2011-12-28 06:37:46 +00:00
|
|
|
|
<?php
|
|
|
|
|
|
class AccountController extends Zend_Controller_Action
|
|
|
|
|
|
{
|
2013-03-15 04:16:07 +00:00
|
|
|
|
function preDispatch()
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->config = Zend_Registry::get('config');
|
|
|
|
|
|
$this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
|
|
|
|
|
|
$this->db = Zend_Registry::get('db');
|
|
|
|
|
|
$this->view->messages = $this->messenger->getMessages();
|
|
|
|
|
|
$this->view->theme = new Theme();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2011-12-28 06:37:46 +00:00
|
|
|
|
function indexAction()
|
|
|
|
|
|
{
|
2013-03-15 04:16:07 +00:00
|
|
|
|
$this->view->pageID = "account-index";
|
|
|
|
|
|
|
|
|
|
|
|
include_once("Users.php");
|
|
|
|
|
|
$usr = new Users($this->db);
|
|
|
|
|
|
|
|
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
if($auth->hasIdentity())
|
|
|
|
|
|
{
|
|
|
|
|
|
$user = $auth->getIdentity();
|
|
|
|
|
|
$uid = $user->id;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
include_once("Avatar.php");
|
|
|
|
|
|
$avatar = new Avatar();
|
|
|
|
|
|
$this->view->avatar = $avatar->Get($user->email,140);
|
|
|
|
|
|
|
|
|
|
|
|
$this->view->info = $usr->getUserInfo($uid);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function editAction()
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->pageID = "account-edit";
|
|
|
|
|
|
|
|
|
|
|
|
include_once("Users.php");
|
|
|
|
|
|
$usr = new Users($this->db);
|
|
|
|
|
|
|
|
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
if($auth->hasIdentity())
|
|
|
|
|
|
{
|
|
|
|
|
|
$user = $auth->getIdentity();
|
|
|
|
|
|
$uid = $user->id;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
include_once("Avatar.php");
|
|
|
|
|
|
$avatar = new Avatar();
|
|
|
|
|
|
$this->view->avatar = $avatar->Get($user->email,140);
|
|
|
|
|
|
|
|
|
|
|
|
$this->view->projectType = array(
|
|
|
|
|
|
"无" => '',
|
|
|
|
|
|
"国家973计划项目课题" => "国家973计划项目课题",
|
|
|
|
|
|
"国家863计划课题"=>"国家863计划课题",
|
|
|
|
|
|
"国家级科技支撑课题" => "国家级科技支撑课题",
|
|
|
|
|
|
"国家级科技重大专项" => "国家级科技重大专项",
|
|
|
|
|
|
"国家级国家重大工程" => "国家级国家重大工程",
|
|
|
|
|
|
"国家级国家自然科学基金" => "国家级国家自然科学基金",
|
|
|
|
|
|
"国际合作项目"=>"国际合作项目",
|
|
|
|
|
|
"省部级项目" => "省部级项目",
|
|
|
|
|
|
"其他项目工程" => "其他项目工程"
|
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
$submit = $this->_getParam('submit');
|
|
|
|
|
|
|
|
|
|
|
|
if(!empty($submit))
|
|
|
|
|
|
{
|
|
|
|
|
|
$data = $this->AccountEditParamFilter();
|
|
|
|
|
|
|
|
|
|
|
|
if($this->db->update("users",$data,"id=$uid"))
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->AlertType = "alert-success";
|
|
|
|
|
|
$this->view->msg = "修改成功!";
|
|
|
|
|
|
$this->view->jump_url = "/account/edit";
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$this->view->AlertType = "alert-error";
|
|
|
|
|
|
$this->view->error = "修改失败,请重试";
|
|
|
|
|
|
$this->view->info = $data;
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$this->view->info = $usr->getUserInfo($uid);
|
|
|
|
|
|
}
|
2011-12-28 06:37:46 +00:00
|
|
|
|
}
|
2013-03-15 04:16:07 +00:00
|
|
|
|
|
|
|
|
|
|
