Rumah  >  Artikel  >  pembangunan bahagian belakang  >  登录认证

登录认证

WBOY
WBOYasal
2016-07-25 08:50:141133semak imbas
  1. /*
  2. *
  3. * @copyright 2011
  4. * @version $Id$
  5. * @access public
  6. * @property string $id
  7. * @property string $account
  8. * @property string $pwd
  9. * @property string $lastquesttime
  10. * @property string $lastip
  11. * @property int $regtime
  12. * @property int $accounttype
  13. * @property string $oldaccount
  14. * @property int $logintimes
  15. * @property string $currentIP
  16. * @property int $cid
  17. */
  18. class Resposity extends AdminActiveRecord {
  19. public $connectionPrefix = 'passport';
  20. protected $list = null;
  21. protected $passportConfig = null;
  22. public $oldaccount = '';
  23. /**
  24. * Returns the static model of the specified AR class.
  25. * @return Resposity the static model class
  26. */
  27. public static function model($className = __class__) {
  28. return parent::model ( $className );
  29. }
  30. /**
  31. * Modify it if you need.
  32. * @return mixed the primaryKey.
  33. */
  34. public function primaryKey() {
  35. return 'id';
  36. }
  37. /**
  38. * @return array validation rules for model attributes.
  39. */
  40. public function rules() {
  41. // NOTE: you should only define rules for those attributes that
  42. // will receive user inputs.s
  43. return array (
  44. array ('accounttype,cid', 'required' ),
  45. array ('accounttype', 'in', 'range' => array ('0', '1', '2', '3', '4', '5', '6', '7' ) ),
  46. array ('currentIP', 'ip')
  47. );
  48. }
  49. /**
  50. 根据主帐号获得用户信息
  51. **/
  52. protected function getUserInfoByMainAccount($account,$cid){
  53. $account=strtolower($account);
  54. $cacheKey = hash ( 'md5', $account.'^]'.$cid.'^]'.'0' );
  55. $user=UtilD::getCache('resposity',$cacheKey);
  56. if(is_array($user)){
  57. UtilD::clearNullOrEmptyValue ( $user );
  58. }else{
  59. $user=array();
  60. }
  61. if(count($user)){
  62. return $user;
  63. }else{
  64. $model = $this->find ( 'account=:account AND cid=:cid', array (':account' => $account,':cid' => $cid ) );
  65. if($model){
  66. $user=$model->getAttributes();
  67. unset($model);
  68. }
  69. UtilD::setCache('resposity',$cacheKey,$user);
  70. return $user;
  71. }
  72. }
  73. /**根据子帐号获得用户信息**/
  74. protected function getUserInfoByChildAccount($subaccount,$cid,$accounttype){
  75. if(!$this->validate(array('accounttype'), true)){
  76. return -1000;
  77. }
  78. $subaccount=strtolower($subaccount);
  79. $cacheKey = hash ( 'md5', $subaccount.'^]'.$cid.'^]'.$accounttype );
  80. $userAccounts=UtilD::getCache('resposity',$cacheKey);
  81. if(is_array($userAccounts)){
  82. UtilD::clearNullOrEmptyValue($userAccounts);
  83. }else{
  84. $userAccounts=array();
  85. }
  86. if(!count($userAccounts)){
  87. $accountRefer=new AccountRefer();
  88. $model=$accountRefer->find ( 'subaccount=:subaccount AND cid=:cid AND accounttype=:accounttype', array (':subaccount' => $subaccount,':cid' => $this->cid,':accounttype'=> $accounttype) );
  89. if($model){
  90. $userAccounts=$model->getAttributes();
  91. UtilD::setCache('resposity',$cacheKey,$userAccounts);
  92. }
  93. }
  94. if(isset($userAccounts['account'])){
  95. return $this->getUserInfoByMainAccount($userAccounts['account'],$userAccounts['cid']);
  96. }
  97. return array();
  98. }
  99. /**根据帐号类型获取用户数据**/
  100. public function getUserInfoByAccount(){
  101. if($this->accounttype==0){
  102. return $this->getUserInfoByMainAccount($this->account,$this->cid);
  103. }else{
