bob
/
westdc-zf1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修改跨域登录功能

This commit is contained in:
Li Jianxuan 2014-06-11 01:39:18 +00:00
parent f7fbbf4e64
commit 1a6b0375a9
2 changed files with 742 additions and 726 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1181
application/default/controllers/AccountController.php
View File

File diff suppressed because it is too large Load Diff

287
application/module/Users/Member.php
View File

@ -1,138 +1,151 @@
<?php
namespace Users;
class Member
{
var $ck='DCC3ER4T8L2EFX94OPDF';
var $db; //传入PDO对象
var $mid; //会员ID
public $scr; //cookie 安全码 $_COOKIE['scr']
public $user;//cookie User $_COOKIE['user']
public $srpwd;//执行checkcookie后方可调用
public $memberTable = "users";
public $FieldUsername = "username";
public $FieldPasword = "password";
public $FieldLastlogin = "ts_last_login";
public $FieldEmail = "email";
public $FieldLastloginIp = "last_login_ip";
public $GravatarEmailField = "gravatar_email";
public $RoleMember = "member";
function __construct()
{
if(empty($db))
{
$this->db = \Zend_Registry::get('db');
}else{
$this->db = $db;
}
$this->config = \Zend_Registry::get('config');
if(!empty($_COOKIE['scr']))
{
$this->scr = $_COOKIE['scr'];
}
if(!empty($_COOKIE['user']))
{
$this->user= $_COOKIE['user'];
}
}
/**
* 检测cookie
*/
public function checkcookie()
{
$uname = $this->user;
$hash = $this->scr;
if(!empty($uname) && !empty($hash))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$uname) || preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$hash))
{
$this->mid=0;
return false;
}
else{
$sql = "select {$this->FieldUsername} as userid,{$this->FieldPasword} as pwd from {$this->memberTable} where {$this->FieldUsername}='$uname'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
$scr = $this->makescr($row['userid'],$row['pwd']);
if($hash == $scr)
{
$this->srpwd=$row['pwd'];
return true;
}
else {
return false;
}
}//cookie安全
}else {
return false;
}//exit
}//function checkcookie
/**
* putcookie
*
* 登陆成功后放置cookie包含安全码
*
* @param String $uname
* @param String $pwd
* @param Int $time
*/
public function putcookie($uname,$pwd,$time = 604800)
{
try {
$scrString = $this->makescr($uname,$pwd);//加密验证串:防止用户密码被盗防止伪造cookie。
if(!is_numeric($time))
{
$time = 604800;
}
setcookie('user',$uname,time()+$time,'/');
setcookie('scr',$scrString,time()+$time,'/');
return true;
} catch (Exception $e) {
return false;
}
}//function putcookie
/**
* 生成安全码
*
* @param String $u
* @param String $p
*/
public function makescr($u,$p)
{
return substr(md5($u.$p.$this->ck),3,20);
}
/**
* 清除cookie
*/
static function flushcookie()
{
setcookie('user','',time()-99999,'/');
setcookie('scr','',time()-99999,'/');
}
public function getUser()
{
$sql = "SELECT * FROM ".$this->memberTable." m ORDER BY m.id DESC";
$rs = $this->db->query($sql);
return $rs->fetchAll();
}
<?php
namespace Users;
class Member
{
var $ck='DCC3ER4T8L2EFX94OPDF';
var $db; //传入PDO对象
var $mid; //会员ID
public $scr; //cookie 安全码 $_COOKIE['scr']
public $user;//cookie User $_COOKIE['user']
public $srpwd;//执行checkcookie后方可调用
public $memberTable = "users";
public $FieldUsername = "username";
public $FieldPasword = "password";
public $FieldLastlogin = "ts_last_login";
public $FieldEmail = "email";
public $FieldLastloginIp = "last_login_ip";
public $GravatarEmailField = "gravatar_email";
public $rootdomain = "";
public $RoleMember = "member";
function __construct()
{
if(empty($db))
{
$this->db = \Zend_Registry::get('db');
}else{
$this->db = $db;
}
$this->config = \Zend_Registry::get('config');
if(!empty($_COOKIE['scr']))
{
$this->scr = $_COOKIE['scr'];
}
if(!empty($_COOKIE['user']))
{
$this->user= $_COOKIE['user'];
}
if(!isset($this->config->auth->domain) && !empty($this->config->auth->domain))
{
$this->rootdomain = $this->config->auth->domain;
}
}
/**
* 检测cookie
*/
public function checkcookie()
{
$uname = $this->user;
$hash = $this->scr;
if(!empty($uname) && !empty($hash))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$uname) || preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$hash))
{
$this->mid=0;
return false;
}
else{
$sql = "select {$this->FieldUsername} as userid,{$this->FieldPasword} as pwd from {$this->memberTable} where {$this->FieldUsername}='$uname'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
$scr = $this->makescr($row['userid'],$row['pwd']);
if($hash == $scr)
{
$this->srpwd=$row['pwd'];
return true;
}
else {
return false;
}
}//cookie安全
}else {
return false;
}//exit
}//function checkcookie
/**
* putcookie
*
* 登陆成功后放置cookie包含安全码
*
* @param String $uname
* @param String $pwd
* @param Int $time
*/
public function putcookie($uname,$pwd,$time = 604800)
{
try {
$scrString = $this->makescr($uname,$pwd);//加密验证串:防止用户密码被盗防止伪造cookie。
if(!is_numeric($time))
{
$time = 604800;
}
if(empty($this->rootdomain))
{
setcookie('user',$uname,time()+$time,'/');
setcookie('scr',$scrString,time()+$time,'/');
}else{
setcookie('user',$uname,time()+$time,'/',$this->rootdomain);
setcookie('scr',$scrString,time()+$time,'/',$this->rootdomain);
}
return true;
} catch (Exception $e) {
return false;
}
}//function putcookie
/**
* 生成安全码
*
* @param String $u
* @param String $p
*/
public function makescr($u,$p)
{
return substr(md5($u.$p.$this->ck),3,20);
}
/**
* 清除cookie
*/
static function flushcookie()
{
setcookie('user','',time()-99999,'/');
setcookie('scr','',time()-99999,'/');
}
public function getUser()
{
$sql = "SELECT * FROM ".$this->memberTable." m ORDER BY m.id DESC";
$rs = $this->db->query($sql);
return $rs->fetchAll();
}
}