diff --git a/application/default/controllers/AccountController.php b/application/default/controllers/AccountController.php
index 2ef1b970..37691bc2 100755
--- a/application/default/controllers/AccountController.php
+++ b/application/default/controllers/AccountController.php
@@ -1,634 +1,607 @@
-view->config = Zend_Registry::get('config');
- $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
- $this->db = Zend_Registry::get('db');
- $this->view->messages = $this->messenger->getMessages();
- $this->view->theme = new Theme();
- }
-
- function indexAction()
- {
- $this->view->pageID = "account-index";
-
- include_once("Users.php");
- $usr = new Users($this->db);
-
- $auth = Zend_Auth::getInstance();
- if($auth->hasIdentity())
- {
- $user = $auth->getIdentity();
- $uid = $user->id;
- }
-
- include_once("Avatar.php");
- $avatar = new Avatar();
- $this->view->avatar = $avatar->Get($user->email,140);
-
- $this->view->info = $usr->getUserInfo($uid);
- }
-
- function editAction()
- {
- $this->view->pageID = "account-edit";
-
- include_once("Users.php");
- $usr = new Users($this->db);
-
- $auth = Zend_Auth::getInstance();
- if($auth->hasIdentity())
- {
- $user = $auth->getIdentity();
- $uid = $user->id;
- }
-
- include_once("Avatar.php");
- $avatar = new Avatar();
- $this->view->avatar = $avatar->Get($user->email,140);
-
- $this->view->projectType = array(
- "无" => '',
- "国家973计划项目课题" => "国家973计划项目课题",
- "国家863计划课题"=>"国家863计划课题",
- "国家级科技支撑课题" => "国家级科技支撑课题",
- "国家级科技重大专项" => "国家级科技重大专项",
- "国家级国家重大工程" => "国家级国家重大工程",
- "国家级国家自然科学基金" => "国家级国家自然科学基金",
- "国际合作项目"=>"国际合作项目",
- "省部级项目" => "省部级项目",
- "其他项目工程" => "其他项目工程"
- );
-
- $submit = $this->_getParam('submit');
-
- if(!empty($submit))
- {
- $data = $this->AccountEditParamFilter();
-
- if($this->db->update("users",$data,"id=$uid"))
- {
- $this->view->AlertType = "alert-success";
- $this->view->msg = "修改成功!";
- $this->view->jump_url = "/account/edit";
- return true;
- }else{
- $this->view->AlertType = "alert-error";
- $this->view->error = "修改失败,请重试";
- $this->view->info = $data;
- return true;
- }
- }else{
- $this->view->info = $usr->getUserInfo($uid);
- }
- }
-
- function AccountEditParamFilter(){
- $data = array();
- $data['realname'] = substr(trim($this->_getParam('realname')),0,40);
- $data['unit'] = substr(trim($this->_getParam('unit')),0,100);
- $data['address'] = substr(trim($this->_getParam('address')),0,100);
- $data['phone'] = substr(trim($this->_getParam('phone')),0,15);
- $data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
- $data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
- $data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
- $data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
- $data['project'] = substr(trim($this->_getParam('project')),0,600);
-
- foreach($data as $k=>$v)
- {
- $data[$k] = $this->StringFilter($v);
- }
-
- return $data;
- }
-
- function StringFilter($string){
- $string = preg_replace ('/<[^>]*>/', ' ', $string);
- return $string;
- }
-
- function secureAction()
- {
- $this->view->pageID = "account-secure";
-
- include_once("Users.php");
- $usr = new Users($this->db);
-
- $auth = Zend_Auth::getInstance();
- if($auth->hasIdentity())
- {
- $user = $auth->getIdentity();
- $uid = $user->id;
- }
-
- $opt = $this->_getParam('opt');
- $submit = $this->_getParam('submit');
-
- if(empty($opt))
- {
- $this->view->section = "password";
- if(!empty($submit))
- {
- $data = $this->AccountSecureParamFilter();
-
- $this->view->AlertType = "alert-error";
- if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
- {
- $this->view->error = view::Error("密码过长");
- return true;
- }
- if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
- {
- $this->view->error = view::Error("密码过短,请输入大于6位的密码");
- return true;
- }
- if(md5($data['new_password']) != md5($data['new_password_confrim']))
- {
- $this->view->error = view::Error("两次输入的密码不相同");
- return true;
- }
-
- $sql = "SELECT password FROM users WHERE id=$uid";
- $rs = $this->db->query($sql);
- $row = $rs->fetch();
-
- if(md5($data['password']) != $row['password'])
- {
- $this->view->error = view::Error("原密码不正确");
- return true;
- }
-
- $data['password'] = md5($data['new_password']);
-
- unset($data['new_password']);
- unset($data['new_password_confrim']);
-
- if($this->db->update("users",$data,"id=$uid"))
- {
- view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
- return true;
- }else{
- $this->view->error = view::Error("修改失败");
- return true;
- }
- }else{
- $this->view->info = $usr->getUserInfo($uid);
- }
- }//password
-
- if($opt == "email")
- {
- $this->view->section = "email";
- if(!empty($submit))
- {
- $email = $this->_getParam('email');
- $password = $this->_getParam('password');
-
- if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
- {
- $this->view->error = view::Error("错误的邮箱格式");
- return true;
- }
-
- $sql = "SELECT password FROM users WHERE id=$uid";
- $rs = $this->db->query($sql);
- $row = $rs->fetch();
-
- if(md5($password) != $row['password'])
- {
- $this->view->error = view::Error("原密码错误");
- return true;
- }
-
- $data['email'] = $email;
-
- if($this->db->update("users",$data,"id=$uid"))
- {
- view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
- return true;
- }else{
- $this->view->error = view::Error("修改失败");
- return true;
- }
- }else{
- $this->view->info = $usr->getUserInfo($uid);
- }
- }//email
- }
-
- function AccountSecureParamFilter(){
- $data = array();
- $data['password'] = trim($this->_getParam('password'));
- $data['new_password'] = trim($this->_getParam('new_password'));
- $data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
- foreach($data as $k=>$v)
- {
- $data[$k] = $this->StringFilter($v);
- }
- return $data;
- }
-
- function init()
- {
