PublicController.php
4.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
// +----------------------------------------------------------------------
// | ThinkCMF [ WE CAN DO IT MORE SIMPLE ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013-2018 http://www.thinkcmf.com All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: 小夏 < 449134904@qq.com>
// +----------------------------------------------------------------------
namespace app\admin\controller;
use cmf\controller\AdminBaseController;
use think\Db;
class PublicController extends AdminBaseController
{
public function _initialize()
{
}
/**
* 后台登陆界面
*/
public function login()
{
$loginAllowed = session("__LOGIN_BY_CMF_ADMIN_PW__");
if (empty($loginAllowed)) {
//$this->error('非法登录!', cmf_get_root() . '/');
return redirect(cmf_get_root() . "/");
}
$admin_id = session('ADMIN_ID');
if (!empty($admin_id)) {//已经登录
return redirect(url("admin/Index/index"));
} else {
$site_admin_url_password = config("cmf_SITE_ADMIN_URL_PASSWORD");
$upw = session("__CMF_UPW__");
if (!empty($site_admin_url_password) && $upw != $site_admin_url_password) {
return redirect(cmf_get_root() . "/");
} else {
session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__", true);
$result = hook_one('admin_login');
if (!empty($result)) {
return $result;
}
return $this->fetch(":login");
}
}
}
/**
* 登录验证
*/
public function doLogin()
{
$loginAllowed = session("__LOGIN_BY_CMF_ADMIN_PW__");
if (empty($loginAllowed)) {
$this->error('非法登录!', cmf_get_root() . '/');
}
$captcha = $this->request->param('captcha');
if (empty($captcha)) {
$this->error(lang('CAPTCHA_REQUIRED'));
}
//验证码
if (!cmf_captcha_check($captcha)) {
$this->error(lang('CAPTCHA_NOT_RIGHT'));
}
$name = $this->request->param("username");
if (empty($name)) {
$this->error(lang('USERNAME_OR_EMAIL_EMPTY'));
}
$pass = $this->request->param("password");
if (empty($pass)) {
$this->error(lang('PASSWORD_REQUIRED'));
}
if (strpos($name, "@") > 0) {//邮箱登陆
$where['user_email'] = $name;
} else {
$where['user_login'] = $name;
}
$result = Db::name('user')->where($where)->find();
if (!empty($result) && $result['user_type'] == 1) {
if (cmf_compare_password($pass, $result['user_pass'])) {
$groups = Db::name('RoleUser')
->alias("a")
->join('__ROLE__ b', 'a.role_id =b.id')
->where(["user_id" => $result["id"], "status" => 1])
->value("role_id");
if ($result["id"] != 1 && (empty($groups) || empty($result['user_status']))) {
$this->error(lang('USE_DISABLED'));
}
//登入成功页面跳转
session('ADMIN_ID', $result["id"]);
session('name', $result["user_login"]);
$result['last_login_ip'] = get_client_ip(0, true);
$result['last_login_time'] = time();
$token = cmf_generate_user_token($result["id"], 'web');
if (!empty($token)) {
session('token', $token);
}
Db::name('user')->update($result);
cookie("admin_username", $name, 3600 * 24 * 30);
session("__LOGIN_BY_CMF_ADMIN_PW__", null);
$this->success(lang('LOGIN_SUCCESS'), url("admin/Index/index"));
} else {
$this->error(lang('PASSWORD_NOT_RIGHT'));
}
} else {
$this->error(lang('USERNAME_NOT_EXIST'));
}
}
/**
* 后台管理员退出
*/
public function logout()
{
session('ADMIN_ID', null);
return redirect(url('/', [], false, true));
}
}