diff --git a/application/default/controllers/AccountController.php b/application/default/controllers/AccountController.php
index cfec11f1..2ef1b970 100755
--- a/application/default/controllers/AccountController.php
+++ b/application/default/controllers/AccountController.php
@@ -1,641 +1,634 @@
-view->config = Zend_Registry::get('config');
- $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
- $this->db = Zend_Registry::get('db');
- $this->view->messages = $this->messenger->getMessages();
- $this->view->theme = new Theme();
- }
-
- function indexAction()
- {
- $this->view->pageID = "account-index";
-
- include_once("Users.php");
- $usr = new Users($this->db);
-
- $auth = Zend_Auth::getInstance();
- if($auth->hasIdentity())
- {
- $user = $auth->getIdentity();
- $uid = $user->id;
- }
-
- include_once("Avatar.php");
- $avatar = new Avatar();
- $this->view->avatar = $avatar->Get($user->email,140);
-
- $this->view->info = $usr->getUserInfo($uid);
- }
-
- function editAction()
- {
- $this->view->pageID = "account-edit";
-
- include_once("Users.php");
- $usr = new Users($this->db);
-
- $auth = Zend_Auth::getInstance();
- if($auth->hasIdentity())
- {
- $user = $auth->getIdentity();
- $uid = $user->id;
- }
-
- include_once("Avatar.php");
- $avatar = new Avatar();
- $this->view->avatar = $avatar->Get($user->email,140);
-
- $this->view->projectType = array(
- "无" => '',
- "国家973计划项目课题" => "国家973计划项目课题",
- "国家863计划课题"=>"国家863计划课题",
- "国家级科技支撑课题" => "国家级科技支撑课题",
- "国家级科技重大专项" => "国家级科技重大专项",
- "国家级国家重大工程" => "国家级国家重大工程",
- "国家级国家自然科学基金" => "国家级国家自然科学基金",
- "国际合作项目"=>"国际合作项目",
- "省部级项目" => "省部级项目",
- "其他项目工程" => "其他项目工程"
- );
-
- $submit = $this->_getParam('submit');
-
- if(!empty($submit))
- {
- $data = $this->AccountEditParamFilter();
-
- if($this->db->update("users",$data,"id=$uid"))
- {
- $this->view->AlertType = "alert-success";
- $this->view->msg = "修改成功!";
- $this->view->jump_url = "/account/edit";
- return true;
- }else{
- $this->view->AlertType = "alert-error";
- $this->view->error = "修改失败,请重试";
- $this->view->info = $data;
- return true;
- }
- }else{
- $this->view->info = $usr->getUserInfo($uid);
- }
- }
-
- function AccountEditParamFilter(){
- $data = array();
- $data['realname'] = substr(trim($this->_getParam('realname')),0,40);
- $data['unit'] = substr(trim($this->_getParam('unit')),0,100);
- $data['address'] = substr(trim($this->_getParam('address')),0,100);
- $data['phone'] = substr(trim($this->_getParam('phone')),0,15);
- $data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
- $data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
- $data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
- $data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
- $data['project'] = substr(trim($this->_getParam('project')),0,600);
-
- foreach($data as $k=>$v)
- {
- $data[$k] = $this->StringFilter($v);
- }
-
- return $data;
- }
-
- function StringFilter($string){
- $string = preg_replace ('/<[^>]*>/', ' ', $string);
- return $string;
- }
-
- function secureAction()
- {
- $this->view->pageID = "account-secure";
-
- include_once("Users.php");
- $usr = new Users($this->db);
-
- $auth = Zend_Auth::getInstance();
- if($auth->hasIdentity())
- {
- $user = $auth->getIdentity();
- $uid = $user->id;
- }
-
- $opt = $this->_getParam('opt');
- $submit = $this->_getParam('submit');
-
- if(empty($opt))
- {
- $this->view->section = "password";
- if(!empty($submit))
- {
- $data = $this->AccountSecureParamFilter();
-
- $this->view->AlertType = "alert-error";
- if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
- {
- $this->view->error = view::Error("密码过长");
- return true;
- }