- $this->messenger=$this->_helper->getHelper('FlashMessenger');
- }
-
- function postDispatch()
- {
- //$this->view->messages = $this->messenger->getMessages();
- }
-
- function registerAction()
- {
- $form = new RegisterForm();
- $this->view->form = $form;
-
- if ($this->_request->isPost()) {
- $formData = $this->_request->getPost();
- if ($form->isValid($formData)) {
- $ut = new UsersTable();
- $u = $ut->createRow();
- $u->username = $form->getValue('username');
- $u->password = $form->getValue('password');
- $u->email=$form->getValue('email');
- if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
- if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
- if ($form->getValue('address')) $u->address=$form->getValue('address');
- if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
- if ($form->getValue('project')) $u->project=$form->getValue('project');
- if ($u->save()) {
-
- //注册邮件
- $mail_template = "member-register";
- $mail_data = array(
- 'name'=>$formData['username'],
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($formData['email'],$formData['username']);
- $mail->send();
-
- //自动登录系统
- $this->login($formData['username'],$formData['password']);
- $this->_redirect('/');
- }
- } else {
- $form->populate($formData);
- }
- }
- }
-
- function loginAction()
- {
-
- $success=false;
-
- $options = array(
- 'module' => $this->_request->getModuleName(),
- 'controller' => $this->_request->getControllerName(),
- 'action' => $this->_request->getActionName(),
- );
-
- $auth = Zend_Auth::getInstance();
- if ($auth->hasIdentity())
- {
- view::Post($this,"您已经登录,无需重复登录",-1);
- return true;
- }
-
- $tohref = $this->_request->getParam('href');
-
- if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login"))
- {
- $this->view->href = $_SERVER['REQUEST_URI'];
- }
-
- if($tohref == "/account/login")
- {
- $this->view->href = $tohref = "/";
- }
-
- if(!empty($tohref))
- {
- $this->view->href = $tohref;
- }
-
- $captcha = $this->loadCaptcha();
-
- $submit = $this->_getParam("submit");
- if(!empty($submit))
- {
- $username = trim($this->_request->getParam('username'));
- $password = trim($this->_request->getParam('password'));
- $captchaword = trim($this->_request->getParam('captcha'));
-
- if(empty($username))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "请输入用户名";
- return true;
- }
-
- if(empty($password))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "请输入密码";
- return true;
- }
-
- if(empty($captchaword))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "请输入验证码";
- return true;
- }
-
- if(!isset($_SESSION['captcha']))
- {
- $_SESSION['captcha'] = md5(time());
- }
-
- if ($captchaword != $_SESSION['captcha']) {
- $this->setCaptcha($captcha);
- $this->view->error = "验证码错误";
- return true;
- }
-
- if (!$this->login($username,$password))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "用户名或密码错误";
- $this->view->userid = $username;
- return true;
- }
- else
- {
- if(!empty($tohref))
- {
- view::Post($this,"登录成功,正在跳转",$tohref);
- return true;
- }
- }
- }else{
- $this->setCaptcha($captcha);
- }
-
- }
-
- function loadCaptcha()
- {
- $captcha = new Zend_Captcha_Image(array(
- 'captcha' => 'Image',
- 'wordLen' => 4,
- 'fontsize'=>16,
- 'width' => 100,
- 'height' => 38,
- 'dotNoiseLevel'=>2,
- 'lineNoiseLevel'=>1,
- 'timeout' => 300,
- 'font' => '../data/fonts/ggbi.ttf',
- 'imgDir' => 'vdimg/',
- 'imgUrl' => '/vdimg',
- ));
- return $captcha;
- }
-
- function setCaptcha(Zend_Captcha_Image $captcha,$ajax = false){
- $captcha->generate();
- $_SESSION['captcha'] = $captcha->getWord();
- $url = $captcha->getImgUrl()
- .$captcha->getId()
- .$captcha->getSuffix();
- if(!$ajax)
- {
- $this->view->captcha = $url;
- }else{
- return $url;
- }
- }
-
- function captchaAction()
- {
- $this->_helper->layout->disableLayout();
- $this->_helper->viewRenderer->setNoRender();
-
- $captcha = $this->loadCaptcha();
- $url = $this->setCaptcha($captcha,true);
-
- echo $url;
- return true;
- }
-
- function logoutAction()
- {
- $auth = Zend_Auth::getInstance();
- $auth->clearIdentity();
- require_once 'member.php';
- $mb=new member();
- member::flushcookie();
- $this->_redirect('/');
- }
-
- private function default_login($u,$p)
- {
- $auth = Zend_Auth::getInstance();
- $db=Zend_Registry::get('db');
-
- $authAdapter = new Zend_Auth_Adapter_DbTable($db);
- $authAdapter->setTableName('users')
- ->setIdentityColumn('username')
- ->setCredentialColumn('password');
- $authAdapter->setIdentity($u)->setCredential(md5($p));
- $result = $auth->authenticate($authAdapter);
- if ($result->isValid()) {
- // success: store database row to auth's storage
- $data = $authAdapter->getResultRowObject(null,'password');
-
- //头像
- include_once("Avatar.php");
- $avatar = new Avatar();
- $data->avatar = $avatar->Get($data->email,40);
-
- //组ID
- include_once("Users.php");
- $usr = new Users($db);
- $data->gid = $usr->getGroup($data->id);
-
- $auth->getStorage()->write($data);
- $db->query("update users set ts_last_login=now() where username=?",array($u));
-
- if ($this->_request->getParam('remember')) {
- $sql="select usertype from users where username='$u'";
- $rs=$db->query($sql);
- $row=$rs->fetch();
- //if($row['usertype']!='administrator')
- {
- require_once 'member.php';
- $mb = new member();
- $mb -> putcookie($u,md5($p));
- }
- }
-
- return true;
- }else
- {
- return false;
- }
- return false;
- }
- private function aspnet_login($p,$salt,$password)
- {
- $p1=implode("\x00",str_split($p))."\x00";
- $ball=base64_decode($salt).$p1;
- return trim($password)==base64_encode(sha1($ball,true));
- }
- // 首先判断是否存在salt
- // 若有salt,则按照aspnet membership加密算法进行判断
- function login($u,$p)
- {
- $ut= new UsersTable();
- $db=$ut->getAdapter();
- $sql="select password,salt from users where username=?";
