search
HomeBackend DevelopmentPHP TutorialLogin authentication

Login authentication

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
Jul 25, 2016 am 08:50 AM
  1. /*
  2. *
  3. * @copyright 2011
  4. * @version $Id$
  5. * @access public
  6. * @property string $id
  7. * @property string $account
  8. * @property string $pwd
  9. * @property string $lastquesttime
  10. * @property string $lastip
  11. * @property int $regtime
  12. * @property int $accounttype
  13. * @property string $oldaccount
  14. * @property int $logintimes
  15. * @property string $currentIP
  16. * @property int $cid
  17. */
  18. class Resposity extends AdminActiveRecord {
  19. public $connectionPrefix = 'passport';
  20. protected $list = null;
  21. protected $passportConfig = null;
  22. public $oldaccount = '';
  23. /**
  24. * Returns the static model of the specified AR class.
  25. * @return Resposity the static model class
  26. */
  27. public static function model($className = __class__) {
  28. return parent::model ( $className );
  29. }
  31. /**
  32. * Modify it if you need.
  33. * @return mixed the primaryKey.
  34. */
  35. public function primaryKey() {
  36. return 'id';
  37. }
  39. /**
  40. * @return array validation rules for model attributes.
  41. */
  42. public function rules() {
  43. // NOTE: you should only define rules for those attributes that
  44. // will receive user inputs.s
  45. return array (
  46. array ('accounttype,cid', 'required' ),
  47. array ('accounttype', 'in', 'range' => array ('0', '1', '2', '3', '4', '5', '6', '7' ) ),
  48. array ('currentIP', 'ip')
  49. );
  50. }
  51. /**
  52. Obtain user information based on the main account
  53. **/
  54. protected function getUserInfoByMainAccount($account,$cid){
  55. $account=strtolower($account);
  56. $cacheKey = hash ( 'md5', $account.'^]'.$cid.'^]'.'0' );
  57. $user=UtilD::getCache('resposity',$cacheKey);
  58. if(is_array($user)){
  59. UtilD::clearNullOrEmptyValue ( $user );
  60. }else{
  61. $user=array();
  62. }
  63. if(count($user)){
  64. return $user;
  65. }else{
  66. $model = $this->find ( 'account=:account AND cid=:cid', array (':account' => $account,':cid' => $cid ) );
  67. if($model){
  68. $user=$model->getAttributes();
  69. unset($model);
  70. }
  71. UtilD::setCache('resposity',$cacheKey,$user);
  72. return $user;
  73. }
  74. }
  75. /**Obtain user information based on sub-account**/
  76. protected function getUserInfoByChildAccount($subaccount,$cid,$accounttype){
  77. if(!$this->validate(array('accounttype'), true)){
  78. return -1000;
  79. }
  80. $subaccount=strtolower($subaccount);
  81. $cacheKey = hash ( 'md5', $subaccount.'^]'.$cid.'^]'.$accounttype );
  82. $userAccounts=UtilD::getCache('resposity',$cacheKey);
  83. if(is_array($userAccounts)){
  84. UtilD::clearNullOrEmptyValue($userAccounts);
  85. }else{
  86. $userAccounts=array();
  87. }
  88. if(!count($userAccounts)){
  89. $accountRefer=new AccountRefer();
  90. $model=$accountRefer->find ( 'subaccount=:subaccount AND cid=:cid AND accounttype=:accounttype', array (':subaccount' => $subaccount,':cid' => $this->cid,':accounttype'=> $accounttype) );
  91. if($model){
  92. $userAccounts=$model->getAttributes();
  93. UtilD::setCache('resposity',$cacheKey,$userAccounts);
  94. }
  95. }
  96. if(isset($userAccounts['account'])){
  97. return $this->getUserInfoByMainAccount($userAccounts['account'],$userAccounts['cid']);
  98. }
  99. return array();
  100. }
  101. /**Get user data based on account type**/
  102. public function getUserInfoByAccount(){
  103. if($this->accounttype==0){
  105. return $this->getUserInfoByMainAccount($this->account,$this->cid);
