westdc-zf1/application/default/controllers/AccountController.php

488 lines
13 KiB
PHP
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
use Mail\Mail;
use Open\Client;
use Users\Account;
use Users\Member;
use Helpers\Captcha;
use Helpers\View as view;
class AccountController extends Zend_Controller_Action
{
function preDispatch()
{
$this->view->config = Zend_Registry::get('config');
$this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
$this->db = Zend_Registry::get('db');
$this->view->messages = $this->messenger->getMessages();
$this->view->theme = new Theme();
}
function indexAction()
{
$this->view->pageID = "account-index";
include_once("Users.php");
$usr = new Users($this->db);
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}
include_once("Avatar.php");
$avatar = new Avatar();
$this->view->avatar = $avatar->Get($user->email,140);
$this->view->info = $usr->getUserInfo($uid);
}
function editAction()
{
$this->view->pageID = "account-edit";
include_once("Users.php");
$usr = new Users($this->db);
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}
include_once("Avatar.php");
$avatar = new Avatar();
$this->view->avatar = $avatar->Get($user->email,140);
$this->view->projectType = array(
"" => '',
"国家973计划项目课题" => "国家973计划项目课题",
"国家863计划课题"=>"国家863计划课题",
"国家级科技支撑课题" => "国家级科技支撑课题",
"国家级科技重大专项" => "国家级科技重大专项",
"国家级国家重大工程" => "国家级国家重大工程",
"国家级国家自然科学基金" => "国家级国家自然科学基金",
"国际合作项目"=>"国际合作项目",
"省部级项目" => "省部级项目",
"其他项目工程" => "其他项目工程"
);
$submit = $this->_getParam('submit');
if(!empty($submit))
{
$data = $this->AccountEditParamFilter();
if($this->db->update("users",$data,"id=$uid"))
{
$this->view->AlertType = "alert-success";
$this->view->msg = "修改成功!";
$this->view->jump_url = "/account/edit";
return true;
}else{
$this->view->AlertType = "alert-error";
$this->view->error = "修改失败,请重试";
$this->view->info = $data;
return true;
}
}else{
$this->view->info = $usr->getUserInfo($uid);
}
}
function AccountEditParamFilter(){
$data = array();
$data['realname'] = substr(trim($this->_getParam('realname')),0,40);
$data['unit'] = substr(trim($this->_getParam('unit')),0,100);
$data['address'] = substr(trim($this->_getParam('address')),0,100);
$data['phone'] = substr(trim($this->_getParam('phone')),0,15);
$data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
$data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
$data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
$data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
$data['project'] = substr(trim($this->_getParam('project')),0,600);
foreach($data as $k=>$v)
{
$data[$k] = $this->StringFilter($v);
}
return $data;
}
function StringFilter($string){
$string = preg_replace ('/<[^>]*>/', ' ', $string);
return $string;
}
function secureAction()
{
$this->view->pageID = "account-secure";
include_once("Users.php");
$usr = new Users($this->db);
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}
$opt = $this->_getParam('opt');
$submit = $this->_getParam('submit');
if(empty($opt))
{
$this->view->section = "password";
if(!empty($submit))
{
$data = $this->AccountSecureParamFilter();
$this->view->AlertType = "alert-error";
if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
{
$this->view->error = view::Error("密码过长");
return true;
}
if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
{
$this->view->error = view::Error("密码过短请输入大于6位的密码");
return true;
}
if(md5($data['new_password']) != md5($data['new_password_confrim']))
{
$this->view->error = view::Error("两次输入的密码不相同");
return true;
}
$sql = "SELECT password FROM users WHERE id=$uid";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if(md5($data['password']) != $row['password'])
{
$this->view->error = view::Error("原密码不正确");
return true;
}
$data['password'] = md5($data['new_password']);
unset($data['new_password']);
unset($data['new_password_confrim']);
if($this->db->update("users",$data,"id=$uid"))
{
view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
return true;
}else{
$this->view->error = view::Error("修改失败");
return true;
}
}else{
$this->view->info = $usr->getUserInfo($uid);
}
}//password
if($opt == "email")
{
$this->view->section = "email";
if(!empty($submit))
{
$email = $this->_getParam('email');
$password = $this->_getParam('password');
if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
{
$this->view->error = view::Error("错误的邮箱格式");
return true;
}
$sql = "SELECT password FROM users WHERE id=$uid";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if(md5($password) != $row['password'])
{
$this->view->error = view::Error("原密码错误");
return true;
}
$data['email'] = $email;
if($this->db->update("users",$data,"id=$uid"))
{
view::Post($this,array("content"=>'修改成功!','url'=>'/account/secure'));
return true;
}else{
$this->view->error = view::Error("修改失败");
return true;
}
}else{
$this->view->info = $usr->getUserInfo($uid);
}
}//email
}
function AccountSecureParamFilter(){
$data = array();
$data['password'] = trim($this->_getParam('password'));
$data['new_password'] = trim($this->_getParam('new_password'));
$data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