- $uq=$db->query($sql,array($u));
- if ($urow=$uq->fetchObject())
- {
- if (empty($urow->salt))
- return $this->default_login($u,$p);
- else {
- //进行判断并进行转换到默认
- if ($this->aspnet_login($p,$urow->salt,$urow->password))
- {
- $sql="update users set password=md5(?),salt='' where username=?";
- $db->query($sql,array($p,$u));
- return $this->default_login($u,$p);
- } else
- return false;
- }
- } else {
- //没有对应的用户,登录失败
- return false;
- }
- }
- function fetchpwdAction()
- {
- $ut= new UsersTable();
- $db=$ut->getAdapter();
- $form = new LostpwdForm();
- $key=$this->_request->getParam('key');
- $login=$this->_request->getParam('login');
- if (empty($key) && empty($login)) {
- $this->view->form = $form;
- if ($this->_request->isPost()) {
- $formData = $this->_request->getPost();
- if ($form->isValid($formData)) {
- $sql="select * from users where email=?";
- $uq=$db->query($sql,array($formData['email']));
- if ($urow=$uq->fetchObject())
- {
- //email the url to user
- $username=$urow->username;
- $sql="update users set activation=? where email=?";
- $uid=uniqid();
- $db->query($sql,array($uid,$formData['email']));
-
- //发邮件
- $mail_template = "users-changepassword";
- $mail_data = array(
- 'name'=>$username,
- 'url' => view::getHostLink()."/account/fetchpwd/".$username."/".$uid
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($formData['email'],$username);
- $mail->send();
-
-
- $this->view->messages[]='请检查您的新邮件中的确认激活链接。';
- $this->view->form=false;//do not echo form
- } else
- $this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。');
- }
- } else
- $this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。';
- } else {
- $sql="select * from users where username=? and activation=?";
- $uq=$db->query($sql,array($login,$key));
- $tmp_pwd=uniqid();
- if ($urow=$uq->fetchObject())
- {
- $sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?";
- $db->query($sql,array($login,$key));
-
- //发邮件
- $mail_template = "users-changepassword";
- $mail_data = array(
- 'name'=>$login,
- 'tmp_pwd' => $tmp_pwd
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($urow->email,$login);
- $mail->send();
-
- $this->view->messages[]='请查收您新邮件中的新密码';
- $this->view->form=false;//do not echo form
-
- }
- }
-
- } //找回密码
-
- //OAuth2登录跳转页面
- public function oauth2loginAction()
- {
- $type = $this->_getParam('type');
- $client = new Client();
- $url = $client->makeRequestCodeUrl($type);
-
- view::Post($this,"为您转入科技网登录入口",$url);
- }
-
- //oauth2登录回调地址
- public function callbackAction()
- {
- $type = $this->_getParam('type');
- $code = $this->_getParam('code');
-
- $client = new Client($type);
-
- $client->initSource();
- $target = $client->getSource()->getTarget($type);
- $this->view->target_name = $target['name'];
-
- $token = $client->requestToken($code);
-
- if(is_string($token))
- {
- view::Post($this,$token,'/account/login');
- }
-
- $status = $client->storageTokenData($type,$token);
-
- if($status === true)
- {
- echo "";
- }else{
- echo $status;
- }
- }
-
-}
-
+view->config = Zend_Registry::get('config');
+ $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
+ $this->db = Zend_Registry::get('db');
+ $this->view->messages = $this->messenger->getMessages();
+ $this->view->theme = new Theme();
+ }
+
+ function indexAction()
+ {
+ $this->view->pageID = "account-index";
+
+ include_once("Users.php");
+ $usr = new Users($this->db);
+
+ $auth = Zend_Auth::getInstance();
+ if($auth->hasIdentity())
+ {
+ $user = $auth->getIdentity();
+ $uid = $user->id;
+ }
+
+ include_once("Avatar.php");
+ $avatar = new Avatar();
+ $this->view->avatar = $avatar->Get($user->email,140);
+
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+
+ function editAction()
+ {
+ $this->view->pageID = "account-edit";
+
+ include_once("Users.php");
+ $usr = new Users($this->db);
+
+ $auth = Zend_Auth::getInstance();
+ if($auth->hasIdentity())
+ {
+ $user = $auth->getIdentity();
+ $uid = $user->id;
+ }
+
+ include_once("Avatar.php");
+ $avatar = new Avatar();
+ $this->view->avatar = $avatar->Get($user->email,140);
+
+ $this->view->projectType = array(
+ "无" => '',
+ "国家973计划项目课题" => "国家973计划项目课题",
+ "国家863计划课题"=>"国家863计划课题",
+ "国家级科技支撑课题" => "国家级科技支撑课题",
+ "国家级科技重大专项" => "国家级科技重大专项",
+ "国家级国家重大工程" => "国家级国家重大工程",
+ "国家级国家自然科学基金" => "国家级国家自然科学基金",
+ "国际合作项目"=>"国际合作项目",
+ "省部级项目" => "省部级项目",
+ "其他项目工程" => "其他项目工程"
+ );
+
+ $submit = $this->_getParam('submit');
+
+ if(!empty($submit))
+ {
+ $data = $this->AccountEditParamFilter();
+
+ if($this->db->update("users",$data,"id=$uid"))
+ {
+ $this->view->AlertType = "alert-success";
+ $this->view->msg = "修改成功!";
+ $this->view->jump_url = "/account/edit";
+ return true;
+ }else{
+ $this->view->AlertType = "alert-error";
+ $this->view->error = "修改失败,请重试";
+ $this->view->info = $data;
+ return true;
+ }
+ }else{
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+ }
+
+ function AccountEditParamFilter(){
+ $data = array();
+ $data['realname'] = substr(trim($this->_getParam('realname')),0,40);
+ $data['unit'] = substr(trim($this->_getParam('unit')),0,100);
+ $data['address'] = substr(trim($this->_getParam('address')),0,100);
+ $data['phone'] = substr(trim($this->_getParam('phone')),0,15);
+ $data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
+ $data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
+ $data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
+ $data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
+ $data['project'] = substr(trim($this->_getParam('project')),0,600);
+
+ foreach($data as $k=>$v)
+ {
+ $data[$k] = $this->StringFilter($v);
+ }
+
+ return $data;
+ }
+
+ function StringFilter($string){
+ $string = preg_replace ('/<[^>]*>/', ' ', $string);
+ return $string;
+ }
+
+ function secureAction()
