagerAwareInterfa $registerData = [ 'username' => $data['username'], 'password' => md5($data['password']), - 'usertype' => 'guest', + 'usertype' => $this->RoleMember, 'email' => $data['email'], - 'realname' => $data['realname'], - 'unit' => $data['unit'], - 'address' => $data['address'], - 'project' => $data['project'], - 'phone' => $data['phone'], - 'project_id' => $data['project_id'], - 'project_type' => $data['project_type'], - 'project_title' => $data['project_title'], - 'project_leader' => $data['project_leader'], ]; $dbh = new dbh(); @@ -118,8 +107,8 @@ class Account extends AbstractEventManager implements ServiceManagerAwareInterfa if(isset($state['success'])) { - //$mb = new Member(); - //$mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); + $mb = new Member(); + $mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); } $data = $registerData; @@ -161,8 +150,8 @@ class Account extends AbstractEventManager implements ServiceManagerAwareInterfa if(isset($state['success'])) { - //$mb = new Member(); - //$mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); + $mb = new Cookie(); + $mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); $user = (array)$state['user']; $this->getEventManager()->trigger('login.success', $this, compact('user')); diff --git a/Westdc/Member/Cookie.php b/Westdc/Member/Cookie.php index 406d6c1..b859efc 100644 --- a/Westdc/Member/Cookie.php +++ b/Westdc/Member/Cookie.php @@ -3,10 +3,11 @@ namespace Westdc\Member; use Westdc\Helpers\Config; use Westdc\Db\Pdo as Db; +use Zend\Http\Cookies as ZendCookie; class Cookie { - var $ck='Dxe8SqIcmyUf'; + var $ck='ff08XearZpUkjl3H'; var $db; //传入PDO对象 var $mid; //会员ID @@ -29,12 +30,12 @@ class Cookie { $this->db = new Db(); $this->config = Config::get(); - - if(!empty($_COOKIE['scr'])) + + if(isset($_COOKIE['scr']) && !empty($_COOKIE['scr'])) { $this->scr = $_COOKIE['scr']; } - if(!empty($_COOKIE['user'])) + if(isset($_COOKIE['user']) && !empty($_COOKIE['user'])) { $this->user= $_COOKIE['user']; } @@ -48,7 +49,7 @@ class Cookie { $uname = $this->user; $hash = $this->scr; - + if(!empty($uname) && !empty($hash)) { if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$uname) || preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$hash)) @@ -61,7 +62,7 @@ class Cookie $rs = $this->db->query($sql); $row = $rs->fetch(); $scr = $this->makescr($row['userid'],$row['pwd']); - + if($hash == $scr) { $this->srpwd=$row['pwd']; @@ -75,26 +76,31 @@ class Cookie return false; }//exit }//function checkcookie - - /** - * putcookie - * - * 登陆成功后放置cookie,包含安全码 - * - * @param String $uname - * @param String $pwd - * @param Int $time - */ + + /** + * putcookie + * + * 登陆成功后放置cookie,包含安全码 + * + * @param $uname + * @param $pwd + * @param int $time + * @return bool + */ public function putcookie($uname,$pwd,$time = 604800) { try { - $scrString = $this->makescr($uname,$pwd);//加密验证串:防止用户密码被盗;防止伪造cookie。 - + $scrString = $this->makescr($uname,md5($pwd));//加密验证串:防止用户密码被盗;防止伪造cookie。 + if(!is_numeric($time)) { $time = 604800; } - + + //$client = new Client(); + //$client->addCookie('user',$uname,time()+$time,"/"); + //$client->addCookie('scr',$scrString,time()+$time,"/"); + setcookie('user',$uname,time()+$time,'/'); setcookie('scr',$scrString,time()+$time,'/'); @@ -110,6 +116,7 @@ class Cookie * * @param String $u * @param String $p + * @return string */ public function makescr($u,$p) {