  104. return $this->getUserInfoByChildAccount($this->account,$this->cid,$this->accounttype);
  105. }
  106. }
  107. /**
  108. * 通过主帐号获取子帐号
  109. */
  110. public function getSubAccountByMainAccount(){
  111. $c=new CDbCriteria();
  112. $c->addCondition('cid=:cid AND account=:account', 'AND');
  113. $c->params=array(':cid'=>$this->cid, ':account'=>$this->account);
  114. $refer=new AccountRefer();
  115. $result=$refer->getListByPage(1, 30, $c);
  116. $data=array();
  117. if($result['count']>0){
  118. foreach($result['data'] as $row){
  119. $data[$row['accounttype']]=$row['subaccount'];
  120. }
  121. }
  122. return $data;
  123. }
  124. /**
  125. 获得当前商户的操作等级
  126. 1 对自己添加的用户有完全权限,对其它机构添加的用户无权限
  127. 2 对自己添加的用户有完全权限,对accsessids指定机构的用户有查询权限
  128. **/
  129. public function getAccess(){
  130. if ($this->passportConfig === null) {
  131. $this->passportConfig = PassportConfig::model ()->getItemConfigById ( $this->cid );
  132. }
  133. $ip=Yii::app ()->request->getUserHostAddress();
  134. $ips=CJSON::decode($passportConfig['iprouters']);
  135. if(!in_array($ip,$ips)){
  136. throw new CHttpException(403, '您没有权限访问此页面!');
  137. }
  138. }
  139. /**修改名牌用户私有数据**/
  140. public function saveUserAttributes($tickets,array $attributes){
  141. try{
  142. $user=$this->getUserAttributes($tickets);
  143. if(empty($user) || !is_array($user)){
  144. return -1001;
  145. }
  146. $data=array();
  147. if($user[WebUserD::STORAGE_KEY]!=='[]'){
  148. $data=CJSON::decode($user[WebUserD::STORAGE_KEY]);
  149. }
  150. if(!is_array($data)){
  151. $data=array();
  152. }
  153. $attributes=array_change_key_case($attributes);
  154. foreach($attributes as $key=>$value){
  155. if(!is_array($value)){
  156. $data[$key]=$value;
  157. }else{
  158. if(!isset($data[$key])){
  159. $data[$key]=array();
  160. }
  161. $data[$key]=array_merge($data[$key],$attributes[$key]);
  162. }
  163. }
  164. $user[WebUserD::STORAGE_KEY]=CJSON::encode($data);
  165. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  166. $user['data']=CJSON::encode($data);
  167. $this->setAttributes($user,false);
  168. !$this->currentIP && $this->currentIP='127.0.0.1';
  169. !$this->lastip && $this->lastip=$this->currentIP;
  170. !$this->logintimes && $this->logintimes = 0;
  171. $this->setIsNewRecord ( false );
  172. if($this->save()){
  173. UtilD::setCache('resposity', $tickets, $user);
  174. }else{
  175. return -1003;
  176. }
  177. }catch(Exception $ex){
  178. return -1004;
  179. }
  180. }
  181. /**修改帐号私有数据**/
  182. public function saveUserAttributesByName( array $attributes){
  183. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  184. if(empty($user)){
  185. return -1001;
  186. }
  187. $cacheKey = hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  188. return $this-> saveUserAttributes($cacheKey,$attributes);
  189. }
  190. /**
  191. @return array
  192. 根据令牌获得帐号全部数据
  193. **/
  194. public function getUserAttributes($tickets){
  195. $t = hash ( 'md5', $tickets . '&' . $this->currentIP . '&' . $this->accounttype . '&' . $this->cid );
  196. $ft=UtilD::getCache('resposity', $t);
  197. if (! $ft) {
  198. $ft = 0;
  199. } else {
  200. if ($ft > 4) { //如果1个ip 1分钟内连续5次获取失败
  201. return -1005;
  202. }
  203. }
  204. $user=UtilD::getCache('resposity',$tickets);
  205. if(!$user){
  206. $ft++;
  207. UtilD::setCache('resposity', $t,$ft,60);
  208. return -1001;
  209. }
  210. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  211. UtilD::setCache('resposity',$tickets,$user);
  212. return $user;
  213. }
  214. /**添加主帐号**/
  215. public function add(){
  216. try{
