diff --git a/application/default/controllers/AccountController.php b/application/default/controllers/AccountController.php index ab68e5d3..2ed470d8 100755 --- a/application/default/controllers/AccountController.php +++ b/application/default/controllers/AccountController.php @@ -1,6 +1,10 @@ view->form = $form; - - if ($this->_request->isPost()) { - $formData = $this->_request->getPost(); - if ($form->isValid($formData)) { - $ut = new UsersTable(); - $u = $ut->createRow(); - $u->username = $form->getValue('username'); - $u->password = $form->getValue('password'); - $u->email=$form->getValue('email'); - if ($form->getValue('realname')) $u->realname=$form->getValue('realname'); - if ($form->getValue('phone')) $u->phone=$form->getValue('phone'); - if ($form->getValue('address')) $u->address=$form->getValue('address'); - if ($form->getValue('unit')) $u->unit=$form->getValue('unit'); - if ($form->getValue('project')) $u->project=$form->getValue('project'); - if ($u->save()) { - - //注册邮件 - $mail_template = "member-register-en"; - $mail_data = array( - 'name'=>$formData['username'], - ); - - $mail = new Mail(); - - $mail->loadTemplate($mail_template,$mail_data); - $mail->addTo($formData['email'],$formData['username']); - $mail->send(); - - //自动登录系统 - $this->login($formData['username'],$formData['password']); - $this->_redirect('/'); - } - } else { - $form->populate($formData); - } - } + $submit = $this->_getParam("submit"); + + $captcha = new Captcha(); + + if(!empty($submit)) + { + $account = new Account(); + $this->view->data = $data = $account->getRegisterParam(); + $status = $account->register($data); + + if(isset($status['error'])) + { + $this->view->error = view::Error($status['error']); + if(isset($status['place'])) + { + $this->view->place = $status['place']; + } + $this->view->captcha = $captcha->setCaptcha(); + }else{ + view::Post($this,"Thank you for registering at our site.","/"); + return true; + } + }else{ + $this->view->captcha = $captcha->setCaptcha(); + } + } function loginAction() @@ -409,16 +401,18 @@ class AccountController extends Zend_Controller_Action } } - function captchaAction() + public function captchaAction() { - $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - - $captcha = $this->loadCaptcha(); - $url = $this->setCaptcha($captcha,true); - - echo $url; - return true; + if(view::isXmlHttpRequest($this)) + { + $captcha = new Captcha(); + $url = $captcha->setCaptcha(); + echo $url; + return true; + }else{ + echo "bad request!"; + exit(); + } } function logoutAction() diff --git a/application/default/views/scripts/account/register.phtml b/application/default/views/scripts/account/register.phtml index 6ecc1451..ec0b2892 100755 --- a/application/default/views/scripts/account/register.phtml +++ b/application/default/views/scripts/account/register.phtml @@ -1,19 +1,108 @@ -headTitle($this->config->title->site); - $this->headTitle('Register'); - $this->headTitle()->setSeparator(' - '); - $this->headLink()->appendStylesheet('/css/register.css'); - $this->breadcrumb('Home'); - $this->breadcrumb('Register'); - $this->breadcrumb()->setSeparator(' > '); -?> -
-
-  Agree the terms   -    -  Input your base information   -    -  Finish register - form;?> -
-
\ No newline at end of file +headTitle($this->config->title->site); + $this->headTitle('Register'); + $this->headTitle()->setSeparator(' - '); + $this->headLink()->appendStylesheet('/css/register.css'); + $this->breadcrumb('Home'); + $this->breadcrumb('Register'); + $this->breadcrumb()->setSeparator(' > '); +?> +