+ {
+ $this->view->pageID = "account-secure";
+
+ include_once("Users.php");
+ $usr = new Users($this->db);
+
+ $auth = Zend_Auth::getInstance();
+ if($auth->hasIdentity())
+ {
+ $user = $auth->getIdentity();
+ $uid = $user->id;
+ }
+
+ $opt = $this->_getParam('opt');
+ $submit = $this->_getParam('submit');
+
+ if(empty($opt))
+ {
+ $this->view->section = "password";
+ if(!empty($submit))
+ {
+ $data = $this->AccountSecureParamFilter();
+
+ $this->view->AlertType = "alert-error";
+ if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
+ {
+ $this->view->error = view::Error("密码过长");
+ return true;
+ }
+ if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
+ {
+ $this->view->error = view::Error("密码过短,请输入大于6位的密码");
+ return true;
+ }
+ if(md5($data['new_password']) != md5($data['new_password_confrim']))
+ {
+ $this->view->error = view::Error("两次输入的密码不相同");
+ return true;
+ }
+
+ $sql = "SELECT password FROM users WHERE id=$uid";
+ $rs = $this->db->query($sql);
+ $row = $rs->fetch();
+
+ if(md5($data['password']) != $row['password'])
+ {
+ $this->view->error = view::Error("原密码不正确");
+ return true;
+ }
+
+ $data['password'] = md5($data['new_password']);
+
+ unset($data['new_password']);
+ unset($data['new_password_confrim']);
+
+ if($this->db->update("users",$data,"id=$uid"))
+ {
+ view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
+ return true;
+ }else{
+ $this->view->error = view::Error("修改失败");
+ return true;
+ }
+ }else{
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+ }//password
+
+ if($opt == "email")
+ {
+ $this->view->section = "email";
+ if(!empty($submit))
+ {
+ $email = $this->_getParam('email');
+ $password = $this->_getParam('password');
+
+ if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
+ {
+ $this->view->error = view::Error("错误的邮箱格式");
+ return true;
+ }
+
+ $sql = "SELECT password FROM users WHERE id=$uid";
+ $rs = $this->db->query($sql);
+ $row = $rs->fetch();
+
+ if(md5($password) != $row['password'])
+ {
+ $this->view->error = view::Error("原密码错误");
+ return true;
+ }
+
+ $data['email'] = $email;
+
+ if($this->db->update("users",$data,"id=$uid"))
+ {
+ view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
+ return true;
+ }else{
+ $this->view->error = view::Error("修改失败");
+ return true;
+ }
+ }else{
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+ }//email
+ }
+
+ function AccountSecureParamFilter(){
+ $data = array();
+ $data['password'] = trim($this->_getParam('password'));
+ $data['new_password'] = trim($this->_getParam('new_password'));
+ $data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
+ foreach($data as $k=>$v)
+ {
+ $data[$k] = $this->StringFilter($v);
+ }
+ return $data;
+ }
+
+ function init()
+ {
+ $this->messenger=$this->_helper->getHelper('FlashMessenger');
+ }
+
+ function postDispatch()
+ {
+ //$this->view->messages = $this->messenger->getMessages();
+ }
+
+ function registerAction()
+ {
+ $form = new RegisterForm();
+ $this->view->form = $form;
+
+ if ($this->_request->isPost()) {
+ $formData = $this->_request->getPost();
+ if ($form->isValid($formData)) {
+ $ut = new UsersTable();
+ $u = $ut->createRow();
+ $u->username = $form->getValue('username');
+ $u->password = $form->getValue('password');
+ $u->email=$form->getValue('email');
+ if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
+ if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
+ if ($form->getValue('address')) $u->address=$form->getValue('address');
+ if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
+ if ($form->getValue('project')) $u->project=$form->getValue('project');
+ if ($u->save()) {
+
+ //注册邮件
+ $mail_template = "member-register";
+ $mail_data = array(
+ 'name'=>$formData['username'],
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($formData['email'],$formData['username']);
+ $mail->send();
+
+ //自动登录系统
+ $this->login($formData['username'],$formData['password']);
+ $this->_redirect('/');
+ }
+ } else {
+ $form->populate($formData);
+ }
+ }
+ }
+
+ function loginAction()
+ {
+ $options = array(
+ 'module' => $this->_request->getModuleName(),
+ 'controller' => $this->_request->getControllerName(),
+ 'action' => $this->_request->getActionName(),
+ );
+
+ $auth = Zend_Auth::getInstance();
+ if ($auth->hasIdentity())
+ {
+ view::Post($this,"您已经登录,无需重复登录",-1);
+ return true;
+ }
+
+ $tohref = $this->_request->getParam('href');
+
+ if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login"))
+ {
+ $this->view->href = $_SERVER['REQUEST_URI'];
+ }
+
+ if($tohref == "/account/login")
+ {
+ $this->view->href = $tohref = "/";
+ }
+
+ if(!empty($tohref))
+ {
+ $this->view->href = $tohref;
+ }
+
+ $captcha = new Captcha();
+
+ $submit = $this->_getParam("submit");
+ if(!empty($submit))
+ {
+ $username = trim($this->_request->getParam('username'));
+ $password = trim($this->_request->getParam('password'));
+ $captchaword = trim($this->_request->getParam('captcha'));
+
+ $account = new Account();
+ $status = $account->login(array(
+ 'username' => $username,
+ 'password' => $password
+ ));
+
+ if(isset($status['error']))
+ {
+ $this->view->error = $status;
+ $this->view->captcha = $captcha->setCaptcha();
+ return true;
+ }
+
+ if(!$captcha->isValid($captchaword))
+ {
+ $this->view->error = "验证码错误";
+ $this->view->captcha = $captcha->setCaptcha();
+ return true;
+ }
+
+ view::Post($this,"登录成功,正在跳转",$tohref);
+ return true;
+ }
+
+ $this->view->captcha = $captcha->setCaptcha();
+ }
+
+ function loadCaptcha()
+ {
+ $captcha = new Zend_Captcha_Image(array(
+ 'captcha' => 'Image',
+ 'wordLen' => 4,
+ 'fontsize'=>16,
+ 'width' => 100,
+ 'height' => 38,
+ 'dotNoiseLevel'=>2,
+ 'lineNoiseLevel'=>1,
+ 'timeout' => 300,
+ 'font' => '../data/fonts/ggbi.ttf',
+ 'imgDir' => 'vdimg/',