  217. if($this->accounttype!=0){
  218. return -1000;
  219. }
  220. $this->account=strtolower($this->account);
  221. //检查主帐号是否存在
  222. $user=$this->getUserInfoByAccount();
  223. if(is_array($user) && count($user)){
  224. return -1006;
  225. }
  226. //开始保存数据
  227. $this->setIsNewRecord ( true );
  228. $this->lastquesttime=$_SERVER['REQUEST_TIME'];
  229. $this->regtime=$_SERVER['REQUEST_TIME'];
  230. $this->data='[]';
  231. $this->pwd=hash('sha256',$this->pwd);
  232. if(!$this->save()){
  233. return -1007;
  234. }else{
  235. $user=$this->getAttributes();
  236. $cacheKey = hash ( 'md5',$this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  237. UtilD::setCache('resposity', $cacheKey, $user);
  238. }
  239. }catch(Exception $ex){
  240. return -1004;
  241. }
  242. }
  243. /**关联子帐号**/
  244. public function addChild($subaccount){
  245. try{
  246. //检查子是否有同名的帐号与主账号关联
  247. $subaccount=strtolower($subaccount);
  248. $user=$this->getUserInfoByChildAccount($subaccount,$this->cid,$this->accounttype);
  249. if($user){
  250. return -1008;
  251. }
  252. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  253. if(!$user){
  254. return -1001;
  255. }
  256. //检查是否有类型的账号与主账号关联
  257. $accountRefer=new AccountRefer();
  258. $model=$accountRefer->find('pid=:pid AND cid=:cid AND accounttype=:accounttype', array (':pid'=>$user['id'],':cid'=>$this->cid,':accounttype'=>$this->accounttype));
  259. if($model){
  260. return -1009;
  261. }
  262. $this->account=strtolower($this->account);
  263. $accountRefer->cid=$this->cid;
  264. $accountRefer->setIsNewRecord ( true );
  265. $accountRefer->pid=$user['id'];
  266. $accountRefer->account=$user['account'];
  267. $accountRefer->subaccount=$subaccount;
  268. $accountRefer->accounttype=$this->accounttype;
  269. if($accountRefer->save()){
  270. $cacheKey = hash ( 'md5',$accountRefer->subaccount.'^]'.$accountRefer->cid.'^]'.$accountRefer->accounttype );
  271. UtilD::setCache('resposity', $cacheKey, $accountRefer->getAttributes());
  272. }else{
  273. return -1010;
  274. }
  275. }catch(Exception $ex){
  276. return -1004;
  277. }
  278. }
  279. /** 修改密码**/
  280. public function changePassword(){
  281. try{
  282. $user=$this->getUserInfoByAccount();//检查主帐号是否存在
  283. if(!$user){
  284. return -1001;
  285. }
  286. $this->setIsNewRecord ( false );
  287. $this->pwd=hash('sha256',$this->pwd);
  288. if($this->pwd!==$user['pwd']){
  289. $this->setIsNewRecord ( false );
  290. $user['pwd']=$this->pwd;
  291. $this->setAttributes($user,false);
  292. if($this->save()){
  293. $cacheKey = hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  294. UtilD::setCache('resposity', $cacheKey, $user);
  295. }else{
  296. return -1011;
  297. }
  298. }
  299. }catch(Exception $ex){
  300. return -1004;
  301. }
  302. }
  303. /**修改子帐号**/
  304. public function repickAccount(){
  305. try{
  306. $accounts=$this->getUserInfoByChildAccount($this->oldaccount,$this->cid,$this->accounttype);
  307. if(!$accounts){
  308. return -1001;
  309. }
  310. $cacheKey = hash ( 'md5',$this->oldaccount.'^]'.$this->cid.'^]'.$this->accounttype );
  311. $user=UtilD::getCache('resposity', $cacheKey);
  312. if($this->oldaccount!==$this->account){
  313. $accountRefer=new AccountRefer();
  314. $accountRefer->setIsNewRecord ( false );
  315. $accountRefer->setAttributes($user,false);
  316. $accountRefer->subaccount=$this->account;
  317. if($accountRefer->save()){
  318. $user['subaccount']=$this->account;
  319. UtilD::setCache('resposity', $cacheKey,array());
