446 lines
11 KiB
PHP
446 lines
11 KiB
PHP
<?php
|
||
namespace Users;
|
||
|
||
use \Helpers\View as view;
|
||
use \Helpers\dbh as dbh;
|
||
use \Users\Member;
|
||
use \Mail\Mail;
|
||
use \Users\Listener\AccountListener;
|
||
use \Users\Listener\EditListener;
|
||
use \Users\Listener\PwdListener;
|
||
|
||
class Account extends \Zend_Controller_Plugin_Abstract
|
||
{
|
||
public $memberTable = "users";
|
||
public $FieldIndex = "id";
|
||
public $FieldUsername = "username";
|
||
public $FieldPasword = "password";
|
||
public $FieldLastlogin = "ts_last_login";
|
||
public $FieldEmail = "email";
|
||
public $FieldLastloginIp = "last_login_ip";
|
||
public $GravatarEmailField = "gravatar_email";
|
||
public $FieldRealname = "realname";
|
||
|
||
public $RoleMember = "member";
|
||
|
||
private $db;
|
||
protected $events = NULL; //事件
|
||
|
||
/*
|
||
需要挂载的事件分别放在不同的listener中,将各种操作进行模块化细分
|
||
*/
|
||
function __construct($initializingListener = TRUE,$db = NULL)
|
||
{
|
||
if(empty($db))
|
||
{
|
||
$this->db = \Zend_Registry::get('db');
|
||
}else{
|
||
$this->db = $db;
|
||
}
|
||
|
||
$this->config = \Zend_Registry::get('config');
|
||
|
||
if($initializingListener === TRUE)
|
||
{
|
||
$this->loadListener();
|
||
}
|
||
}
|
||
|
||
public function loadListener()
|
||
{
|
||
//主要操作,账号注册,登录,设置session等
|
||
$AccountListener = new AccountListener();
|
||
@$this->events()->attachAggregate($AccountListener);
|
||
|
||
//账户编辑
|
||
$EditListener = new EditListener();
|
||
@$this->events()->attachAggregate($EditListener);
|
||
|
||
//账户安全性(找回密码)
|
||
$PwdListener = new PwdListener();
|
||
@$this->events()->attachAggregate($PwdListener);
|
||
}
|
||
|
||
public function events(\Zend_EventManager_EventCollection $events = NULL)
|
||
{
|
||
if ($events !== NULL) {
|
||
$this->events = $events;
|
||
} elseif ($this->events === NULL) {
|
||
$this->events = new \Zend_EventManager_EventManager(__CLASS__);
|
||
}
|
||
return $this->events;
|
||
}
|
||
|
||
//获取账号信息,数组
|
||
public function getAccountInfo($id = 0)
|
||
{
|
||
if($id == 0)
|
||
{
|
||
$id = view::User('id');
|
||
}
|
||
$sql = "SELECT * FROM {$this->memberTable} WHERE id=$id";
|
||
$rs = $this->db->query($sql);
|
||
return $rs->fetch();
|
||
}
|
||
|
||
//注册
|
||
public function register($data)
|
||
{
|
||
$params = compact('data');
|
||
$results = $this->events()->trigger('register.checkParam', $this, $params);
|
||
$cache_data = $results->bottom();
|
||
|
||
if($cache_data !== true)
|
||
{
|
||
if(!is_array($cache_data))
|
||
{
|
||
return array('error'=>$cache_data);
|
||
}else{
|
||
return $cache_data;
|
||
}
|
||
}
|
||
|
||
$results = $this->events()->trigger('register.checkUser', $this, $params);
|
||
$cache_data = $results->bottom();
|
||
|
||
if($cache_data !== true)
|
||
{
|
||
if(!is_array($cache_data))
|
||
{
|
||
return array('error'=>$cache_data);
|
||
}else{
|
||
return $cache_data;
|
||
}
|
||
}
|
||
|
||
$loginData = array(
|
||
'username'=>$data['username'],
|
||
'password'=>$data['password']
|
||
);
|
||
|
||
$data['password'] = md5($data['password']);
|
||
$data['usertype'] = "member";
|
||
unset($data['confirm_password']);
|
||
|
||
$dbh = new dbh();
|
||
|
||
$id = $dbh->insert($this->memberTable,$data,true);
|
||
|
||
if(!empty($id) && is_numeric($id))
|
||
{
|
||
$this->storeLogin($loginData);
|
||
$mb = new Member();
|
||
$mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); //username, md5(password)
|
||
$params = compact('data','id');
|
||
$results = $this->events()->trigger('register.success', $this, $params);
|
||
return array("success" => 1);
|
||
}else{
|
||
if($id === false)
|
||
{
|
||
return array('error'=>'服务器开小差了,请稍后再试');
|
||
}else{
|
||
return array('error'=>'服务器处理中遇到错误,请联系管理员');
|
||
}
|
||
}
|
||
|
||
}//register
|
||
|
||
//登陆
|
||
