修改三江源数据门户的用户模块

This commit is contained in:
Li Jianxuan 2014-01-24 02:33:21 +00:00
parent 4cd7966f1b
commit c527de9207
11 changed files with 1102 additions and 1112 deletions

View File

@ -1,7 +1,10 @@
<?php <?php
use Helpers\View as view;
use Mail\Mail; use Mail\Mail;
use Open\Client; use Open\Client;
use Users\Account;
use Users\Member;
use Helpers\Captcha;
use Helpers\View as view;
class AccountController extends Zend_Controller_Action class AccountController extends Zend_Controller_Action
{ {
@ -63,7 +66,7 @@ class AccountController extends Zend_Controller_Action
"国家级国家自然科学基金" => "国家级国家自然科学基金", "国家级国家自然科学基金" => "国家级国家自然科学基金",
"国际合作项目"=>"国际合作项目", "国际合作项目"=>"国际合作项目",
"省部级项目" => "省部级项目", "省部级项目" => "省部级项目",
"其他项目工程" => "其他项目工程" "其他项目工程" => "其他项目工程",
); );
$submit = $this->_getParam('submit'); $submit = $this->_getParam('submit');
@ -247,51 +250,35 @@ class AccountController extends Zend_Controller_Action
function registerAction() function registerAction()
{ {
$form = new RegisterForm(); $order = new \Order\Order();
$this->view->form = $form;
if ($this->_request->isPost()) { $this->view->projectType = array_merge(array(""=>""),$order->projectType);
$formData = $this->_request->getPost();
if ($form->isValid($formData)) {
$ut = new UsersTable();
$u = $ut->createRow();
$u->username = $form->getValue('username');
$u->password = $form->getValue('password');
$u->email=$form->getValue('email');
if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
if ($form->getValue('address')) $u->address=$form->getValue('address');
if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
if ($form->getValue('project')) $u->project=$form->getValue('project');
if ($u->save()) {
//注册邮件 $submit = $this->_getParam("submit");
$mail_template = "member-register";
$mail_data = array(
'name'=>$formData['username'],
);
$mail = new Mail(); if(!empty($submit))
{
$account = new Account();
$this->view->data = $data = $account->getRegisterParam();
$status = $account->register($data);
$mail->loadTemplate($mail_template,$mail_data); if(isset($status['error']))
$mail->addTo($formData['email'],$formData['username']); {
$mail->send(); $this->view->error = view::Error($status['error']);
if(isset($status['place']))
//自动登录系统 {
$this->login($formData['username'],$formData['password']); $this->view->place = $status['place'];
$this->_redirect('/');
} }
} else { }else{
$form->populate($formData); view::Post($this,"注册成功!","/");
return true;
} }
} }
} }
function loginAction() function loginAction()
{ {
$success=false;
$options = array( $options = array(
'module' => $this->_request->getModuleName(), 'module' => $this->_request->getModuleName(),
'controller' => $this->_request->getControllerName(), 'controller' => $this->_request->getControllerName(),
@ -301,20 +288,17 @@ class AccountController extends Zend_Controller_Action
$auth = Zend_Auth::getInstance(); $auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) if ($auth->hasIdentity())
{ {
view::Post($this,"您已经登录,无需重复登录",-1); view::Post($this,"您已经登录,无需重复登录","/index");
return true; return true;
} }
$tohref = $this->_request->getParam('href'); $tohref = $this->_request->getParam('href');
if(($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login")) if($_SERVER['REQUEST_URI'] !== "/account/login")
{ {
$this->view->href = $_SERVER['REQUEST_URI']; $this->view->href = $_SERVER['REQUEST_URI'];
} }else{
$this->view->href = "/";
if($tohref == "/account/login")
{
$this->view->href = $tohref = "/";
} }
if(!empty($tohref)) if(!empty($tohref))
@ -322,7 +306,7 @@ class AccountController extends Zend_Controller_Action
$this->view->href = $tohref; $this->view->href = $tohref;
} }
$captcha = $this->loadCaptcha(); $captcha = new Captcha();
$submit = $this->_getParam("submit"); $submit = $this->_getParam("submit");
if(!empty($submit)) if(!empty($submit))
@ -331,263 +315,121 @@ class AccountController extends Zend_Controller_Action
