欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

登录认证

程序员文章站 2024-01-27 20:25:04
...
  1. /*
  2. *
  3. * @copyright 2011
  4. * @version $Id$
  5. * @access public
  6. * @property string $id
  7. * @property string $account
  8. * @property string $pwd
  9. * @property string $lastquesttime
  10. * @property string $lastip
  11. * @property int $regtime
  12. * @property int $accounttype
  13. * @property string $oldaccount
  14. * @property int $logintimes
  15. * @property string $currentIP
  16. * @property int $cid
  17. */
  18. class Resposity extends AdminActiveRecord {
  19. public $connectionPrefix = 'passport';
  20. protected $list = null;
  21. protected $passportConfig = null;
  22. public $oldaccount = '';
  23. /**
  24. * Returns the static model of the specified AR class.
  25. * @return Resposity the static model class
  26. */
  27. public static function model($className = __class__) {
  28. return parent::model ( $className );
  29. }
  31. /**
  32. * Modify it if you need.
  33. * @return mixed the primaryKey.
  34. */
  35. public function primaryKey() {
  36. return 'id';
  37. }
  39. /**
  40. * @return array validation rules for model attributes.
  41. */
  42. public function rules() {
  43. // NOTE: you should only define rules for those attributes that
  44. // will receive user inputs.s
  45. return array (
  46. array ('accounttype,cid', 'required' ),
  47. array ('accounttype', 'in', 'range' => array ('0', '1', '2', '3', '4', '5', '6', '7' ) ),
  48. array ('currentIP', 'ip')
  49. );
  50. }
  51. /**
  52. 根据主帐号获得用户信息
  53. **/
  54. protected function getUserInfoByMainAccount($account,$cid){
  55. $account=strtolower($account);
  56. $cacheKey = hash ( 'md5', $account.'^]'.$cid.'^]'.'0' );
  57. $user=UtilD::getCache('resposity',$cacheKey);
  58. if(is_array($user)){
  59. UtilD::clearNullOrEmptyValue ( $user );
  60. }else{
  61. $user=array();
  62. }
  63. if(count($user)){
  64. return $user;
  65. }else{
  66. $model = $this->find ( 'account=:account AND cid=:cid', array (':account' => $account,':cid' => $cid ) );
  67. if($model){
  68. $user=$model->getAttributes();
  69. unset($model);
  70. }
  71. UtilD::setCache('resposity',$cacheKey,$user);
  72. return $user;
  73. }
  74. }
  75. /**根据子帐号获得用户信息**/
  76. protected function getUserInfoByChildAccount($subaccount,$cid,$accounttype){
  77. if(!$this->validate(array('accounttype'), true)){
  78. return -1000;
  79. }
  80. $subaccount=strtolower($subaccount);
  81. $cacheKey = hash ( 'md5', $subaccount.'^]'.$cid.'^]'.$accounttype );
  82. $userAccounts=UtilD::getCache('resposity',$cacheKey);
  83. if(is_array($userAccounts)){
  84. UtilD::clearNullOrEmptyValue($userAccounts);
  85. }else{
  86. $userAccounts=array();
  87. }
  88. if(!count($userAccounts)){
  89. $accountRefer=new AccountRefer();
  90. $model=$accountRefer->find ( 'subaccount=:subaccount AND cid=:cid AND accounttype=:accounttype', array (':subaccount' => $subaccount,':cid' => $this->cid,':accounttype'=> $accounttype) );
  91. if($model){
  92. $userAccounts=$model->getAttributes();
  93. UtilD::setCache('resposity',$cacheKey,$userAccounts);
  94. }
  95. }
  96. if(isset($userAccounts['account'])){
  97. return $this->getUserInfoByMainAccount($userAccounts['account'],$userAccounts['cid']);
  98. }
  99. return array();
  100. }
  101. /**根据帐号类型获取用户数据**/
  102. public function getUserInfoByAccount(){
  103. if($this->accounttype==0){
  105. return $this->getUserInfoByMainAccount($this->account,$this->cid);
  106. }else{
