bob
/
westdc-zf1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修改子平台用户登录及管理的相关功能

This commit is contained in:
Li Jianxuan 2014-06-05 09:53:18 +00:00
parent 4d8c3abbce
commit 71fac4e412
11 changed files with 478 additions and 415 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
application/admin/controllers/UserController.php
View File

@ -1,7 +1,8 @@
<?php
use Helpers\View as view;
use \Users\Local;
use Helpers\dbh;
use Helpers\PDO;
use Users\Users;
class Admin_UserController extends Zend_Controller_Action
{
function preDispatch()
@ -34,57 +35,21 @@ class Admin_UserController extends Zend_Controller_Action
function listAction()
{
$select=$this->db->select();
$select->from('users')
->where('usertype = ?', 'member')
->order('users.id desc');
view::addPaginator($select,$this,20);
}//listAction
#添加本地用户
function localAction()
{
$this->view->ac = $ac = $this->_getParam('ac');
$submit = $this->_getParam('submit');
$local = new Local();
if(empty($ac))
{
$select=$this->db->select();
$select->from(array('u'=>'users','l'=>'users_local'))
->join(array('l'=>'users_local'),'u.id=l.uid')
->order('u.id desc');
view::addPaginator($select,$this,20);
return;
}
if($ac=='addLocal')
{
if(view::isXmlHttpRequest($this))
{
$status = $local->addLocalUser();
if($status !== true)
{
$this->jsonexit(array('error'=>$status));
return true;
}else{
$this->jsonexit(array('success'=>1));
return true;
}
}else{
}
}
if($ac == 'delete')
{
view::Post($this,$local->deleteUser($this->_getParam('id')),-1);
return;
}
$paginator = Zend_Paginator::factory($select);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage(30);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination.phtml');
$this->view->paginator=$paginator;
}//listAction
function searchAction()
@ -204,10 +169,10 @@ class Admin_UserController extends Zend_Controller_Action
if (isset($id))
{
try {
$sql="select * from users where id=?";
$result=$this->db->query($sql,$id);
$rows = $result->fetch();
$this->view->infos=$rows;
$user = new \Users\Users;
$this->view->infos=$user->getUser($id);
$this->view->usertypes = $user->getUserType();
} catch (Exception $e) {
$this->messenger->addMessage($e->getMessage());
}
@ -276,6 +241,7 @@ class Admin_UserController extends Zend_Controller_Action
$updates=array();
if (isset($id))
{
if(!empty($newpwd)&&!empty($cfnewpwd))
{
if($newpwd==$cfnewpwd)
@ -303,6 +269,7 @@ class Admin_UserController extends Zend_Controller_Action
} catch (Exception $e) {
$this->messenger->addMessage($e->getMessage());
}
$this->_redirect("/admin/user/show/id/$id");
}
else {