$password = trim($this->_request->getParam('password')); $password = trim($this->_request->getParam('password'));
$captchaword = trim($this->_request->getParam('captcha')); $captchaword = trim($this->_request->getParam('captcha'));
if(empty($username)) if($captcha->isValid($captchaword) !== true)
{ {
$this->setCaptcha($captcha); $this->view->error = view::Error("验证码错误");
$this->view->error = "请输入用户名"; $this->view->captcha = $captcha->setCaptcha();
return true; return true;
} }
if(empty($password)) $account = new Account();
$status = $account->login(array(
'username' => $username,
'password' => $password
));
if(isset($status['error']))
{ {
$this->setCaptcha($captcha); $this->view->error = view::Error($status['error']);
$this->view->error = "请输入密码"; $this->view->captcha = $captcha->setCaptcha();
return true; return true;
} }
if(empty($captchaword))
{
$this->setCaptcha($captcha);
$this->view->error = "请输入验证码";
return true;
}
if(!isset($_SESSION['captcha']))
{
$_SESSION['captcha'] = md5(time());
}
if ($captchaword != $_SESSION['captcha']) {
$this->setCaptcha($captcha);
$this->view->error = "验证码错误";
return true;
}
if (!$this->login($username,$password))
{
$this->setCaptcha($captcha);
$this->view->error = "用户名或密码错误";
$this->view->userid = $username;
return true;
}
else
{
if(!empty($tohref))
{
view::Post($this,"登录成功,正在跳转",$tohref); view::Post($this,"登录成功,正在跳转",$tohref);
return true; return true;
}
}
}else{ }else{
$this->setCaptcha($captcha); $this->view->captcha = $captcha->setCaptcha();
} }
} }
function loadCaptcha() public function captchaAction()
{ {
$captcha = new Zend_Captcha_Image(array( if(view::isXmlHttpRequest($this))
'captcha' => 'Image',
'wordLen' => 4,
'fontsize'=>16,
'width' => 100,
'height' => 38,
'dotNoiseLevel'=>2,
'lineNoiseLevel'=>1,
'timeout' => 300,
'font' => '../data/fonts/ggbi.ttf',
'imgDir' => 'vdimg/',
'imgUrl' => '/vdimg',
));
return $captcha;
}
function setCaptcha(Zend_Captcha_Image $captcha,$ajax = false){
$captcha->generate();
$_SESSION['captcha'] = $captcha->getWord();
$url = $captcha->getImgUrl()
.$captcha->getId()
.$captcha->getSuffix();
if(!$ajax)
{ {
$this->view->captcha = $url; $captcha = new Captcha();
}else{ $url = $captcha->setCaptcha();
return $url;
}
}
function captchaAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$captcha = $this->loadCaptcha();
$url = $this->setCaptcha($captcha,true);
echo $url; echo $url;
return true; return true;
}else{
echo "bad request!";
exit();
}
} }
function logoutAction() public function logoutAction()
{ {
$auth = Zend_Auth::getInstance(); $auth = Zend_Auth::getInstance();
$auth->clearIdentity(); $auth->clearIdentity();
require_once 'member.php'; Member::flushcookie();
$mb=new member();
member::flushcookie();
$this->_redirect('/'); $this->_redirect('/');
} }
private function default_login($u,$p) public function fetchpwdAction()
{ {
$auth = Zend_Auth::getInstance(); $salt = trim($this->_getParam('salt'));
$db=Zend_Registry::get('db'); $submit = $this->_getParam('submit');
if(empty($salt))
$authAdapter = new Zend_Auth_Adapter_DbTable($db);
$authAdapter->setTableName('users')
->setIdentityColumn('username')
->setCredentialColumn('password');
$authAdapter->setIdentity($u)->setCredential(md5($p));
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
// success: store database row to auth's storage
$data = $authAdapter->getResultRowObject(null,'password');
//头像
include_once("Avatar.php");
$avatar = new Avatar();
$data->avatar = $avatar->Get($data->email,40);
//组ID
include_once("Users.php");
$usr = new Users($db);
$data->gid = $usr->getGroup($data->id);
$auth->getStorage()->write($data);
$db->query("update users set ts_last_login=now() where username=?",array($u));
if ($this->_request->getParam('remember')) {
$sql="select usertype from users where username='$u'";
$rs=$db->query($sql);
$row=$rs->fetch();
//if($row['usertype']!='administrator')
{ {
