483 lines
12 KiB
PHP
Executable File
483 lines
12 KiB
PHP
Executable File
<?php
|
|
use Mail\Mail;
|
|
use Open\Client;
|
|
use Open\OAuth2;
|
|
use Users\Account;
|
|
use Users\Member;
|
|
use Helpers\Captcha;
|
|
use Helpers\View as view;
|
|
|
|
class AccountController extends Zend_Controller_Action
|
|
{
|
|
function preDispatch()
|
|
{
|
|
$this->view->config = Zend_Registry::get('config');
|
|
$this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
|
|
$this->db = Zend_Registry::get('db');
|
|
$this->view->messages = $this->messenger->getMessages();
|
|
$this->view->theme = new Theme();
|
|
}
|
|
|
|
function indexAction()
|
|
{
|
|
$this->view->pageID = "account-index";
|
|
|
|
include_once("Users.php");
|
|
$usr = new Users($this->db);
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
if($auth->hasIdentity())
|
|
{
|
|
$user = $auth->getIdentity();
|
|
$uid = $user->id;
|
|
}
|
|
|
|
include_once("Avatar.php");
|
|
$avatar = new Avatar();
|
|
$this->view->avatar = $avatar->Get($user->email,140);
|
|
|
|
$this->view->info = $usr->getUserInfo($uid);
|
|
}
|
|
|
|
function editAction()
|
|
{
|
|
$this->view->pageID = "account-edit";
|
|
|
|
include_once("Users.php");
|
|
$usr = new Users($this->db);
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
if($auth->hasIdentity())
|
|
{
|
|
$user = $auth->getIdentity();
|
|
$uid = $user->id;
|
|
}
|
|
|
|
include_once("Avatar.php");
|
|
$avatar = new Avatar();
|
|
$this->view->avatar = $avatar->Get($user->email,140);
|
|
|
|
$this->view->projectType = array(
|
|
"None" => '',
|
|
"National Funding" => "National Funding",
|
|
"Thesis or Dissertation"=>"Thesis or Dissertation",
|
|
"Others" => "Others"
|
|
);
|
|
|
|
$submit = $this->_getParam('submit');
|
|
|
|
if(!empty($submit))
|
|
{
|
|
$data = $this->AccountEditParamFilter();
|
|
|
|
if($this->db->update("users",$data,"id=$uid"))
|
|
{
|
|
$this->view->AlertType = "alert-success";
|
|
$this->view->msg = "Update success.";
|
|
$this->view->jump_url = "/account/edit";
|
|
return true;
|
|
}else{
|
|
$this->view->AlertType = "alert-error";
|
|
$this->view->error = "Update failure.";
|
|
$this->view->info = $data;
|
|
return true;
|
|
}
|
|
}else{
|
|
$this->view->info = $usr->getUserInfo($uid);
|
|
}
|
|
}
|
|
|
|
function AccountEditParamFilter(){
|
|
$data = array();
|
|
$data['realname'] = substr(trim($this->_getParam('realname')),0,40);
|
|
$data['unit'] = substr(trim($this->_getParam('unit')),0,100);
|
|
$data['address'] = substr(trim($this->_getParam('address')),0,100);
|
|
$data['phone'] = substr(trim($this->_getParam('phone')),0,15);
|
|
$data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
|
|
$data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
|
|
$data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
|
|
$data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
|
|
$data['project'] = substr(trim($this->_getParam('project')),0,600);
|
|
|
|
foreach($data as $k=>$v)
|
|
{
|
|
$data[$k] = $this->StringFilter($v);
|
|
}
|
|
|
|
return $data;
|
|
}
|
|
|
|
function StringFilter($string){
|
|
$string = preg_replace ('/<[^>]*>/', ' ', $string);
|
|
return $string;
|
|
}
|
|
|
|
function secureAction()
|
|
{
|
|
$this->view->pageID = "account-secure";
|
|
|
|
include_once("Users.php");
|
|
$usr = new Users($this->db);
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
if($auth->hasIdentity())
|
|
{
|
|
$user = $auth->getIdentity();
|
|
$uid = $user->id;
|
|
}
|
|
|
|
$opt = $this->_getParam('opt');
|
|
$submit = $this->_getParam('submit');
|
|
|
|
if(empty($opt))
|
|
{
|
|
$this->view->section = "password";
|
|
if(!empty($submit))
|
|
{
|
|
$data = $this->AccountSecureParamFilter();
|
|
|
|
$this->view->AlertType = "alert-error";
|
|
if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
|
|
{
|
|
$this->view->error = view::Error("Password too long.");
|
|
return true;
|
|
}
|
|
if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
|
|
{
|
|
$this->view->error = view::Error("Too short password. The min length is 6.");
|