function AccountEditParamFilter(){
|
|
|
|
|
|
$data = array();
|
|
|
|
|
|
$data['realname'] = substr(trim($this->_getParam('realname')),0,40);
|
|
|
|
|
|
$data['unit'] = substr(trim($this->_getParam('unit')),0,100);
|
|
|
|
|
|
$data['address'] = substr(trim($this->_getParam('address')),0,100);
|
|
|
|
|
|
$data['phone'] = substr(trim($this->_getParam('phone')),0,15);
|
|
|
|
|
|
$data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
|
|
|
|
|
|
$data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
|
|
|
|
|
|
$data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
|
|
|
|
|
|
$data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
|
|
|
|
|
|
$data['project'] = substr(trim($this->_getParam('project')),0,600);
|
|
|
|
|
|
|
|
|
|
|
|
foreach($data as $k=>$v)
|
|
|
|
|
|
{
|
|
|
|
|
|
$data[$k] = $this->StringFilter($v);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return $data;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function StringFilter($string){
|
|
|
|
|
|
$string = preg_replace ('/<[^>]*>/', ' ', $string);
|
|
|
|
|
|
return $string;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function secureAction()
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->pageID = "account-secure";
|
|
|
|
|
|
|
2013-05-09 03:53:27 +00:00
|
|
|
|
include_once("helper/view.php");
|
2013-03-15 04:16:07 +00:00
|
|
|
|
include_once("Users.php");
|
|
|
|
|
|
$usr = new Users($this->db);
|
|
|
|
|
|
|
|
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
if($auth->hasIdentity())
|
|
|
|
|
|
{
|
|
|
|
|
|
$user = $auth->getIdentity();
|
|
|
|
|
|
$uid = $user->id;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-05-09 03:53:27 +00:00
|
|
|
|
$opt = $this->_getParam('opt');
|
2013-03-15 04:16:07 +00:00
|
|
|
|
$submit = $this->_getParam('submit');
|
|
|
|
|
|
|
2013-05-09 03:53:27 +00:00
|
|
|
|
if(empty($opt))
|
2013-03-15 04:16:07 +00:00
|
|
|
|
{
|
2013-05-09 03:53:27 +00:00
|
|
|
|
$this->view->section = "password";
|
|
|
|
|
|
if(!empty($submit))
|
2013-03-15 04:16:07 +00:00
|
|
|
|
{
|
2013-05-09 03:53:27 +00:00
|
|
|
|
$data = $this->AccountSecureParamFilter();
|
|
|
|
|
|
|
|
|
|
|
|
$this->view->AlertType = "alert-error";
|
|
|
|
|
|
if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->error = view::Error("密码过长");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->error = view::Error("密码过短,请输入大于6位的密码");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
if(md5($data['new_password']) != md5($data['new_password_confrim']))
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->error = view::Error("两次输入的密码不相同");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT password FROM users WHERE id=$uid";
|
|
|
|
|
|
$rs = $this->db->query($sql);
|
|
|
|
|
|
$row = $rs->fetch();
|
|
|
|
|
|
|
|
|
|
|
|
if(md5($data['password']) != $row['password'])
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->error = view::Error("原密码不正确");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$data['password'] = md5($data['new_password']);
|
|
|
|
|
|
|
|
|
|
|
|
unset($data['new_password']);
|
|
|
|
|
|