- if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
- {
- $this->view->error = view::Error("密码过短,请输入大于6位的密码");
- return true;
- }
- if(md5($data['new_password']) != md5($data['new_password_confrim']))
- {
- $this->view->error = view::Error("两次输入的密码不相同");
- return true;
- }
-
- $sql = "SELECT password FROM users WHERE id=$uid";
- $rs = $this->db->query($sql);
- $row = $rs->fetch();
-
- if(md5($data['password']) != $row['password'])
- {
- $this->view->error = view::Error("原密码不正确");
- return true;
- }
-
- $data['password'] = md5($data['new_password']);
-
- unset($data['new_password']);
- unset($data['new_password_confrim']);
-
- if($this->db->update("users",$data,"id=$uid"))
- {
- view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
- return true;
- }else{
- $this->view->error = view::Error("修改失败");
- return true;
- }
- }else{
- $this->view->info = $usr->getUserInfo($uid);
- }
- }//password
-
- if($opt == "email")
- {
- $this->view->section = "email";
- if(!empty($submit))
- {
- $email = $this->_getParam('email');
- $password = $this->_getParam('password');
-
- if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
- {
- $this->view->error = view::Error("错误的邮箱格式");
- return true;
- }
-
- $sql = "SELECT password FROM users WHERE id=$uid";
- $rs = $this->db->query($sql);
- $row = $rs->fetch();
-
- if(md5($password) != $row['password'])
- {
- $this->view->error = view::Error("原密码错误");
- return true;
- }
-
- $data['email'] = $email;
-
- if($this->db->update("users",$data,"id=$uid"))
- {
- view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
- return true;
- }else{
- $this->view->error = view::Error("修改失败");
- return true;
- }
- }else{
- $this->view->info = $usr->getUserInfo($uid);
- }
- }//email
- }
-
- function AccountSecureParamFilter(){
- $data = array();
- $data['password'] = trim($this->_getParam('password'));
- $data['new_password'] = trim($this->_getParam('new_password'));
- $data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
- foreach($data as $k=>$v)
- {
- $data[$k] = $this->StringFilter($v);
- }
- return $data;
- }
-
- function init()
- {
- $this->messenger=$this->_helper->getHelper('FlashMessenger');
- }
-
- function postDispatch()
- {
- //$this->view->messages = $this->messenger->getMessages();
- }
-
- function registerAction()
- {
- $form = new RegisterForm();
- $this->view->form = $form;
-
- if ($this->_request->isPost()) {
- $formData = $this->_request->getPost();
- if ($form->isValid($formData)) {
- $ut = new UsersTable();
- $u = $ut->createRow();
- $u->username = $form->getValue('username');
- $u->password = $form->getValue('password');
- $u->email=$form->getValue('email');
- if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
- if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
- if ($form->getValue('address')) $u->address=$form->getValue('address');
- if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
- if ($form->getValue('project')) $u->project=$form->getValue('project');
- if ($u->save()) {
-
- //注册邮件
- $mail_template = "member-register";
- $mail_data = array(
- 'name'=>$formData['username'],
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($formData['email'],$formData['username']);
- $mail->send();
-
- //自动登录系统
- $this->login($formData['username'],$formData['password']);
- $this->_redirect('/');
- }
- } else {
- $form->populate($formData);
- }
- }
- }
-
- function loginAction()
- {
-
- $success=false;
-
- $options = array(
- 'module' => $this->_request->getModuleName(),
- 'controller' => $this->_request->getControllerName(),
- 'action' => $this->_request->getActionName(),
- );
-
- $auth = Zend_Auth::getInstance();
- if ($auth->hasIdentity())