79
application/admin/views/scripts/user/adminlist.phtml
View File

@ -2,51 +2,46 @@
$this->headTitle($this->config->title->site);
$this->headTitle('后台管理');
$this->headTitle()->setSeparator(' - ');
# $this->headLink()->appendStylesheet('/css/admin.css');
$this->headLink()->appendStylesheet('/css/admin.css');
$this->breadcrumb('<a href="/">首页</a>');
$this->breadcrumb('<a href="/admin/">后台首页</a>');
$this->breadcrumb('<a href="/admin/user">用户管理</a>');
$this->breadcrumb()->setSeparator(' > ');
?>
<style>
table thead tr th {background:#EBF2F6;color:#444;}
.high{background:#444;color:#FFF;}
</style>
<div class="row-fluid">
<div class="span3"><?= $this->partial('user/left.phtml'); ?></div>
<div class="span9">
<h3>管理员列表</h3>
<hr />
<table class="table table-bordered table-hover table-condensed"><thead>
<thead>
<tr>
<th>用户名</th>
<th>电子邮箱</th>
<th>用户类型</th>
<th>真实姓名</th>
<th>电话</th>
<th>操作</th>
</tr>
</thead>
<?php if (count($this->paginator)): ?>
<?php $autoindex=0;?>
<?php foreach ($this->paginator as $item): ?>
<?php $autoindex++;?>
<tr class="<?php if($autoindex%2 == 0) echo 'even'; else echo 'odd'; ?>">
<td><?= $item['username']?></td>
<td><?= $item['email']; ?></td>
<td><?= $item['usertype']; ?></td>
<td><?= $item['realname']; ?></td>
<td><?= $item['phone']; ?></td>
<td>
<a href='/admin/user/show/id/<?= $item['id'];?>'>查看详细</a>
</td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</table>
<div class="pagenavi"><?= $this->paginator; ?></div>
</div>
<div id="leftPanel">
<?= $this->partial('user/left.phtml'); ?>
</div>
<div id="rightPanel">
<div class="title">管理员列表</div>
<div class=""><a href="/admin/user/adminlist/ac/sync">同步管理员到geonetwork</a></div>
<table>
<thead>
<tr>
<td width='150'>用户名</td>
<td width='250'>电子邮箱</td>
<td width='100'>用户类型</td>
<td width='150'>真实姓名</td>
<td width='150'>电话</td>
<td width='150'>操作</td>
</tr>
</thead>
<?php if (count($this->paginator)): ?>
<?php $autoindex=0;?>
<?php foreach ($this->paginator as $item): ?>
<?php $autoindex++;?>
<tr class="<?php if($autoindex%2 == 0) echo 'even'; else echo 'odd'; ?>">
<td><?= $item['username']?></td>
<td><?= $item['email']; ?></td>
<td><?= $item['usertype']; ?></td>
<td><?= $item['realname']; ?></td>
<td><?= $item['phone']; ?></td>
<td>
<a href='/admin/user/show/id/<?= $item['id'];?>'>查看详细</a>
</td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</table>
<div class="pagenavi"><?= $this->paginator; ?></div>
</div>

42
application/admin/views/scripts/user/index.phtml
View File

@ -2,26 +2,42 @@
$this->headTitle($this->config->title->site);
$this->headTitle('后台管理');
$this->headTitle()->setSeparator(' - ');
$this->headLink()->appendStylesheet('/css/admin.css');
$this->breadcrumb('<a href="/">首页</a>');
$this->breadcrumb('后台管理首页');
$this->breadcrumb()->setSeparator(' > ');
?>
<div id="leftPanel">
<?= $this->partial('user/left.phtml'); ?>
</div>
<div class="row-fluid">
<div class="span3">
<?= $this->partial('user/left.phtml'); ?>
</div>
<div id="rightPanel">
<div><h4>用户总数: <?php echo $this->su['total'];?>,其中管理员: <?php echo $this->suadmin['total'];?></h4></div>
<div class="span9">
<h3>用户总数: <?php echo $this->su['total'];?>,其中管理员: <?php echo $this->suadmin['total'];?></h3>
<hr />
<div>
<h4>搜索用户</h4>
<form action="/admin/user/search/" method="get">
<input type="hidden" name="search" value='1' />
<div>姓名 <input type="text" name="realname" /></div>
<div>单位 <input type="text" name="unit" /></div>
<div>项目 <input type="text" name="project" /></div>
<div><input type="submit" class="btn btn-success" value="搜索" /></div>
<div class="control-group">
<label class="control-label" for="inputName">姓名/用户名</label>
<div class="controls">
<input type="text" id="inputName" placeholder="Name or Username" name="realname" class="input-xxlarge">
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputUnit">单位</label>
<div class="controls">
<input type="text" id="inputUnit" placeholder="Unit" name="unit" class="input-xxlarge">
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputProject">项目</label>
<div class="controls">
<input type="text" id="inputProject" placeholder="Project" name="project" class="input-xxlarge">
</div>
</div>
<div class="control-group">
<input type="hidden" name="search" value="1" />
<button type="submit" class="btn">搜索</button>
</div>
</form>
</div>
</div>