+
+ error)) { ?> + + + error ?> + +
+ +
+ " name="username" /> + (required) +
+
+
+ +
+ + (required) +
+
+
+ +
+ + (re-typein password) +
+
+
+ +
+ " name="email" /> + (required) +
+
+
+ +
+ " name="realname" /> +
+
+
+ +
+ " name="phone" /> +
+
+
+ +
+ " name="unit" class="input-block-level" /> +
+
+
+ +
+ " name="address" class="input-block-level" /> +
+
+
+ +
+ " name="project" class="input-block-level" /> +
+
+
+ +
+ + + 看不清? +
+
+
+ + href)){?> + + + + forget password? +
+
+
+ \ No newline at end of file diff --git a/application/module/Helpers/Captcha.php b/application/module/Helpers/Captcha.php new file mode 100644 index 00000000..43a835b3 --- /dev/null +++ b/application/module/Helpers/Captcha.php @@ -0,0 +1,58 @@ +loadCaptcha(); + } + + public function loadCaptcha() + { + $this->captcha = new \Zend_Captcha_Image(array( + 'captcha' => 'Image', + 'wordLen' => 4, + 'fontsize'=>16, + 'width' => 100, + 'height' => 38, + 'dotNoiseLevel'=>2, + 'lineNoiseLevel'=>1, + 'timeout' => 300, + 'font' => '../data/fonts/ggbi.ttf', + 'imgDir' => $this->imgDir, + 'imgUrl' => '/images/captcha', + )); + } + + public function setCaptcha(){ + if(!is_dir($this->imgDir)) + { + mkdir($this->imgDir); + } + + $this->captcha->generate(); + $_SESSION[$this->sessionName] = $this->captcha->getWord(); + $url = $this->captcha->getImgUrl() + .$this->captcha->getId() + .$this->captcha->getSuffix(); + + return $url; + } + + public function isValid($captchaword) + { + if($captchaword == $_SESSION[$this->sessionName]) + { + return true; + }else{ + return false; + } + } + +} \ No newline at end of file diff --git a/application/module/Users/Account.php b/application/module/Users/Account.php index e692f95c..0f94658e 100644 --- a/application/module/Users/Account.php +++ b/application/module/Users/Account.php @@ -1,27 +1,38 @@ config = \Zend_Registry::get('config'); + if($initializingListener === TRUE) + { + $this->loadListener(); + } + } + + public function loadListener() + { + //主要操作,账号注册,登录,设置session等 + $AccountListener = new AccountListener(); + @$this->events()->attachAggregate($AccountListener); + //账户编辑 + $EditListener = new EditListener(); + @$this->events()->attachAggregate($EditListener); + + //账户安全性(找回密码) + $PwdListener = new PwdListener(); + @$this->events()->attachAggregate($PwdListener); } public function events(\Zend_EventManager_EventCollection $events = NULL) @@ -60,7 +89,6 @@ class Account extends \Zend_Controller_Plugin_Abstract //注册 public function register($data) { - $params = compact('data'); $results = $this->events()->trigger('register.checkParam', $this, $params); $cache_data = $results->bottom(); @@ -145,15 +173,30 @@ class Account extends \Zend_Controller_Plugin_Abstract }//login //storeLogin - public function storeLogin($data) + //将登录信息保存在session和cookie中 + public function storeLogin($data,$md5verify = true) { $auth = \Zend_Auth::getInstance(); $authAdapter = new \Zend_Auth_Adapter_DbTable($this->db); $authAdapter->setTableName($this->memberTable) ->setIdentityColumn($this->FieldUsername) ->setCredentialColumn($this->FieldPasword); - $authAdapter->setIdentity($data[$this->FieldUsername])->setCredential(md5($data[$this->FieldPasword])); + + if($data[$this->FieldPasword] === 0) + { + $password = "0"; + }else{ + if($md5verify == false) + { + $password = $data[$this->FieldPasword]; + }else{ + $password = md5($data[$this->FieldPasword]); + } + } + + $authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password); $result = $auth->authenticate($authAdapter); + if ($result->isValid()) { $user = $authAdapter->getResultRowObject(null,$this->FieldPasword); @@ -166,19 +209,34 @@ class Account extends \Zend_Controller_Plugin_Abstract @$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id')); return array('success'=>1); + }else{ + return array("error"=>"用户信息验证失败,请重新登录"); } return array('error'=>'处理中发现错误,请重试'); } //注册信息参数 - public function getParam(\Zend_Controller_Request_Abstract $request) + public function getRegisterParam(\Zend_Controller_Request_Abstract $request = NULL) { + if(empty($request)) + { + $request = new \Zend_Controller_Request_Http(); + } $data = array( - 'username'=>$request->getParam('username'), - 'password'=>$request->getParam('password'), - 'confirm_password'=>$request->getParam('confirm_password'), - 'email'=>$request->getParam('email'), - 'realname'=>$request->getParam('realname') + 'username'=>trim($request->getParam('username')), + 'password'=>trim($request->getParam('password')), + 'confirm_password'=>trim($request->getParam('confirm_password')), + 'email' => trim($request->getParam('email')), + 'realname' => trim($request->getParam('realname')), + 'phone' => trim($request->getParam('phone')), + 'unit' => trim($request->getParam('unit')), + 'address' => trim($request->getParam('address')), + 'project' => trim($request->getParam('project')), + 'project_id' => trim($request->getParam('project_id')), + 'project_type' => trim($request->getParam('project_type')), + 'project_title' => trim($request->getParam('project_title')), + 'project_leader'=> trim($request->getParam('project_leader')), + 'postcode' => trim($request->getParam('postcode')), ); return $data; } @@ -262,7 +320,7 @@ class Account extends \Zend_Controller_Plugin_Abstract return array('error'=>"此邮箱并未注册",'place'=>'email'); } - $salt = md5($email.'---'.$row['username']); + $salt = md5($email.'--'.time().'--'.$row['username']); $sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}"; $state = $this->db->exec($sql); @@ -272,15 +330,15 @@ class Account extends \Zend_Controller_Plugin_Abstract return array('error'=>"处理中出现错误,请重试",'place'=>'email'); } - $mail_template = "forgotpassword"; $mail_data = array( 'name'=>$row['realname'], - 'link'=> view::getHostLink().'/account/getpassword/salt/'.$salt + 'link'=> view::getHostLink().'/account/fetchpwd/?salt='.$salt, + 'site' => $this->config->title->site ); $mail = new Mail(); - $mail->loadTemplate($mail_template,$mail_data); + $mail->loadTemplate($this->getPwdEmailTemplate,$mail_data); $mail->addTo($email,$row['realname']); $mail->send(); @@ -316,12 +374,12 @@ class Account extends \Zend_Controller_Plugin_Abstract $sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}"; $this->db->exec($sql); - $mail_template = "getpassworded"; $mail_data = array( - 'name'=>$row['realname'], + 'name' => $row['realname'], + 'site' => $this->config->title->site ); $mail = new Mail(); - $mail->loadTemplate($mail_template,$mail_data); + $mail->loadTemplate($this->PwdChangedEmailTemplate,$mail_data); $mail->addTo($row['email'],$row['realname']); $mail->send(); diff --git a/application/module/Users/Listener/AccountListener.php b/application/module/Users/Listener/AccountListener.php index 4eabf2c0..04d08596 100644 --- a/application/module/Users/Listener/AccountListener.php +++ b/application/module/Users/Listener/AccountListener.php @@ -1,8 +1,8 @@ "用户名应当以字母开头,由字母数字和下划线组成,并且长度在5到25个字符之间",'place'=>'username'); + return array('error'=>"用户名长度应该大于两个字符",'place'=>'username'); } } @@ -89,7 +89,7 @@ class LoginOperate implements \Users\Event\LoginEvent $update = array( $this->FieldLastlogin => date("Y-m-d H:i:s"), - $this->FieldLastloginIp => $_SERVER["REMOTE_ADDR"] + //$this->FieldLastloginIp => $_SERVER["REMOTE_ADDR"] ); $dbh = new dbh(); @@ -106,6 +106,10 @@ class LoginOperate implements \Users\Event\LoginEvent }//loginSuccess - + //检查token表记录 + public function checkOAuthToken() + { + + } } \ No newline at end of file diff --git a/application/module/Users/Operation/PwdOperate.php b/application/module/Users/Operation/PwdOperate.php index ae87513f..27d54184 100644 --- a/application/module/Users/Operation/PwdOperate.php +++ b/application/module/Users/Operation/PwdOperate.php @@ -58,6 +58,11 @@ class PwdOperate implements \Users\Event\PwdEvent { $data = $e->getParam('data'); + if(empty($data['salt'])) + { + return array('error'=>"密钥不正确,请重新申请","place"=>'salt'); + } + if(empty($data['username'])) { return array('error'=>"请输入用户名",'place'=>'username'); @@ -70,12 +75,12 @@ class PwdOperate implements \Users\Event\PwdEvent if(strlen($data['password']) < 6) { - return array('error'=>"密码长度太短,为了安全最少输入6位哦",'place'=>'password'); + return array('error'=>"密码长度太短,为了安全最少输入6位",'place'=>'password'); } if(strlen($data['password']) > 14) { - return array('error'=>"密码太长,亲您记得住吗?不要超过14位哦",'place'=>'password'); + return array('error'=>"密码太长,请不要超过14位",'place'=>'password'); } if(empty($data['confirm_password'])) diff --git a/application/module/Users/Operation/RegisterOperate.php b/application/module/Users/Operation/RegisterOperate.php index 8bc1f3d1..17be0bc8 100644 --- a/application/module/Users/Operation/RegisterOperate.php +++ b/application/module/Users/Operation/RegisterOperate.php @@ -1,13 +1,13 @@ "请输入用户名",'place'=>'username'); + return array('error'=>"Username is required",'place'=>'username'); } if(!empty($data['username'])) { - if(!preg_match("/^[a-zA-Z][a-zA-Z0-9_]{4,15}$/",$data['username'])) + if(!preg_match("/[0-9a-zA-Z\xa0-\xff_]{2,25}/",$data['username'])) { - return array('error'=>"用户名应当以字母开头,由字母数字和下划线组成,并且长度在5到16个字符之间",'place'=>'username'); + return array('error'=>"Username is too long or too short (maximum is 25 characters,minimum is 3 characters)",'place'=>'username'); } } if(empty($data['password'])) { - return array('error'=>"请输入密码",'place'=>'password'); + return array('error'=>"Password is required",'place'=>'password'); } if(strlen($data['password']) < 6) { - return array('error'=>"密码长度太短,为了安全最少输入6位",'place'=>'password'); + return array('error'=>"Password is too short(minimum is 6 characters)",'place'=>'password'); } if(strlen($data['password']) > 14) { - return array('error'=>"密码太长,请不要超过14位",'place'=>'password'); + return array('error'=>"Password is too long (maximum is 15 characters)",'place'=>'password'); } if(empty($data['confirm_password'])) { - return array('error'=>"请再次输入密码已确认输入正确",'place'=>'confirm_password'); + return array('error'=>"Password confirmation is required",'place'=>'confirm_password'); } if(md5($data['password']) != md5($data['confirm_password'])) { - return array('error'=>"两次输入的密码不同,请重新输入",'place'=>'confirm_password'); + return array('error'=>"Passwords do not match",'place'=>'confirm_password'); } if(empty($data['email'])) { - return array('error'=>"请输入电子邮箱,作为找回密码和接受通知的联系方式",'place'=>'email'); + return array('error'=>"Email is required",'place'=>'email'); } if (!preg_match('/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/',$data['email'])) { - return