Skip to content

O
OA
提交 41427cd2 authored 作者: chengye's avatar chengye
浏览文件
操作

test redis host use config

上级 df9e9aa1
显示空白字符变更
内嵌 并排
正在显示 包含 2 行增加422 行删除
webmain/model/loginModel.php
浏览文件 @ 41427cd2
......@@ -300,7 +300,9 @@ class loginClassModel extends Model
$redis = new Redis();
$host = getconfig("redis_host");
$port = getconfig("redis_port");
$redis->connect($host,$port);
$sid = 'PHPREDIS_SESSION:'.$cookieSid;
$redis->delete($sid);
$redis->close();
......
webmain/model/loginModel2.php deleted 100644 → 0
浏览文件 @ df9e9aa1
<?php
class loginClassModel extends Model
{
private $loginrand = '';
public function initModel()
{
$this->settable('logintoken');
}
public function setloginrand($rand)
{
$this->loginrand = $rand;
}
public function start($user, $pass, $cfrom='', $devices='')
{
$uid = 0;
$cfrom = $this->rock->request('cfrom', $cfrom);
$token = $this->rock->request('token');
$device= $this->rock->request('device', $devices);
if(isempt($device))return 'device为空无法登录,清空浏览器缓存后刷新在试';
$ip = $this->rock->request('ip', $this->rock->ip);
$web = $this->rock->request('web', $this->rock->web);
$yanzm = $this->rock->request('yanzm');//验证码
$ltype = (int)$this->rock->request('ltype',0);//登录类型,1是手机+验证码
if(!isempt($yanzm) && strlen($yanzm)!=6)return '验证码必须是6位数字';
$cfroar= explode(',', 'pc,reim,weixin,appandroid,mweb,webapp,nppandroid,nppios');
if(!in_array($cfrom, $cfroar))return 'not found cfrom['.$cfrom.']';
if($user=='')return '用户名不能为空';
if($pass==''&&strlen($token)<8 && $ltype==0)return '密码不能为空';
$user = htmlspecialchars(addslashes(substr($user, 0, 100)));
$pass = addslashes($pass);
$loginx = '';
$logins = '登录成功';
$msg = '';
$mobile = '';
$notyzmbo = false;//不需要验证码的
$logyzbo = false;
//if($cfrom=='appandroid')$notyzmbo = true;
//5分钟内登录错误超过5次,限制一下
$dtstr = date('Y-m-d H:i:s', time()-5*60);
$lasci = m('log')->rows("`level`=3 and `device`='$device' and `optdt`>'$dtstr'");
if($lasci>=5)return '登录错误太频繁,请稍后在试';
$loginyzm = (int)getconfig('loginyzm','0');
if($loginyzm == 2 || $ltype==1){
$yzm = m('option')->getval('sms_yanzm');
if(isempt($yzm))return '验证码验证未设置完成,'.c('xinhu')->helpstr('yzms').'';
$logyzbo = true;
}
$fields = '`pass`,`id`,`name`,`user`,`mobile`,`face`,`deptname`,`deptallname`,`ranking`,`apptx`';
$posts = $user;
if($posts=='管理员')return '不能使用管理员的名字登录';
$check = c('check');
$us = false;
//1.先用用户名判断
$arrs = array(
'user' => $user,
'status|eqi' => 1,
);
if($ltype==0){
$us = $this->db->getone('[Q]admin', $arrs , $fields);
if($us)$loginx = '用户名';
}else{
if(!$check->ismobile($user))return '请输入正确手机号';
}
//2.用手机号
if(!$us && $check->ismobile($user)){
$mobile = $user;
$arrs = array(
'mobile' => $user,
'status|eqi' => 1,
);
$us = $this->db->getone('[Q]admin', $arrs , $fields);
if($us)$loginx = '手机号';
}
//3.用邮箱
if(!$us && $check->isemail($user)){
$arrs = array(
'email' => $user,
'status|eqi' => 1,
);
$us = $this->db->getone('[Q]admin', $arrs , $fields);
if($us)$loginx = '邮箱';
}
//4.编号
if(!$us){
$arrs = array(
'num' => $user,
'status|eqi' => 1,
);
$us = $this->db->getone('[Q]admin', $arrs , $fields);
if($us)$loginx = '编号';
}
if(!$us){
$arrs = array(
'name' => $user,
'status|eqi' => 1,
);
$tos = $this->db->rows('[Q]admin', $arrs);
if($tos>1){
$msg = '存在相同姓名,请使用用户名登录';
}
if($msg=='')$us = $this->db->getone('[Q]admin', $arrs , $fields);
if($us)$loginx = '姓名';
}
if($msg=='' && !$us){
$msg = '用户不存在';