- {
- view::Post($this,"您已经登录,无需重复登录",-1);
- return true;
- }
-
- $tohref = $this->_request->getParam('href');
-
- if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login"))
- {
- $this->view->href = $_SERVER['REQUEST_URI'];
- }
-
- if($tohref == "/account/login")
- {
- $this->view->href = $tohref = "/";
- }
-
- if(!empty($tohref))
- {
- $this->view->href = $tohref;
- }
-
- $captcha = $this->loadCaptcha();
-
- $submit = $this->_getParam("submit");
- if(!empty($submit))
- {
- $username = trim($this->_request->getParam('username'));
- $password = trim($this->_request->getParam('password'));
- $captchaword = trim($this->_request->getParam('captcha'));
-
- if(empty($username))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "请输入用户名";
- return true;
- }
-
- if(empty($password))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "请输入密码";
- return true;
- }
-
- if(empty($captchaword))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "请输入验证码";
- return true;
- }
-
- if(!isset($_SESSION['captcha']))
- {
- $_SESSION['captcha'] = md5(time());
- }
-
- if ($captchaword != $_SESSION['captcha']) {
- $this->setCaptcha($captcha);
- $this->view->error = "验证码错误";
- return true;
- }
-
- if (!$this->login($username,$password))
- {
- $this->setCaptcha($captcha);
- $this->view->error = "用户名或密码错误";
- $this->view->userid = $username;
- return true;
- }
- else
- {
- if(!empty($tohref))
- {
- view::Post($this,"登录成功,正在跳转",$tohref);
- return true;
- }
- }
- }else{
- $this->setCaptcha($captcha);
- }
-
- }
-
- function loadCaptcha()
- {
- $captcha = new Zend_Captcha_Image(array(
- 'captcha' => 'Image',
- 'wordLen' => 4,
- 'fontsize'=>16,
- 'width' => 100,
- 'height' => 38,
- 'dotNoiseLevel'=>2,
- 'lineNoiseLevel'=>1,
- 'timeout' => 300,
- 'font' => '../data/fonts/ggbi.ttf',
- 'imgDir' => 'vdimg/',
- 'imgUrl' => '/vdimg',
- ));
- return $captcha;
- }
-
- function setCaptcha(Zend_Captcha_Image $captcha,$ajax = false){
- $captcha->generate();
- $_SESSION['captcha'] = $captcha->getWord();
- $url = $captcha->getImgUrl()
- .$captcha->getId()
- .$captcha->getSuffix();
- if(!$ajax)
- {
- $this->view->captcha = $url;
- }else{
- return $url;
- }
- }
-
- function captchaAction()
- {
- $this->_helper->layout->disableLayout();
- $this->_helper->viewRenderer->setNoRender();
-
- $captcha = $this->loadCaptcha();
- $url = $this->setCaptcha($captcha,true);
-
- echo $url;
- return true;
- }
-
- function logoutAction()
- {
- $auth = Zend_Auth::getInstance();
- $auth->clearIdentity();
- require_once 'member.php';
- $mb=new member();
- member::flushcookie();
- $this->_redirect('/');
- }
-
- private function default_login($u,$p)
- {
- $auth = Zend_Auth::getInstance();
- $db=Zend_Registry::get('db');
-
- $authAdapter = new Zend_Auth_Adapter_DbTable($db);
- $authAdapter->setTableName('users')
- ->setIdentityColumn('username')
- ->setCredentialColumn('password');
- $authAdapter->setIdentity($u)->setCredential(md5($p));
- $result = $auth->authenticate($authAdapter);
- if ($result->isValid()) {
- // success: store database row to auth's storage
- $data = $authAdapter->getResultRowObject(null,'password');
-
- //头像
- include_once("Avatar.php");
- $avatar = new Avatar();
- $data->avatar = $avatar->Get($data->email,40);
-
- //组ID
- include_once("Users.php");
- $usr = new Users($db);
- $data->gid = $usr->getGroup($data->id);
-
- $auth->getStorage()->write($data);
- $db->query("update users set ts_last_login=now() where username=?",array($u));
-
- if ($this->_request->getParam('remember')) {
- $sql="select usertype from users where username='$u'";
- $rs=$db->query($sql);
- $row=$rs->fetch();
- //if($row['usertype']!='administrator')