array('error'=>"请输入正确的电子邮件,推荐使用QQ邮箱和Gmail邮箱",'place'=>'email'); + return array('error'=>"Please enter a valid email address",'place'=>'email'); } - if(empty($data['realname'])) + if(!empty($data['realname'])) { - return array('error'=>"请输入姓名",'place'=>'realname'); - } - - if(mb_strlen($data['realname'],"UTF-8")>10 ) - { - return array('error'=>"真实姓名请不要超过10个字",'place'=>'realname'); + if(mb_strlen($data['realname'],"UTF-8")>10 ) + { + return array('error'=>"Realname is too long (maximum is 15 characters)",'place'=>'realname'); + } } return true; @@ -105,7 +105,7 @@ class RegisterOperate implements \Users\Event\RegisterEvent if(!is_array($data)) { - return "用户信息验证失败,请重新尝试"; + return "Parameter Problems"; } $sql = "SELECT id,{$this->FieldUsername},{$this->FieldEmail} FROM ".$this->tbl_member." WHERE {$this->FieldUsername}='{$data['username']}' OR {$this->FieldEmail}='{$data['email']}'"; @@ -118,15 +118,15 @@ class RegisterOperate implements \Users\Event\RegisterEvent { if($row[$this->FieldUsername] == $data['username']) { - return array('error'=>'您的用户名已经注册过账号,您是否忘记了密码?','place'=>'username'); + return array('error'=>'your username already exists ,forget password?','place'=>'username'); } if($row[$this->FieldEmail] == $data['email']) { - return array('error'=>'您的邮箱已经注册过账号,请换一个邮箱','place'=>'email'); + return array('error'=>'your email already used','place'=>'email'); } - return array('error'=>'您的用户名或邮箱已经使用过,注册新账号请换一个用户名'); + return array('error'=>'your username already exists or email already used'); } return true; @@ -148,10 +148,9 @@ class RegisterOperate implements \Users\Event\RegisterEvent return false; } - $mail_template = "register"; + $mail_template = "member-register"; $mail_data = array( 'name'=>$data['realname'], - 'content'=>$this->getMailContent() ); $mail = new Mail(); @@ -166,25 +165,11 @@ class RegisterOperate implements \Users\Event\RegisterEvent //邮件内容 public function getMailContent() { - $sql = "SELECT v.id,v.title,v.thumb,v.status,v.content,m.realname,m.username FROM tbl_voice v - LEFT JOIN tbl_member m ON v.userid = m.id - WHERE v.status > 0 - ORDER BY v.id DESC - LIMIT 5"; - $rs = $this->db->query($sql); - $latest = $rs->fetchAll(); + $content = ""; - foreach($latest as $k=>$v) - { - if($v['thumb'] != '[]') - { - $thumb = json_decode($v['thumb'],true); - $text = mb_strlen($v['content'],"UTF-8") > 100 ? mb_substr($v['content'],0,100,"UTF-8") : $v['content']; - $content .= '

'.$v['title']. ' / ' .$v['realname'].'
'.$text.'
查看播放

'; - } - } + return $content; }//getMailContent(); diff --git a/application/module/Users/Users.php b/application/module/Users/Users.php new file mode 100644 index 00000000..fee16ce8 --- /dev/null +++ b/application/module/Users/Users.php @@ -0,0 +1,73 @@ +db = \Zend_Registry::get('db'); + }else{ + $this->db = $db; + } + + $this->table = new Table(); + + $this->config = \Zend_Registry::get('config'); + + if($accountClass === TRUE) + { + $this->account = new Account(); + } + } + + //通过email地址返回用户信息是否存在 + public function userExists($email = NULL) + { + if(empty($email)) + { + return false; + } + + if(empty($this->account)) + { + $account = new Account(FALSE); + }else{ + $account = $this->account; + } + + $sql = "SELECT * FROM {$account->memberTable} WHERE {$account->FieldEmail}=? LIMIT 1"; + $sth = $this->db->prepare($sql); + $sth->execute(array($email)); + $row = $sth->fetch(); + + unset($account); + + if(isset($row['id']) && !empty($row['id'])) + { + return $row; + }else{ + return false; + } + } + + + + +} \ No newline at end of file