westdc-zf1/application/default/controllers/AccountController.php

<?php
use Mail\Mail;
use Open\Client;
use Users\Account;
use Users\Member;
use Helpers\Captcha;
use Helpers\View as view;

class AccountController extends Zend_Controller_Action 
{
	function preDispatch()
    {
    	$this->view->config = Zend_Registry::get('config');
		$this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
		$this->db = Zend_Registry::get('db');
		$this->view->messages = $this->messenger->getMessages();
		$this->view->theme = new Theme();
    } 
	
    function indexAction()
    {
		$this->view->pageID = "account-index";
		
		include_once("Users.php");
		$usr = new Users($this->db);
		
    	$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$uid = $user->id;
		}
		
		include_once("Avatar.php");
		$avatar = new Avatar();
		$this->view->avatar = $avatar->Get($user->email,140);
		
		$this->view->info = $usr->getUserInfo($uid);
    }
	
	function editAction()
    {
		$this->view->pageID = "account-edit";
		
		include_once("Users.php");
		$usr = new Users($this->db);
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$uid = $user->id;
		}
		
		include_once("Avatar.php");
		$avatar = new Avatar();
		$this->view->avatar = $avatar->Get($user->email,140);
		
		$this->view->projectType = array(
			"无" => '',
			"国家973计划项目课题" => "国家973计划项目课题",
			"国家863计划课题"=>"国家863计划课题",
			"国家级科技支撑课题" => "国家级科技支撑课题",
			"国家级科技重大专项" => "国家级科技重大专项",
			"国家级国家重大工程" => "国家级国家重大工程",
			"国家级国家自然科学基金" => "国家级国家自然科学基金",
			"国际合作项目"=>"国际合作项目",
			"省部级项目" => "省部级项目",
			"其他项目工程" => "其他项目工程"
		);
		
		$submit = $this->_getParam('submit');
		
		if(!empty($submit))
		{
			$data = $this->AccountEditParamFilter();
			
			if($this->db->update("users",$data,"id=$uid"))
			{
				$this->view->AlertType = "alert-success";
				$this->view->msg = "修改成功！";
				$this->view->jump_url = "/account/edit";
				return true;
			}else{
				$this->view->AlertType = "alert-error";
				$this->view->error = "修改失败，请重试";
				$this->view->info = $data;
				return true;
			}
		}else{
			$this->view->info = $usr->getUserInfo($uid);
		}
    }
	
	function AccountEditParamFilter(){
		$data = array();
		$data['realname'] = substr(trim($this->_getParam('realname')),0,40);
		$data['unit'] = substr(trim($this->_getParam('unit')),0,100);
		$data['address'] = substr(trim($this->_getParam('address')),0,100);
		$data['phone'] = substr(trim($this->_getParam('phone')),0,15);
		$data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
		$data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
		$data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
		$data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
		$data['project'] = substr(trim($this->_getParam('project')),0,600);
		
		foreach($data as $k=>$v)
		{
			$data[$k] = $this->StringFilter($v);
		}
		
		return $data;
	}
	
	function StringFilter($string){
		$string = preg_replace ('/<[^>]*>/', ' ', $string);
		return $string;
	}
	
	function secureAction()
	{
		$this->view->pageID = "account-secure";
		
		include_once("Users.php");
		$usr = new Users($this->db);
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$uid = $user->id;
		}
		
		$opt = $this->_getParam('opt');
		$submit = $this->_getParam('submit');
		
		if(empty($opt))
		{
			$this->view->section = "password";
			if(!empty($submit))
			{
				$data = $this->AccountSecureParamFilter();
				
				$this->view->AlertType = "alert-error";
				if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
				{
					$this->view->error = view::Error("密码过长");
					return true;
				}
				if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
				{
					$this->view->error = view::Error("密码过短，请输入大于6位的密码");
					return true;
				}
				if(md5($data['new_password']) != md5($data['new_password_confrim']))
				{
					$this->view->error = view::Error("两次输入的密码不相同");
					return true;
				}
				