require_once 'member.php'; $captcha = new Captcha();
$mb = new member();
$mb -> putcookie($u,md5($p));
}
}
if(!empty($submit))
{
$email = trim($this->_request->getParam('email'));
$captchaword = trim($this->_request->getParam('captcha'));
if(!$captcha->isValid($captchaword))
{
$this->view->error = view::Error("验证码错误");
$this->view->captcha = $captcha->setCaptcha();
return true; return true;
}else }
$account = new Account();
$status = $account->getMyPassword($email);
if(isset($status['error']))
{ {
return false; $this->view->error = view::Error($status['error']);
$this->view->captcha = $captcha->setCaptcha();
return true;
} }
return false;
view::Post($this,"您的密码重置申请已提交,请在邮箱中查看");
return true;
}else{
$this->view->captcha = $captcha->setCaptcha();
}//提交密码重置申请
} }
private function aspnet_login($p,$salt,$password)
else{
$this->_helper->viewRenderer('account-resetpassword');
$this->view->salt = $salt;
if(!empty($submit))
{ {
$p1=implode("\x00",str_split($p))."\x00"; $username = trim($this->_request->getParam('username'));
$ball=base64_decode($salt).$p1; $password = trim($this->_request->getParam('password'));
return trim($password)==base64_encode(sha1($ball,true)); $confirm_password = trim($this->_request->getParam('confirm_password'));
}
// 首先判断是否存在salt $account = new Account();
// 若有salt则按照aspnet membership加密算法进行判断 $status = $account->resetPassword(array(
function login($u,$p) 'username' => $username,
'password' => $password,
'confirm_password' => $confirm_password,
'salt' => $salt
));
if(isset($status['error']))
{ {
$ut= new UsersTable(); $this->view->error = view::Error($status['error']);
$db=$ut->getAdapter(); return true;
$sql="select password,salt from users where username=?";
$uq=$db->query($sql,array($u));
if ($urow=$uq->fetchObject())
{
if (empty($urow->salt))
return $this->default_login($u,$p);
else {
//进行判断并进行转换到默认
if ($this->aspnet_login($p,$urow->salt,$urow->password))
{
$sql="update users set password=md5(?),salt='' where username=?";
$db->query($sql,array($p,$u));
return $this->default_login($u,$p);
} else
return false;
}
} else {
//没有对应的用户,登录失败
return false;
}
}
function fetchpwdAction()
{
$ut= new UsersTable();
$db=$ut->getAdapter();
$form = new LostpwdForm();
$key=$this->_request->getParam('key');
$login=$this->_request->getParam('login');
if (empty($key) && empty($login)) {
$this->view->form = $form;
if ($this->_request->isPost()) {
$formData = $this->_request->getPost();
if ($form->isValid($formData)) {
$sql="select * from users where email=?";
$uq=$db->query($sql,array($formData['email']));
if ($urow=$uq->fetchObject())
{
//email the url to user
$username=$urow->username;
$sql="update users set activation=? where email=?";
$uid=uniqid();
$db->query($sql,array($uid,$formData['email']));
//发邮件
$mail_template = "users-changepassword";
$mail_data = array(
'name'=>$username,
'url' => view::getHostLink()."/account/fetchpwd/".$username."/".$uid
);
$mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data);
$mail->addTo($formData['email'],$username);
$mail->send();
$this->view->messages[]='请检查您的新邮件中的确认激活链接。';
$this->view->form=false;//do not echo form
} else
$this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。');
}
} else
$this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。';
} else {
$sql="select * from users where username=? and activation=?";
$uq=$db->query($sql,array($login,$key));
$tmp_pwd=uniqid();
if ($urow=$uq->fetchObject())
{
$sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?";
$db->query($sql,array($login,$key));
//发邮件
$mail_template = "users-changepassword";
$mail_data = array(
'name'=>$login,
'tmp_pwd' => $tmp_pwd
);
$mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data);
$mail->addTo($urow->email,$login);
$mail->send();
$this->view->messages[]='请查收您新邮件中的新密码';
$this->view->form=false;//do not echo form
} }
view::Post($this,"您的密码修改成功!请使用新密码登录","/account/login");
return true;
} }
}//修改密码
} //找回密码 } //找回密码

