ѡ̳
标题:
设置->管理源管理,角色管理
[打印本页]
作者:
admin
时间:
2017-11-5 18:19
标题:
设置->管理源管理,角色管理
取消了口令卡
class AdminManageController extends AdminController {
private $db,$role_db;
function __construct() {
parent::__construct();
$this->db = M('Admin');
$this->role_db = D('Admin_role');
$this->op = new \Admin\Classes\admin_op();
}
public function init() {
$userid = session('user_auth.userid');
$admin_username = session('user_auth.username');
$page = $_GET['page'] ? intval($_GET['page']) : '1';
$infos = $this->db->page($page, 20)->select();
$pages = $this->db->pages;
$rolesarr = M('admin_role')->order('roleid asc')->select();//getcache('role');
$roles = array();
foreach($rolesarr as $val){
$roles[$val['roleid']]= $val['rolename'];
}
$this->assign('admin_username',$admin_username);
$this->assign('infos',$infos);
$this->assign('roles',$roles);
//var_dump($roles);
$this->display('admin_list');
}
/**
* 添加管理员
*/
public function add() {
if(isset($_POST['dosubmit'])) {
if($this->check_admin_manage_code()==false){
showmessage("error auth code");
}
$info = array();
if(!$this->op->checkname($_POST['info']['username'])){
showmessage(L('admin_already_exists'));
}
$info = checkuserinfo($_POST['info']);
if(!checkpasswd($info['password'])){
showmessage(L('pwd_incorrect'));
}
$encrypt = create_randomstr();
$password = user_md5($info['password'],$encrypt); //password($info['password']);
$info['password'] = $password;
$info['encrypt'] = $encrypt;
$info['status'] = 1;
$admin_fields = array('username', 'email', 'password', 'encrypt','roleid','realname','status');
foreach ($info as $k=>$value) {
if (!in_array($k, $admin_fields)){
unset($info[$k]);
}
}
$addres = $this->db->add($info);
if($addres){
showmessage(L('operation_success'),'?m=admin&c=admin_manage&a=init');
}
} else {
$roles = $this->role_db->where(array('disabled'=>'0'))->select();
$admin_manage_code = $this->get_admin_manage_code();
$this->assign('roles', $roles);
$this->assign('admin_manage_code', $admin_manage_code);
$this->display('admin_add');
}
}
/**
* 修改管理员
*/
public function edit() {
if(isset($_POST['dosubmit'])) {
if($this->check_admin_manage_code()==false){
showmessage("error auth code");
}
$memberinfo = $info = array();
$info = checkuserinfo($_POST['info']);
if(isset($info['password']) && !empty($info['password']))
{
$this->op->edit_password($info['userid'], $info['password']);
}
$userid = $info['userid'];
$info['status'] = 1;
$admin_fields = array('username', 'email', 'roleid','realname','status');
foreach ($info as $k=>$value) {
if (!in_array($k, $admin_fields)){
unset($info[$k]);
}
}
$this->db->where(array('userid'=>$userid))->save($info);
showmessage(L('operation_success'),'','','edit');
} else {
$info = $this->db->where(array('userid'=>$_GET['userid']))->find();
extract($info);
$roles = $this->role_db->where(array('disabled'=>'0'))->select();
$show_header = true;
$admin_manage_code = $this->get_admin_manage_code();
$this->assign($info);
$this->assign('admin_manage_code',$admin_manage_code);
$this->assign('roles',$roles);
// $this->assign('roleid',session('user_auth.roleid'));
//print_r($_SESSION);
$this->display('admin_edit');
}
}
public function public_edit_info(){
$userid = session('user_auth.userid');
//print_r($_SESSION);
if(isset($_POST['dosubmit'])) {
$admin_fields = array('email','realname','lang');
$info = array();
$info = $_POST['info'];
if(trim($info['lang'])=='') $info['lang'] = 'zh-cn';
foreach ($info as $k=>$value) {
if (!in_array($k, $admin_fields)){
unset($info[$k]);
}
}
$this->db->where(array('userid'=>$userid))->save($info);
cookie('sys_lang', $info['lang'],SYS_TIME+86400*30);
showmessage(L('operation_success'),HTTP_REFERER);
} else {
$info = $this->db->where(array('userid'=>$userid))->find();