1
application/admin/views/scripts/user/left.phtml
View File

@ -1,7 +1,6 @@
<ul class="nav nav-pills nav-stacked well">
<span class="label"><h4>用户管理</h4></span>
<li><a href="/admin/user/">用户管理首页</a></li>
<li><a href="/admin/user/local">本地账户</a></li>
<li><a href="/admin/user/adminlist">管理员列表</a></li>
<li><a href="/admin/user/list">查看所有账户</a></li>
<li><a href="/admin/user/group">用户组管理</a></li>

60
application/admin/views/scripts/user/list.phtml
View File

@ -7,57 +7,54 @@
$this->breadcrumb('<a href="/admin/user">用户管理</a>');
$this->breadcrumb()->setSeparator(' > ');
?>
<style>
table thead tr th {background:#EBF2F6;color:#444;}
.high{background:#444;color:#FFF;}
</style>
<div class="row-fluid">
<div class="span3">
<div id="leftPanel"><?= $this->partial('user/left.phtml'); ?></div>
<?= $this->partial('user/left.phtml'); ?>
</div>
<div class="span9">
<h3>用户列表</h3>
<hr />
<?php if ($this->msg or $this->messages) :?>
<div id="message">
<div class="alert alert-success">
<button type="button" class="close" data-dismiss="alert">&times;</button>
<?php if ($this->msg) : ?>
<p><?php echo $this->msg; ?></p>
<?php echo $this->msg; ?>
<?php endif; if ($this->messages): foreach($this->messages as $msg): ?>
<p><?php echo $msg; ?></p>
<?php echo $msg; ?>
<?php endforeach;endif; ?>
</div>
<?php endif; ?>
<div id="rightPanel">
<h3>用户列表</h3>
<hr />
<div class="search">
<form action="/admin/user/search/" method="get" class="search input-append">
<div class="search form-inline">
<form action="/admin/user/search/" method="get">
<input type="hidden" name="search" value='1' />
<ul class="inline">
<li><label>姓名</label><input type="text" name="realname" value="<?php echo $this->realname; ?>" class="search-query"/></li>
<li><label>单位</label><input type="text" name="unit" value="<?php echo $this->unit; ?>" class="search-query"/></li>
<li><label>项目</label><input type="text" name="project" value="<?php echo $this->project; ?>" class="search-query"/></li>
<li><input type="submit" class="btn" value="搜索" /></li>
</ul>
<label>姓名</label><input type="text" name="realname" value="<?php echo $this->realname; ?>" />
<label>单位</label><input type="text" name="unit" value="<?php echo $this->unit; ?>" />
<label>项目</label><input type="text" name="project" value="<?php echo $this->project; ?>" />
<button type="submit" value="搜索" class="btn btn-success">搜索</button>
</form>
</div><!-- search DIV -->
<table class="table table-bordered table-hover table-condensed"><thead>
<hr />
<table class="table table-hover">
<thead>
<tr>
<th>用户名</th>
<th>电子邮箱</th>
<th>用户类型</th>
<th>单位</th>
<th>真实姓名</th>
<th>操作</th>
<td width='150'>用户名</td>
<td width='250'>电子邮箱</td>
<td width='100'>用户组</td>
<td width='200'>单位</td>
<td width='100'>真实姓名</td>
<td width='150'>操作</td>
</tr>
</thead><!-- table's head -->
<?php if (count($this->paginator)): ?>
<?php $autoindex=0;?>
<?php foreach ($this->paginator as $item): ?>
<?php $autoindex++;?>
<tr>
<tr class="<?php if($autoindex%2 == 0) echo 'even'; else echo 'odd'; ?>">
<td><?= $item['username']?></td>
<td><?= $item['email']; ?></td>
<td><?= $item['usertype']; ?></td>
@ -75,8 +72,5 @@ table thead tr th {background:#EBF2F6;color:#444;}
<?php endif; ?>
</table>
<div class="pagenavi"><?= $this->paginator; ?></div>
</div>
</div>
</div><!-- span9 -->
</div>