				$sql = "SELECT password FROM users WHERE id=$uid";
				$rs = $this->db->query($sql);
				$row = $rs->fetch();
				
				if(md5($data['password']) != $row['password'])
				{
					$this->view->error = view::Error("原密码不正确");
					return true;
				}
	
				$data['password'] = md5($data['new_password']);
				
				unset($data['new_password']);
				unset($data['new_password_confrim']);
				
				if($this->db->update("users",$data,"id=$uid"))
				{
					view::Post($this,array("content"=>'修改成功！','url'=>'/account/secure'));
					return true;
				}else{
					$this->view->error = view::Error("修改失败");
					return true;
				}
			}else{
				$this->view->info = $usr->getUserInfo($uid);
			}
		}//password
		
		if($opt == "email")
		{
			$this->view->section = "email";
			if(!empty($submit))
			{
				$email = $this->_getParam('email');
				$password = $this->_getParam('password');
				
				if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
				{
					$this->view->error = view::Error("错误的邮箱格式");
					return true;
				}
				
				$sql = "SELECT password FROM users WHERE id=$uid";
				$rs = $this->db->query($sql);
				$row = $rs->fetch();
				
				if(md5($password) != $row['password'])
				{
					$this->view->error = view::Error("原密码错误");
					return true;
				}
				
				$data['email'] = $email;
				
				if($this->db->update("users",$data,"id=$uid"))
				{
					view::Post($this,array("content"=>'修改成功！','url'=>'/account/secure'));
					return true;
				}else{
					$this->view->error = view::Error("修改失败");
					return true;
				}
			}else{
				$this->view->info = $usr->getUserInfo($uid);
			}
		}//email
	}
	
	function AccountSecureParamFilter(){
		$data = array();
		$data['password'] = trim($this->_getParam('password'));
		$data['new_password'] = trim($this->_getParam('new_password'));
		$data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
		foreach($data as $k=>$v)
		{
			$data[$k] = $this->StringFilter($v);
		}
		return $data;
	}
	
    function init()
    {
    	$this->messenger=$this->_helper->getHelper('FlashMessenger');
    }
	
    function postDispatch()
    {    	
    	//$this->view->messages = $this->messenger->getMessages();
    } 
        
    function registerAction()
    {
        $form = new RegisterForm();
        $this->view->form = $form;
        
        if ($this->_request->isPost()) {
            $formData = $this->_request->getPost();
            if ($form->isValid($formData)) {
                $ut = new UsersTable();
                $u = $ut->createRow();
                $u->username = $form->getValue('username');
                $u->password = $form->getValue('password');
                $u->email=$form->getValue('email');
                if ($form->getValue('realname'))  $u->realname=$form->getValue('realname');
                if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
                if ($form->getValue('address')) $u->address=$form->getValue('address');
                if ($form->getValue('unit')) $u->unit=$form->getValue('unit');                
                if ($form->getValue('project'))  $u->project=$form->getValue('project');
                if ($u->save()) {
					
					//注册邮件
					$mail_template = "member-register";
					$mail_data = array(
						'name'=>$formData['username'],
					);
					
					$mail = new Mail();
					
					$mail->loadTemplate($mail_template,$mail_data);
					$mail->addTo($formData['email'],$formData['username']);
					$mail->send();

                	//自动登录系统
                	$this->login($formData['username'],$formData['password']);
                	$this->_redirect('/');
                }
            } else {
                $form->populate($formData);
            }
        }
    }
	
    function loginAction()
    {		
		$options = array(
			'module' 	 => $this->_request->getModuleName(),
			'controller' => $this->_request->getControllerName(),
			'action' 	 => $this->_request->getActionName(),
		);

        $auth = Zend_Auth::getInstance();
        if ($auth->hasIdentity())
		{
			view::Post($this,"您已经登录，无需重复登录",-1);
			return true;
		}
		
		$tohref = $this->_request->getParam('href');
		
		if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login"))
		{
			$this->view->href = $_SERVER['REQUEST_URI'];
		}
		
		if($tohref == "/account/login")
		{
			$this->view->href = $tohref = "/";
		}
		
		if(!empty($tohref))
		{
			$this->view->href = $tohref;
		}
		
		$captcha = new Captcha();

