| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184 | <?phpnamespace app\admin\controller;use app\common\model\Seeker;use think\Controller;use think\Db;use think\Exception;class Common extends Controller{    public function initialize()    {        parent::initialize();    }    public function login(){        if(request()->isPost()){            $username = input('?post.account')?input('post.account','','trim'):'';            $password = input('?post.password')?input('post.password','','trim'):'';            $jzma = input('?post.jzma')?input('post.jzma','','trim'):'';            if(!$username||!$password){                $this->error('用户名或密码错误');            }            $ret = (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->tooManyAttempts($username); // 登录限流            if($ret){                $this->error('账号已被锁定,请稍后重试');            }            $info = Db::name('user')->where('account',$username)->where('del',0)->find();            if(empty($info))  $this->error('用户信息不存在');            if($info['enable']==0) $this->error('该账号被禁用');            if(!password_verify($password,$info['password'])){                $this->error('用户名或密码错误');            }            $rolesId = Db::name('user_roles')->where('user_id',$info['id'])->value('roles_id');            if(!$rolesId){                $this->error('用户未设置角色,无法登陆');            }            $orgs = model('Org')->getListByRoles($info['id']);            if(empty($orgs)){                $this->error('用户没有组织,无法登陆');            }            /* 更新登录信息 */            $data = array(                'last_login_time' => date('Y-m-d H:i:s')            );            Db::name('user')->where('id',$info['id'])->update($data);            /* 记录登录SESSION和COOKIES */            $auth = array(                'id'                => $info['id'],                'account'           => $info['account'],                'real_name'         => $info['real_name'],                'last_login_time'   => $data['last_login_time'],                'rolesId'           => $rolesId?$rolesId:0            );            session('user_auth',$auth);            session('user_auth_sign',data_auth_sign($auth));            session('orgId',$orgs[0]['id']);            session('orgName',$orgs[0]['name']);            (new \app\common\util\ThrottlesUtil(config('app.login_throttles')))->resetAttempts($username); // 登录成功,重置限流            if(!empty($jzma)){                $day = 30;                cookie("user_auth",$auth,time()+3600*24*$day);                cookie("user_auth_sign",data_auth_sign($auth),time()+3600*24*$day);                cookie("orgId",$orgs[0]['id'],time()+3600*24*$day);                cookie("orgName",$orgs[0]['name'],time()+3600*24*$day);            }else{                cookie("user_auth",null);                cookie("user_auth_sign",null);                cookie("orgId",null);                cookie("orgName",null);            }            $url = $_SERVER['HTTP_REFERER']?$_SERVER['HTTP_REFERER']:url('Index/index');            $this->success('登录成功',$url);        }else{            $config = Db::name('config')                ->where('name','web_site_title')                ->value('value');            if(is_login()){                $url = request()->domain().'/home/index.html';                $this->redirect($url);            }            $forgeturl = request()->domain().'/common/forget.html';            $this->assign('forgeturl',$forgeturl);            $this->assign('title',$config);            return $this->fetch();        }    }    public function forget(){        if(request()->isPost()) {            $username = input('?post.account')?input('post.account','','trim'):'';            $password = input('?post.password')?input('post.password','','trim'):'';            $code = input('?post.code')?input('post.code','','trim'):'';            if(!$username){                $this->error('手机号不能为空');            }            if(!$code){                $this->error('验证码不能为空');            }            if(!$password){                $this->error('新密码不能为空');            }            if(!verify_sms($username,$code)){                $this->error('验证码信息错误');            }            $info = Db::name('user')                ->where('mobile',$username)                ->where('del',0)->find();            if(empty($info))  $this->error('用户信息不存在');            if($info['enable']==0) $this->error('该账号被禁用');            $pas =  password_hash($password, PASSWORD_DEFAULT);            $sdata = [                'update_time' => date('Y-m-d H:i:s'),                'password' =>$pas            ];            $res = Db::name('user')                ->where('id',$info['id'])                ->update($sdata);            $res?$this->success('修改成功',request()->domain().'/common/login.html'):$this->error('修改失败');        }else{            $config = Db::name('config')                ->where('name', 'web_site_title')                ->value('value');            $loginurl = request()->domain().'/common/login.html';            $this->assign('loginurl',$loginurl);            $this->assign('title',$config);            return $this->fetch();        }    }    public function sms(){        $phone = input('mobile');        if(empty($phone)){            $this->error('手机号不能为空');        }        $res = send_verify_sms($phone);        if(!$res){            $this->error('发送失败');        }        $this->success('发送成功');    }    /**     * 退出登录     */    public function logout(){        session('user_auth',null);        session('user_auth_sign',null);        cookie("user_auth",null);        cookie("user_auth_sign",null);        $this->redirect(request()->domain().'/common/login.html');    }    /**     * 无权限跳转页面     */    public function access(){        return $this->fetch();    }    /**     * 403页面     */    public function forbid(){        return $this->fetch('403');    }}
 |