- {
- require_once 'member.php';
- $mb = new member();
- $mb -> putcookie($u,md5($p));
- }
- }
-
- return true;
- }else
- {
- return false;
- }
- return false;
- }
- private function aspnet_login($p,$salt,$password)
- {
- $p1=implode("\x00",str_split($p))."\x00";
- $ball=base64_decode($salt).$p1;
- return trim($password)==base64_encode(sha1($ball,true));
- }
- // 首先判断是否存在salt
- // 若有salt,则按照aspnet membership加密算法进行判断
- function login($u,$p)
- {
- $ut= new UsersTable();
- $db=$ut->getAdapter();
- $sql="select password,salt from users where username=?";
- $uq=$db->query($sql,array($u));
- if ($urow=$uq->fetchObject())
- {
- if (empty($urow->salt))
- return $this->default_login($u,$p);
- else {
- //进行判断并进行转换到默认
- if ($this->aspnet_login($p,$urow->salt,$urow->password))
- {
- $sql="update users set password=md5(?),salt='' where username=?";
- $db->query($sql,array($p,$u));
- return $this->default_login($u,$p);
- } else
- return false;
- }
- } else {
- //没有对应的用户,登录失败
- return false;
- }
- }
- function fetchpwdAction()
- {
- $ut= new UsersTable();
- $db=$ut->getAdapter();
- $form = new LostpwdForm();
- $key=$this->_request->getParam('key');
- $login=$this->_request->getParam('login');
- if (empty($key) && empty($login)) {
- $this->view->form = $form;
- if ($this->_request->isPost()) {
- $formData = $this->_request->getPost();
- if ($form->isValid($formData)) {
- $sql="select * from users where email=?";
- $uq=$db->query($sql,array($formData['email']));
- if ($urow=$uq->fetchObject())
- {
- //email the url to user
- $username=$urow->username;
- $sql="update users set activation=? where email=?";
- $uid=uniqid();
- $db->query($sql,array($uid,$formData['email']));
-
- //发邮件
- $mail_template = "users-changepassword";
- $mail_data = array(
- 'name'=>$username,
- 'url' => view::getHostLink()."/account/fetchpwd/".$username."/".$uid
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($formData['email'],$username);
- $mail->send();
-
-
- $this->view->messages[]='请检查您的新邮件中的确认激活链接。';
- $this->view->form=false;//do not echo form
- } else
- $this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。');
- }
- } else
- $this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。';
- } else {
- $sql="select * from users where username=? and activation=?";
- $uq=$db->query($sql,array($login,$key));
- $tmp_pwd=uniqid();
- if ($urow=$uq->fetchObject())
- {
- $sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?";
- $db->query($sql,array($login,$key));
-
- //发邮件
- $mail_template = "users-changepassword";
- $mail_data = array(
- 'name'=>$login,
- 'tmp_pwd' => $tmp_pwd
- );
-
- $mail = new Mail();
-
- $mail->loadTemplate($mail_template,$mail_data);
- $mail->addTo($urow->email,$login);
- $mail->send();
-
- $this->view->messages[]='请查收您新邮件中的新密码';
- $this->view->form=false;//do not echo form
-
- }
- }
-
- } //找回密码
-
- //OAuth2登录跳转页面
- public function oauth2loginAction()
- {
- $type = $this->_getParam('type');
- $client = new Client();
- $url = $client->makeRequestCodeUrl($type);
-
- view::Post($this,"为您转入科技网登录入口",$url);
- }
-
- //oauth2登录回调地址
- public function callbackAction()
- {
- $type = $this->_getParam('type');
- $code = $this->_getParam('code');
-
- $client = new Client($type);
-
- $client->initSource();
- $target = $client->getSource()->getTarget($type);
- $this->view->target_name = $target['name'];
-
- //$token = $client->requestToken($code);
-
- $token = array(
- "expires_in"=>(int)432000,
- "refresh_token"=>(string)"eb40e792e05a21e779aa89d71066fa61",
- "userInfo"=>(string)'{"passwordType":"password_umt","securityEmail":"liujin834@live.com","cstnetIdStatus":"active","umtId":"10247308","truename":"李建轩","cstnetId":"liujin834@live.com","type":"umt"}',