		$submit = $this->_getParam("submit");
		if(!empty($submit))
		{
			$username = trim($this->_request->getParam('username'));
			$password = trim($this->_request->getParam('password'));
			$captchaword = trim($this->_request->getParam('captcha'));
			
			$account = new Account();
			$status = $account->login(array(
				'username' => $username,
				'password' => $password
			));
			
			if(isset($status['error']))
			{
				$this->view->error = $status;
				$this->view->captcha = $captcha->setCaptcha();
				return true;
			}
			
			if(!$captcha->isValid($captchaword))
			{
				$this->view->error = "验证码错误";
				$this->view->captcha = $captcha->setCaptcha();
				return true;
			}
			
			view::Post($this,"登录成功，正在跳转",$tohref);
			return true;
		}
		
		$this->view->captcha = $captcha->setCaptcha();
    }
	
	public function captchaAction()
	{
		if(view::isXmlHttpRequest($this))
		{
			$captcha = new Captcha();
			$url = $captcha->setCaptcha();
			echo $url;
			return true;
		}else{
			echo "bad request!";
			exit();
		}
	}
    
    public function logoutAction()
    {
    	$auth = Zend_Auth::getInstance();
    	$auth->clearIdentity();
    	Member::flushcookie();
    	$this->_redirect('/');
    }
    
	public function fetchpwdAction()
	{
		$salt = trim($this->_getParam('salt'));
		$submit = $this->_getParam('submit');
		if(empty($salt))
		{
			$captcha = new Captcha();
	
			if(!empty($submit))
			{
				$email = trim($this->_request->getParam('email'));
				$captchaword = trim($this->_request->getParam('captcha'));
				
				if(!$captcha->isValid($captchaword))
				{
					$this->view->error = view::Error("验证码错误");
					$this->view->captcha = $captcha->setCaptcha();
					return true;
				}
				
				$account = new Account();
				$status = $account->getMyPassword($email);
				
				if(isset($status['error']))
				{
					$this->view->error = view::Error($status['error']);
					$this->view->captcha = $captcha->setCaptcha();
					return true;
				}
				
				view::Post($this,"您的密码重置申请已提交，请在邮箱中查看");
				return true;
			}else{
				$this->view->captcha = $captcha->setCaptcha();
			}//提交密码重置申请
		}
		
		else{
			$this->_helper->viewRenderer('account-resetpassword');
			$this->view->salt = $salt;
			if(!empty($submit))
			{
				$username = trim($this->_request->getParam('username'));
				$password = trim($this->_request->getParam('password'));
				$confirm_password = trim($this->_request->getParam('confirm_password'));
				
				$account = new Account();
				$status = $account->resetPassword(array(
					'username' => $username,
					'password' => $password,
					'confirm_password' => $confirm_password,
					'salt' => $salt
				));
				
				if(isset($status['error']))
				{
					$this->view->error = view::Error($status['error']);
					return true;
				}
				
				view::Post($this,"您的密码修改成功！请使用新密码登录","/account/login");
				return true;
			}
		}//修改密码
		
    } //找回密码
	
	//OAuth2登录跳转页面
	public function oauth2loginAction()
	{
		$type = $this->_getParam('type');
		$client = new Client();
		$url = $client->makeRequestCodeUrl($type);

		view::Post($this,"为您转入科技网登录入口",$url);
	}
	
	//oauth2登录回调地址
	public function callbackAction()
	{
		$type = $this->_getParam('type');
		$code = $this->_getParam('code');
		
		$client = new Client($type);
		
		$client->initSource();
		$target = $client->getSource()->getTarget($type);
		$this->view->target_name = $target['name'];
		
		$token = $client->requestToken($code);

		if(is_string($token))
		{
			view::Post($this,$token,'/account/login');
		}
		
		$status = $client->storageTokenData($type,$token);
	
		if($status === true)
		{
			echo "<script>self.location='/index'</script>";
		}else{
			echo $status;
		}
	}

}