106
application/admin/views/scripts/user/show.phtml
View File

@ -2,72 +2,52 @@
$this->headTitle($this->config->title->site);
$this->headTitle('后台管理');
$this->headTitle()->setSeparator(' - ');
$this->headLink()->appendStylesheet('/css/admin.css');
$this->breadcrumb('<a href="/">首页</a>');
$this->breadcrumb('<a href="/admin/">后台首页</a>');
$this->breadcrumb('<a href="/admin/user">用户管理</a>');
$this->breadcrumb()->setSeparator(' > ');
?>
<div id="leftPanel">
<?= $this->partial('user/left.phtml'); ?>
<div class="row-fluid">
<div class="span3">
<?= $this->partial('user/left.phtml'); ?>
</div>
<div class="span9">
<form name="form1" method="post" action="/admin/user/edit">
<table class="table">
<tr><td width="100">ID</td><td width="600"><?= $this->infos['id'];?></td></tr>
<tr><td>用户名</td><td><?= $this->infos['username'];?></td></tr>
<tr><td>真实姓名</td><td><?= $this->infos['realname'];?></td></tr>
<tr><td>电子邮箱</td><td><?= $this->infos['email'];?></td></tr>
<tr><td>注册时间</td><td><?=$this->infos['ts_created'];?></td></tr>
<tr><td>最后登陆时间</td><td><?= $this->infos['ts_last_login'];?></td></tr>
<tr><td>单位</td><td><?= $this->infos['unit'];?></td></tr>
<tr><td>地址</td><td><?= $this->infos['address'];?></td></tr>
<tr><td>电话</td><td><?= $this->infos['phone'];?></td></tr>
<tr><td>项目</td><td><?= $this->infos['project'];?></td></tr>
<tr><td>用户组</td><td>
<select name="usertype">
<?php foreach($this->usertypes as $k=>$v){ ?>
<option value="<?= $v ?>" <?= $this->infos['usertype'] == $v ? 'selected="selected"':"" ?>><?= $k ?></option>
<?php } ?>
</select>
</td></tr>
<tr><td>用户密码</td><td><input type='password' name="newpwd" /></td></tr>
<tr><td>确认用户密码</td><td><input type='password' name="cfnewpwd" /></td></tr>
</table>
<input type='hidden' value="<?php echo $this->infos['id'];?>" name='id' />
<input type="submit" value="提交" class="btn btn-primary" />
</form>
<form name="lostpwd" action="/admin/user/fetchpwd">
<input type="hidden" name="id" value="<?= $this->infos['id'];?>" />
<input type="hidden" name="email" value="<?= $this->infos['email'];?>" />
<input type="submit" value="为他执行Eamil重置密码" class="btn btn-default" />
</form>
<form name="lostpwd" action="/admin/user/delete">
<input type="hidden" name="id" value="<?= $this->infos['id'];?>" />
<input type="hidden" name="uname" value="<?= $this->infos['username'];?>" />
<input type="submit" value="删除该用户" class="btn btn-default" />
</form>
<a href="/admin/user/userauth/uid/<?= $this->infos['id'];?>">编辑权限</a>
</div>
</div>
<?php if ($this->msg or $this->messages) :?>
<div id="message">
<?php if ($this->msg) : ?>
<p><?php echo $this->msg; ?></p>
<?php endif; if ($this->messages): foreach($this->messages as $msg): ?>
<p><?php echo $msg; ?></p>
<?php endforeach;endif; ?>
</div>
<?php endif; ?>
<div id="rightPanel">
<form name="form1" method="post" action="/admin/user/edit">
<table>
<tr><td width="100">ID</td><td width="600"><?= $this->infos['id'];?></td></tr>
<tr><td>用户名</td><td><?= $this->infos['username'];?></td></tr>
<tr><td>真实姓名</td><td><?= $this->infos['realname'];?></td></tr>
<tr><td>电子邮箱</td><td><?= $this->infos['email'];?></td></tr>
<tr><td>注册时间</td><td><?=$this->infos['ts_created'];?></td></tr>
<tr><td>最后登陆时间</td><td><?= $this->infos['ts_last_login'];?></td></tr>
<tr><td>单位</td><td><?= $this->infos['unit'];?></td></tr>
<tr><td>地址</td><td><?= $this->infos['address'];?></td></tr>
<tr><td>电话</td><td><?= $this->infos['phone'];?></td></tr>
<tr><td>项目</td><td><?= $this->infos['project'];?></td></tr>
<tr><td>用户权限</td><td>
<select name="usertype">
<?php
if ($this->infos['usertype']=='member')
{ echo "
<option value='member' selected='selected'>普通会员</option>
<option value='administrator'>系统管理员</option>
";}
else if($this->infos['usertype']=='administrator')
{ echo "<option value='administrator' selected='selected'>系统管理员</option>
<option value='member'>普通会员</option>
";}
?>
</select>
</td></tr>
<tr><td>用户密码</td><td><input type='password' name="newpwd" /></td></tr>
<tr><td>确认用户密码</td><td><input type='password' name="cfnewpwd" /></td></tr>
</table>
<input type='hidden' value="<?php echo $this->infos['id'];?>" name='id' />
<input type="submit" value="提交" />
</form>
<form name="lostpwd" action="/admin/user/fetchpwd">
<input type="hidden" name="id" value="<?= $this->infos['id'];?>" />
<input type="hidden" name="email" value="<?= $this->infos['email'];?>" />
<input type="submit" value="为他执行Eamil重置密码"/>
</form>
<form name="lostpwd" action="/admin/user/delete">
<input type="hidden" name="id" value="<?= $this->infos['id'];?>" />
<input type="hidden" name="uname" value="<?= $this->infos['username'];?>" />
<input type="submit" value="删除该用户"/>
</form>
<a href="/admin/user/userauth/uid/<?= $this->infos['id'];?>">编辑权限</a>

