diff --git a/application/default/controllers/AccountController.php b/application/default/controllers/AccountController.php index 4832d7b3..5d3ffa63 100755 --- a/application/default/controllers/AccountController.php +++ b/application/default/controllers/AccountController.php @@ -563,6 +563,27 @@ class AccountController extends Zend_Controller_Action } } //找回密码 + + public function wcdloginAction() + { + $this->_helper->layout()->disableLayout(); + $this->_helper->viewRenderer->setNoRender(true); + + $id = $this->_getParam('id'); + $cert = $this->_getParam('cert'); + + $account = new Account; + + $status = $account->wcdLogin($id,$cert); + + if($status == true) + { + echo "login success!"; + }else{ + echo "error"; + } + return; + } } diff --git a/application/module/Helpers/Curl.php b/application/module/Helpers/Curl.php index f801e43d..b36ad768 100644 --- a/application/module/Helpers/Curl.php +++ b/application/module/Helpers/Curl.php @@ -9,7 +9,7 @@ class Curl public function __construct($options = array()) { - + $this->initOptions($options); } public function initOptions($options = array()) diff --git a/application/module/Helpers/MCrypt.php b/application/module/Helpers/MCrypt.php index 542d6de2..3d5d5d16 100644 --- a/application/module/Helpers/MCrypt.php +++ b/application/module/Helpers/MCrypt.php @@ -3,14 +3,32 @@ namespace Helpers; class MCrypt { + private $config; + private $code; + private $salt; + function __construct() { $this->config = \Zend_Registry::get('config'); + $this->code = isset($this->config->auth->mcryptcode) ? $this->config->auth->mcryptcode : "SJY001"; + $this->salt = '!kQm*fF3pXe1Kbm%9'; } - static function encrypt($decrypted, $password, $salt='!kQm*fF3pXe1Kbm%9') { + //invoke encrypt + public function encode() + { - $key = hash('SHA256', $salt . $password, true); + } + + //invoke decrypt + public function decode() + { + + } + + public function encrypt($decrypted) { + + $key = hash('SHA256', $this->salt.$this->code , true); srand(); @@ -23,9 +41,9 @@ class MCrypt return $iv_base64 . $encrypted; } - static function decrypt($encrypted, $password, $salt='!kQm*fF3pXe1Kbm%9') { + public function decrypt($encrypted) { - $key = hash('SHA256', $salt . $password, true); + $key = hash('SHA256', $this->salt.$this->code , true); $iv = base64_decode(substr($encrypted, 0, 22) . '=='); diff --git a/application/module/Users/Account.php b/application/module/Users/Account.php index f3845214..a612ba9c 100644 --- a/application/module/Users/Account.php +++ b/application/module/Users/Account.php @@ -376,4 +376,71 @@ class Account extends \Zend_Controller_Plugin_Abstract } + //创建MD5验证字符串 + //每个用户有唯一的验证字符串 + public function makeMd5Cert($username,$password) + { + return substr(md5($username.$password.$this->config->auth->certmix),5,20); + } + + // westdc cross-domain login + public function wcdLogin($uid,$cert) + { + if(!is_numeric($uid)) + { + return false; + } + + if(empty($cert)) + { + return false; + } + + $user = new Users; + + $data = $user->getUser($uid); + + if(empty($data) || !is_array($data) || count($data) < 1) + { + return false; + } + + $mcrypt = new \Helpers\MCrypt; + + $logindata = $mcrypt->decrypt($cert); + + if($logindata == $this->makeMd5Cert($data[$this->FieldUsername],$data[$this->FieldPasword])) + { + $status = $this->storeLogin($data,false); + var_dump($status); + return true; + }else{ + return; + } + } + + //发送一个Westdc cross-domain login请求 + public function postWcdLogin($uid,$username,$md5password) + { + if(empty($uid) || empty($username) || empty($md5password)) + { + return false; + } + + if(!is_numeric($uid)) + { + return false; + } + + $cert = $this->makeMd5Cert($username,$md5password); + + $mcrypt = new \Helpers\MCrypt; + $logindata = $mcrypt->encrypt($cert); + + $url = "http://sjysub/account/wcdlogin"; + $curl = new \Helpers\Curl; + $response = $curl->request($url,['id'=>$uid,'cert'=>$logindata]); + echo $response['response']; + } + } \ No newline at end of file diff --git a/application/module/Users/AclManager.php b/application/module/Users/AclManager.php index 46e912b3..c8bd05cc 100644 --- a/application/module/Users/AclManager.php +++ b/application/module/Users/AclManager.php @@ -53,7 +53,8 @@ class AclManager extends \Zend_Controller_Plugin_Abstract 'captcha', 'fetchpwd', 'register', - 'registercomplete')); + 'registercomplete', + 'wcdlogin')); $this->acl->deny('guest','data',array('download','order')); $this->acl->deny('guest','water',array('download','order')); $this->acl->deny('guest','heihe',array('submit')); diff --git a/common.php b/common.php new file mode 100644 index 00000000..79131d2f --- /dev/null +++ b/common.php @@ -0,0 +1,33 @@ +setFallbackAutoloader(true); + +// load configuration +$config = new Zend_Config_Ini('../application/config.ini', 'general'); +$registry = Zend_Registry::getInstance(); +$registry->set('config', $config); + +// setup application authentication +$auth = Zend_Auth::getInstance(); +$auth->setStorage(new Zend_Auth_Storage_Session('sanjiangyuan')); + +// setup database +$db = Zend_Db::factory($config->db); +Zend_Db_Table::setDefaultAdapter($db); +$registry->set('db',$db); \ No newline at end of file diff --git a/local/common.php b/local/common.php new file mode 100644 index 00000000..9cbb6a4f --- /dev/null +++ b/local/common.php @@ -0,0 +1,7 @@ +postWcdLogin($options['i'],$options['u'],$options['p']); \ No newline at end of file