  106. }else{
  107. return $this->getUserInfoByChildAccount($this->account,$this->cid,$this->accounttype);
  108. }
  109. }
  110. /**
  111. * Get sub-account through main account
  112. */
  113. public function getSubAccountByMainAccount(){
  114. $c=new CDbCriteria();
  115. $c->addCondition('cid=:cid AND account=:account', 'AND');
  116. $c->params=array(':cid'=>$this->cid, ':account'=>$this->account);
  117. $refer=new AccountRefer();
  118. $result=$refer->getListByPage(1, 30, $c);
  119. $data=array();
  120. if($result['count']>0){
  121. foreach($result['data'] as $row){
  122. $data[$row['accounttype']]=$row['subaccount'];
  123. }
  124. }
  125. return $data;
  126. }
  127. /**
  128. Obtain the operation level of the current merchant
  129. 1 has full permissions for users added by yourself, but has no permissions for users added by other institutions
  130. 2 has full permissions for users added by yourself, and has query permissions for users from institutions designated by accsessids
  131. **/
  132. public function getAccess(){
  133. if ($this->passportConfig === null) {
  134. $this->passportConfig = PassportConfig::model ()->getItemConfigById ( $this->cid );
  135. }
  136. $ip=Yii::app ()->request->getUserHostAddress();
  137. $ips=CJSON::decode($passportConfig['iprouters']);
  138. if(!in_array($ip,$ips )){
  139. throw new CHttpException(403, 'You do not have permission to access this page!');
  140. }
  141. }
  142. /**Modify private data of famous brand users**/
  143. public function saveUserAttributes($tickets,array $attributes){
  144. try{
  145. $user=$this->getUserAttributes($tickets);
  146. if(empty($user) || !is_array($user)){
  147. return -1001;
  148. }
  149. $data=array();
  150. if($user[WebUserD::STORAGE_KEY]!=='[]'){
  151. $data=CJSON::decode($user[WebUserD::STORAGE_KEY]);
  152. }
  153. if(!is_array($data)){
  154. $data=array();
  155. }
  156. $attributes=array_change_key_case($attributes);
  157. foreach($attributes as $key=>$value){
  158. if(!is_array($value)){
  159. $data[$key]=$value;
  160. }else{
  161. if(!isset($data[$key])){
  162. $data[$key]=array();
  163. }
  164. $data[$key]=array_merge($data[$key],$attributes[$key]);
  165. }
  166. }
  167. $user[WebUserD::STORAGE_KEY]=CJSON::encode($data);
  168. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  169. $user['data']=CJSON::encode($data);
  170. $this->setAttributes($user,false);
  171. !$this->currentIP && $this->currentIP='127.0.0.1';
  172. !$this->lastip && $this->lastip=$this->currentIP;
  175. !$this->logintimes && $this->logintimes = 0;
  176. $this->setIsNewRecord ( false );
  177. if($this->save()){
  178. UtilD::setCache('resposity', $tickets, $user);
  179. }else{
  180. return -1003;
  181. }
  182. }catch(Exception $ex){
  183. return -1004;
  184. }
  185. }
  186. /**Modify account private data**/
  187. public function saveUserAttributesByName( array $attributes){
  188. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  189. if(empty($user)){
  190. return -1001;
  191. }
  192. $cacheKey = hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  193. return $this-> saveUserAttributes($cacheKey,$attributes);
  195. }
  196. /**
  197. @return array
  198. Obtain all the account data based on the token
  199. **/
  200. public function getUserAttributes($tickets){
  201. $t = hash ( 'md5', $tickets . '&' . $this->currentIP . '&' . $this->accounttype . '&' . $this->cid );
  202. $ft=UtilD::getCache('resposity', $t);
  203. if (! $ft) {
  204. $ft = 0;
  205. } else {
  206. if ($ft > 4) { //如果1个ip 1分钟内连续5次获取失败
  207. return -1005;
  208. }
  209. }