233
application/default/controllers/AccountController.php
View File

@ -251,47 +251,74 @@ class AccountController extends Zend_Controller_Action
function registerAction()
{
$form = new RegisterForm();
$this->view->form = $form;
$request = new \Zend_Controller_Request_Http();
if($request->isXmlHttpRequest())
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
if ($this->_request->isPost()) {
$formData = $this->_request->getPost();
if ($form->isValid($formData)) {
$ut = new UsersTable();
$u = $ut->createRow();
$u->username = $form->getValue('username');
$u->password = $form->getValue('password');
$u->email=$form->getValue('email');
if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
if ($form->getValue('address')) $u->address=$form->getValue('address');
if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
if ($form->getValue('project')) $u->project=$form->getValue('project');
if ($u->save()) {
//发送欢迎邮件
$mail=new WestdcMailer($this->view->config->smtp);
$body=file_get_contents($this->view->config->register->email->template);
$body=str_replace("[username]",$formData['username'],$body);
$mail->setBodyText($body);
$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
$mail->addTo($formData['email']);
//中文标题有乱码在1.5版本中尚未解决
//ref: http://framework.zend.com/issues/browse/ZF-2532
$mail->setSubject('欢迎使用中国西部环境与生态数据中心');
$mail->send();
$account = new Account();
$data = $account->getParam($this->_request);
//自动登录系统
$this->login($formData['username'],$formData['password']);
$result = $account->register($data);
if(!empty($result))
{
$this->jsonexit($result);
return true;
}
$this->jsonexit(array('error'=>'|o| 服务器掉链子了,请重试'));
return true;
}else{
//$this->_helper->layout->disableLayout();
}
$success=false;
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity())
$this->_redirect('/');
$submit = $this->_getParam('submit');
if(!empty($submit))
{
$account = new Account();
$this->view->data = $data = $account->getParam($this->_request);
$result = $account->register($data);
if(!empty($result))
{
if(isset($result['error']))
{
$this->view->place = $result['place'];
$this->view->error = $result['error'];
return true;
}
} else {
$form->populate($formData);
}
if(isset($result['success']))
{
$this->_redirect('/');
return true;
}
}else{
$this->view->error = "处理中出现问题";
return true;
}
}
}//用户注册
function loginAction()
{
$request = new \Zend_Controller_Request_Http();
if($request->isXmlHttpRequest())
{
}
$captcha = new Captcha();
$success=false;
$options = array(
@ -303,152 +330,62 @@ class AccountController extends Zend_Controller_Action
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity())
{
view::Post($this,"您已经登录,无需重复登录",-1);
return true;
if($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login")
{
$this->_redirect("/");
}else{
$this->_redirect($_SERVER['REQUEST_URI']);
}
}
$tohref = $this->_request->getParam('href');
if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login"))
if($_SERVER['REQUEST_URI'] !== "/account/login")
{
$this->view->href = $_SERVER['REQUEST_URI'];
}
if($tohref == "/account/login")
