From 64222944d00c2def3f9a222a7dda82d7854e9416 Mon Sep 17 00:00:00 2001 From: Li Jianxuan Date: Tue, 15 Jul 2014 08:04:23 +0000 Subject: [PATCH] =?UTF-8?q?=E6=81=A2=E5=A4=8D=E7=94=A8=E6=88=B7=E4=BF=A1?= =?UTF-8?q?=E6=81=AF=E7=BC=96=E8=BE=91=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../default/controllers/AccountController.php | 744 +++++++++++------- .../views/scripts/account/secure.phtml | 164 ++-- 2 files changed, 551 insertions(+), 357 deletions(-) diff --git a/application/default/controllers/AccountController.php b/application/default/controllers/AccountController.php index bc4e227d..caf143c1 100755 --- a/application/default/controllers/AccountController.php +++ b/application/default/controllers/AccountController.php @@ -1,275 +1,469 @@ -view->config = Zend_Registry::get('config'); - $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI')); - $this->db=Zend_Registry::get('db'); - $this->view->Theme = new Theme(); - } - - function indexAction() - { - $submit = $this->_getParam('submit'); - - $account = new Account(); - - if(!empty($submit)) - { - $data = $account->getEditParam($this->_request); - $Listener = new EditListener(); - @$account->events()->attachAggregate($Listener); - $this->view->section = $type = $this->_getParam('type'); - $status = $account->edit($data,$type); - if($status !== true) - { - $this->view->error = view::Error($status); - }else{ - $this->view->error = view::Error("修改成功","alert-success"); - } - } - - $user = $account->getAccountInfo(); - $av = new Gravatar(); - $this->view->avatar = $av->Get($user['email'],100); - $this->view->user = $user; - } - - function loginAction() - { - $request = new \Zend_Controller_Request_Http(); - if($request->isXmlHttpRequest()) - { - $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - - $data = $this->_getParam('data'); - if(empty($data)) - { - $this->jsonexit(array('error'=>'服务器掉链子了,请重试')); - } - - $data = \Helpers\MCrypt::decrypt($data,"DY7567"); - $data = json_decode($data,true); - - $account = new Account(); - $result = $account->login($data,true); - - if(!empty($result)) - { - $content = json_encode($result,JSON_NUMERIC_CHECK); - echo \Helpers\MCrypt::encrypt($content,"CH6668"); - return true; - } - - $this->jsonexit(array('error'=>'服务器掉链子了,请重试')); - - return true; - } - - $success=false; - - $options = array( - 'module' => $this->_request->getModuleName(), - 'controller' => $this->_request->getControllerName(), - 'action' => $this->_request->getActionName(), - ); - - $auth = Zend_Auth::getInstance(); - if ($auth->hasIdentity()) - { - if($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login") - { - $this->_redirect("/"); - }else{ - $this->_redirect($_SERVER['REQUEST_URI']); - } - } - - $tohref = $this->_request->getParam('href'); - - if($_SERVER['REQUEST_URI'] !== "/account/login") - { - $this->view->href = $_SERVER['REQUEST_URI']; - }else{ - $this->view->href = "/"; - } - - if(!empty($tohref)) - { - $this->view->href = $tohref; - } - - $submit = $this->_getParam("submit"); - - if(!empty($submit)) - { - $data = array( - 'username' => $this->_getParam('username'), - 'password' => $this->_getParam('password') - ); - - $account = new Account(); - $result = $account->login($data); - - if(!empty($result)) - { - if(isset($result['error'])) - { - $this->view->error = $result['error']; - return true; - } - if(isset($result['success'])) - { - $this->_redirect($this->view->href); - return true; - } - }else{ - $this->view->error = "处理中出现问题"; - return true; - } - } - }//登陆 - - public function jsonexit($data){ - $this->getResponse()->setHeader('Content-Type', 'application/json')->appendBody(Zend_Json::encode($data)); - return true; - } - - function registerAction() - { - $request = new \Zend_Controller_Request_Http(); - if($request->isXmlHttpRequest()) - { - $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - - $account = new Account(); - $data = $account->getParam($this->_request); - - $result = $account->register($data); - - if(!empty($result)) - { - $this->jsonexit($result); - return true; - } - - $this->jsonexit(array('error'=>'|o| 服务器掉链子了,请重试')); - - return true; - }else{ - //$this->_helper->layout->disableLayout(); - } - - - $success=false; - - $auth = Zend_Auth::getInstance(); - if ($auth->hasIdentity()) - $this->_redirect('/'); - - $submit = $this->_getParam('submit'); - if(!empty($submit)) - { - $account = new Account(); - $this->view->data = $data = $account->getParam($this->_request); - $result = $account->register($data); - - if(!empty($result)) - { - if(isset($result['error'])) - { - $this->view->place = $result['place']; - $this->view->error = $result['error']; - return true; - } - if(isset($result['success'])) - { - $this->_redirect('/'); - return true; - } - }else{ - $this->view->error = "处理中出现问题"; - return true; - } - } - }//用户注册 - - //退出登录 - function logoutAction() - { - $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - - $auth = Zend_Auth::getInstance(); - - if ($auth->hasIdentity()) - { - $auth->clearIdentity(); - Users\Member::flushcookie(); - $this->_redirect('/'); - } - } - - //找回密码 - function forgotpasswordAction() - { - $this->_helper->layout->disableLayout(); - - $submit = $this->_getParam('submit'); - - if(!empty($submit)) - { - $email = $this->_getParam('email'); - $account = new Account(); - $status = $account->getMyPassword($email); - if(isset($status['error']) && !empty($status['error'])) - { - $this->view->error = $status['error']; - }else{ - $this->view->msg = "申请成功!请在您的邮箱中查看密码重置邮件"; - } - } - } - - //重置密码 - function getpasswordAction() - { - $this->_helper->layout->disableLayout(); - - $submit = $this->_getParam('submit'); - - if(!empty($submit)) - { - $data = array( - 'username' => $this->_getParam('username'), - 'password' => $this->_getParam('password'), - 'confirm_password' => $this->_getParam('confirm_password'), - 'salt' => $this->_getParam('salt') - ); - $account = new Account(); - $status = $account->resetPassword($data); - if(isset($status['error']) && !empty($status['error'])) - { - $this->view->error = $status['error']; - }else{ - $this->view->msg = "您的密码已经成功更改,请点击这里登陆"; - } - } - }//getpasswordAction() - -} - +view->config = Zend_Registry::get('config'); + $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI')); + $this->db=Zend_Registry::get('db'); + $this->view->Theme = new Theme(); + } + + function indexAction() + { + $this->view->pageID = "account-index"; + + include_once("Users.php"); + $usr = new Users($this->db); + + $auth = Zend_Auth::getInstance(); + if($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $uid = $user->id; + } + + include_once("Avatar.php"); + $avatar = new Avatar(); + $this->view->avatar = $avatar->Get($user->email,140); + + $this->view->info = $usr->getUserInfo($uid); + } + + function loginAction() + { + $request = new \Zend_Controller_Request_Http(); + if($request->isXmlHttpRequest()) + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $data = $this->_getParam('data'); + if(empty($data)) + { + $this->jsonexit(array('error'=>'服务器掉链子了,请重试')); + } + + $data = \Helpers\MCrypt::decrypt($data,"DY7567"); + $data = json_decode($data,true); + + $account = new Account(); + $result = $account->login($data,true); + + if(!empty($result)) + { + $content = json_encode($result,JSON_NUMERIC_CHECK); + echo \Helpers\MCrypt::encrypt($content,"CH6668"); + return true; + } + + $this->jsonexit(array('error'=>'服务器掉链子了,请重试')); + + return true; + } + + $success=false; + + $options = array( + 'module' => $this->_request->getModuleName(), + 'controller' => $this->_request->getControllerName(), + 'action' => $this->_request->getActionName(), + ); + + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + { + if($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login") + { + $this->_redirect("/"); + }else{ + $this->_redirect($_SERVER['REQUEST_URI']); + } + } + + $tohref = $this->_request->getParam('href'); + + if($_SERVER['REQUEST_URI'] !== "/account/login") + { + $this->view->href = $_SERVER['REQUEST_URI']; + }else{ + $this->view->href = "/"; + } + + if(!empty($tohref)) + { + $this->view->href = $tohref; + } + + $submit = $this->_getParam("submit"); + + if(!empty($submit)) + { + $data = array( + 'username' => $this->_getParam('username'), + 'password' => $this->_getParam('password') + ); + + $account = new Account(); + $result = $account->login($data); + + if(!empty($result)) + { + if(isset($result['error'])) + { + $this->view->error = $result['error']; + return true; + } + if(isset($result['success'])) + { + $this->_redirect($this->view->href); + return true; + } + }else{ + $this->view->error = "处理中出现问题"; + return true; + } + } + }//登陆 + + public function jsonexit($data){ + $this->getResponse()->setHeader('Content-Type', 'application/json')->appendBody(Zend_Json::encode($data)); + return true; + } + + function