  320. $cacheKey= hash ( 'md5',$user['subaccount'].'^]'.$this->cid.'^]'.$this->accounttype );
  321. UtilD::setCache('resposity', $cacheKey,$user);
  322. }else{
  323. return -1012;
  324. }
  325. }
  326. }catch(Exception $ex){
  327. return -1004;
  328. }
  329. }
  330. /**
  331. 删除主帐号
  332. **/
  333. public function deleteMainAccount(){
  334. try{
  335. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  336. if(!$user){
  337. return -1001;
  338. }
  339. //检查是否有子帐号
  340. $accountRefer=new AccountRefer();
  341. $models=$accountRefer->findAll('pid=:pid', array (':pid'=>$user['id']));
  342. if(is_array($models)&&count($models)){
  343. foreach($models as $model){
  344. $k= hash ( 'md5', $model->subaccount.'^]'.$model->cid.'^]'.$model->accounttype );//删除子帐号缓存
  345. UtilD::setCache('resposity', $k,false);
  346. unset($model);
  347. }
  348. unset($models);
  349. }
  350. //删除主帐号缓存
  351. $cacheKey = hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.'0' );
  352. if($this->deleteByPk($user['id'])){
  353. UtilD::setCache('resposity', $cacheKey,false);
  354. }else{
  355. return -1013;
  356. }
  357. }catch(Exception $ex){
  358. return -1004;
  359. }
  360. }
  361. /**删除子帐号**/
  362. public function deleteChildAccount(){
  363. try{
  364. $user=$this->getUserInfoByChildAccount($this->account,$this->cid,$this->accounttype);
  365. if(!$user){
  366. return -1014;
  367. }
  368. //删除缓存
  369. $cacheKey = hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  370. $child=UtilD::getCache('resposity',$cacheKey);
  371. $accountRefer=new AccountRefer();
  372. if($accountRefer->deleteByPk($child['id'])){
  373. UtilD::setCache('resposity', $cacheKey,false);
  374. }else{
  375. return -1014;
  376. }
  377. }catch(Exception $ex){
  378. return -1004;
  379. }
  380. }
  381. public function login(){
  382. try{
  383. if(empty($this->currentIP)){
  384. return -1017;
  385. }
  386. $tickets=hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  387. $t = hash ( 'md5', $tickets . '&' . $this->currentIP . '&' . $this->accounttype . '&' . $this->cid );
  388. $ft=UtilD::getCache('resposity', $t);
  389. if (! $ft) {
  390. $ft = 0;
  391. } else {
  392. if ($ft > 4) { //如果1个ip 1分钟内连续5次获取失败
  393. return -1015;
  394. }
  395. }
  396. $user=$this->getUserInfoByAccount();
  397. if(!$user){
  398. $ft++;
  399. UtilD::setCache('resposity', $t,$ft,60);
  400. return -1001;
  401. }
  402. $this->pwd=hash('sha256',$this->pwd);
  403. if($user['pwd']!==$this->pwd){
  404. $ft++;
  405. UtilD::setCache('resposity', $t,$ft,60);
  406. return -1016;
  407. }
  408. $tickets=hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  409. //更新登录次数和最后请求时间
  410. if(!isset($user['currentIP'])){
  411. $user['currentIP']=$this->currentIP;
  412. }
  413. $user['lastip']=$user['currentIP'];
  414. $user['currentIP']=$this->currentIP;
  415. if(!isset($user['logintimes'])){
  416. $user['logintimes']=0;
  417. }
  418. $user['logintimes']++;
  419. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  420. $this->setAttributes($user,false);
  421. if($this->save()){
  422. UtilD::setCache('resposity', $tickets,$user);
  423. return array('tickets'=>$tickets);
  424. }else{
  425. return -1017;
  426. }
  427. }catch(Exception $ex){
  428. return -1004;
  429. }
  430. }
  431. }
复制代码


Kenyataan:
Kandungan artikel ini disumbangkan secara sukarela oleh netizen, dan hak cipta adalah milik pengarang asal. Laman web ini tidak memikul tanggungjawab undang-undang yang sepadan. Jika anda menemui sebarang kandungan yang disyaki plagiarisme atau pelanggaran, sila hubungi admin@php.cn