unset($data['new_password_confrim']);
|
|
|
|
|
|
|
|
|
|
|
|
if($this->db->update("users",$data,"id=$uid"))
|
|
|
|
|
|
{
|
|
|
|
|
|
view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$this->view->error = view::Error("修改失败");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$this->view->info = $usr->getUserInfo($uid);
|
2013-03-15 04:16:07 +00:00
|
|
|
|
}
|
2013-05-09 03:53:27 +00:00
|
|
|
|
}//password
|
|
|
|
|
|
|
|
|
|
|
|
if($opt == "email")
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->section = "email";
|
|
|
|
|
|
if(!empty($submit))
|
2013-03-15 04:16:07 +00:00
|
|
|
|
{
|
2013-05-09 03:53:27 +00:00
|
|
|
|
$email = $this->_getParam('email');
|
|
|
|
|
|
$password = $this->_getParam('password');
|
|
|
|
|
|
|
|
|
|
|
|
if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->error = view::Error("错误的邮箱格式");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT password FROM users WHERE id=$uid";
|
|
|
|
|
|
$rs = $this->db->query($sql);
|
|
|
|
|
|
$row = $rs->fetch();
|
|
|
|
|
|
|
|
|
|
|
|
if(md5($password) != $row['password'])
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->view->error = view::Error("原密码错误");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$data['email'] = $email;
|
|
|
|
|
|
|
|
|
|
|
|
if($this->db->update("users",$data,"id=$uid"))
|
|
|
|
|
|
{
|
|
|
|
|
|
view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$this->view->error = view::Error("修改失败");
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
2013-03-15 04:16:07 +00:00
|
|
|
|
}else{
|
2013-05-09 03:53:27 +00:00
|
|
|
|
$this->view->info = $usr->getUserInfo($uid);
|
2013-03-15 04:16:07 +00:00
|
|
|
|
}
|
2013-05-09 03:53:27 +00:00
|
|
|
|
}//email
|
2013-03-15 04:16:07 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function AccountSecureParamFilter(){
|
|
|
|
|
|
$data = array();
|
|
|
|
|
|
$data['password'] = trim($this->_getParam('password'));
|
|
|
|
|
|
$data['new_password'] = trim($this->_getParam('new_password'));
|
|
|
|
|
|
$data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
|
|
|
|
|
|
foreach($data as $k=>$v)
|
|
|
|
|
|
{
|
|
|
|
|
|
$data[$k] = $this->StringFilter($v);
|
|
|
|
|
|
}
|
|
|
|
|
|
return $data;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2011-12-28 06:37:46 +00:00
|
|
|
|
function init()
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->messenger=$this->_helper->getHelper('FlashMessenger');
|
|
|
|
|
|
}
|
2013-03-15 04:16:07 +00:00
|
|
|
|
|
2011-12-28 06:37:46 +00:00
|
|
|
|
function postDispatch()
|
|
|
|
|
|
{
|
|
|
|
|
|
//$this->view->messages = $this->messenger->getMessages();
|
2013-03-15 04:16:07 +00:00
|
|
|
|
}
|
2011-12-28 06:37:46 +00:00
|
|
|
|
|
|
|
|
|
|
function registerAction()
|
|
|
|
|
|
{
|
|
|
|
|
|
$form = new RegisterForm();
|
|
|
|
|
|
$this->view->form = $form;
|
|
|
|
|
|
|
|
|
|
|
|
if ($this->_request->isPost()) {
|
|
|
|
|
|
$formData = $this->_request->getPost();
|
|
|
|
|
|
if ($form->isValid($formData)) {
|
|
|
|
|
|
$ut = new UsersTable();
|
|
|
|
|
|
$u = $ut->createRow();
|
|
|
|
|
|
$u->username = $form->getValue('username');
|
|
|
|
|
|