View File

@ -53,13 +53,13 @@
<div class="control-group "> <div class="control-group ">
<label class="control-label">工作单位</label> <label class="control-label">工作单位</label>
<div class="controls"> <div class="controls">
<input type="text" name="unit" value="<?php echo empty($this->info['unit']) ? "":$this->info['unit']; ?>" class="span8" /> <input type="text" name="unit" value="<?php echo empty($this->info['unit']) ? "":$this->info['unit']; ?>" class="input-block-level" />
</div> </div>
</div> </div>
<div class="control-group "> <div class="control-group ">
<label class="control-label">联系地址</label> <label class="control-label">联系地址</label>
<div class="controls"> <div class="controls">
<input type="text" name="address" value="<?php echo empty($this->info['address']) ? "":$this->info['address']; ?>" class="span8" /> <input type="text" name="address" value="<?php echo empty($this->info['address']) ? "":$this->info['address']; ?>" class="input-block-level" />
</div> </div>
</div> </div>
<div class="control-group "> <div class="control-group ">
@ -107,13 +107,13 @@
<div class="control-group "> <div class="control-group ">
<label class="control-label">项目名称</label> <label class="control-label">项目名称</label>
<div class="controls"> <div class="controls">
<input type="text" name="project_title" value="<?php echo empty($this->info['project_title']) ? "":$this->info['project_title']; ?>" class="span8" /> <input type="text" name="project_title" value="<?php echo empty($this->info['project_title']) ? "":$this->info['project_title']; ?>" class="input-block-level" />
</div> </div>
</div> </div>
<div class="control-group "> <div class="control-group ">
<label class="control-label">项目简介</label> <label class="control-label">项目简介</label>
<div class="controls"> <div class="controls">
<textarea name="project" class="span8"><?php echo empty($this->info['project']) ? "":$this->info['project']; ?></textarea> <textarea name="project" class="input-block-level"><?php echo empty($this->info['project']) ? "":$this->info['project']; ?></textarea>
</div> </div>
</div> </div>
<div class="form-actions"> <div class="form-actions">

View File

@ -7,18 +7,49 @@
$this->breadcrumb('<a href="/account/fetchpwd">找回密码</a>'); $this->breadcrumb('<a href="/account/fetchpwd">找回密码</a>');
$this->breadcrumb()->setSeparator(' > '); $this->breadcrumb()->setSeparator(' > ');
?> ?>
<?php if (!empty($this->messages)) : ?> <div class="row-fluid">
<div id="message"> <?php if(!empty($this->error)) { ?>
<?php <?= $this->error ?>
foreach ($this->messages as $info)echo $info; <?php } ?>
?> <form method="post" class="form-horizontal">
</div> <div class="control-group">
<?php endif; ?> <label class="control-label" for="email">E-mail</label>
<?php if ($this->form) : ?> <div class="controls">
<div id="info"> <input id="email" type="text" value="" name="email" />
<?php echo $this->form;?> <span class="help-block">请输入注册时填写的Email地址</span>
</div> </div>
<?php endif; ?> </div>
<div id="tool"> <div class="control-group">
<a href="/account/login">登录 </a> <a href="/account/register">注册新用户</a> <label class="control-label" for="captcha">验证码</label>
<div class="controls">
<input id="captcha" type="text" value="" name="captcha" />
<img id="captcha_img" src="<?php echo $this->captcha ?>" style="cursor:pointer" />
<a href="javascript:void(0);" onclick="changecaptcha()">看不清?</a>
</div>
</div>
<div class="control-group">
<div class="controls">
<input type="hidden" name="submit" value="1" />
<?php if(!empty($this->href)){?>
<input type="hidden" name="href" value="<?= $this->href ?>" />
<?php }?>
<button type="submit" class="btn">提交</button>
<a href="/account/login">登录 </a> <a href="/account/register">注册新用户</a>
</div>
</div>
</form>
</div> </div>
<script>
$('#captcha_img').click(function(e) {
changecaptcha();
});
function changecaptcha(){
$.ajax({
url:"/account/captcha",
data:"<?= time() ?>",
success: function(src){
document.getElementById('captcha_img').src = src;
}
});
}
</script>

View File

@ -6,21 +6,6 @@
$this->breadcrumb('<a href="/account/login">用户登录</a>'); $this->breadcrumb('<a href="/account/login">用户登录</a>');
$this->breadcrumb()->setSeparator(' > '); $this->breadcrumb()->setSeparator(' > ');
?> ?>
<style>
.login_box {
max-width: 300px;
padding: 19px 29px 29px;
margin: 0 auto 20px;
background-color: #fff;
border: 1px solid #e5e5e5;
-webkit-border-radius: 5px;
-moz-border-radius: 5px;
border-radius: 5px;
-webkit-box-shadow: 0 1px 2px rgba(0,0,0,.05);
-moz-box-shadow: 0 1px 2px rgba(0,0,0,.05);
box-shadow: 0 1px 2px rgba(0,0,0,.05);
}
</style>
<div class="row-fluid"> <div class="row-fluid">
<form class="form-horizontal" method="post"> <form class="form-horizontal" method="post">
<?php if(empty($this->error)) { ?> <?php if(empty($this->error)) { ?>
@ -28,9 +13,7 @@
请输入用户名和密码登录 请输入用户名和密码登录
</div> </div>
<? }else{ ?> <? }else{ ?>
<div class="alert alert-error alert-login">
<?= $this->error ?> <?= $this->error ?>
</div>
<?php } ?> <?php } ?>
<div class="control-group"> <div class="control-group">
<label class="control-label" for="username">用户名</label> <label class="control-label" for="username">用户名</label>
@ -64,9 +47,6 @@
</div> </div>
</div> </div>
</form> </form>
<hr />
<h5>其它账号登录</h5>
<a href="/account/oauth2login/type/escience">中国科技网通行证</a>
</div> </div>
<script> <script>
$('#captcha_img').click(function(e) { $('#captcha_img').click(function(e) {