  107. return $this->getUserInfoByChildAccount($this->account,$this->cid,$this->accounttype);
  108. }
  109. }
  110. /**
  111. * 通过主帐号获取子帐号
  112. */
  113. public function getSubAccountByMainAccount(){
  114. $c=new CDbCriteria();
  115. $c->addCondition('cid=:cid AND account=:account', 'AND');
  116. $c->params=array(':cid'=>$this->cid, ':account'=>$this->account);
  117. $refer=new AccountRefer();
  118. $result=$refer->getListByPage(1, 30, $c);
  119. $data=array();
  120. if($result['count']>0){
  121. foreach($result['data'] as $row){
  122. $data[$row['accounttype']]=$row['subaccount'];
  123. }
  124. }
  125. return $data;
  126. }
  127. /**
  128. 获得当前商户的操作等级
  129. 1 对自己添加的用户有完全权限,对其它机构添加的用户无权限
  130. 2 对自己添加的用户有完全权限,对accsessids指定机构的用户有查询权限
  131. **/
  132. public function getAccess(){
  133. if ($this->passportConfig === null) {
  134. $this->passportConfig = PassportConfig::model ()->getItemConfigById ( $this->cid );
  135. }
  136. $ip=Yii::app ()->request->getUserHostAddress();
  137. $ips=CJSON::decode($passportConfig['iprouters']);
  138. if(!in_array($ip,$ips)){
  139. throw new CHttpException(403, '您没有权限访问此页面!');
  140. }
  141. }
  142. /**修改名牌用户私有数据**/
  143. public function saveUserAttributes($tickets,array $attributes){
  144. try{
  145. $user=$this->getUserAttributes($tickets);
  146. if(empty($user) || !is_array($user)){
  147. return -1001;
  148. }
  149. $data=array();
  150. if($user[WebUserD::STORAGE_KEY]!=='[]'){
  151. $data=CJSON::decode($user[WebUserD::STORAGE_KEY]);
  152. }
  153. if(!is_array($data)){
  154. $data=array();
  155. }
  156. $attributes=array_change_key_case($attributes);
  157. foreach($attributes as $key=>$value){
  158. if(!is_array($value)){
  159. $data[$key]=$value;
  160. }else{
  161. if(!isset($data[$key])){
  162. $data[$key]=array();
  163. }
  164. $data[$key]=array_merge($data[$key],$attributes[$key]);
  165. }
  166. }
  167. $user[WebUserD::STORAGE_KEY]=CJSON::encode($data);
  168. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  169. $user['data']=CJSON::encode($data);
  170. $this->setAttributes($user,false);
  171. !$this->currentIP && $this->currentIP='127.0.0.1';
  172. !$this->lastip && $this->lastip=$this->currentIP;
  175. !$this->logintimes && $this->logintimes = 0;
  176. $this->setIsNewRecord ( false );
  177. if($this->save()){
  178. UtilD::setCache('resposity', $tickets, $user);
  179. }else{
  180. return -1003;
  181. }
  182. }catch(Exception $ex){
  183. return -1004;
  184. }
  185. }
  186. /**修改帐号私有数据**/
  187. public function saveUserAttributesByName( array $attributes){
  188. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  189. if(empty($user)){
  190. return -1001;
  191. }
  192. $cacheKey = hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  193. return $this-> saveUserAttributes($cacheKey,$attributes);
  195. }
  196. /**
  197. @return array
  198. 根据令牌获得帐号全部数据
  199. **/
  200. public function getUserAttributes($tickets){
  201. $t = hash ( 'md5', $tickets . '&' . $this->currentIP . '&' . $this->accounttype . '&' . $this->cid );
  202. $ft=UtilD::getCache('resposity', $t);
  203. if (! $ft) {
  204. $ft = 0;
  205. } else {
  206. if ($ft > 4) { //如果1个ip 1分钟内连续5次获取失败
  207. return -1005;
  208. }
  209. }
  210. $user=UtilD::getCache('resposity',$tickets);
  211. if(!$user){
  212. $ft++;
  213. UtilD::setCache('resposity', $t,$ft,60);
  214. return -1001;
  215. }
  216. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  217. UtilD::setCache('resposity',$tickets,$user);
  218. return $user;