+ 'imgUrl' => '/vdimg',
+ ));
+ return $captcha;
+ }
+
+ function setCaptcha(Zend_Captcha_Image $captcha,$ajax = false){
+ $captcha->generate();
+ $_SESSION['captcha'] = $captcha->getWord();
+ $url = $captcha->getImgUrl()
+ .$captcha->getId()
+ .$captcha->getSuffix();
+ if(!$ajax)
+ {
+ $this->view->captcha = $url;
+ }else{
+ return $url;
+ }
+ }
+
+ function captchaAction()
+ {
+ $this->_helper->layout->disableLayout();
+ $this->_helper->viewRenderer->setNoRender();
+
+ $captcha = $this->loadCaptcha();
+ $url = $this->setCaptcha($captcha,true);
+
+ echo $url;
+ return true;
+ }
+
+ function logoutAction()
+ {
+ $auth = Zend_Auth::getInstance();
+ $auth->clearIdentity();
+ require_once 'member.php';
+ $mb=new member();
+ member::flushcookie();
+ $this->_redirect('/');
+ }
+
+ private function default_login($u,$p)
+ {
+ $auth = Zend_Auth::getInstance();
+ $db=Zend_Registry::get('db');
+
+ $authAdapter = new Zend_Auth_Adapter_DbTable($db);
+ $authAdapter->setTableName('users')
+ ->setIdentityColumn('username')
+ ->setCredentialColumn('password');
+ $authAdapter->setIdentity($u)->setCredential(md5($p));
+ $result = $auth->authenticate($authAdapter);
+ if ($result->isValid()) {
+ // success: store database row to auth's storage
+ $data = $authAdapter->getResultRowObject(null,'password');
+
+ //头像
+ include_once("Avatar.php");
+ $avatar = new Avatar();
+ $data->avatar = $avatar->Get($data->email,40);
+
+ //组ID
+ include_once("Users.php");
+ $usr = new Users($db);
+ $data->gid = $usr->getGroup($data->id);
+
+ $auth->getStorage()->write($data);
+ $db->query("update users set ts_last_login=now() where username=?",array($u));
+
+ if ($this->_request->getParam('remember')) {
+ $sql="select usertype from users where username='$u'";
+ $rs=$db->query($sql);
+ $row=$rs->fetch();
+ //if($row['usertype']!='administrator')
+ {
+ require_once 'member.php';
+ $mb = new member();
+ $mb -> putcookie($u,md5($p));
+ }
+ }
+
+ return true;
+ }else
+ {
+ return false;
+ }
+ return false;
+ }
+ private function aspnet_login($p,$salt,$password)
+ {
+ $p1=implode("\x00",str_split($p))."\x00";
+ $ball=base64_decode($salt).$p1;
+ return trim($password)==base64_encode(sha1($ball,true));
+ }
+ // 首先判断是否存在salt
+ // 若有salt,则按照aspnet membership加密算法进行判断
+ function login($u,$p)
+ {
+ $ut= new UsersTable();
+ $db=$ut->getAdapter();
+ $sql="select password,salt from users where username=?";
+ $uq=$db->query($sql,array($u));
+ if ($urow=$uq->fetchObject())
+ {
+ if (empty($urow->salt))
+ return $this->default_login($u,$p);
+ else {
+ //进行判断并进行转换到默认
+ if ($this->aspnet_login($p,$urow->salt,$urow->password))
+ {
+ $sql="update users set password=md5(?),salt='' where username=?";
+ $db->query($sql,array($p,$u));
+ return $this->default_login($u,$p);
+ } else
+ return false;
+ }
+ } else {
+ //没有对应的用户,登录失败
+ return false;
+ }
+ }
+ function fetchpwdAction()
+ {
+ $ut= new UsersTable();
+ $db=$ut->getAdapter();
+ $form = new LostpwdForm();
+ $key=$this->_request->getParam('key');
+ $login=$this->_request->getParam('login');
+ if (empty($key) && empty($login)) {
+ $this->view->form = $form;
+ if ($this->_request->isPost()) {
+ $formData = $this->_request->getPost();
+ if ($form->isValid($formData)) {
+ $sql="select * from users where email=?";
+ $uq=$db->query($sql,array($formData['email']));
+ if ($urow=$uq->fetchObject())
+ {
+ //email the url to user
+ $username=$urow->username;
+ $sql="update users set activation=? where email=?";
+ $uid=uniqid();
+ $db->query($sql,array($uid,$formData['email']));
+
+ //发邮件
+ $mail_template = "users-changepassword";
+ $mail_data = array(
+ 'name'=>$username,
+ 'url' => view::getHostLink()."/account/fetchpwd/".$username."/".$uid
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($formData['email'],$username);
+ $mail->send();
+
+
+ $this->view->messages[]='请检查您的新邮件中的确认激活链接。';
+ $this->view->form=false;//do not echo form
+ } else
+ $this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。');
+ }
+ } else
+ $this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。';
+ } else {
+ $sql="select * from users where username=? and activation=?";
+ $uq=$db->query($sql,array($login,$key));
+ $tmp_pwd=uniqid();
+ if ($urow=$uq->fetchObject())
+ {
+ $sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?";
+ $db->query($sql,array($login,$key));
+
+ //发邮件
+ $mail_template = "users-changepassword";
+ $mail_data = array(
+ 'name'=>$login,
+ 'tmp_pwd' => $tmp_pwd
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($urow->email,$login);
+ $mail->send();
+
+ $this->view->messages[]='请查收您新邮件中的新密码';
+ $this->view->form=false;//do not echo form
+
+ }
+ }
+
+ } //找回密码
+
+ //OAuth2登录跳转页面
+ public function oauth2loginAction()
+ {
+ $type = $this->_getParam('type');
+ $client = new Client();
+ $url = $client->makeRequestCodeUrl($type);
+
+ view::Post($this,"为您转入科技网登录入口",$url);
+ }
+
+ //oauth2登录回调地址
+ public function callbackAction()
+ {
+ $type = $this->_getParam('type');
+ $code = $this->_getParam('code');
+
+ $client = new Client($type);
+
+ $client->initSource();
+ $target = $client->getSource()->getTarget($type);
+ $this->view->target_name = $target['name'];
+
+ $token = $client->requestToken($code);
+
+ if(is_string($token))
+ {
+ view::Post($this,$token,'/account/login');
+ }
+
+ $status = $client->storageTokenData($type,$token);
+
+ if($status === true)
+ {
+ echo "";
+ }else{
+ echo $status;
+ }
+ }
+
+}
+
diff --git a/application/default/views/scripts/account/login.phtml b/application/default/views/scripts/account/login.phtml
index a362a769..42874937 100755
--- a/application/default/views/scripts/account/login.phtml
+++ b/application/default/views/scripts/account/login.phtml
@@ -29,7 +29,7 @@
- error ?>
+ error['error'] ?>