View File

@ -8,12 +8,81 @@
$this->breadcrumb()->setSeparator(' > '); $this->breadcrumb()->setSeparator(' > ');
?> ?>
<div class="row-fluit"> <div class="row-fluit">
<div class="span12"> <form class="form-horizontal" method="post" id="register">
<img src="/images/pass_login1.gif" />&nbsp;确认服务条款&nbsp;&nbsp; <?php if(empty($this->error)) { ?>
<img src="/images/pass_pic_arrowhead_2.gif" />&nbsp;&nbsp; <div class="alert alert-info alert-login">
<img src="/images/pass_login2.gif" />&nbsp;填写基本信息&nbsp;&nbsp; 请输入您的基本信息进行注册
<img src="/images/pass_pic_arrowhead_2.gif" />&nbsp;&nbsp;
<img src="/images/pass_login3.gif" />&nbsp;注册完成
<?php echo $this->form;?>
</div> </div>
<? }else{ ?>
<?= $this->error ?>
<?php } ?>
<div class="control-group">
<label class="control-label" for="username">用户名</label>
<div class="controls">
<input id="username" type="text" value="<?= isset($this->data['username']) ? $this->data['username']:"" ?>" name="username" />
<span class="help-inline">(必填)</span>
</div>
</div>
<div class="control-group">
<label class="control-label" for="password">密码</label>
<div class="controls">
<input id="password" type="password" value="" name="password" />
<span class="help-inline">(必填)</span>
</div>
</div>
<div class="control-group">
<label class="control-label" for="confirm_password">确认密码</label>
<div class="controls">
<input id="confirm_password" type="password" value="" name="confirm_password" />
<span class="help-inline">(必填)</span>
</div>
</div>
<div class="control-group">
<label class="control-label" for="email">E-Mail</label>
<div class="controls">
<input id="email" type="text" value="<?= isset($this->data['email']) ? $this->data['email']:"" ?>" name="email" />
<span class="help-inline">(必填)</span>
</div>
</div>
<div class="control-group">
<label class="control-label" for="realname">真实姓名</label>
<div class="controls">
<input id="realname" type="text" value="<?= isset($this->data['realname']) ? $this->data['realname']:"" ?>" name="realname" />
</div>
</div>
<div class="control-group">
<label class="control-label" for="phone">电话</label>
<div class="controls">
<input id="phone" type="text" value="<?= isset($this->data['phone']) ? $this->data['phone']:"" ?>" name="phone" />
</div>
</div>
<div class="control-group">
<label class="control-label" for="unit">单位</label>
<div class="controls">
<input id="unit" type="text" value="<?= isset($this->data['unit']) ? $this->data['unit']:"" ?>" name="unit" class="input-block-level" />
</div>
</div>
<div class="form-actions">
<input type="hidden" name="submit" value="1" />
<?php if(!empty($this->href)){?>
<input type="hidden" name="href" value="<?= $this->href ?>" />
<?php }?>
<button type="submit" class="btn btn-primary">提交</button>
<a href="/account/fetchpwd">忘记密码?</a>
<a href="/account/login">登陆</a>
</div>
</form>
</div> </div>
<?php if(!empty($this->place)){ ?>
<script>
var input = $("#register input[name=<?= $this->place ?>]");
input.parent('div').parent('div.control-group').addClass('error');
input.focus();
input.blur(function(e){
if(input.val() != '')
{
input.parent('div').parent('div.control-group').removeClass('error');
}
});
</script>
<?php } ?>