{
$this->view->href = $tohref = "/";
}else{
$this->view->href = "/";
}
if(!empty($tohref))
{
$this->view->href = $tohref;
}
$captcha = new Captcha();
//登录表单提交
$submit = $this->_getParam("submit");
if(!$this->_getParam('submit'))
if(!empty($submit))
{
$this->view->captcha = $captcha->setCaptcha();
return false;
}
$url = "http://sanjiangyuan/account/login";
$param = array(
$data = array(
'username' => $this->_getParam('username'),
'password' => $this->_getParam('password'),
'captchaword' => trim($this->_request->getParam('captcha'))
'password' => $this->_getParam('password')
);
$captchaword = $param['captchaword'];
$account = new Account();
$result = $account->login($data);
#用户名校验
if(strlen($param['username'])<6)
if(!empty($result))
{
$this->view->error = '用户名不能少于6个字符';
if(isset($result['error']))
{
$this->view->error = $result['error'];
$this->view->captcha = $captcha->setCaptcha();
return true;
}
if(strlen($param['username'])>20)
if(isset($result['success']))
{
$this->view->error = '用户名不能超过20个字符';
$this->view->captcha = $captcha->setCaptcha();
$this->_redirect($this->view->href);
return true;
}
if(!preg_match("/^[a-zA-Z][a-zA-Z0-9_]{4,19}$/",$param['username']))
{
$this->view->error = '用户名只能包含英文字母及数字';
$this->view->captcha = $captcha->setCaptcha();
return true;
}
#密码校验
$match = "/[\"|'|\\\]/i";
if(preg_match($match,$param['password']) )
{
$this->view->error = '密码中包含非法字符,请重新输入';
$this->view->captcha = $captcha->setCaptcha();
return true;
}
if(empty($param['password']))
{
$this->view->error = '请输入密码';
$this->view->captcha = $captcha->setCaptcha();
return true;
}
if(strlen($param['password'])<6)
{
$this->view->error ='密码太短';
$this->view->captcha = $captcha->setCaptcha();
return true;
}
if(strlen($param['password'])>20)
{
$this->view->error ="密码长度不能超过20个字符";
$this->view->captcha = $captcha->setCaptcha();
return true;
}
#验证码校验
if(empty($captchaword))
{
$this->view->error = "请输入验证码";
$this->view->captcha = $captcha->setCaptcha();
return true;
}
if(!isset($_SESSION['captcha']))
{
$_SESSION['captcha'] = md5(time());
}
if ($captchaword != $_SESSION['captcha']) {
$this->view->captcha = $captcha->setCaptcha();
$this->view->error = "验证码错误";
return true;
}
$encoded_param = json_encode($param,JSON_NUMERIC_CHECK);
$encoded_param = \Helpers\MCrypt::encrypt($encoded_param,"DY7567");
$curl = new Curl();
$curl->port = 80;
$curl->initOptions(array('verifyssl'=>false));
$curl->H = array(
'X-Requested-With: XMLHttpRequest'
);
$data = $curl->request($url,array('data'=>$encoded_param),"POST");
$KEY = \Helpers\MCrypt::decrypt($data['response'],"CH6668");
$cache_data = json_decode($KEY);
if (isset($cache_data -> error))
{
$this->view->error =$cache_data -> error;
return;
}
$Users = new Users();
if(!$Users -> storeNewAuthCredential($cache_data))
{
$this-> view->error ="登录失败,请重新登录。";
return;
}else{
view::Post($this,"登录成功!",$tohref);
}
$this->view->captcha = $captcha->setCaptcha();
$this->view->error = "处理中出现问题";
return true;
}
}
$this->view->captcha = $captcha->setCaptcha();
}//登陆
function captchaAction()