diff --git a/application/module/Helpers/Captcha.php b/application/module/Helpers/Captcha.php
new file mode 100644
index 00000000..dc61b759
--- /dev/null
+++ b/application/module/Helpers/Captcha.php
@@ -0,0 +1,52 @@
+loadCaptcha();
+ }
+
+ public function loadCaptcha()
+ {
+ $this->captcha = new \Zend_Captcha_Image(array(
+ 'captcha' => 'Image',
+ 'wordLen' => 4,
+ 'fontsize'=>16,
+ 'width' => 100,
+ 'height' => 38,
+ 'dotNoiseLevel'=>2,
+ 'lineNoiseLevel'=>1,
+ 'timeout' => 300,
+ 'font' => '../data/fonts/ggbi.ttf',
+ 'imgDir' => 'vdimg/',
+ 'imgUrl' => '/vdimg',
+ ));
+ }
+
+ public function setCaptcha(){
+ $this->captcha->generate();
+ $_SESSION[$this->sessionName] = $this->captcha->getWord();
+ $url = $this->captcha->getImgUrl()
+ .$this->captcha->getId()
+ .$this->captcha->getSuffix();
+
+ return $url;
+ }
+
+ public function isValid($captchaword)
+ {
+ if($captchaword == $_SESSION[$this->sessionName])
+ {
+ return true;
+ }else{
+ return false;
+ }
+ }
+
+}
\ No newline at end of file
diff --git a/application/module/Users/Account.php b/application/module/Users/Account.php
index 717a34d6..1e35480b 100644
--- a/application/module/Users/Account.php
+++ b/application/module/Users/Account.php
@@ -1,372 +1,374 @@
-db = \Zend_Registry::get('db');
- }else{
- $this->db = $db;
- }
-
- $this->config = \Zend_Registry::get('config');
-
- if($initializingListener === TRUE)
- {
- $this->loadListener();
- }
- }
-
- public function loadListener()
- {
- //主要操作,账号注册,登录,设置session等
- $AccountListener = new AccountListener();
- @$this->events()->attachAggregate($AccountListener);
-
- //账户编辑
- $EditListener = new EditListener();
- @$this->events()->attachAggregate($EditListener);
-
- //账户安全性(找回密码)
- $PwdListener = new PwdListener();
- @$this->events()->attachAggregate($PwdListener);
- }
-
- public function events(\Zend_EventManager_EventCollection $events = NULL)
- {
- if ($events !== NULL) {
- $this->events = $events;
- } elseif ($this->events === NULL) {
- $this->events = new \Zend_EventManager_EventManager(__CLASS__);
- }
- return $this->events;
- }
-
- //获取账号信息,数组
- public function getAccountInfo($id = 0)
- {
- if($id == 0)
- {
- $id = view::User('id');
- }
- $sql = "SELECT * FROM {$this->memberTable} WHERE id=$id";
- $rs = $this->db->query($sql);
- return $rs->fetch();
- }
-
- //注册
- public function register($data)
- {
- $params = compact('data');
- $results = $this->events()->trigger('register.checkParam', $this, $params);
- $cache_data = $results->bottom();
-
- if($cache_data !== true)
- {
- if(!is_array($cache_data))
- {
- return array('error'=>$cache_data);
- }else{
- return $cache_data;
- }
- }
-
- $results = $this->events()->trigger('register.checkUser', $this, $params);
- $cache_data = $results->bottom();
-
- if($cache_data !== true)
- {
- if(!is_array($cache_data))
- {
- return array('error'=>$cache_data);
- }else{
- return $cache_data;
- }
- }
-
- $loginData = array(
- 'username'=>$data['username'],
- 'password'=>$data['password']
- );
-
- $data['password'] = md5($data['password']);
- $data['usertype'] = "member";
- unset($data['confirm_password']);
-
- $dbh = new dbh();
-
- $id = $dbh->insert($this->memberTable,$data,true);
-
- if(!empty($id) && is_numeric($id))
- {
- $this->storeLogin($loginData);
- $mb = new Member();
- $mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); //username, md5(password)
- $params = compact('data','id');
- $results = $this->events()->trigger('register.success', $this, $params);
- return array("success" => 1);
- }else{
- if($id === false)
- {
- return array('error'=>'服务器开小差了,请稍后再试');
- }else{
- return array('error'=>'服务器处理中遇到错误,请联系管理员');
- }
- }
-
- }//register
-
- //登陆
- public function login($data)
- {
- $results = $this->events()->trigger('login.checkParam', $this, compact('data'));
- $cache_data = $results->bottom();
-
- if($cache_data !== true)
- {
- if(!is_array($cache_data))
- {
- return array('error'=>$cache_data);
- }else{
- return $cache_data;
- }
- }
-
- $state = $this->storeLogin($data);
-
- $mb = new Member();
- $mb->putcookie($data[$this->FieldUsername],md5($data[$this->FieldPasword]));
-
- return $state;
- }//login
-
- //storeLogin
- //将登录信息保存在session和cookie中
- public function storeLogin($data,$md5verify = true)
- {
- $auth = \Zend_Auth::getInstance();
- $authAdapter = new \Zend_Auth_Adapter_DbTable($this->db);
- $authAdapter->setTableName($this->memberTable)
- ->setIdentityColumn($this->FieldUsername)
- ->setCredentialColumn($this->FieldPasword);
-
- if($data[$this->FieldPasword] == 0)
- {
- $password = "0";
- }else{
- if($md5verify === false)
- {
- $password = $data[$this->FieldPasword];
- }else{
- $password = md5($data[$this->FieldPasword]);
- }
- }
-
- $authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password);
-
- $result = $auth->authenticate($authAdapter);
- if ($result->isValid()) {
-
- $user = $authAdapter->getResultRowObject(null,$this->FieldPasword);
- $email = $user->email;
- $results = $this->events()->trigger('login.success.createAvatar', $this, compact('email'));
- $user->avatar = $results->bottom();
- $auth->getStorage()->write($user);
-
- $id = $user->id;
- @$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id'));
-
- return array('success'=>1);
- }
- return array('error'=>'处理中发现错误,请重试');
- }
-
- //注册信息参数
- public function getParam(\Zend_Controller_Request_Abstract $request)
- {
- $data = array(
- 'username'=>$request->getParam('username'),
- 'password'=>$request->getParam('password'),
- 'confirm_password'=>$request->getParam('confirm_password'),
- 'email'=>$request->getParam('email'),
- 'realname'=>$request->getParam('realname')
- );
- return $data;
- }
-
- //获取用户账户修改参数
- public function getEditParam(\Zend_Controller_Request_Abstract $request)
- {
- $type = $request->getParam('type');
-