|
return true;
|
|
}
|
|
if(md5($data['new_password']) != md5($data['new_password_confrim']))
|
|
{
|
|
$this->view->error = view::Error("Twice password are not same.");
|
|
return true;
|
|
}
|
|
|
|
$sql = "SELECT password FROM users WHERE id=$uid";
|
|
$rs = $this->db->query($sql);
|
|
$row = $rs->fetch();
|
|
|
|
if(md5($data['password']) != $row['password'])
|
|
{
|
|
$this->view->error = view::Error("The old password is wrong.");
|
|
return true;
|
|
}
|
|
|
|
$data['password'] = md5($data['new_password']);
|
|
|
|
unset($data['new_password']);
|
|
unset($data['new_password_confrim']);
|
|
|
|
if($this->db->update("users",$data,"id=$uid"))
|
|
{
|
|
view::Post($this,array("content"=>'Update success.','url'=>'/account/secure'));
|
|
return true;
|
|
}else{
|
|
$this->view->error = view::Error("Update failure.");
|
|
return true;
|
|
}
|
|
}else{
|
|
$this->view->info = $usr->getUserInfo($uid);
|
|
}
|
|
}//password
|
|
|
|
if($opt == "email")
|
|
{
|
|
$this->view->section = "email";
|
|
if(!empty($submit))
|
|
{
|
|
$email = $this->_getParam('email');
|
|
$password = $this->_getParam('password');
|
|
|
|
if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
|
|
{
|
|
$this->view->error = view::Error("Wrong email.");
|
|
return true;
|
|
}
|
|
|
|
$sql = "SELECT password FROM users WHERE id=$uid";
|
|
$rs = $this->db->query($sql);
|
|
$row = $rs->fetch();
|
|
|
|
if(md5($password) != $row['password'])
|
|
{
|
|
$this->view->error = view::Error("The old password is wrong.");
|
|
return true;
|
|
}
|
|
|
|
$data['email'] = $email;
|
|
|
|
if($this->db->update("users",$data,"id=$uid"))
|
|
{
|
|
view::Post($this,array("content"=>'Update success.','url'=>'/account/secure'));
|
|
return true;
|
|
}else{
|
|
$this->view->error = view::Error("Update failure.");
|
|
return true;
|
|
}
|
|
}else{
|
|
$this->view->info = $usr->getUserInfo($uid);
|
|
}
|
|
}//email
|
|
}
|
|
|
|
function AccountSecureParamFilter(){
|
|
$data = array();
|
|
$data['password'] = trim($this->_getParam('password'));
|
|
$data['new_password'] = trim($this->_getParam('new_password'));
|
|
$data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
|
|
foreach($data as $k=>$v)
|
|
{
|
|
$data[$k] = $this->StringFilter($v);
|
|
}
|
|
return $data;
|
|
}
|
|
|
|
function init()
|
|
{
|
|
$this->messenger=$this->_helper->getHelper('FlashMessenger');
|
|
}
|
|
|
|
function postDispatch()
|
|
{
|
|
//$this->view->messages = $this->messenger->getMessages();
|
|
}
|
|
|
|
function registerAction()
|
|
{
|
|
$order = new \Order\Order();
|
|
|
|
$this->view->projectType = array_merge(array("None"=>""),$order->projectType);
|
|
|
|
$submit = $this->_getParam("submit");
|
|
|
|
if(!empty($submit))
|
|
{
|
|
$account = new Account();
|
|
$this->view->data = $data = $account->getRegisterParam();
|
|
$status = $account->register($data);
|
|
|
|
if(isset($status['error']))
|
|
{
|
|
$this->view->error = view::Error($status['error']);
|
|
if(isset($status['place']))
|
|
{
|
|
$this->view->place = $status['place'];
|
|
}
|
|
}else{
|
|
view::Post($this,"Successful register.","/");
|
|
return true;
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
function loginAction()
|
|
{
|
|
$options = array(
|
|
'module' => $this->_request->getModuleName(),
|
|
'controller' => $this->_request->getControllerName(),
|
|
'action' => $this->_request->getActionName(),
|
|
);
|
|
|
|
$auth = Zend_Auth::getInstance();
|
|
if ($auth->hasIdentity())
|
|
{
|
|
view::Post($this,"You are login now.","/index");
|
|
return true;
|
|
}
|
|
|
|
$tohref = $this->_request->getParam('href');
|
|
|
|
if($_SERVER['REQUEST_URI'] !== "/account/login")
|
|
{
|
|
$this->view->href = $_SERVER['REQUEST_URI'];
|
|
}else{
|
|
$this->view->href = "/";
|
|
}
|
|
|
|
if(!empty($tohref))
|
|
{
|
|
$this->view->href = $tohref;
|
|
}
|
|
|
|
$oauth2 = new OAuth2();
|
|
if($oauth2->loginTest())
|
|
{
|
|
$client = new Client();
|
|
$url = $client->makeRequestCodeUrl("escience");
|
|
|
|
view::Post($this,"为您转入科技网登录入口",$url);
|
|
}
|
|
|
|