registerAction() + { + $request = new \Zend_Controller_Request_Http(); + if($request->isXmlHttpRequest()) + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $account = new Account(); + $data = $account->getParam($this->_request); + + $result = $account->register($data); + + if(!empty($result)) + { + $this->jsonexit($result); + return true; + } + + $this->jsonexit(array('error'=>'|o| 服务器掉链子了,请重试')); + + return true; + }else{ + //$this->_helper->layout->disableLayout(); + } + + + $success=false; + + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + $this->_redirect('/'); + + $submit = $this->_getParam('submit'); + if(!empty($submit)) + { + $account = new Account(); + $this->view->data = $data = $account->getParam($this->_request); + $result = $account->register($data); + + if(!empty($result)) + { + if(isset($result['error'])) + { + $this->view->place = $result['place']; + $this->view->error = $result['error']; + return true; + } + if(isset($result['success'])) + { + $this->_redirect('/'); + return true; + } + }else{ + $this->view->error = "处理中出现问题"; + return true; + } + } + }//用户注册 + + //退出登录 + function logoutAction() + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $auth = Zend_Auth::getInstance(); + + if ($auth->hasIdentity()) + { + $auth->clearIdentity(); + Users\Member::flushcookie(); + $this->_redirect('/'); + } + } + + //找回密码 + function forgotpasswordAction() + { + $this->_helper->layout->disableLayout(); + + $submit = $this->_getParam('submit'); + + if(!empty($submit)) + { + $email = $this->_getParam('email'); + $account = new Account(); + $status = $account->getMyPassword($email); + if(isset($status['error']) && !empty($status['error'])) + { + $this->view->error = $status['error']; + }else{ + $this->view->msg = "申请成功!请在您的邮箱中查看密码重置邮件"; + } + } + } + + //重置密码 + function getpasswordAction() + { + $this->_helper->layout->disableLayout(); + + $submit = $this->_getParam('submit'); + + if(!empty($submit)) + { + $data = array( + 'username' => $this->_getParam('username'), + 'password' => $this->_getParam('password'), + 'confirm_password' => $this->_getParam('confirm_password'), + 'salt' => $this->_getParam('salt') + ); + $account = new Account(); + $status = $account->resetPassword($data); + if(isset($status['error']) && !empty($status['error'])) + { + $this->view->error = $status['error']; + }else{ + $this->view->msg = "您的密码已经成功更改,请点击这里登陆"; + } + } + }//getpasswordAction() + + function editAction() + { + $this->view->pageID = "account-edit"; + + include_once("Users.php"); + $usr = new Users($this->db); + + $auth = Zend_Auth::getInstance(); + if($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $uid = $user->id; + } + + include_once("Avatar.php"); + $avatar = new Avatar(); + $this->view->avatar = $avatar->Get($user->email,140); + + $this->view->projectType = array( + "无" => '', + "国家973计划项目课题" => "国家973计划项目课题", + "国家863计划课题"=>"国家863计划课题", + "国家级科技支撑课题" => "国家级科技支撑课题", + "国家级科技重大专项" => "国家级科技重大专项", + "国家级国家重大工程" => "国家级国家重大工程", + "国家级国家自然科学基金" => "国家级国家自然科学基金", + "国际合作项目"=>"国际合作项目", + "省部级项目" => "省部级项目", + "其他项目工程" => "其他项目工程", + ); + + $submit = $this->_getParam('submit'); + + if(!empty($submit)) + { + $data = $this->AccountEditParamFilter(); + + if($this->db->update("users",$data,"id=$uid")) + { + $this->view->AlertType = "alert-success"; + $this->view->msg = "修改成功!"; + $this->view->jump_url = "/account/edit"; + return true; + }else{ + $this->view->AlertType = "alert-error"; + $this->view->error = "修改失败,请重试"; + $this->view->info = $data; + return true; + } + }else{ + $this->view->info = $usr->getUserInfo($uid); + } + } + + function AccountEditParamFilter(){ + $data = array(); + $data['realname'] = substr(trim($this->_getParam('realname')),0,40); + $data['unit'] = substr(trim($this->_getParam('unit')),0,100); + $data['address'] = substr(trim($this->_getParam('address')),0,100); + $data['phone'] = substr(trim($this->_getParam('phone')),0,15); + $data['postcode'] = substr(trim($this->_getParam('postcode')),0,15); + $data['project_type'] = substr(trim($this->_getParam('project_type')),0,100); + $data['project_id'] = substr(trim($this->_getParam('project_id')),0,40); + $data['project_title'] = substr(trim($this->_getParam('project_title')),0,100); + $data['project'] = substr(trim($this->_getParam('project')),0,600); + + foreach($data as $k=>$v) + { + $data[$k] = $this->StringFilter($v); + } + + return $data; + } + + function