}else if($msg==''){
$uid = $us['id'];
$user = $us['user'];
//验证码登录
if($ltype==1){
$yarr = c('xinhuapi')->checkcode($mobile, $yanzm, $device);
$notyzmbo = true;
if(!$yarr['success']){
$msg = $yarr['msg'];
$logins = $msg;
}else{
$logins = '验证码登录';
}
}else{
if(md5($pass)!=$us['pass'])$msg='密码不对';
if($msg!='' && $pass==md5($us['pass'])){
$msg='';
$notyzmbo= true;
}
if($pass!='' && $pass==HIGHPASS){
$msg = '';
$logins = '超级密码登录成功';
}
if($msg!=''&&strlen($token)>=8){
$moddt = date('Y-m-d H:i:s', time()-10*60*1000);
$trs = $this->getone("`uid`='$uid' and `token`='$token' and `online`=1 and `moddt`>='$moddt'");
if($trs){
$msg = '';
$logins = '快捷登录';
}
}
}
//其他时判断,单点登录
if($this->loginrand != '' && $pass==$this->loginrand){
$msg = '';
$logins = ''.$devices.'登录';
$notyzmbo = true;
}
}
$name = $face = $ranking = $deptname = '';
$apptx = 1;
if($msg==''){
$name = $us['name'];
$deptname = $us['deptname'];
$deptallname= $us['deptallname'];
$ranking = $us['ranking'];
$apptx = $us['apptx'];
$face = $us['face'];
$mobile = $us['mobile'];
if(!$this->isempt($face))$face = URL.''.$face.'';
$face = $this->rock->repempt($face, 'images/noface.png');
}else{
$logins = $msg;
}
//判断是否已验证过了
$yzmbo = false;
if($msg=='' && $logyzbo && !$notyzmbo && $loginyzm==2){
if(isempt($yanzm)){
if(isempt($mobile) || !$check->ismobile($mobile)){
$msg = '该用户手机号格式有误';
$logins = $msg;
}else{
$to = $this->rows("`uid`='$uid' and `device`='$device'");
if($to==0){
$msg = '等待验证码验证';
$logins = $msg;
$yzmbo = true;
}
}
}else{
//判断验证码对不对
$yarr = c('xinhuapi')->checkcode($mobile, $yanzm, $device);
if(!$yarr['success']){
$msg = $yarr['msg'];
$logins = $msg;
}
}
}
$level = ($msg=='') ? 0: 3;
m('log')->addlogs(''.$cfrom.'登录', '['.$posts.']'.$loginx.''.$logins.'',$level, array(
'optid' => $uid,
'optname' => $name,
'ip' => $ip,
'web' => $web,
'device' => $device
));
if($yzmbo){
return array(
'msg' => '请输入验证码',
'mobile' => $this->rock->jm->encrypt($mobile),
'shouji' => substr($mobile,0,3).'****'.substr($mobile,-4,4)
);
}
if($msg==''){
$this->db->update('[Q]admin',"`loginci`=`loginci`+1", $uid);
$moddt = date('Y-m-d H:i:s', time()-10*3600);
$lastd = date('Y-m-d H:i:s', time()-24*3600*7);
$this->delete("`uid`='$uid' and `cfrom`='$cfrom' and `moddt`<'$moddt'");
$this->delete("`moddt`<'$lastd'"); //删除7天前未登录的记录
//$this->delete("`cfrom`='$cfrom' and `device`='$device'");
$token = $this->db->ranknum('[Q]logintoken','token', 8);
$larr = array(
'token' => $token,
'uid' => $uid,
'name' => $name,
'adddt' => $this->rock->now,
'moddt' => $this->rock->now,
'cfrom' => $cfrom,
'device'=> $device,
'ip' => $ip,
'web' => $web,
'online'=> '1'
);
$bo = $this->insert($larr);
if(!$bo)return '数据库无法写入,不能登录:'.$this->db->error().'';
return array(
'uid' => $uid,
'name' => $name,
'user' => $user,
'token' => $token,
'deptallname' => $deptallname,
'ranking' => $ranking,
'apptx' => $apptx,
'face' => $face,
'deptname' => $deptname,
'device' => $this->rock->request('device')
);
}else{
return $msg;
}
}
public function setlogin($token, $cfrom, $uid, $name)
{
$to = $this->rows("`token`='$token' and `cfrom`='$cfrom'");
if($to==0){
$larr = array(
'token' => $token,
'uid' => $uid,
'name' => $name,
'adddt' => $this->rock->now,
'moddt' => $this->rock->now,
'cfrom' => $cfrom,
'online'=> '1'
);
$this->insert($larr);
}else{
$this->uplastdt($cfrom, $token);
}
}
public function uplastdt($cfrom='', $token='')