public function login($data,$return_user_info = false)
|
||
{
|
||
$results = $this->events()->trigger('login.checkParam', $this, compact('data'));
|
||
$cache_data = $results->bottom();
|
||
|
||
if($cache_data !== true)
|
||
{
|
||
if(!is_array($cache_data))
|
||
{
|
||
return array('error'=>$cache_data);
|
||
}else{
|
||
return $cache_data;
|
||
}
|
||
}
|
||
|
||
$state = $this->storeLogin($data);
|
||
|
||
$mb = new Member();
|
||
$mb->putcookie($data[$this->FieldUsername],md5($data[$this->FieldPasword]));
|
||
|
||
if(!$return_user_info)
|
||
return $state;
|
||
else
|
||
return view::User();
|
||
}//login
|
||
|
||
//storeLogin
|
||
//将登录信息保存在session和cookie中
|
||
public function storeLogin($data,$md5verify = true)
|
||
{
|
||
$auth = \Zend_Auth::getInstance();
|
||
$authAdapter = new \Zend_Auth_Adapter_DbTable($this->db);
|
||
$authAdapter->setTableName($this->memberTable)
|
||
->setIdentityColumn($this->FieldUsername)
|
||
->setCredentialColumn($this->FieldPasword);
|
||
|
||
if(empty($data[$this->FieldPasword]))
|
||
{
|
||
$password = "0";
|
||
}else{
|
||
if($md5verify == false)
|
||
{
|
||
$password = $data[$this->FieldPasword];
|
||
}else{
|
||
$password = md5($data[$this->FieldPasword]);
|
||
}
|
||
}
|
||
|
||
$authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password);
|
||
|
||
$result = $auth->authenticate($authAdapter);
|
||
|
||
if ($result->isValid()) {
|
||
|
||
$user = $authAdapter->getResultRowObject(null,$this->FieldPasword);
|
||
$email = $user->email;
|
||
$results = $this->events()->trigger('login.success.createAvatar', $this, compact('email'));
|
||
$user->avatar = $results->bottom();
|
||
$auth->getStorage()->write($user);
|
||
|
||
$id = $user->id;
|
||
@$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id'));
|
||
|
||
return array('success'=>1);
|
||
}else{
|
||
return array("error"=>"登录失败,请重试");
|
||
}
|
||
|
||
return array('error'=>'处理中发现错误,请重试');
|
||
}
|
||
|
||
//注册信息参数
|
||
public function getParam(\Zend_Controller_Request_Abstract $request)
|
||
{
|
||
$data = array(
|
||
'username'=>$request->getParam('username'),
|
||
'password'=>$request->getParam('password'),
|
||
'confirm_password'=>$request->getParam('confirm_password'),
|
||
'email'=>$request->getParam('email'),
|
||
'realname'=>$request->getParam('realname')
|
||
);
|
||
return $data;
|
||
}
|
||
|
||
//获取用户账户修改参数
|
||
public function getEditParam(\Zend_Controller_Request_Abstract $request)
|
||
{
|
||
$type = $request->getParam('type');
|
||
|
||
if($type == "general")
|
||
{
|
||
$data = array(
|
||
'realname'=>$request->getParam('realname'),
|
||
'signature'=>$request->getParam('signature'),
|
||
'description'=>$request->getParam('description')
|
||
);
|
||
}
|
||
|
||
if($type == "password")
|
||
{
|
||
$data = array(
|
||
'password' => $request->getParam('password'),
|
||
'password_new'=>$request->getParam('password_new'),
|
||
'password_confirm'=>$request->getParam('password_confirm')
|
||
);
|
||
}
|
||
return $data;
|
||
}
|
||
|
||
//编辑
|
||
public function edit($data,$type)
|
||
{
|
||
$results = $this->events()->trigger('edit.checkParam', $this, compact('data','type'));
|
||
$cache_data = $results->bottom();
|
||
|
||
if($cache_data !== true)
|
||
{
|
||
return $cache_data;
|
||
}
|
||
|
||
if($type == "general")
|
||
{
|
||
$data['signature'] = htmlspecialchars($data['signature']);
|
||
$data['description'] = htmlspecialchars($data['description']);
|
||
}else if($type == "password")
|
||
{
|
||
$data['password'] = md5($data['password_new']);
|
||
unset($data['password_new']);
|
||
unset($data['password_confirm']);
|
||
}else{
|
||
return "参数错误";
|
||
}
|
||
|
||
$dbh = new dbh();
|
||
$uid = view::User('id');
|
||
if($dbh->update($this->memberTable,$data," id=$uid") === true)
|
||
{
|
||
return true;
|
||
}else{
|
||
return false;
|
||
}
|
||