$u->password = $form->getValue('password');
|
|
|
|
|
|
$u->email=$form->getValue('email');
|
|
|
|
|
|
if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
|
|
|
|
|
|
if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
|
|
|
|
|
|
if ($form->getValue('address')) $u->address=$form->getValue('address');
|
|
|
|
|
|
if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
|
|
|
|
|
|
if ($form->getValue('project')) $u->project=$form->getValue('project');
|
|
|
|
|
|
if ($u->save()) {
|
|
|
|
|
|
//发送欢迎邮件
|
|
|
|
|
|
$mail=new WestdcMailer($this->view->config->smtp);
|
|
|
|
|
|
$body=file_get_contents($this->view->config->register->email->template);
|
|
|
|
|
|
$body=str_replace("[username]",$formData['username'],$body);
|
|
|
|
|
|
$mail->setBodyText($body);
|
|
|
|
|
|
$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
|
|
|
|
|
|
$mail->addTo($formData['email']);
|
|
|
|
|
|
//中文标题有乱码,在1.5版本中尚未解决
|
|
|
|
|
|
//ref: http://framework.zend.com/issues/browse/ZF-2532
|
|
|
|
|
|
$mail->setSubject('欢迎使用中国西部环境与生态数据中心');
|
|
|
|
|
|
$mail->send();
|
|
|
|
|
|
|
|
|
|
|
|
//自动登录系统
|
|
|
|
|
|
$this->login($formData['username'],$formData['password']);
|
|
|
|
|
|
$this->_redirect('/');
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
$form->populate($formData);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2013-03-15 04:16:07 +00:00
|
|
|
|
|
2011-12-28 06:37:46 +00:00
|
|
|
|
function loginAction()
|
|
|
|
|
|
{
|
2012-01-15 02:46:41 +00:00
|
|
|
|
$form = new LoginForm();
|
|
|
|
|
|
$success=false;
|
|
|
|
|
|
$message='';
|
|
|
|
|
|
$this->view->form = $form;
|
2011-12-28 06:37:46 +00:00
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
if ($auth->hasIdentity()) $this->_redirect('/account');
|
|
|
|
|
|
if ($this->_request->isPost()) {
|
2012-01-15 02:46:41 +00:00
|
|
|
|
$formData = $this->_request->getPost();
|
|
|
|
|
|
if ($form->isValid($formData)) {
|
|
|
|
|
|
if (!$this->login($formData['username'],$formData['password']))
|
2011-12-28 06:37:46 +00:00
|
|
|
|
{
|
|
|
|
|
|
$this->messenger->addMessage('登录失败,请检查您的用户名和密码。');
|
|
|
|
|
|
} else $success=true;
|
2012-01-15 02:46:41 +00:00
|
|
|
|
}
|
2011-12-28 06:37:46 +00:00
|
|
|
|
|
|
|
|
|
|
if(!$success) {
|
|
|
|
|
|
$flashMessenger = $this->_helper->getHelper('FlashMessenger');
|
|
|
|
|
|
$flashMessenger->setNamespace('actionErrors');
|
|
|
|
|
|
$flashMessenger->addMessage($message);
|
|
|
|
|
|
$this->_redirect('/account/login');
|
|
|
|
|
|
} else
|
|
|
|
|
|
{
|
|
|
|
|
|
$tohref = $this->_request->getParam('href');
|
|
|
|
|
|
if(!empty($tohref))
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->_redirect($tohref);
|
|
|
|
|
|
}else{
|
|
|
|
|
|
$this->_redirect($this->_request->getParam('return'));
|
|
|
|
|
|
}
|
2012-07-06 03:30:59 +00:00
|
|
|
|
|
|
|
|
|
|
if($_SERVER['REQUEST_URI']!='/account/login')
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->_redirect($_SERVER['REQUEST_URI']);
|
|
|
|
|
|
}
|
2011-12-28 06:37:46 +00:00
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
//$formData['redirect'] = $redirect;
|
|
|
|
|
|