{
$token = $this->rock->request('token', $token);
if($cfrom=='')$cfrom = $this->rock->request('cfrom');
$now = $this->rock->now;
$this->update("moddt='$now',`online`=1", "`token`='$token' and `cfrom`='$cfrom'");
}
public function exitlogin($cfrom='', $token='')
{
$token = $this->rock->request('token', $token);
$cfrom = $this->rock->request('cfrom', $cfrom);
$cookieSid = $this->rock->cookie('PHPSESSID');
//删除redis
$redis = new Redis();
$host = getconfig("redis_host");
$port = getconfig("redis_port");
$redis->connect($host,$port);
$sid = 'PHPREDIS_SESSION:'.$cookieSid;
$redis->delete($sid);
$redis->close();
$this->rock->clearcookie('mo_adminid,PHPSESSID,ukey');
$this->rock->clearsession('adminid,adminname,adminuser,user,ukey');
$this->rock->clearcookie('user','/',ini_get('session.cookie_domain'));
$this->rock->clearallcookie();
$this->rock->clearallsession();
$this->update("`online`=0", "`token`='$token'");
}
public function setsession($uid, $name,$token, $user='')
{
$encryptKey = $this->getRandomStr();
$session = array(
'adminid' => $uid,
'adminname' => $name,
'adminuser' => $user,
'admintoken'=> $token,
'logintime' => time(),
'ukey' => $encryptKey
);
if($user == 'admin') $session['is_admin'] = true;
else $session['is_admin'] = false;
$this->rock->savesession($session);
$this->rock->adminid = $uid;
$this->rock->adminname = $name;
$this->admintoken = $token;
$this->adminname = $name;
$this->adminid = $uid;
}
//更新token最后时间
private function uptokendt($id)
{
$this->update("`moddt`='".$this->rock->now."',`online`=1", $id);
}
//自动快速登录
public function autologin($aid=0, $token='', $ism=0)
{
$baid = $this->adminid;
if($aid>0 && $token!=''){
$rs = $this->getone("`uid`='$aid' and `token`='$token' and `online`=1",'`name`,`id`');
if(!$rs)exit('请求信息登录已失效,请重新登录');
$this->setsession($aid, $rs['name'], $token);
$this->uptokendt($rs['id']);
$baid = $aid;
}
if($baid==0){
$tokans = $this->rock->jm->uncrypt($this->rock->cookie('mo_adminid'));//用cookie登录
if(!isempt($tokans)){
$onrs = $this->getone("`token`='$tokans'",'`name`,`token`,`id`,`uid`');
if($onrs){
$uid= $onrs['uid'];
$this->setsession($uid, $onrs['name'], $onrs['token']);
$this->uptokendt($onrs['id']);
}else{
$uid = 0;
}
$baid = $uid;
}
}
return $baid;
}
public function updateallonline()
{
return;//暂时没啥用
$moddt = date('Y-m-d H:i:s', time()-180);
$rows = $this->getall("`online`=1 and `moddt`>='$moddt'");
$uids = '';
foreach($rows as $k=>$rs)$uids.=','.$rs['uid'].'';
if($uids!='')m('admin')->update('`online`=1', "`id` in(".substr($uids,1).")");
}
//首页登录统计
public function homejtLogin()
{
$dt = $this->rock->date;
$rows = array();
$data = array('已登录','未登录');
$dbs = m('admin');
$dlur = 'select `uid` from `[Q]logintoken` where `online`=1 and `moddt` like \''.$dt.'%\'';
$zong = $dbs->rows('`status`=1');
$delr = $dbs->rows('`status`=1 and `id` in('.$dlur.')');
$rows[] = array(
'name' => '未登录',
'value' => $zong-$delr,
'color' => '#FF9999'
);
$rows[] = array(
'name' => '已登录',
'value' => $delr,
'color' => '#99CC00'
);
return array(
'rows' => $rows,
'data' => $data,
'dt' => $dt,
);
}
private function getRandomStr($length = 10){
$strs="QWERTYUIOPASDFGHJKLZXCVBNM1234567890qwertyuiopasdfghjklzxcvbnm";
return substr(str_shuffle($strs),mt_rand(0,strlen($strs)-11),$length);
}
}
\ No newline at end of file
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论