  219. }
  220. /**添加主帐号**/
  221. public function add(){
  222. try{
  223. if($this->accounttype!=0){
  224. return -1000;
  225. }
  226. $this->account=strtolower($this->account);
  227. //检查主帐号是否存在
  228. $user=$this->getUserInfoByAccount();
  229. if(is_array($user) && count($user)){
  230. return -1006;
  231. }
  232. //开始保存数据
  233. $this->setIsNewRecord ( true );
  234. $this->lastquesttime=$_SERVER['REQUEST_TIME'];
  235. $this->regtime=$_SERVER['REQUEST_TIME'];
  236. $this->data='[]';
  237. $this->pwd=hash('sha256',$this->pwd);
  239. if(!$this->save()){
  240. return -1007;
  241. }else{
  242. $user=$this->getAttributes();
  243. $cacheKey = hash ( 'md5',$this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  244. UtilD::setCache('resposity', $cacheKey, $user);
  245. }
  246. }catch(Exception $ex){
  247. return -1004;
  248. }
  249. }
  250. /**关联子帐号**/
  251. public function addChild($subaccount){
  252. try{
  253. //检查子是否有同名的帐号与主账号关联
  254. $subaccount=strtolower($subaccount);
  255. $user=$this->getUserInfoByChildAccount($subaccount,$this->cid,$this->accounttype);
  256. if($user){
  257. return -1008;
  258. }
  259. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  260. if(!$user){
  261. return -1001;
  262. }
  263. //检查是否有类型的账号与主账号关联
  264. $accountRefer=new AccountRefer();
  265. $model=$accountRefer->find('pid=:pid AND cid=:cid AND accounttype=:accounttype', array (':pid'=>$user['id'],':cid'=>$this->cid,':accounttype'=>$this->accounttype));
  266. if($model){
  267. return -1009;
  268. }
  269. $this->account=strtolower($this->account);
  270. $accountRefer->cid=$this->cid;
  271. $accountRefer->setIsNewRecord ( true );
  272. $accountRefer->pid=$user['id'];
  273. $accountRefer->account=$user['account'];
  274. $accountRefer->subaccount=$subaccount;
  275. $accountRefer->accounttype=$this->accounttype;
  276. if($accountRefer->save()){
  277. $cacheKey = hash ( 'md5',$accountRefer->subaccount.'^]'.$accountRefer->cid.'^]'.$accountRefer->accounttype );
  278. UtilD::setCache('resposity', $cacheKey, $accountRefer->getAttributes());
  279. }else{
  280. return -1010;
  281. }
  282. }catch(Exception $ex){
  283. return -1004;
  284. }
  285. }
  286. /** 修改密码**/
  287. public function changePassword(){
  288. try{
  289. $user=$this->getUserInfoByAccount();//检查主帐号是否存在
  290. if(!$user){
  291. return -1001;
  292. }
  293. $this->setIsNewRecord ( false );
  294. $this->pwd=hash('sha256',$this->pwd);
  295. if($this->pwd!==$user['pwd']){
  296. $this->setIsNewRecord ( false );
  297. $user['pwd']=$this->pwd;
  298. $this->setAttributes($user,false);
  299. if($this->save()){
  300. $cacheKey = hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  301. UtilD::setCache('resposity', $cacheKey, $user);
  302. }else{
  303. return -1011;
  304. }
  305. }
  306. }catch(Exception $ex){
  307. return -1004;
  308. }
  309. }
  310. /**修改子帐号**/
  311. public function repickAccount(){
  312. try{
  313. $accounts=$this->getUserInfoByChildAccount($this->oldaccount,$this->cid,$this->accounttype);
  314. if(!$accounts){
  315. return -1001;
  316. }
  317. $cacheKey = hash ( 'md5',$this->oldaccount.'^]'.$this->cid.'^]'.$this->accounttype );
  318. $user=UtilD::getCache('resposity', $cacheKey);
  319. if($this->oldaccount!==$this->account){
  320. $accountRefer=new AccountRefer();
  321. $accountRefer->setIsNewRecord ( false );
  322. $accountRefer->setAttributes($user,false);
  323. $accountRefer->subaccount=$this->account;
  324. if($accountRefer->save()){