- "access_token"=>(string)"48415c56215f5cd26baabe403864aaf7"
- );
-
- if(is_string($token))
- {
- view::Post($this,$token,'/account/login');
- }
-
- $status = $client->storageTokenData($type,$token);
-
- if($status === true)
- {
- echo "";
- }else{
- echo $status;
- }
- }
-
-}
-
+view->config = Zend_Registry::get('config');
+ $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
+ $this->db = Zend_Registry::get('db');
+ $this->view->messages = $this->messenger->getMessages();
+ $this->view->theme = new Theme();
+ }
+
+ function indexAction()
+ {
+ $this->view->pageID = "account-index";
+
+ include_once("Users.php");
+ $usr = new Users($this->db);
+
+ $auth = Zend_Auth::getInstance();
+ if($auth->hasIdentity())
+ {
+ $user = $auth->getIdentity();
+ $uid = $user->id;
+ }
+
+ include_once("Avatar.php");
+ $avatar = new Avatar();
+ $this->view->avatar = $avatar->Get($user->email,140);
+
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+
+ function editAction()
+ {
+ $this->view->pageID = "account-edit";
+
+ include_once("Users.php");
+ $usr = new Users($this->db);
+
+ $auth = Zend_Auth::getInstance();
+ if($auth->hasIdentity())
+ {
+ $user = $auth->getIdentity();
+ $uid = $user->id;
+ }
+
+ include_once("Avatar.php");
+ $avatar = new Avatar();
+ $this->view->avatar = $avatar->Get($user->email,140);
+
+ $this->view->projectType = array(
+ "无" => '',
+ "国家973计划项目课题" => "国家973计划项目课题",
+ "国家863计划课题"=>"国家863计划课题",
+ "国家级科技支撑课题" => "国家级科技支撑课题",
+ "国家级科技重大专项" => "国家级科技重大专项",
+ "国家级国家重大工程" => "国家级国家重大工程",
+ "国家级国家自然科学基金" => "国家级国家自然科学基金",
+ "国际合作项目"=>"国际合作项目",
+ "省部级项目" => "省部级项目",
+ "其他项目工程" => "其他项目工程"
+ );
+
+ $submit = $this->_getParam('submit');
+
+ if(!empty($submit))
+ {
+ $data = $this->AccountEditParamFilter();
+
+ if($this->db->update("users",$data,"id=$uid"))
+ {
+ $this->view->AlertType = "alert-success";
+ $this->view->msg = "修改成功!";
+ $this->view->jump_url = "/account/edit";
+ return true;
+ }else{
+ $this->view->AlertType = "alert-error";
+ $this->view->error = "修改失败,请重试";
+ $this->view->info = $data;
+ return true;
+ }
+ }else{
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+ }
+
+ function AccountEditParamFilter(){
+ $data = array();
+ $data['realname'] = substr(trim($this->_getParam('realname')),0,40);
+ $data['unit'] = substr(trim($this->_getParam('unit')),0,100);
+ $data['address'] = substr(trim($this->_getParam('address')),0,100);
+ $data['phone'] = substr(trim($this->_getParam('phone')),0,15);
+ $data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
+ $data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
+ $data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
+ $data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
+ $data['project'] = substr(trim($this->_getParam('project')),0,600);
+
+ foreach($data as $k=>$v)
+ {
+ $data[$k] = $this->StringFilter($v);
+ }
+
+ return $data;
+ }
+
+ function StringFilter($string){
+ $string = preg_replace ('/<[^>]*>/', ' ', $string);
+ return $string;
+ }
+
+ function secureAction()
+ {
+ $this->view->pageID = "account-secure";
+
+ include_once("Users.php");
+ $usr = new Users($this->db);
+
+ $auth = Zend_Auth::getInstance();
+ if($auth->hasIdentity())
+ {
+ $user = $auth->getIdentity();
+ $uid = $user->id;
+ }
+
+ $opt = $this->_getParam('opt');
+ $submit = $this->_getParam('submit');
+
+ if(empty($opt))
+ {
+ $this->view->section = "password";
+ if(!empty($submit))
+ {
+ $data = $this->AccountSecureParamFilter();
+
+ $this->view->AlertType = "alert-error";
+ if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
+ {
+ $this->view->error = view::Error("密码过长");