  210. $user=UtilD::getCache('resposity',$tickets);
  211. if(!$user){
  212. $ft++;
  213. UtilD::setCache('resposity', $t,$ft,60);
  214. return -1001;
  215. }
  216. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  217. UtilD::setCache('resposity',$tickets,$user);
  218. return $user;
  219. }
  220. /**Add main account**/
  221. public function add(){
  222. try{
  223. if($this->accounttype!=0){
  224. return -1000;
  225. }
  226. $this->account=strtolower($this->account);
  227. //检查主帐号是否存在
  228. $user=$this->getUserInfoByAccount();
  229. if(is_array($user) && count($user)){
  230. return -1006;
  231. }
  232. //开始保存数据
  233. $this->setIsNewRecord ( true );
  234. $this->lastquesttime=$_SERVER['REQUEST_TIME'];
  235. $this->regtime=$_SERVER['REQUEST_TIME'];
  236. $this->data='[]';
  237. $this->pwd=hash('sha256',$this->pwd);
  239. if(!$this->save()){
  240. return -1007;
  241. }else{
  242. $user=$this->getAttributes();
  243. $cacheKey = hash ( 'md5',$this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  244. UtilD::setCache('resposity', $cacheKey, $user);
  245. }
  246. }catch(Exception $ex){
  247. return -1004;
  248. }
  249. }
  250. /**Associated sub-account**/
  251. public function addChild($subaccount){
  252. try{
  253. //检查子是否有同名的帐号与主账号关联
  254. $subaccount=strtolower($subaccount);
  255. $user=$this->getUserInfoByChildAccount($subaccount,$this->cid,$this->accounttype);
  256. if($user){
  257. return -1008;
  258. }
  259. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  260. if(!$user){
  261. return -1001;
  262. }
  263. //检查是否有类型的账号与主账号关联
  264. $accountRefer=new AccountRefer();
  265. $model=$accountRefer->find('pid=:pid AND cid=:cid AND accounttype=:accounttype', array (':pid'=>$user['id'],':cid'=>$this->cid,':accounttype'=>$this->accounttype));
  266. if($model){
  267. return -1009;
  268. }
  269. $this->account=strtolower($this->account);
  270. $accountRefer->cid=$this->cid;
  271. $accountRefer->setIsNewRecord ( true );
  272. $accountRefer->pid=$user['id'];
  273. $accountRefer->account=$user['account'];
  274. $accountRefer->subaccount=$subaccount;
  275. $accountRefer->accounttype=$this->accounttype;
  276. if($accountRefer->save()){
  277. $cacheKey = hash ( 'md5',$accountRefer->subaccount.'^]'.$accountRefer->cid.'^]'.$accountRefer->accounttype );
  278. UtilD::setCache('resposity', $cacheKey, $accountRefer->getAttributes());
  279. }else{
  280. return -1010;
  281. }
  282. }catch(Exception $ex){
  283. return -1004;
  284. }
  285. }
  286. /**change Password**/
  287. public function changePassword(){
  288. try{
  289. $user=$this->getUserInfoByAccount();//检查主帐号是否存在
  290. if(!$user){
  291. return -1001;
  292. }
  293. $this->setIsNewRecord ( false );
  294. $this->pwd=hash('sha256',$this->pwd);
  295. if($this->pwd!==$user['pwd']){
  296. $this->setIsNewRecord ( false );
  297. $user['pwd']=$this->pwd;
  298. $this->setAttributes($user,false);
  299. if($this->save()){
  300. $cacheKey = hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  301. UtilD::setCache('resposity', $cacheKey, $user);
  302. }else{
  303. return -1011;
  304. }
  305. }
  306. }catch(Exception $ex){
  307. return -1004;
  308. }
  309. }
  310. /**Modify sub-account**/
  311. public function repickAccount(){
  312. try{
  313. $accounts=$this->getUserInfoByChildAccount($this->oldaccount,$this->cid,$this->accounttype);
  314. if(!$accounts){
  315. return -1001;
  316. }
  317. $cacheKey = hash ( 'md5',$this->oldaccount.'^]'.$this->cid.'^]'.$this->accounttype );
  318. $user=UtilD::getCache('resposity', $cacheKey);
  319. if($this->oldaccount!==$this->account){