View File

@ -0,0 +1,58 @@
<?php
namespace Helpers;
class Captcha extends \Zend_Controller_Plugin_Abstract
{
public $captcha;
private $sessionName = "captcha";
private $imgDir = "images/captcha";
function __construct($db = NULL)
{
$this->loadCaptcha();
}
public function loadCaptcha()
{
$this->captcha = new \Zend_Captcha_Image(array(
'captcha' => 'Image',
'wordLen' => 4,
'fontsize'=>16,
'width' => 100,
'height' => 38,
'dotNoiseLevel'=>2,
'lineNoiseLevel'=>1,
'timeout' => 300,
'font' => '../data/fonts/ggbi.ttf',
'imgDir' => $this->imgDir,
'imgUrl' => '/images/captcha',
));
}
public function setCaptcha(){
if(!is_dir($this->imgDir))
{
mkdir($this->imgDir);
}
$this->captcha->generate();
$_SESSION[$this->sessionName] = $this->captcha->getWord();
$url = $this->captcha->getImgUrl()
.$this->captcha->getId()
.$this->captcha->getSuffix();
return $url;
}
public function isValid($captchaword)
{
if($captchaword == $_SESSION[$this->sessionName])
{
return true;
}else{
return false;
}
}
}

View File

@ -22,9 +22,12 @@ class Account extends \Zend_Controller_Plugin_Abstract
public $FieldRealname = "realname"; public $FieldRealname = "realname";
public $RoleMember = "member"; public $RoleMember = "member";
public $getPwdEmailTemplate = "users-changepassword"; //找回密码的邮件模板名称
public $PwdChangedEmailTemplate = "users-password-changed"; //密码修改后的邮件模板
private $db; private $db;
protected $events = NULL; //事件 protected $events = NULL; //事件
private $config;
/* /*
需要挂载的事件分别放在不同的listener中将各种操作进行模块化细分 需要挂载的事件分别放在不同的listener中将各种操作进行模块化细分
@ -179,11 +182,11 @@ class Account extends \Zend_Controller_Plugin_Abstract
->setIdentityColumn($this->FieldUsername) ->setIdentityColumn($this->FieldUsername)
->setCredentialColumn($this->FieldPasword); ->setCredentialColumn($this->FieldPasword);
if($data[$this->FieldPasword] == 0) if($data[$this->FieldPasword] === 0)
{ {
$password = "0"; $password = "0";
}else{ }else{
if($md5verify === false) if($md5verify == false)
{ {
$password = $data[$this->FieldPasword]; $password = $data[$this->FieldPasword];
}else{ }else{
@ -192,8 +195,8 @@ class Account extends \Zend_Controller_Plugin_Abstract
} }
$authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password); $authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password);
$result = $auth->authenticate($authAdapter); $result = $auth->authenticate($authAdapter);
if ($result->isValid()) { if ($result->isValid()) {
$user = $authAdapter->getResultRowObject(null,$this->FieldPasword); $user = $authAdapter->getResultRowObject(null,$this->FieldPasword);
@ -206,19 +209,34 @@ class Account extends \Zend_Controller_Plugin_Abstract
@$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id')); @$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id'));
return array('success'=>1); return array('success'=>1);
}else{
return array("error"=>"用户信息验证失败,请重新登录");
} }
return array('error'=>'处理中发现错误,请重试'); return array('error'=>'处理中发现错误,请重试');
} }
//注册信息参数 //注册信息参数
public function getParam(\Zend_Controller_Request_Abstract $request) public function getRegisterParam(\Zend_Controller_Request_Abstract $request = NULL)
{ {
if(empty($request))
{
$request = new \Zend_Controller_Request_Http();
}
$data = array( $data = array(
'username'=>$request->getParam('username'), 'username'=>trim($request->getParam('username')),
'password'=>$request->getParam('password'), 'password'=>trim($request->getParam('password')),
'confirm_password'=>$request->getParam('confirm_password'), 'confirm_password'=>trim($request->getParam('confirm_password')),
'email'=>$request->getParam('email'), 'email' => trim($request->getParam('email')),
'realname'=>$request->getParam('realname') 'realname' => trim($request->getParam('realname')),
'phone' => trim($request->getParam('phone')),
'unit' => trim($request->getParam('unit')),
'address' => trim($request->getParam('address')),
'project' => trim($request->getParam('project')),
'project_id' => trim($request->getParam('project_id')),
'project_type' => trim($request->getParam('project_type')),
'project_title' => trim($request->getParam('project_title')),
'project_leader'=> trim($request->getParam('project_leader')),
'postcode' => trim($request->getParam('postcode')),
); );
return $data; return $data;
} }
@ -302,7 +320,7 @@ class Account extends \Zend_Controller_Plugin_Abstract
return array('error'=>"此邮箱并未注册",'place'=>'email'); return array('error'=>"此邮箱并未注册",'place'=>'email');
} }
$salt = md5($email.'---'.$row['username']); $salt = md5($email.'--'.time().'--'.$row['username']);
$sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}"; $sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}";
$state = $this->db->exec($sql); $state = $this->db->exec($sql);
@ -312,15 +330,15 @@ class Account extends \Zend_Controller_Plugin_Abstract
return array('error'=>"处理中出现错误,请重试",'place'=>'email'); return array('error'=>"处理中出现错误,请重试",'place'=>'email');
} }
$mail_template = "forgotpassword";
$mail_data = array( $mail_data = array(
'name'=>$row['realname'], 'name'=>$row['realname'],
'link'=> view::getHostLink().'/account/getpassword/salt/'.$salt 'link'=> view::getHostLink().'/account/fetchpwd/?salt='.$salt,
'site' => $this->config->title->site
); );
$mail = new Mail(); $mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data); $mail->loadTemplate($this->getPwdEmailTemplate,$mail_data);
$mail->addTo($email,$row['realname']); $mail->addTo($email,$row['realname']);
$mail->send(); $mail->send();
@ -356,12 +374,12 @@ class Account extends \Zend_Controller_Plugin_Abstract
$sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}"; $sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}";
$this->db->exec($sql); $this->db->exec($sql);
$mail_template = "getpassworded";
$mail_data = array( $mail_data = array(
'name'=>$row['realname'], 'name' => $row['realname'],
'site' => $this->config->title->site
); );
$mail = new Mail(); $mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data); $mail->loadTemplate($this->PwdChangedEmailTemplate,$mail_data);
$mail->addTo($row['email'],$row['realname']); $mail->addTo($row['email'],$row['realname']);
$mail->send(); $mail->send();