+ return true;
+ }
+ if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
+ {
+ $this->view->error = view::Error("密码过短,请输入大于6位的密码");
+ return true;
+ }
+ if(md5($data['new_password']) != md5($data['new_password_confrim']))
+ {
+ $this->view->error = view::Error("两次输入的密码不相同");
+ return true;
+ }
+
+ $sql = "SELECT password FROM users WHERE id=$uid";
+ $rs = $this->db->query($sql);
+ $row = $rs->fetch();
+
+ if(md5($data['password']) != $row['password'])
+ {
+ $this->view->error = view::Error("原密码不正确");
+ return true;
+ }
+
+ $data['password'] = md5($data['new_password']);
+
+ unset($data['new_password']);
+ unset($data['new_password_confrim']);
+
+ if($this->db->update("users",$data,"id=$uid"))
+ {
+ view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
+ return true;
+ }else{
+ $this->view->error = view::Error("修改失败");
+ return true;
+ }
+ }else{
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+ }//password
+
+ if($opt == "email")
+ {
+ $this->view->section = "email";
+ if(!empty($submit))
+ {
+ $email = $this->_getParam('email');
+ $password = $this->_getParam('password');
+
+ if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
+ {
+ $this->view->error = view::Error("错误的邮箱格式");
+ return true;
+ }
+
+ $sql = "SELECT password FROM users WHERE id=$uid";
+ $rs = $this->db->query($sql);
+ $row = $rs->fetch();
+
+ if(md5($password) != $row['password'])
+ {
+ $this->view->error = view::Error("原密码错误");
+ return true;
+ }
+
+ $data['email'] = $email;
+
+ if($this->db->update("users",$data,"id=$uid"))
+ {
+ view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
+ return true;
+ }else{
+ $this->view->error = view::Error("修改失败");
+ return true;
+ }
+ }else{
+ $this->view->info = $usr->getUserInfo($uid);
+ }
+ }//email
+ }
+
+ function AccountSecureParamFilter(){
+ $data = array();
+ $data['password'] = trim($this->_getParam('password'));
+ $data['new_password'] = trim($this->_getParam('new_password'));
+ $data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
+ foreach($data as $k=>$v)
+ {
+ $data[$k] = $this->StringFilter($v);
+ }
+ return $data;
+ }
+
+ function init()
+ {
+ $this->messenger=$this->_helper->getHelper('FlashMessenger');
+ }
+
+ function postDispatch()
+ {
+ //$this->view->messages = $this->messenger->getMessages();
+ }
+
+ function registerAction()
+ {
+ $form = new RegisterForm();
+ $this->view->form = $form;
+
+ if ($this->_request->isPost()) {
+ $formData = $this->_request->getPost();
+ if ($form->isValid($formData)) {
+ $ut = new UsersTable();
+ $u = $ut->createRow();
+ $u->username = $form->getValue('username');
+ $u->password = $form->getValue('password');
+ $u->email=$form->getValue('email');
+ if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
+ if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
+ if ($form->getValue('address')) $u->address=$form->getValue('address');
+ if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
+ if ($form->getValue('project')) $u->project=$form->getValue('project');
+ if ($u->save()) {
+
+ //注册邮件
+ $mail_template = "member-register";
+ $mail_data = array(
+ 'name'=>$formData['username'],
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($formData['email'],$formData['username']);
+ $mail->send();
+
+ //自动登录系统
+ $this->login($formData['username'],$formData['password']);
+ $this->_redirect('/');
+ }
+ } else {
+ $form->populate($formData);
+ }
+ }
+ }
+
+ function loginAction()
+ {
+
+ $success=false;
+
+ $options = array(
+ 'module' => $this->_request->getModuleName(),
+ 'controller' => $this->_request->getControllerName(),
+ 'action' => $this->_request->getActionName(),
+ );
+
+ $auth = Zend_Auth::getInstance();