//$form->populate($formData);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function logoutAction()
|
|
|
|
|
|
{
|
|
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
$auth->clearIdentity();
|
|
|
|
|
|
require_once 'member.php';
|
|
|
|
|
|
$mb=new member();
|
|
|
|
|
|
member::flushcookie();
|
|
|
|
|
|
$this->_redirect('/');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private function default_login($u,$p)
|
|
|
|
|
|
{
|
|
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
|
|
|
|
$db=Zend_Registry::get('db');
|
|
|
|
|
|
|
|
|
|
|
|
$authAdapter = new Zend_Auth_Adapter_DbTable($db);
|
|
|
|
|
|
$authAdapter->setTableName('users')
|
|
|
|
|
|
->setIdentityColumn('username')
|
|
|
|
|
|
->setCredentialColumn('password');
|
|
|
|
|
|
$authAdapter->setIdentity($u)->setCredential(md5($p));
|
|
|
|
|
|
$result = $auth->authenticate($authAdapter);
|
|
|
|
|
|
if ($result->isValid()) {
|
2013-01-16 08:09:14 +00:00
|
|
|
|
// success: store database row to auth's storage
|
2011-12-28 06:37:46 +00:00
|
|
|
|
$data = $authAdapter->getResultRowObject(null,'password');
|
2013-01-16 08:09:14 +00:00
|
|
|
|
|
|
|
|
|
|
//头像
|
|
|
|
|
|
include_once("Avatar.php");
|
|
|
|
|
|
$avatar = new Avatar();
|
|
|
|
|
|
$data->avatar = $avatar->Get($data->email,40);
|
|
|
|
|
|
|
|
|
|
|
|
//组ID
|
|
|
|
|
|
include_once("Users.php");
|
|
|
|
|
|
$usr = new Users($db);
|
|
|
|
|
|
$data->gid = $usr->getGroup($data->id);
|
2013-01-24 09:33:42 +00:00
|
|
|
|
|
2011-12-28 06:37:46 +00:00
|
|
|
|
$auth->getStorage()->write($data);
|
|
|
|
|
|
$db->query("update users set ts_last_login=now() where username=?",array($u));
|
|
|
|
|
|
|
|
|
|
|
|
if ($this->_request->getParam('remember')) {
|
|
|
|
|
|
$sql="select usertype from users where username='$u'";
|
|
|
|
|
|
$rs=$db->query($sql);
|
|
|
|
|
|
$row=$rs->fetch();
|
2012-03-16 06:15:54 +00:00
|
|
|
|
//if($row['usertype']!='administrator')
|
2011-12-28 06:37:46 +00:00
|
|
|
|
{
|
|
|
|
|
|
require_once 'member.php';
|
|
|
|
|
|
$mb = new member();
|
|
|
|
|
|
$mb -> putcookie($u,md5($p));
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2013-01-24 09:33:42 +00:00
|
|
|
|
|
2011-12-28 06:37:46 +00:00
|
|
|
|
return true;
|
|
|
|
|
|
}else
|
|
|
|
|
|
{
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
private function aspnet_login($p,$salt,$password)
|
|
|
|
|
|
{
|
|
|
|
|
|
$p1=implode("\x00",str_split($p))."\x00";
|
|
|
|
|
|
$ball=base64_decode($salt).$p1;
|
|
|
|
|
|
return trim($password)==base64_encode(sha1($ball,true));
|
|
|
|
|
|
}
|
|
|
|
|
|
// 首先判断是否存在salt
|
|
|
|
|
|
// 若有salt,则按照aspnet membership加密算法进行判断
|
|
|
|
|
|
function login($u,$p)
|
|
|
|
|
|
{
|
|
|
|
|
|
$ut= new UsersTable();
|
|
|
|
|
|
$db=$ut->getAdapter();
|
|
|
|
|
|
$sql="select password,salt from users where username=?";
|
|
|
|
|
|
$uq=$db->query($sql,array($u));
|
|
|
|
|
|
if ($urow=$uq->fetchObject())
|
|
|
|
|
|
{
|
|
|
|
|
|
if (empty($urow->salt))
|
|
|
|
|
|
return $this->default_login($u,$p);
|
|
|
|
|
|
else {
|
|
|
|
|
|
//进行判断并进行转换到默认
|
|
|
|
|
|
if ($this->aspnet_login($p,$urow->salt,$urow->password))
|
|
|
|
|
|
{
|
|