foreach($data as $k=>$v)
{
$data[$k] = $this->StringFilter($v);
}
return $data;
}
function init()
{
$this->messenger=$this->_helper->getHelper('FlashMessenger');
}
function postDispatch()
{
//$this->view->messages = $this->messenger->getMessages();
}
function registerAction()
{
$form = new RegisterForm();
$this->view->form = $form;
if ($this->_request->isPost()) {
$formData = $this->_request->getPost();
if ($form->isValid($formData)) {
$ut = new UsersTable();
$u = $ut->createRow();
$u->username = $form->getValue('username');
$u->password = $form->getValue('password');
$u->email=$form->getValue('email');
if ($form->getValue('realname')) $u->realname=$form->getValue('realname');
if ($form->getValue('phone')) $u->phone=$form->getValue('phone');
if ($form->getValue('address')) $u->address=$form->getValue('address');
if ($form->getValue('unit')) $u->unit=$form->getValue('unit');
if ($form->getValue('project')) $u->project=$form->getValue('project');
if ($u->save()) {
//注册邮件
$mail_template = "member-register";
$mail_data = array(
'name'=>$formData['username'],
);
$mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data);
$mail->addTo($formData['email'],$formData['username']);
$mail->send();
//自动登录系统
$this->login($formData['username'],$formData['password']);
$this->_redirect('/');
}
} else {
$form->populate($formData);
}
}
}
function loginAction()
{
$options = array(
'module' => $this->_request->getModuleName(),
'controller' => $this->_request->getControllerName(),
'action' => $this->_request->getActionName(),
);
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity())
{
view::Post($this,"您已经登录,无需重复登录","/index");
return true;
}
$tohref = $this->_request->getParam('href');
if($_SERVER['REQUEST_URI'] !== "/account/login")
{
$this->view->href = $_SERVER['REQUEST_URI'];
}else{
$this->view->href = "/";
}
if(!empty($tohref))
{
$this->view->href = $tohref;
}
$captcha = new Captcha();
$submit = $this->_getParam("submit");
if(!empty($submit))
{
$username = trim($this->_request->getParam('username'));
$password = trim($this->_request->getParam('password'));
$captchaword = trim($this->_request->getParam('captcha'));
$account = new Account();
$status = $account->login(array(
'username' => $username,
'password' => $password
));
if(isset($status['error']))
{
$this->view->error = $status;
$this->view->captcha = $captcha->setCaptcha();
return true;
}
if(!$captcha->isValid($captchaword))
{
$this->view->error = "验证码错误";
$this->view->captcha = $captcha->setCaptcha();
return true;
}
view::Post($this,"登录成功,正在跳转",$tohref);
return true;
}
$this->view->captcha = $captcha->setCaptcha();
}
public function captchaAction()
{
if(view::isXmlHttpRequest($this))
{
$captcha = new Captcha();
$url = $captcha->setCaptcha();
echo $url;
return true;
}else{
echo "bad request!";
exit();
}
}
public function logoutAction()
{
$auth = Zend_Auth::getInstance();
$auth->clearIdentity();
Member::flushcookie();
$this->_redirect('/');
}
public function fetchpwdAction()
{
$salt = trim($this->_getParam('salt'));
$submit = $this->_getParam('submit');
if(empty($salt))
{
$captcha = new Captcha();
if(!empty($submit))
{
$email = trim($this->_request->getParam('email'));
$captchaword = trim($this->_request->getParam('captcha'));
if(!$captcha->isValid($captchaword))
{
$this->view->error = view::Error("验证码错误");
$this->view->captcha = $captcha->setCaptcha();
return true;
}
$account = new Account();
$status = $account->getMyPassword($email);
if(isset($status['error']))
{
$this->view->error = view::Error($status['error']);
$this->view->captcha = $captcha->setCaptcha();
return true;
}
view::Post($this,"您的密码重置申请已提交,请在邮箱中查看");
return true;
}else{
$this->view->captcha = $captcha->setCaptcha();
}//提交密码重置申请
}
else{
$this->_helper->viewRenderer('account-resetpassword');
$this->view->salt = $salt;
if(!empty($submit))
{
$username = trim($this->_request->getParam('username'));
$password = trim($this->_request->getParam('password'));
$confirm_password = trim($this->_request->getParam('confirm_password'));
$account = new Account();
$status = $account->resetPassword(array(
'username' => $username,
'password' => $password,
'confirm_password' => $confirm_password,
'salt' => $salt
));
if(isset($status['error']))
{
$this->view->error = view::Error($status['error']);
return true;
}
view::Post($this,"您的密码修改成功!请使用新密码登录","/account/login");
return true;
}
}//修改密码
} //找回密码
//OAuth2登录跳转页面
public function oauth2loginAction()
{
$type = $this->_getParam('type');
$client = new Client();
$url = $client->makeRequestCodeUrl($type);
view::Post($this,"为您转入科技网登录入口",$url);
}
//oauth2登录回调地址
public function callbackAction()
{
$type = $this->_getParam('type');
$code = $this->_getParam('code');
$client = new Client($type);
$client->initSource();
$target = $client->getSource()->getTarget($type);
$this->view->target_name = $target['name'];
$token = $client->requestToken($code);
if(is_string($token))
{
view::Post($this,$token,'/account/login');
}
$status = $client->storageTokenData($type,$token);
if($status === true)
{
echo "<script>self.location='/index'</script>";
}else{
echo $status;
}
}
}