144
application/module/Users/AclManager.php Normal file
View File

@ -0,0 +1,144 @@
<?php
namespace Users;
use Zend_Acl;
use Zend_Acl_Role;
use Zend_Acl_Resource;
class AclManager extends \Zend_Controller_Plugin_Abstract
{
// default user role if not logged or (or invalid role found)
private $_defaultRole = 'guest';
// the action to dispatch if a user doesn't have sufficient privileges
private $_authController = array(
'module'=>'',
'controller' => 'account',
'action' => 'login'
);
private $_adminRole;
public function __construct(\Zend_Auth $auth)
{
$config = \Zend_Registry::get('config');
$this->_adminRole = $config->auth->identifier;
$this->db=\Zend_Registry::get('db');
$this->auth = $auth;
$this->acl = new Zend_Acl();
// add the different user roles
$this->acl->addRole(new Zend_Acl_Role($this->_defaultRole));
$this->acl->addRole(new Zend_Acl_Role('member'));
$this->acl->addRole(new Zend_Acl_Role($this->_adminRole), 'member');
// add the resources we want to have control over
$this->acl->add(new Zend_Acl_Resource('account'));
$this->acl->add(new Zend_Acl_Resource('data'));
$this->acl->add(new Zend_Acl_Resource('water'));
$this->acl->add(new Zend_Acl_Resource('admin'));
$this->acl->add(new Zend_Acl_Resource('upload'));
$this->acl->add(new Zend_Acl_Resource('author'));
$this->acl->add(new Zend_Acl_Resource('heihe'));
// allow access to everything for all users by default
// except for the account management and administration areas
$this->acl->allow();
$this->acl->deny(null, 'account');
$this->acl->deny(null, 'admin');
$this->acl->deny(null, 'author');
// add an exception so guests can log in or register
// in order to gain privilege
$this->acl->allow('guest', 'account', array('login',
'logout',
'captcha',
'fetchpwd',
'register',
'registercomplete'));
$this->acl->deny('guest','data',array('download','order'));
$this->acl->deny('guest','water',array('download','order'));
$this->acl->deny('guest','heihe',array('submit'));
// allow members access to the account management area
$this->acl->allow('guest','author',array('index'));
$this->acl->allow('member', 'account');
$this->acl->allow('member', 'author');
// allows administrators access to the admin area
$this->acl->allow($this->_adminRole, 'admin');
}
/**
* preDispatch
*
* Before an action is dispatched, check if the current user
* has sufficient privileges. If not, dispatch the default
* action instead
*
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(\Zend_Controller_Request_Abstract $request)
{
$phpSessId = $request->getParam('PHPSESSID');
if (!empty($phpSessId) && session_id() != $phpSessId) {
session_destroy();
session_id($phpSessId);
session_start();
}
// check if a user is logged in and has a valid role,
// otherwise, assign them the default role (guest)
if(!$this->auth->hasIdentity())
{
$mb = new \member();
$mb->db=$this->db;
if($mb->checkcookie())
{
$auth = Zend_Auth::getInstance();
$authAdapter = new Zend_Auth_Adapter_DbTable($this->db);
$authAdapter->setTableName('users')
->setIdentityColumn('username')
->setCredentialColumn('password');
$authAdapter->setIdentity($mb->user)->setCredential($mb->srpwd);
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
$data = $authAdapter->getResultRowObject(null,'password');
//头像
include_once("Avatar.php");
$avatar = new Avatar();
$data->avatar = $avatar->Get($data->email,40);
//组ID
include_once("Users.php");
$usr = new Users($this->db);
$data->gid = $usr->getGroup($data->id);
$auth->getStorage()->write($data);
$this->db->query("update users set ts_last_login=now() where username=?",array($mb->user));
}
}
}
if ($this->auth->hasIdentity())
$role = $this->auth->getIdentity()->usertype;
else
$role = $this->_defaultRole;
if (!$this->acl->hasRole($role))
$role = $this->_defaultRole;
// the ACL resource is the requested controller name
$resource = $request->controller;
if ($request->module<>"default") $resource=$request->module;
// the ACL privilege is the requested action name
$privilege = $request->action;
if ($request->module<>"default") $privilege = $request->controller;
// if we haven't explicitly added the resource, check
// the default global permissions
if (!$this->acl->has($resource))
$resource = null;
// access denied - reroute the request to the default action handler
if (!$this->acl->isAllowed($role, $resource, $privilege)) {
$request->setModuleName($this->_authController['module']);
$request->setControllerName($this->_authController['controller']);
$request->setActionName($this->_authController['action']);
}
}
}