|
|
|
|
$sql="update users set password=md5(?),salt='' where username=?";
|
|
|
|
|
|
$db->query($sql,array($p,$u));
|
|
|
|
|
|
return $this->default_login($u,$p);
|
|
|
|
|
|
} else
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
//没有对应的用户,登录失败
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
function fetchpwdAction()
|
|
|
|
|
|
{
|
|
|
|
|
|
$ut= new UsersTable();
|
|
|
|
|
|
$db=$ut->getAdapter();
|
|
|
|
|
|
$form = new LostpwdForm();
|
|
|
|
|
|
$key=$this->_request->getParam('key');
|
|
|
|
|
|
$login=$this->_request->getParam('login');
|
|
|
|
|
|
if (empty($key) && empty($login)) {
|
|
|
|
|
|
$this->view->form = $form;
|
|
|
|
|
|
if ($this->_request->isPost()) {
|
|
|
|
|
|
$formData = $this->_request->getPost();
|
|
|
|
|
|
if ($form->isValid($formData)) {
|
|
|
|
|
|
$sql="select * from users where email=?";
|
|
|
|
|
|
$uq=$db->query($sql,array($formData['email']));
|
|
|
|
|
|
if ($urow=$uq->fetchObject())
|
|
|
|
|
|
{
|
|
|
|
|
|
//email the url to user
|
|
|
|
|
|
$username=$urow->username;
|
|
|
|
|
|
$sql="update users set activation=? where email=?";
|
|
|
|
|
|
$uid=uniqid();
|
|
|
|
|
|
$db->query($sql,array($uid,$formData['email']));
|
|
|
|
|
|
$mail=new WestdcMailer($this->view->config->smtp);
|
|
|
|
|
|
$body="尊敬的西部数据中心用户:
|
|
|
|
|
|
有人提出了针对此用户名的密码重置请求。
|
|
|
|
|
|
|
|
|
|
|
|
用户名:";
|
|
|
|
|
|
$body.=$username;
|
|
|
|
|
|
$body.="
|
|
|
|
|
|
|
|
|
|
|
|
若想重置您的密码请打开下面的链接,否则请忽略此邮件,一切如常。
|
|
|
|
|
|
";
|
|
|
|
|
|
$body.="http://westdc.westgis.ac.cn/account/fetchpwd/".$username."/".$uid;
|
|
|
|
|
|
$mail->setBodyText($body);
|
|
|
|
|
|
$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
|
|
|
|
|
|
$mail->addTo($formData['email']);
|
|
|
|
|
|
$mail->setSubject('密码已重置');
|
|
|
|
|
|
$mail->send();
|
|
|
|
|
|
$this->view->messages[]='请检查您的新邮件中的确认激活链接。';
|
|
|
|
|
|
$this->view->form=false;//do not echo form
|
|
|
|
|
|
} else
|
|
|
|
|
|
$this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。');
|
|
|
|
|
|
}
|
|
|
|
|
|
} else
|
|
|
|
|
|
$this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。';
|
|
|
|
|
|
} else {
|
|
|
|
|
|
$sql="select * from users where username=? and activation=?";
|
|
|
|
|
|
$uq=$db->query($sql,array($login,$key));
|
|
|
|
|
|
$tmp_pwd=uniqid();
|
|
|
|
|
|
if ($urow=$uq->fetchObject())
|
|
|
|
|
|
{
|
|
|
|
|
|
$sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?";
|
|
|
|
|
|
$db->query($sql,array($login,$key));
|
|
|
|
|
|
$mail=new WestdcMailer($this->view->config->smtp);
|
|
|
|
|
|
$body="尊敬的西部数据中心用户:
|
|
|
|
|
|
您的密码已修改。
|
|
|
|
|
|
|
|
|
|
|
|
用户名:";
|
|
|
|
|
|
$body.=$login;
|
|
|
|
|
|
$body.="密码:".$tmp_pwd;
|
|
|
|
|
|
$body.="
|
|
|
|
|
|
http://westdc.westgis.ac.cn/account/login";
|
|
|
|
|
|
$mail->setBodyText($body);
|
|
|
|
|
|
$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
|
|
|
|
|
|
$mail->addTo($urow->email);
|
|
|
|
|
|
$mail->setSubject('您的新密码');
|
|
|
|
|
|
$mail->send();
|
|
|
|
|
|
$this->view->messages[]='请查收您新邮件中的新密码';
|
|
|
|
|
|
$this->view->form=false;//do not echo form
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