  325. $user['subaccount']=$this->account;
  326. UtilD::setCache('resposity', $cacheKey,array());
  327. $cacheKey= hash ( 'md5',$user['subaccount'].'^]'.$this->cid.'^]'.$this->accounttype );
  328. UtilD::setCache('resposity', $cacheKey,$user);
  329. }else{
  330. return -1012;
  331. }
  332. }
  333. }catch(Exception $ex){
  334. return -1004;
  335. }
  336. }
  337. /**
  338. 删除主帐号
  339. **/
  340. public function deleteMainAccount(){
  341. try{
  342. $user=$this->getUserInfoByMainAccount($this->account,$this->cid);
  343. if(!$user){
  344. return -1001;
  345. }
  346. //检查是否有子帐号
  347. $accountRefer=new AccountRefer();
  348. $models=$accountRefer->findAll('pid=:pid', array (':pid'=>$user['id']));
  349. if(is_array($models)&&count($models)){
  350. foreach($models as $model){
  351. $k= hash ( 'md5', $model->subaccount.'^]'.$model->cid.'^]'.$model->accounttype );//删除子帐号缓存
  352. UtilD::setCache('resposity', $k,false);
  353. unset($model);
  354. }
  355. unset($models);
  356. }
  357. //删除主帐号缓存
  358. $cacheKey = hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.'0' );
  359. if($this->deleteByPk($user['id'])){
  360. UtilD::setCache('resposity', $cacheKey,false);
  361. }else{
  362. return -1013;
  363. }
  364. }catch(Exception $ex){
  365. return -1004;
  366. }
  367. }
  368. /**删除子帐号**/
  369. public function deleteChildAccount(){
  370. try{
  371. $user=$this->getUserInfoByChildAccount($this->account,$this->cid,$this->accounttype);
  372. if(!$user){
  373. return -1014;
  374. }
  375. //删除缓存
  376. $cacheKey = hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  377. $child=UtilD::getCache('resposity',$cacheKey);
  378. $accountRefer=new AccountRefer();
  379. if($accountRefer->deleteByPk($child['id'])){
  380. UtilD::setCache('resposity', $cacheKey,false);
  381. }else{
  382. return -1014;
  383. }
  384. }catch(Exception $ex){
  385. return -1004;
  386. }
  387. }
  388. public function login(){
  389. try{
  390. if(empty($this->currentIP)){
  391. return -1017;
  392. }
  393. $tickets=hash ( 'md5', $this->account.'^]'.$this->cid.'^]'.$this->accounttype );
  394. $t = hash ( 'md5', $tickets . '&' . $this->currentIP . '&' . $this->accounttype . '&' . $this->cid );
  395. $ft=UtilD::getCache('resposity', $t);
  396. if (! $ft) {
  397. $ft = 0;
  398. } else {
  399. if ($ft > 4) { //如果1个ip 1分钟内连续5次获取失败
  400. return -1015;
  401. }
  402. }
  403. $user=$this->getUserInfoByAccount();
  404. if(!$user){
  405. $ft++;
  406. UtilD::setCache('resposity', $t,$ft,60);
  407. return -1001;
  408. }
  409. $this->pwd=hash('sha256',$this->pwd);
  410. if($user['pwd']!==$this->pwd){
  411. $ft++;
  412. UtilD::setCache('resposity', $t,$ft,60);
  413. return -1016;
  414. }
  415. $tickets=hash ( 'md5', $user['account'].'^]'.$user['cid'].'^]'.'0' );
  416. //更新登录次数和最后请求时间
  417. if(!isset($user['currentIP'])){
  418. $user['currentIP']=$this->currentIP;
  419. }
  420. $user['lastip']=$user['currentIP'];
  421. $user['currentIP']=$this->currentIP;
  422. if(!isset($user['logintimes'])){
  423. $user['logintimes']=0;
  424. }
  425. $user['logintimes']++;
  426. $user['lastquesttime']=$_SERVER['REQUEST_TIME'];
  427. $this->setAttributes($user,false);
  428. if($this->save()){
  429. UtilD::setCache('resposity', $tickets,$user);
  430. return array('tickets'=>$tickets);
  431. }else{
  432. return -1017;
  433. }
  434. }catch(Exception $ex){
  435. return -1004;
  436. }
  437. }
  438. }
复制代码
相关标签: 登录认证

上一篇: php大图生成小图代码(缩略图程序)_PHP教程

下一篇: PHP与MYSQL事务处理,PHPMYSQL事务处理

推荐阅读