- if($type == "general")
- {
- $data = array(
- 'realname'=>$request->getParam('realname'),
- 'signature'=>$request->getParam('signature'),
- 'description'=>$request->getParam('description')
- );
- }
-
- if($type == "password")
- {
- $data = array(
- 'password' => $request->getParam('password'),
- 'password_new'=>$request->getParam('password_new'),
- 'password_confirm'=>$request->getParam('password_confirm')
- );
- }
- return $data;
- }
-
- //编辑
- public function edit($data,$type)
- {
- $results = $this->events()->trigger('edit.checkParam', $this, compact('data','type'));
- $cache_data = $results->bottom();
-
- if($cache_data !== true)
- {
- return $cache_data;
- }
-
- if($type == "general")
- {
- $data['signature'] = htmlspecialchars($data['signature']);
- $data['description'] = htmlspecialchars($data['description']);
- }else if($type == "password")
- {
- $data['password'] = md5($data['password_new']);
- unset($data['password_new']);
- unset($data['password_confirm']);
- }else{
- return "参数错误";
- }
-
- $dbh = new dbh();
- $uid = view::User('id');
- if($dbh->update($this->memberTable,$data," id=$uid") === true)
- {
- return true;
- }else{
- return false;
- }
- }
-
- //找回密码
- public function getMyPassword($email)
- {
- $results = $this->events()->trigger('pwd.forgot.checkParam', $this, compact('email'));
- $cache_data = $results->bottom();
-
- if($cache_data !== true)
- {
- return $cache_data;
- }
-
- $sql = "SELECT * FROM {$this->memberTable} WHERE email='$email'";
- $rs = $this->db->query($sql);
- $row = $rs->fetch();
-
- if(!isset($row['username']) || empty($row['username']))
- {
- return array('error'=>"此邮箱并未注册",'place'=>'email');
- }
-
- $salt = md5($email.'---'.$row['username']);
-
- $sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}";
- $state = $this->db->exec($sql);
-
- if($state<1)
- {
- return array('error'=>"处理中出现错误,请重试",'place'=>'email');
- }
-
- $mail_template = "forgotpassword";
- $mail_data = array(
- 'name'=>$row['realname'],
- 'link'=> view::getHostLink().'/account/getpassword/salt/'.$salt
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($email,$row['realname']);
- $mail->send();
-
- return array("success"=>1);
- }
-
- //重置密码
- public function resetPassword($data)
- {
- $results = $this->events()->trigger('pwd.reset.checkParam', $this, compact('data'));
- $cache_data = $results->bottom();
-
- if($cache_data !== true)
- {
- return $cache_data;
- }
-
- $sql = "SELECT * FROM {$this->memberTable} WHERE salt=?";
- $sth = $this->db->prepare($sql);
- $sth->execute(array($data['salt']));
- $row = $sth->fetch();
-
- if(!isset($row['username']) || empty($row['username']))
- {
- return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
- }
-
- if($row['username'] !== $data['username'])
- {
- return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
- }
-
- $sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}";
- $this->db->exec($sql);
-
- $mail_template = "getpassworded";
- $mail_data = array(
- 'name'=>$row['realname'],
- );
- $mail = new Mail();
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($row['email'],$row['realname']);
- $mail->send();
-
- return true;
-
- }
-
+db = \Zend_Registry::get('db');
+ }else{
+ $this->db = $db;
+ }
+
+ $this->config = \Zend_Registry::get('config');
+
+ if($initializingListener === TRUE)
+ {
+ $this->loadListener();
+ }
+ }
+
+ public function loadListener()
+ {
+ //主要操作,账号注册,登录,设置session等
+ $AccountListener = new AccountListener();
+ @$this->events()->attachAggregate($AccountListener);
+
+ //账户编辑
+ $EditListener = new EditListener();
+ @$this->events()->attachAggregate($EditListener);
+
+ //账户安全性(找回密码)
+ $PwdListener = new PwdListener();
+ @$this->events()->attachAggregate($PwdListener);
+ }
+
+ public function events(\Zend_EventManager_EventCollection $events = NULL)
+ {
+ if ($events !== NULL) {
+ $this->events = $events;
+ } elseif ($this->events === NULL) {
+ $this->events = new \Zend_EventManager_EventManager(__CLASS__);
+ }
+ return $this->events;
+ }
+
+ //获取账号信息,数组
+ public function getAccountInfo($id = 0)
+ {
+ if($id == 0)
+ {
+ $id = view::User('id');
+ }
+ $sql = "SELECT * FROM {$this->memberTable} WHERE id=$id";
+ $rs = $this->db->query($sql);
+ return $rs->fetch();
+ }
+
+ //注册
+ public function register($data)
+ {
+ $params = compact('data');
+ $results = $this->events()->trigger('register.checkParam', $this, $params);
+ $cache_data = $results->bottom();
+
+ if($cache_data !== true)
+ {
+ if(!is_array($cache_data))
+ {
+ return array('error'=>$cache_data);
+ }else{
+ return $cache_data;
+ }
+ }
+
+ $results = $this->events()->trigger('register.checkUser', $this, $params);
+ $cache_data = $results->bottom();
+
+ if($cache_data !== true)
+ {
+ if(!is_array($cache_data))
+ {
+ return array('error'=>$cache_data);
+ }else{
+ return $cache_data;
+ }
+ }
+
+ $loginData = array(
+ 'username'=>$data['username'],
+ 'password'=>$data['password']
+ );
+
+ $data['password'] = md5($data['password']);
+ $data['usertype'] = "member";
+ unset($data['confirm_password']);
+
+ $dbh = new dbh();
+
+ $id = $dbh->insert($this->memberTable,$data,true);
+
+ if(!empty($id) && is_numeric($id))
+ {
+ $this->storeLogin($loginData);
+ $mb = new Member();
+ $mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); //username, md5(password)
+ $params = compact('data','id');
+ $results = $this->events()->trigger('register.success', $this, $params);
+ return array("success" => 1);
+ }else{
+ if($id === false)
+ {
+ return array('error'=>'服务器开小差了,请稍后再试');
+ }else{
+ return array('error'=>'服务器处理中遇到错误,请联系管理员');
+ }
+ }
+
+ }//register
+
+ //登陆
+ public function login($data)
+ {
+ $results = $this->events()->trigger('login.checkParam', $this, compact('data'));
+ $cache_data = $results->bottom();