+ if ($auth->hasIdentity())
+ {
+ view::Post($this,"您已经登录,无需重复登录",-1);
+ return true;
+ }
+
+ $tohref = $this->_request->getParam('href');
+
+ if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login"))
+ {
+ $this->view->href = $_SERVER['REQUEST_URI'];
+ }
+
+ if($tohref == "/account/login")
+ {
+ $this->view->href = $tohref = "/";
+ }
+
+ if(!empty($tohref))
+ {
+ $this->view->href = $tohref;
+ }
+
+ $captcha = $this->loadCaptcha();
+
+ $submit = $this->_getParam("submit");
+ if(!empty($submit))
+ {
+ $username = trim($this->_request->getParam('username'));
+ $password = trim($this->_request->getParam('password'));
+ $captchaword = trim($this->_request->getParam('captcha'));
+
+ if(empty($username))
+ {
+ $this->setCaptcha($captcha);
+ $this->view->error = "请输入用户名";
+ return true;
+ }
+
+ if(empty($password))
+ {
+ $this->setCaptcha($captcha);
+ $this->view->error = "请输入密码";
+ return true;
+ }
+
+ if(empty($captchaword))
+ {
+ $this->setCaptcha($captcha);
+ $this->view->error = "请输入验证码";
+ return true;
+ }
+
+ if(!isset($_SESSION['captcha']))
+ {
+ $_SESSION['captcha'] = md5(time());
+ }
+
+ if ($captchaword != $_SESSION['captcha']) {
+ $this->setCaptcha($captcha);
+ $this->view->error = "验证码错误";
+ return true;
+ }
+
+ if (!$this->login($username,$password))
+ {
+ $this->setCaptcha($captcha);
+ $this->view->error = "用户名或密码错误";
+ $this->view->userid = $username;
+ return true;
+ }
+ else
+ {
+ if(!empty($tohref))
+ {
+ view::Post($this,"登录成功,正在跳转",$tohref);
+ return true;
+ }
+ }
+ }else{
+ $this->setCaptcha($captcha);
+ }
+
+ }
+
+ function loadCaptcha()
+ {
+ $captcha = new Zend_Captcha_Image(array(
+ 'captcha' => 'Image',
+ 'wordLen' => 4,
+ 'fontsize'=>16,
+ 'width' => 100,
+ 'height' => 38,
+ 'dotNoiseLevel'=>2,
+ 'lineNoiseLevel'=>1,
+ 'timeout' => 300,
+ 'font' => '../data/fonts/ggbi.ttf',
+ 'imgDir' => 'vdimg/',
+ 'imgUrl' => '/vdimg',
+ ));
+ return $captcha;
+ }
+
+ function setCaptcha(Zend_Captcha_Image $captcha,$ajax = false){
+ $captcha->generate();
+ $_SESSION['captcha'] = $captcha->getWord();
+ $url = $captcha->getImgUrl()
+ .$captcha->getId()
+ .$captcha->getSuffix();
+ if(!$ajax)
+ {
+ $this->view->captcha = $url;
+ }else{
+ return $url;
+ }
+ }
+
+ function captchaAction()
+ {
+ $this->_helper->layout->disableLayout();
+ $this->_helper->viewRenderer->setNoRender();
+
+ $captcha = $this->loadCaptcha();
+ $url = $this->setCaptcha($captcha,true);
+
+ echo $url;
+ return true;
+ }
+
+ function logoutAction()
+ {
+ $auth = Zend_Auth::getInstance();
+ $auth->clearIdentity();
+ require_once 'member.php';
+ $mb=new member();
+ member::flushcookie();
+ $this->_redirect('/');
+ }
+
+ private function default_login($u,$p)
+ {
+ $auth = Zend_Auth::getInstance();
+ $db=Zend_Registry::get('db');
+
+ $authAdapter = new Zend_Auth_Adapter_DbTable($db);
+ $authAdapter->setTableName('users')
+ ->setIdentityColumn('username')
+ ->setCredentialColumn('password');
+ $authAdapter->setIdentity($u)->setCredential(md5($p));
+ $result = $auth->authenticate($authAdapter);
+ if ($result->isValid()) {
+ // success: store database row to auth's storage
+ $data = $authAdapter->getResultRowObject(null,'password');
+
+ //头像
+ include_once("Avatar.php");
+ $avatar = new Avatar();
+ $data->avatar = $avatar->Get($data->email,40);
+
+ //组ID
+ include_once("Users.php");
+ $usr = new Users($db);
+ $data->gid = $usr->getGroup($data->id);
+
+ $auth->getStorage()->write($data);
+ $db->query("update users set ts_last_login=now() where username=?",array($u));
+
+ if ($this->_request->getParam('remember')) {
+ $sql="select usertype from users where username='$u'";
+ $rs=$db->query($sql);