}
|
||
|
||
//找回密码
|
||
public function getMyPassword($email)
|
||
{
|
||
$results = $this->events()->trigger('pwd.forgot.checkParam', $this, compact('email'));
|
||
$cache_data = $results->bottom();
|
||
|
||
if($cache_data !== true)
|
||
{
|
||
return $cache_data;
|
||
}
|
||
|
||
$sql = "SELECT * FROM {$this->memberTable} WHERE email='$email'";
|
||
$rs = $this->db->query($sql);
|
||
$row = $rs->fetch();
|
||
|
||
if(!isset($row['username']) || empty($row['username']))
|
||
{
|
||
return array('error'=>"此邮箱并未注册",'place'=>'email');
|
||
}
|
||
|
||
$salt = md5($email.'---'.$row['username']);
|
||
|
||
$sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}";
|
||
$state = $this->db->exec($sql);
|
||
|
||
if($state<1)
|
||
{
|
||
return array('error'=>"处理中出现错误,请重试",'place'=>'email');
|
||
}
|
||
|
||
$mail_template = "forgotpassword";
|
||
$mail_data = array(
|
||
'name'=>$row['realname'],
|
||
'link'=> view::getHostLink().'/account/getpassword/salt/'.$salt
|
||
);
|
||
|
||
$mail = new Mail();
|
||
|
||
$mail->loadTemplate($mail_template,$mail_data);
|
||
$mail->addTo($email,$row['realname']);
|
||
$mail->send();
|
||
|
||
return array("success"=>1);
|
||
}
|
||
|
||
//重置密码
|
||
public function resetPassword($data)
|
||
{
|
||
$results = $this->events()->trigger('pwd.reset.checkParam', $this, compact('data'));
|
||
$cache_data = $results->bottom();
|
||
|
||
if($cache_data !== true)
|
||
{
|
||
return $cache_data;
|
||
}
|
||
|
||
$sql = "SELECT * FROM {$this->memberTable} WHERE salt=?";
|
||
$sth = $this->db->prepare($sql);
|
||
$sth->execute(array($data['salt']));
|
||
$row = $sth->fetch();
|
||
|
||
if(!isset($row['username']) || empty($row['username']))
|
||
{
|
||
return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
|
||
}
|
||
|
||
if($row['username'] !== $data['username'])
|
||
{
|
||
return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
|
||
}
|
||
|
||
$sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}";
|
||
$this->db->exec($sql);
|
||
|
||
$mail_template = "getpassworded";
|
||
$mail_data = array(
|
||
'name'=>$row['realname'],
|
||
);
|
||
$mail = new Mail();
|
||
$mail->loadTemplate($mail_template,$mail_data);
|
||
$mail->addTo($row['email'],$row['realname']);
|
||
$mail->send();
|
||
|
||
return true;
|
||
|
||
}
|
||
|
||
//创建MD5验证字符串
|
||
//每个用户有唯一的验证字符串
|
||
public function makeMd5Cert($username,$password)
|
||
{
|
||
return substr(md5($username.$password.$this->config->auth->certmix),5,20);
|
||
}
|
||
|
||
// westdc cross-domain login
|
||
public function wcdLogin($uid,$cert)
|
||
{
|
||
if(!is_numeric($uid))
|
||
{
|
||
return false;
|
||
}
|
||
|
||
if(empty($cert))
|
||
{
|
||
return false;
|
||
}
|
||
|
||
$user = new Users;
|
||
|
||
$data = $user->getUser($uid);
|
||
|
||
if(empty($data) || !is_array($data) || count($data) < 1)
|
||
{
|
||
return false;
|
||
}
|
||
|
||
$mcrypt = new \Helpers\MCrypt;
|
||
|
||
$logindata = $mcrypt->decrypt($cert);
|
||
|
||
if($logindata == $this->makeMd5Cert($data[$this->FieldUsername],$data[$this->FieldPasword]))
|
||
{
|
||
$status = $this->storeLogin($data,false);
|
||
var_dump($status);
|
||
return true;
|
||
}else{
|
||
return;
|
||
}
|
||
}
|
||
|
||
//发送一个Westdc cross-domain login请求
|
||
public function postWcdLogin($uid,$username,$md5password)
|
||
{
|
||
if(empty($uid) || empty($username) || empty($md5password))
|
||
{
|
||
return false;
|
||
}
|
||
|
||
if(!is_numeric($uid))
|
||
{
|
||
return false;
|
||
}
|
||
|
||
$cert = $this->makeMd5Cert($username,$md5password);
|
||
|
||
$mcrypt = new \Helpers\MCrypt;
|
||
$logindata = $mcrypt->encrypt($cert);
|
||
|
||
$url = "http://sjysub/account/wcdlogin";
|
||
$curl = new \Helpers\Curl;
|
||
$response = $curl->request($url,['id'=>$uid,'cert'=>$logindata]);
|
||
echo $response['response'];
|
||
}
|
||
|
||
} |