+
+ if($cache_data !== true)
+ {
+ if(!is_array($cache_data))
+ {
+ return array('error'=>$cache_data);
+ }else{
+ return $cache_data;
+ }
+ }
+
+ $state = $this->storeLogin($data);
+
+ $mb = new Member();
+ $mb->putcookie($data[$this->FieldUsername],md5($data[$this->FieldPasword]));
+
+ return $state;
+ }//login
+
+ //storeLogin
+ //将登录信息保存在session和cookie中
+ public function storeLogin($data,$md5verify = true)
+ {
+ $auth = \Zend_Auth::getInstance();
+ $authAdapter = new \Zend_Auth_Adapter_DbTable($this->db);
+ $authAdapter->setTableName($this->memberTable)
+ ->setIdentityColumn($this->FieldUsername)
+ ->setCredentialColumn($this->FieldPasword);
+
+ if($data[$this->FieldPasword] === 0)
+ {
+ $password = "0";
+ }else{
+ if($md5verify == false)
+ {
+ $password = $data[$this->FieldPasword];
+ }else{
+ $password = md5($data[$this->FieldPasword]);
+ }
+ }
+
+ $authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password);
+ $result = $auth->authenticate($authAdapter);
+
+ if ($result->isValid()) {
+
+ $user = $authAdapter->getResultRowObject(null,$this->FieldPasword);
+ $email = $user->email;
+ $results = $this->events()->trigger('login.success.createAvatar', $this, compact('email'));
+ $user->avatar = $results->bottom();
+ $auth->getStorage()->write($user);
+
+ $id = $user->id;
+ @$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id'));
+
+ return array('success'=>1);
+ }else{
+ return array("error"=>"用户信息验证失败,请重新登录");
+ }
+ return array('error'=>'处理中发现错误,请重试');
+ }
+
+ //注册信息参数
+ public function getParam(\Zend_Controller_Request_Abstract $request)
+ {
+ $data = array(
+ 'username'=>$request->getParam('username'),
+ 'password'=>$request->getParam('password'),
+ 'confirm_password'=>$request->getParam('confirm_password'),
+ 'email'=>$request->getParam('email'),
+ 'realname'=>$request->getParam('realname')
+ );
+ return $data;
+ }
+
+ //获取用户账户修改参数
+ public function getEditParam(\Zend_Controller_Request_Abstract $request)
+ {
+ $type = $request->getParam('type');
+
+ if($type == "general")
+ {
+ $data = array(
+ 'realname'=>$request->getParam('realname'),
+ 'signature'=>$request->getParam('signature'),
+ 'description'=>$request->getParam('description')
+ );
+ }
+
+ if($type == "password")
+ {
+ $data = array(
+ 'password' => $request->getParam('password'),
+ 'password_new'=>$request->getParam('password_new'),
+ 'password_confirm'=>$request->getParam('password_confirm')
+ );
+ }
+ return $data;
+ }
+
+ //编辑
+ public function edit($data,$type)
+ {
+ $results = $this->events()->trigger('edit.checkParam', $this, compact('data','type'));
+ $cache_data = $results->bottom();
+
+ if($cache_data !== true)
+ {
+ return $cache_data;
+ }
+
+ if($type == "general")
+ {
+ $data['signature'] = htmlspecialchars($data['signature']);
+ $data['description'] = htmlspecialchars($data['description']);
+ }else if($type == "password")
+ {
+ $data['password'] = md5($data['password_new']);
+ unset($data['password_new']);
+ unset($data['password_confirm']);
+ }else{
+ return "参数错误";
+ }
+
+ $dbh = new dbh();
+ $uid = view::User('id');
+ if($dbh->update($this->memberTable,$data," id=$uid") === true)
+ {
+ return true;
+ }else{
+ return false;
+ }
+ }
+
+ //找回密码
+ public function getMyPassword($email)
+ {
+ $results = $this->events()->trigger('pwd.forgot.checkParam', $this, compact('email'));
+ $cache_data = $results->bottom();
+
+ if($cache_data !== true)
+ {
+ return $cache_data;
+ }
+
+ $sql = "SELECT * FROM {$this->memberTable} WHERE email='$email'";
+ $rs = $this->db->query($sql);
+ $row = $rs->fetch();
+
+ if(!isset($row['username']) || empty($row['username']))
+ {
+ return array('error'=>"此邮箱并未注册",'place'=>'email');
+ }
+
+ $salt = md5($email.'---'.$row['username']);
+
+ $sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}";
+ $state = $this->db->exec($sql);
+
+ if($state<1)
+ {
+ return array('error'=>"处理中出现错误,请重试",'place'=>'email');
+ }
+
+ $mail_template = "forgotpassword";
+ $mail_data = array(
+ 'name'=>$row['realname'],
+ 'link'=> view::getHostLink().'/account/getpassword/salt/'.$salt
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($email,$row['realname']);
+ $mail->send();
+
+ return array("success"=>1);
+ }
+
+ //重置密码
+ public function resetPassword($data)
+ {
+ $results = $this->events()->trigger('pwd.reset.checkParam', $this, compact('data'));
+ $cache_data = $results->bottom();
+
+ if($cache_data !== true)
+ {
+ return $cache_data;
+ }
+
+ $sql = "SELECT * FROM {$this->memberTable} WHERE salt=?";
+ $sth = $this->db->prepare($sql);
+ $sth->execute(array($data['salt']));
+ $row = $sth->fetch();
+
+ if(!isset($row['username']) || empty($row['username']))
+ {
+ return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
+ }
+
+ if($row['username'] !== $data['username'])
+ {
+ return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
+ }
+
+ $sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}";
+ $this->db->exec($sql);
+
+ $mail_template = "getpassworded";
+ $mail_data = array(
+ 'name'=>$row['realname'],
+ );
+ $mail = new Mail();
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($row['email'],$row['realname']);
+ $mail->send();
+
+ return true;
+
+ }
+
}
\ No newline at end of file
diff --git a/application/module/Users/Member.php b/application/module/Users/Member.php
index 9854e6f1..fcb2bce2 100644
--- a/application/module/Users/Member.php
+++ b/application/module/Users/Member.php
@@ -1,5 +1,5 @@
"用户名应当以字母开头,由字母数字和下划线组成,并且长度在5到25个字符之间",'place'=>'username');
+ return array('error'=>"用户名应当以字母开头,由字母数字和下划线组成,并且长度在3到25个字符之间",'place'=>'username');
}
}
@@ -106,6 +106,10 @@ class LoginOperate implements \Users\Event\LoginEvent
}//loginSuccess
-
+ //检查token表记录
+ public function checkOAuthToken()
+ {
+
+ }
}
\ No newline at end of file