bob
/
westdc-zf1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

增加了cookie+session自动登陆功能。

This commit is contained in:
Li Jianxuan 2011-09-16 09:08:53 +00:00
parent f281ce6a39
commit 149943900c
3 changed files with 143 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
application/default/controllers/AccountController.php
View File

@ -150,6 +150,9 @@ class AccountController extends Zend_Controller_Action
{ {
$auth = Zend_Auth::getInstance(); $auth = Zend_Auth::getInstance();
$auth->clearIdentity(); $auth->clearIdentity();
require_once 'member.php';
$mb=new member();
$mb::flushcookie();
$this->_redirect('/'); $this->_redirect('/');
} }
@ -157,6 +160,7 @@ class AccountController extends Zend_Controller_Action
{ {
$auth = Zend_Auth::getInstance(); $auth = Zend_Auth::getInstance();
$db=Zend_Registry::get('db'); $db=Zend_Registry::get('db');
$authAdapter = new Zend_Auth_Adapter_DbTable($db); $authAdapter = new Zend_Auth_Adapter_DbTable($db);
$authAdapter->setTableName('users') $authAdapter->setTableName('users')
->setIdentityColumn('username') ->setIdentityColumn('username')
@ -164,14 +168,18 @@ class AccountController extends Zend_Controller_Action
$authAdapter->setIdentity($u)->setCredential(md5($p)); $authAdapter->setIdentity($u)->setCredential(md5($p));
$result = $auth->authenticate($authAdapter); $result = $auth->authenticate($authAdapter);
if ($result->isValid()) { if ($result->isValid()) {
// success: store database row to auth's storage // success: store database row to auth's storage
$data = $authAdapter->getResultRowObject(null,'password'); $data = $authAdapter->getResultRowObject(null,'password');
$auth->getStorage()->write($data); $auth->getStorage()->write($data);
if ($this->_request->getParam('remember')) {
$authNamespace = new Zend_Session_Namespace('westdc');
$authNamespace->setExpirationSeconds(2592000);
}
$db->query("update users set ts_last_login=now() where username=?",array($u)); $db->query("update users set ts_last_login=now() where username=?",array($u));
if ($this->_request->getParam('remember')) {
require_once 'member.php';
$mb = new member();
$mb -> putcookie($u,md5($p));
}
return true; return true;
} }
return false; return false;

21
application/models/CustomControllerAclManager.php
View File

@ -8,6 +8,7 @@
'action' => 'login'); 'action' => 'login');
public function __construct(Zend_Auth $auth) public function __construct(Zend_Auth $auth)
{ {
$this->db=Zend_Registry::get('db');
$this->auth = $auth; $this->auth = $auth;
$this->acl = new Zend_Acl(); $this->acl = new Zend_Acl();
// add the different user roles // add the different user roles
@ -36,6 +37,7 @@
$this->acl->allow('member', 'account'); $this->acl->allow('member', 'account');
// allows administrators access to the admin area // allows administrators access to the admin area
$this->acl->allow('administrator', 'admin'); $this->acl->allow('administrator', 'admin');
} }
/** /**
* preDispatch * preDispatch
@ -50,6 +52,25 @@
{ {
// check if a user is logged in and has a valid role, // check if a user is logged in and has a valid role,
// otherwise, assign them the default role (guest) // otherwise, assign them the default role (guest)
$mb = new member();
$mb->db=$this->db;
if($mb->checkcookie())
{
$auth = Zend_Auth::getInstance();
$authAdapter = new Zend_Auth_Adapter_DbTable($this->db);
$authAdapter->setTableName('users')
->setIdentityColumn('username')
->setCredentialColumn('password');
$authAdapter->setIdentity($mb->user)->setCredential($mb->srpwd);
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
$data = $authAdapter->getResultRowObject(null,'password');
$auth->getStorage()->write($data);
$this->db->query("update users set ts_last_login=now() where username=?",array($mb->user));
}
}
if ($this->auth->hasIdentity()) if ($this->auth->hasIdentity())
$role = $this->auth->getIdentity()->usertype; $role = $this->auth->getIdentity()->usertype;
else else

110
application/models/member.php Executable file
View File

@ -0,0 +1,110 @@
<?php
class member
{
var $ck='Dxe8SqIcmyUf';
var $db; //传入PDO对象
var $mid; //会员ID
public $scr; //cookie 安全码 $_COOKIE['scr']
public $user;//cookie User $_COOKIE['user']
public $srpwd;//执行checkcookie后方可调用
function __construct()
{
if(!empty($_COOKIE['scr']))
{
$this->scr = $_COOKIE['scr'];
}
if(!empty($_COOKIE['user']))
{
$this->user= $_COOKIE['user'];
}
}
/**
* 检测cookie
*/
public function checkcookie()
{
$uname = $this->user;
$hash = $this->scr;
if(!empty($uname) && !empty($hash))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$uname) || preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$hash))
{
$this->mid=0;
return false;
}
else{
$sql = "select username,password from users where username='$uname'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
$scr = $this->makescr($row['username'],$row['password']);
if($hash == $scr)
{
$this->srpwd=$row['password'];
return true;
}
else {
return false;
}
}//cookie安全
}else {
return false;
}//exit
}//function checkcookie
/**
* putcookie
*
* 登陆成功后放置cookie包含安全码
*
* @param String $uname
* @param String $pwd
* @param Int $time
*/
public function putcookie($uname,$pwd,$time = 604800)
{
try {
$scrString = $this->makescr($uname,$pwd);//加密验证串:防止用户密码被盗防止伪造cookie。
if(!is_numeric($time))
{
$time = 604800;
}
setcookie('user',$uname,time()+$time,'/');
setcookie('scr',$scrString,time()+$time,'/');
return true;
} catch (Exception $e) {
return false;
}
}//function putcookie
/**
* 生成安全码
*
* @param String $u
* @param String $p
*/
public function makescr($u,$p)
{
return substr(md5($u.$p.$this->ck),3,20);
}
/**
* 清除cookie
*/
static function flushcookie()
{
setcookie('user','',time()-99999,'/');
setcookie('scr','',time()-99999,'/');
}
}
?>