PublicController.class.php
4.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
// +----------------------------------------------------------------------
// | ThinkCMF [ WE CAN DO IT MORE SIMPLE ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013-2014 http://www.thinkcmf.com All rights reserved.
// +----------------------------------------------------------------------
// | Author: Tuolaji <479923197@qq.com>
// +----------------------------------------------------------------------
/**
*/
namespace Admin\Controller;
use Common\Controller\AdminbaseController;
class PublicController extends AdminbaseController {
public function _initialize() {
C(S('sp_dynamic_config'));//加载动态配置
}
//后台登陆界面
public function login() {
$admin_id=session('ADMIN_ID');
if(!empty($admin_id)){//已经登录
redirect(U("admin/index/index"));
}else{
$site_admin_url_password =C("SP_SITE_ADMIN_URL_PASSWORD");
$upw=session("__SP_UPW__");
if(!empty($site_admin_url_password) && $upw!=$site_admin_url_password){
redirect(__ROOT__."/");
}else{
session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__",true);
$this->display(":login");
}
}
}
public function logout(){
session('ADMIN_ID',null);
redirect(__ROOT__."/");
}
public function dologin(){
$login_page_showed_success=session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__");
if(!$login_page_showed_success){
$this->error('login error!');
}
$name = I("post.username");
if(empty($name)){
$this->error(L('USERNAME_OR_EMAIL_EMPTY'));
}
$pass = I("post.password");
if(empty($pass)){
$this->error(L('PASSWORD_REQUIRED'));
}
$verrify = I("post.verify");
if(empty($verrify)){
$this->error(L('CAPTCHA_REQUIRED'));
}
//验证码
if(!sp_check_verify_code()){
$this->error(L('CAPTCHA_NOT_RIGHT'));
}else{
$user = D("Common/Users");
if(strpos($name,"@")>0){//邮箱登陆
$where['user_email']=$name;
}else{
$where['user_login']=$name;
}
$result = $user->where($where)->find();
if(!empty($result) && $result['user_type']==1){
if(sp_compare_password($pass,$result['user_pass'])){
$role_user_model=M("RoleUser");
$role_user_join = C('DB_PREFIX').'role as b on a.role_id =b.id';
$groups=$role_user_model->alias("a")->join($role_user_join)->where(array("user_id"=>$result["id"],"status"=>1))->getField("role_id",true);
if( $result["id"]!=1 && ( empty($groups) || empty($result['user_status']) ) ){
$this->error(L('USE_DISABLED'));
}
//登入成功页面跳转
session('ADMIN_ID',$result["id"]);
session('name',$result["user_login"]);
$result['last_login_ip']=get_client_ip(0,true);
$result['last_login_time']=date("Y-m-d H:i:s");
$user->save($result);
cookie("admin_username",$name,3600*24*30);
//登陆成功 检查订单表过期的订单,删除,并还原库存
$map['status'] = 0; //未支付订单
$map['expire_time'] = array('lt',time()); //过了订单有效期
$orders = M('Order')->where($map)->getField('id', true);
if ($orders) {
$del = true;
//开启事务
M()->startTrans();
//还原库存/销量 删除订单详情
$details = M('OrderDetail')->where(array('oid'=>array('in',$orders)))->select();
foreach ($details as $d) {
$count = M('Good')->where(array('id'=>$d['gid']))->setInc('inventory',$d['count']);
$sales = M('Good')->where(array('id'=>$d['gid']))->setDec('sales',$d['count']);
$row = M('OrderDetail')->where(array('id'=>$d['id']))->delete();
if (!$count || !$sales || !$row) {
$del = false;
}
}
//删除订单
$rows = M('Order')->where(array('id'=>array('in',$orders)))->delete();
if ($del && $rows) {
M()->commit(); //事务提交
} else {
M()->rollback(); //事务回滚
}
}
$this->success(L('LOGIN_SUCCESS'),U("Index/index"));
}else{
$this->error(L('PASSWORD_NOT_RIGHT'));
}
}else{
$this->error(L('USERNAME_NOT_EXIST'));
}
}
}
}