View File

@ -1,11 +1,11 @@
<?php <?php
namespace \Users; namespace Users;
class Member class Member
{ {
var $ck='DCC3ER4T8L2EFX94OPDF'; public $ck='DCC3ER4T8L2EFX94OPDF';
var $db; //传入PDO对象 public $db; //传入PDO对象
var $mid; //会员ID public $mid; //会员ID
public $scr; //cookie 安全码 $_COOKIE['scr'] public $scr; //cookie 安全码 $_COOKIE['scr']
public $user;//cookie User $_COOKIE['user'] public $user;//cookie User $_COOKIE['user']

View File

@ -45,9 +45,9 @@ class LoginOperate implements \Users\Event\LoginEvent
if(!empty($data['username'])) if(!empty($data['username']))
{ {
if(!preg_match("/^[a-zA-Z][a-zA-Z0-9_]{4,15}$/",$data['username'])) if(mb_strlen($data['username'])<2)
{ {
return array('error'=>"用户名应当以字母开头由字母数字和下划线组成并且长度在5到25个字符之间",'place'=>'username'); return array('error'=>"用户名长度应该大于两个字符",'place'=>'username');
} }
} }
@ -106,6 +106,10 @@ class LoginOperate implements \Users\Event\LoginEvent
}//loginSuccess }//loginSuccess
//检查token表记录
public function checkOAuthToken()
{
}
} }

View File

@ -58,6 +58,11 @@ class PwdOperate implements \Users\Event\PwdEvent
{ {
$data = $e->getParam('data'); $data = $e->getParam('data');
if(empty($data['salt']))
{
return array('error'=>"密钥不正确,请重新申请","place"=>'salt');
}
if(empty($data['username'])) if(empty($data['username']))
{ {
return array('error'=>"请输入用户名",'place'=>'username'); return array('error'=>"请输入用户名",'place'=>'username');
@ -70,12 +75,12 @@ class PwdOperate implements \Users\Event\PwdEvent
if(strlen($data['password']) < 6) if(strlen($data['password']) < 6)
{ {
return array('error'=>"密码长度太短为了安全最少输入6位",'place'=>'password'); return array('error'=>"密码长度太短为了安全最少输入6位",'place'=>'password');
} }
if(strlen($data['password']) > 14) if(strlen($data['password']) > 14)
{ {
return array('error'=>"密码太长,亲您记得住吗不要超过14位哦",'place'=>'password'); return array('error'=>"密码太长,请不要超过14位",'place'=>'password');
} }
if(empty($data['confirm_password'])) if(empty($data['confirm_password']))