2
application/module/Users/Local.php
View File

@ -26,7 +26,7 @@ class Local extends \Zend_Controller_Plugin_Abstract
$this->db = $db;
}
$this->config = \Zend_Registry::get('6config');
$this->config = \Zend_Registry::get('config');
$this->table = new \Helpers\Table();

31
application/module/Users/Users.php
View File

@ -37,6 +37,37 @@ class Users extends \Zend_Controller_Plugin_Abstract
}
}
//初始化用户类型
public function initUserType()
{
$this->usertype = array(
'普通会员' => 'member',
$this->config->auth->groupname => $this->config->auth->indentifier
);
}
//获取用户类型
public function getUserType()
{
$this->initUserType();
return $this->usertype;
}
//通过ID获取User信息
public function getUser($id)
{
$sql="select * from users where id=?";
$result=$this->db->query($sql,$id);
$rows = $result->fetch();
return $rows;
}
public function getUserInfo($id)
{
return $this->getUser($id);
}
//通过email地址返回用户信息是否存在
public function userExists($email = NULL)
{

4
htdocs/index.php
View File

@ -4,7 +4,7 @@ ini_set('display_errors', 1);
date_default_timezone_set('Asia/Shanghai');
// directory setup and class loading
set_include_path('.' . PATH_SEPARATOR . '../include/'
set_include_path('.' . PATH_SEPARATOR . 'F:/library/zf1/library'
. PATH_SEPARATOR . 'D:/library/zf1'
. PATH_SEPARATOR . '../application/models'
. PATH_SEPARATOR . '../application/module'
@ -40,7 +40,7 @@ $frontController->setControllerDirectory(array(
'default' => '../application/default/controllers',
'admin' => '../application/admin/controllers'));
$frontController->registerPlugin(new CustomControllerAclManager($auth));
$frontController->registerPlugin(new \Users\AclManager($auth));
Zend_Layout::startMvc(array('layoutPath'=>'../application/layouts'));
$router = new Zend_Controller_Router_Rewrite();
$router->addConfig($config, 'routes');