+ $row=$rs->fetch();
+ //if($row['usertype']!='administrator')
+ {
+ require_once 'member.php';
+ $mb = new member();
+ $mb -> putcookie($u,md5($p));
+ }
+ }
+
+ return true;
+ }else
+ {
+ return false;
+ }
+ return false;
+ }
+ private function aspnet_login($p,$salt,$password)
+ {
+ $p1=implode("\x00",str_split($p))."\x00";
+ $ball=base64_decode($salt).$p1;
+ return trim($password)==base64_encode(sha1($ball,true));
+ }
+ // 首先判断是否存在salt
+ // 若有salt,则按照aspnet membership加密算法进行判断
+ function login($u,$p)
+ {
+ $ut= new UsersTable();
+ $db=$ut->getAdapter();
+ $sql="select password,salt from users where username=?";
+ $uq=$db->query($sql,array($u));
+ if ($urow=$uq->fetchObject())
+ {
+ if (empty($urow->salt))
+ return $this->default_login($u,$p);
+ else {
+ //进行判断并进行转换到默认
+ if ($this->aspnet_login($p,$urow->salt,$urow->password))
+ {
+ $sql="update users set password=md5(?),salt='' where username=?";
+ $db->query($sql,array($p,$u));
+ return $this->default_login($u,$p);
+ } else
+ return false;
+ }
+ } else {
+ //没有对应的用户,登录失败
+ return false;
+ }
+ }
+ function fetchpwdAction()
+ {
+ $ut= new UsersTable();
+ $db=$ut->getAdapter();
+ $form = new LostpwdForm();
+ $key=$this->_request->getParam('key');
+ $login=$this->_request->getParam('login');
+ if (empty($key) && empty($login)) {
+ $this->view->form = $form;
+ if ($this->_request->isPost()) {
+ $formData = $this->_request->getPost();
+ if ($form->isValid($formData)) {
+ $sql="select * from users where email=?";
+ $uq=$db->query($sql,array($formData['email']));
+ if ($urow=$uq->fetchObject())
+ {
+ //email the url to user
+ $username=$urow->username;
+ $sql="update users set activation=? where email=?";
+ $uid=uniqid();
+ $db->query($sql,array($uid,$formData['email']));
+
+ //发邮件
+ $mail_template = "users-changepassword";
+ $mail_data = array(
+ 'name'=>$username,
+ 'url' => view::getHostLink()."/account/fetchpwd/".$username."/".$uid
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($formData['email'],$username);
+ $mail->send();
+
+
+ $this->view->messages[]='请检查您的新邮件中的确认激活链接。';
+ $this->view->form=false;//do not echo form
+ } else
+ $this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。');
+ }
+ } else
+ $this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。';
+ } else {
+ $sql="select * from users where username=? and activation=?";
+ $uq=$db->query($sql,array($login,$key));
+ $tmp_pwd=uniqid();
+ if ($urow=$uq->fetchObject())
+ {
+ $sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?";
+ $db->query($sql,array($login,$key));
+
+ //发邮件
+ $mail_template = "users-changepassword";
+ $mail_data = array(
+ 'name'=>$login,
+ 'tmp_pwd' => $tmp_pwd
+ );
+
+ $mail = new Mail();
+
+ $mail->loadTemplate($mail_template,$mail_data);
+ $mail->addTo($urow->email,$login);
+ $mail->send();
+
+ $this->view->messages[]='请查收您新邮件中的新密码';
+ $this->view->form=false;//do not echo form
+
+ }
+ }
+
+ } //找回密码
+
+ //OAuth2登录跳转页面
+ public function oauth2loginAction()
+ {
+ $type = $this->_getParam('type');
+ $client = new Client();
+ $url = $client->makeRequestCodeUrl($type);
+
+ view::Post($this,"为您转入科技网登录入口",$url);
+ }
+
+ //oauth2登录回调地址
+ public function callbackAction()
+ {
+ $type = $this->_getParam('type');
+ $code = $this->_getParam('code');
+
+ $client = new Client($type);
+
+ $client->initSource();
+ $target = $client->getSource()->getTarget($type);
+ $this->view->target_name = $target['name'];
+
+ $token = $client->requestToken($code);
+
+ if(is_string($token))
+ {
+ view::Post($this,$token,'/account/login');
+ }
+
+ $status = $client->storageTokenData($type,$token);
+
+ if($status === true)
+ {
+ echo "";
+ }else{
+ echo $status;
+ }
+ }
+
+}
+