View File

@ -7,7 +7,7 @@ use \Helpers\View as view;
class RegisterOperate implements \Users\Event\RegisterEvent class RegisterOperate implements \Users\Event\RegisterEvent
{ {
private $db; //传入PDO对象 private $db; //传入PDO对象
public $tbl_member = "tbl_member"; public $tbl_member = "users";
public $FieldUsername = "username"; public $FieldUsername = "username";
public $FieldPasword = "password"; public $FieldPasword = "password";
public $FieldLastlogin = "ts_last_login"; public $FieldLastlogin = "ts_last_login";
@ -45,9 +45,9 @@ class RegisterOperate implements \Users\Event\RegisterEvent
if(!empty($data['username'])) if(!empty($data['username']))
{ {
if(!preg_match("/^[a-zA-Z][a-zA-Z0-9_]{4,15}$/",$data['username'])) if(!preg_match("/[0-9a-zA-Z\xa0-\xff_]{2,25}/",$data['username']))
{ {
return array('error'=>"用户名应当以字母开头由字母数字和下划线组成并且长度在5到16个字符之间",'place'=>'username'); return array('error'=>"用户名只能包含字母汉字数字和下划线并且长度在2到26个字符之间",'place'=>'username');
} }
} }
@ -83,18 +83,16 @@ class RegisterOperate implements \Users\Event\RegisterEvent
if (!preg_match('/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/',$data['email'])) if (!preg_match('/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/',$data['email']))
{ {
return array('error'=>"请输入正确的电子邮件推荐使用QQ邮箱和Gmail邮箱",'place'=>'email'); return array('error'=>"请输入正确的电子邮件地址",'place'=>'email');
} }
if(empty($data['realname'])) if(!empty($data['realname']))
{ {
return array('error'=>"请输入姓名",'place'=>'realname');
}
if(mb_strlen($data['realname'],"UTF-8")>10 ) if(mb_strlen($data['realname'],"UTF-8")>10 )
{ {
return array('error'=>"真实姓名请不要超过10个字",'place'=>'realname'); return array('error'=>"真实姓名请不要超过10个字",'place'=>'realname');
} }
}
return true; return true;
}//checkParam }//checkParam
@ -118,7 +116,7 @@ class RegisterOperate implements \Users\Event\RegisterEvent
{ {
if($row[$this->FieldUsername] == $data['username']) if($row[$this->FieldUsername] == $data['username'])
{ {
return array('error'=>'您的用户名已经注册过账号,您是否<a href="/account/forgotpassword">忘记了密码?</a>','place'=>'username'); return array('error'=>'您的用户名已经注册过账号,您是否<a href="/account/fetchpwd">忘记了密码?</a>','place'=>'username');
} }
if($row[$this->FieldEmail] == $data['email']) if($row[$this->FieldEmail] == $data['email'])
@ -148,10 +146,9 @@ class RegisterOperate implements \Users\Event\RegisterEvent
return false; return false;
} }
$mail_template = "register"; $mail_template = "member-register";
$mail_data = array( $mail_data = array(
'name'=>$data['realname'], 'name'=>$data['realname'],
'content'=>$this->getMailContent()
); );
$mail = new Mail(); $mail = new Mail();
@ -166,25 +163,11 @@ class RegisterOperate implements \Users\Event\RegisterEvent
//邮件内容 //邮件内容
public function getMailContent() public function getMailContent()
{ {
$sql = "SELECT v.id,v.title,v.thumb,v.status,v.content,m.realname,m.username FROM tbl_voice v
LEFT JOIN tbl_member m ON v.userid = m.id
WHERE v.status > 0
ORDER BY v.id DESC
LIMIT 5";
$rs = $this->db->query($sql);
$latest = $rs->fetchAll();
$content = ""; $content = "";
foreach($latest as $k=>$v)
{
if($v['thumb'] != '[]')
{
$thumb = json_decode($v['thumb'],true);
$text = mb_strlen($v['content'],"UTF-8") > 100 ? mb_substr($v['content'],0,100,"UTF-8") : $v['content'];
$content .= '<p style="width:100%;overflow:hidden;"><img src="http://www.msgfm.com'.$this->config->upload->urlbase.$thumb[0]['thumb'][400]['url'].'" height="100" style="float:left;margin-right:10px;" />'.$v['title']. ' / ' .$v['realname'].'<br />'.$text.'<br /><a href="http://www.msgfm.com/voice/'.$v['id'].'.html">查看播放</a></p>';
}
}
return $content; return $content;
}//getMailContent(); }//getMailContent();