  320. $accountRefer=new AccountRefer();
  321. $accountRefer->setIsNewRecord ( false );
  322. $accountRefer->setAttributes($user,false);
  323. $accountRefer->subaccount=$this->account;
  324. if($accountRefer->save()){
  325. $user['subaccount']=$this->account;
  326. UtilD::setCache('resposity', $cacheKey,array());
  327. $cacheKey= hash ( 'md5',$user['subaccount'].'^]'.$this->cid.'^]'.$this->accounttype );
  328. UtilD::setCache('resposity', $cacheKey,$user);
  329. }else{
  330. return -1012;
  331. }
  332. }
  333. }catch(Exception $ex){
  334. return -1004;
  335. }
  336. }
  337. /**
  338. Delete main account
  339. **/
  340. public function deleteMainAccount(){
  341. try{
  342. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  343. if(!$user){
  344. return -1001;
  345. }
  346. //检查是否有子帐号
  347. $accountRefer=new AccountRefer();
  348. $models=$accountRefer->findAll('pid=:pid', array (':pid'=>$user['id']));
  349. if(is_array($models)&&count($models)){
  350. foreach($models as $model){
  351. $k= hash ( 'md5', $model->subaccount.'^]'.$model->cid.'^]'.$model->accounttype );//删除子帐号缓存
  352. UtilD::setCache('resposity', $k,false);
  353. unset($model);
  354. }
  355. unset($models);
  356. }
  357. //删除主帐号缓存
  358. $cacheKey = hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.'0' );
  359. if($this->deleteByPk($user['id'])){
  360. UtilD::setCache('resposity', $cacheKey,false);
  361. }else{
  362. return -1013;
  363. }
  364. }catch(Exception $ex){
  365. return -1004;
  366. }
  367. }
  368. /**Delete subaccount**/
  369. public function deleteChildAccount(){
  370. try{
  371. $user=$this->getUserInfoByChildAccount($this->account,$this->cid,$this->accounttype);
  372. if(!$user){
  373. return -1014;
  374. }
  375. //删除缓存
  376. $cacheKey = hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  377. $child=UtilD::getCache('resposity',$cacheKey);
  378. $accountRefer=new AccountRefer();
  379. if($accountRefer->deleteByPk($child['id'])){
  380. UtilD::setCache('resposity', $cacheKey,false);
  381. }else{
  382. return -1014;
  383. }
  384. }catch(Exception $ex){
  385. return -1004;
  386. }
  387. }
  388. public function login(){
  389. try{
  390. if(empty($this->currentIP)){
  391. return -1017;
  392. }
  393. $tickets=hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  394. $t = hash ( 'md5', $tickets . '&' . $this->currentIP . '&' . $this->accounttype . '&' . $this->cid );
  395. $ft=UtilD::getCache('resposity', $t);
  396. if (! $ft) {
  397. $ft = 0;
  398. } else {
  399. if ($ft > 4) { //如果1个ip 1分钟内连续5次获取失败
  400. return -1015;
  401. }
  402. }
  403. $user=$this->getUserInfoByAccount();
  404. if(!$user){
  405. $ft++;
  406. UtilD::setCache('resposity', $t,$ft,60);
  407. return -1001;
  408. }
  409. $this->pwd=hash('sha256',$this->pwd);
  410. if($user['pwd']!==$this->pwd){
  411. $ft++;
  412. UtilD::setCache('resposity', $t,$ft,60);
  413. return -1016;
  414. }
  415. $tickets=hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  416. //更新登录次数和最后请求时间
  417. if(!isset($user['currentIP'])){
  418. $user['currentIP']=$this->currentIP;
  419. }
  420. $user['lastip']=$user['currentIP'];
  421. $user['currentIP']=$this->currentIP;
  422. if(!isset($user['logintimes'])){
  423. $user['logintimes']=0;
  424. }
  425. $user['logintimes']++;
  426. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  427. $this->setAttributes($user,false);
  428. if($this->save()){
  429. UtilD::setCache('resposity', $tickets,$user);
  430. return array('tickets'=>$tickets);
  431. }else{
  432. return -1017;
  433. }
  434. }catch(Exception $ex){
  435. return -1004;
  436. }
  437. }
  438. }
复制代码


Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Related Article
Explain the concept of a PHP session in simple terms.Explain the concept of a PHP session in simple terms.Apr 26, 2025 am 12:09 AM

PHPsessionstrackuserdataacrossmultiplepagerequestsusingauniqueIDstoredinacookie.Here'showtomanagethemeffectively:1)Startasessionwithsession_start()andstoredatain$_SESSION.2)RegeneratethesessionIDafterloginwithsession_regenerate_id(true)topreventsessi

How do you loop through all the values stored in a PHP session?How do you loop through all the values stored in a PHP session?Apr 26, 2025 am 12:06 AM

In PHP, iterating through session data can be achieved through the following steps: 1. Start the session using session_start(). 2. Iterate through foreach loop through all key-value pairs in the $_SESSION array. 3. When processing complex data structures, use is_array() or is_object() functions and use print_r() to output detailed information. 4. When optimizing traversal, paging can be used to avoid processing large amounts of data at one time. This will help you manage and use PHP session data more efficiently in your actual project.

Explain how to use sessions for user authentication.Explain how to use sessions for user authentication.Apr 26, 2025 am 12:04 AM

The session realizes user authentication through the server-side state management mechanism. 1) Session creation and generation of unique IDs, 2) IDs are passed through cookies, 3) Server stores and accesses session data through IDs, 4) User authentication and status management are realized, improving application security and user experience.

Give an example of how to store a user's name in a PHP session.Give an example of how to store a user's name in a PHP session.Apr 26, 2025 am 12:03 AM

Tostoreauser'snameinaPHPsession,startthesessionwithsession_start(),thenassignthenameto$_SESSION['username'].1)Usesession_start()toinitializethesession.2)Assigntheuser'snameto$_SESSION['username'].Thisallowsyoutoaccessthenameacrossmultiplepages,enhanc

What are some common problems that can cause PHP sessions to fail?What are some common problems that can cause PHP sessions to fail?Apr 25, 2025 am 12:16 AM

Reasons for PHPSession failure include configuration errors, cookie issues, and session expiration. 1. Configuration error: Check and set the correct session.save_path. 2.Cookie problem: Make sure the cookie is set correctly. 3.Session expires: Adjust session.gc_maxlifetime value to extend session time.

How do you debug session-related issues in PHP?How do you debug session-related issues in PHP?Apr 25, 2025 am 12:12 AM

Methods to debug session problems in PHP include: 1. Check whether the session is started correctly; 2. Verify the delivery of the session ID; 3. Check the storage and reading of session data; 4. Check the server configuration. By outputting session ID and data, viewing session file content, etc., you can effectively diagnose and solve session-related problems.

What happens if session_start() is called multiple times?What happens if session_start() is called multiple times?Apr 25, 2025 am 12:06 AM

Multiple calls to session_start() will result in warning messages and possible data overwrites. 1) PHP will issue a warning, prompting that the session has been started. 2) It may cause unexpected overwriting of session data. 3) Use session_status() to check the session status to avoid repeated calls.

How do you configure the session lifetime in PHP?How do you configure the session lifetime in PHP?Apr 25, 2025 am 12:05 AM

Configuring the session lifecycle in PHP can be achieved by setting session.gc_maxlifetime and session.cookie_lifetime. 1) session.gc_maxlifetime controls the survival time of server-side session data, 2) session.cookie_lifetime controls the life cycle of client cookies. When set to 0, the cookie expires when the browser is closed.

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Show More

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution
4 weeks agoByDDD
What's New in Windows 11 KB5054979 & How to Fix Update Issues
3 weeks agoByDDD
Where to find the Crane Control Keycard in Atomfall
4 weeks agoByDDD
Roblox: Dead Rails - How To Complete Every Challenge
1 months agoByDDD
How to fix KB5055523 fails to install in Windows 11?
2 weeks agoByDDD
Show More

Hot Tools

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

WebStorm Mac version

WebStorm Mac version

Useful JavaScript development tools

Show More

Hot Topics

Where is the login entrance for gmail email?
7728
15
Java Tutorial
1643
14
CakePHP Tutorial
1397
52
Laravel Tutorial
1290
25
PHP Tutorial
1233
29
Show More