StringFilter($string){ + $string = preg_replace ('/<[^>]*>/', ' ', $string); + return $string; + } + + function secureAction() + { + $this->view->pageID = "account-secure"; + + include_once("Users.php"); + $usr = new Users($this->db); + + $auth = Zend_Auth::getInstance(); + if($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $uid = $user->id; + } + + $opt = $this->_getParam('opt'); + $submit = $this->_getParam('submit'); + + if(empty($opt)) + { + $this->view->section = "password"; + if(!empty($submit)) + { + $data = $this->AccountSecureParamFilter(); + + $this->view->AlertType = "alert-error"; + if(strlen($data['password'])>18 || strlen($data['new_password'])>18) + { + $this->view->error = view::Error("密码过长"); + return true; + } + if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6) + { + $this->view->error = view::Error("密码过短,请输入大于6位的密码"); + return true; + } + if(md5($data['new_password']) != md5($data['new_password_confrim'])) + { + $this->view->error = view::Error("两次输入的密码不相同"); + return true; + } + + $sql = "SELECT password FROM users WHERE id=$uid"; + $rs = $this->db->query($sql); + $row = $rs->fetch(); + + if(md5($data['password']) != $row['password']) + { + $this->view->error = view::Error("原密码不正确"); + return true; + } + + $data['password'] = md5($data['new_password']); + + unset($data['new_password']); + unset($data['new_password_confrim']); + + if($this->db->update("users",$data,"id=$uid")) + { + view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure')); + return true; + }else{ + $this->view->error = view::Error("修改失败"); + return true; + } + }else{ + $this->view->info = $usr->getUserInfo($uid); + } + }//password + + if($opt == "email") + { + $this->view->section = "email"; + if(!empty($submit)) + { + $email = $this->_getParam('email'); + $password = $this->_getParam('password'); + + if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email)) + { + $this->view->error = view::Error("错误的邮箱格式"); + return true; + } + + $sql = "SELECT password FROM users WHERE id=$uid"; + $rs = $this->db->query($sql); + $row = $rs->fetch(); + + if(md5($password) != $row['password']) + { + $this->view->error = view::Error("原密码错误"); + return true; + } + + $data['email'] = $email; + + if($this->db->update("users",$data,"id=$uid")) + { + view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure')); + return true; + }else{ + $this->view->error = view::Error("修改失败"); + return true; + } + }else{ + $this->view->info = $usr->getUserInfo($uid); + } + }//email + } + + function AccountSecureParamFilter(){ + $data = array(); + $data['password'] = trim($this->_getParam('password')); + $data['new_password'] = trim($this->_getParam('new_password')); + $data['new_password_confrim'] = trim($this->_getParam('new_password_confrim')); + foreach($data as $k=>$v) + { + $data[$k] = $this->StringFilter($v); + } + return $data; + } + +} + diff --git a/application/default/views/scripts/account/secure.phtml b/application/default/views/scripts/account/secure.phtml index 9ce66cb2..fb0d1537 100644 --- a/application/default/views/scripts/account/secure.phtml +++ b/application/default/views/scripts/account/secure.phtml @@ -1,82 +1,82 @@ -headTitle($this->config->title->site); - $this->headTitle('我的账户'); - $this->headTitle()->setSeparator(' - '); - $this->theme->AppendPlus($this,'colorbox'); -?> -
-
-
- partial('account/left.phtml'); ?> -
-
-
-

修改安全性设置

-
-
-
    -
  • section == "email" || empty($this->section)) echo 'class="active"'?>>电子邮箱
    • -
  • section == "password") echo 'class="active"'?>>修改密码
    • -
- error)) { ?> - error ?> - -
-
section)) echo 'active'?>" id="tab2"> -
-
-
- -
- -
-
-
- -
- - 如果要修改邮箱,请输入原密码 -
-
-
- - - -
-
-
-
-
" id="tab3"> -
-
-
- -
- - 如果要修改密码,请输入原密码 -
-
-
- -
- -
-
-
- -
- -
-
-
- - - -
-
-
-
-
-
-
-
+headTitle($this->config->title->site); + $this->headTitle('我的账户'); + $this->headTitle()->setSeparator(' - '); + //$this->theme->AppendPlus($this,'colorbox'); +?> +
+
+
+ partial('account/left.phtml'); ?> +
+
+
+

修改安全性设置

+
+
+
    +
  • section == "email" || empty($this->section)) echo 'class="active"'?>>电子邮箱
    • +
  • section == "password") echo 'class="active"'?>>修改密码
    • +
+ error)) { ?> + error ?> + +
+
section)) echo 'active'?>" id="tab2"> +
+
+
+ +
+ +
+
+
+ +
+ + 如果要修改邮箱,请输入原密码 +
+
+
+ + + +
+
+
+
+
" id="tab3"> +
+
+
+ +
+ + 如果要修改密码,请输入原密码 +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ + + +
+
+
+
+
+
+
+