$captcha = new Captcha();
|
|
|
|
$submit = $this->_getParam("submit");
|
|
if(!empty($submit))
|
|
{
|
|
$username = trim($this->_request->getParam('username'));
|
|
$password = trim($this->_request->getParam('password'));
|
|
$captchaword = trim($this->_request->getParam('captcha'));
|
|
|
|
if($captcha->isValid($captchaword) !== true)
|
|
{
|
|
$this->view->error = view::Error("Wrong captcha.");
|
|
$this->view->captcha = $captcha->setCaptcha();
|
|
return true;
|
|
}
|
|
|
|
$account = new Account();
|
|
$status = $account->login(array(
|
|
'username' => $username,
|
|
'password' => $password
|
|
));
|
|
|
|
if(isset($status['error']))
|
|
{
|
|
$this->view->error = view::Error($status['error']);
|
|
$this->view->captcha = $captcha->setCaptcha();
|
|
return true;
|
|
}
|
|
|
|
|
|
view::Post($this,"Login successful, jumping...",$tohref);
|
|
return true;
|
|
}else{
|
|
$this->view->captcha = $captcha->setCaptcha();
|
|
}
|
|
|
|
|
|
}
|
|
|
|
public function captchaAction()
|
|
{
|
|
if(view::isXmlHttpRequest($this))
|
|
{
|
|
$captcha = new Captcha();
|
|
$url = $captcha->setCaptcha();
|
|
echo $url;
|
|
return true;
|
|
}else{
|
|
echo "bad request!";
|
|
exit();
|
|
}
|
|
}
|
|
|
|
|
|
public function logoutAction()
|
|
{
|
|
$auth = Zend_Auth::getInstance();
|
|
$auth->clearIdentity();
|
|
Member::flushcookie();
|
|
$this->_redirect('/');
|
|
}
|
|
|
|
public function fetchpwdAction()
|
|
{
|
|
$salt = trim($this->_getParam('salt'));
|
|
$submit = $this->_getParam('submit');
|
|
if(empty($salt))
|
|
{
|
|
$captcha = new Captcha();
|
|
|
|
if(!empty($submit))
|
|
{
|
|
$email = trim($this->_request->getParam('email'));
|
|
$captchaword = trim($this->_request->getParam('captcha'));
|
|
|
|
if(!$captcha->isValid($captchaword))
|
|
{
|
|
$this->view->error = view::Error("Wrong captcha.");
|
|
$this->view->captcha = $captcha->setCaptcha();
|
|
return true;
|
|
}
|
|
|
|
$account = new Account();
|
|
$status = $account->getMyPassword($email);
|
|
|
|
if(isset($status['error']))
|
|
{
|
|
$this->view->error = view::Error($status['error']);
|
|
$this->view->captcha = $captcha->setCaptcha();
|
|
return true;
|
|
}
|
|
|
|
view::Post($this,"Please check the activation link in your email.");
|
|
return true;
|
|
}else{
|
|
$this->view->captcha = $captcha->setCaptcha();
|
|
}//提交密码重置申请
|
|
}
|
|
|
|
else{
|
|
$this->_helper->viewRenderer('account-resetpassword');
|
|
$this->view->salt = $salt;
|
|
if(!empty($submit))
|
|
{
|
|
$username = trim($this->_request->getParam('username'));
|
|
$password = trim($this->_request->getParam('password'));
|
|
$confirm_password = trim($this->_request->getParam('confirm_password'));
|
|
|
|
$account = new Account();
|
|
$status = $account->resetPassword(array(
|
|
'username' => $username,
|
|
'password' => $password,
|
|
'confirm_password' => $confirm_password,
|
|
'salt' => $salt
|
|
));
|
|
|
|
if(isset($status['error']))
|
|
{
|
|
$this->view->error = view::Error($status['error']);
|
|
return true;
|
|
}
|
|
|
|
view::Post($this,"Password change successful, please use the password log in.","/account/login");
|
|
return true;
|
|
}
|
|
}//修改密码
|
|
|
|
} //找回密码
|
|
|
|
//OAuth2登录跳转页面
|
|
public function oauth2loginAction()
|
|
{
|
|
$type = $this->_getParam('type');
|
|
$client = new Client();
|
|
$url = $client->makeRequestCodeUrl($type);
|
|
|
|
view::Post($this,"为您转入科技网登录入口",$url);
|
|
}
|
|
|
|
//oauth2登录回调地址
|
|
public function callbackAction()
|
|
{
|
|
$type = $this->_getParam('type');
|
|
$code = $this->_getParam('code');
|
|
|
|
$client = new Client($type);
|
|
|
|
$client->initSource();
|
|
$target = $client->getSource()->getTarget($type);
|
|
$this->view->target_name = $target['name'];
|
|
|
|
$token = $client->requestToken($code);
|
|
|
|
if(is_string($token))
|
|
{
|
|
view::Post($this,$token,'/account/login');
|
|
}
|
|
|
|
$status = $client->storageTokenData($type,$token);
|
|
|
|
if($status === true)
|
|
{
|
|
echo "<script>self.location='/index'</script>";
|
|
}else{
|
|
echo $status;
|
|
}
|
|
}
|
|
|
|
}
|
|
|