extract($info);
$lang_dirs = glob(APP_PATH.'/Common/Lang/*');
$dir_array = array();
foreach($lang_dirs as $dirs) {
$dir_array[] = str_replace(APP_PATH.'/Common/Lang/','',$dirs);
}
$this->assign($info);
$this->assign('dir_array',$dir_array);
$this->display('admin_edit_info');
}
}
public function public_edit_pwd(){
$userid = session('user_auth.userid');
if(isset($_POST['dosubmit'])) {
$r = $this->db->where(array('userid'=>$userid))->field('password,encrypt')->find();
if ( user_md5($_POST['old_password'],$r['encrypt']) !== $r['password'] ) showmessage(L('old_password_wrong'),HTTP_REFERER);
if(isset($_POST['new_password']) && !empty($_POST['new_password'])) {
$this->op->edit_password($userid, $_POST['new_password']);
}
showmessage(L('password_edit_succ_logout'),'?m=Admin&c=Public&a=logout');
} else {
$info = $this->db->where(array('userid'=>$userid))->find();
extract($info);
$this->assign($info);
$this->display('admin_edit_pwd');
}
}
/**
* 异步检测用户名
*/
function public_checkname_ajx() {
$username = isset($_GET['username']) && trim($_GET['username']) ? trim($_GET['username']) : exit(0);
if ($this->db->field('userid')->where(array('username'=>$username))->find()){
exit('0');
}
exit('1');
}
/**
* 异步检测密码
*/
function public_password_ajx() {
$userid = session('user_auth.userid');
$r = array();
$r = $this->db->field('password,encrypt')->where(array('userid'=>$userid))->find();
if ( user_md5($_GET['old_password'],$r['encrypt']) == $r['password'] ) {
exit('1');
}
exit('0');
}
/**
* 异步检测emial合法性
*/
function public_email_ajx() {
$email = $_GET['email'];
$userid = session('user_auth.userid');
$check = $this->db->field('userid')->where(array('email'=>$email))->find();
if ($check && $check['userid']!=$userid){
exit('0');
}else{
exit('1');
}
}
//电子口令卡
function card() {
if (C( 'safe_card') != 1) {
showmessage(L('your_website_opened_the_card_no_password'));
}
$userid = isset($_GET['userid']) && intval($_GET['userid']) ? intval($_GET['userid']) : showmessage(L('user_id_cannot_be_empty'));
$data = array();
if ($data = $this->db->where(array('userid'=>$userid))->field('`card`,`username`')->find()) {
$pic_url = '';
if ($data['card']) {
pc_base::load_app_class('card', 'admin', 0);
$pic_url = card::get_pic($data['card']);
}
$show_header = true;
$this->display('admin_card');
} else {
showmessage(L('users_were_not_found'));
}
}
//绑定电子口令卡
function creat_card() {
if (C( 'safe_card') != 1) {
showmessage(L('your_website_opened_the_card_no_password'));
}
$userid = isset($_GET['userid']) && intval($_GET['userid']) ? intval($_GET['userid']) : showmessage(L('user_id_cannot_be_empty'));
$data = $card = '';
if ($data = $this->db->field( '`card`,`username`')->where(array('userid'=>$userid))->find()) {
if (empty($data['card'])) {
pc_base::load_app_class('card', 'admin', 0);
$card = card::creat_card();
if ($this->db->update(array('card'=>$card), array('userid'=>$userid))) {
showmessage(L('password_card_application_success'), '?m=admin&c=admin_manage&a=card&userid='.$userid);
} else {
showmessage(L('a_card_with_a_local_database_please_contact_the_system_administrators'));
}
} else {
showmessage(L('please_lift_the_password_card_binding'),HTTP_REFERER);
}
} else {
showmessage(L('users_were_not_found'));
}
}
//解除口令卡绑定
function remove_card() {
if (pc_base::load_config('system', 'safe_card') != 1) {
showmessage(L('your_website_opened_the_card_no_password'));
}
$userid = isset($_GET['userid']) && intval($_GET['userid']) ? intval($_GET['userid']) : showmessage(L('user_id_cannot_be_empty'));
$data = $result = '';
if ($data = $this->db->get_one(array('userid'=>$userid), '`card`,`username`,`userid`')) {
pc_base::load_app_class('card', 'admin', 0);
if ($result = card::remove_card($data['card'])) {
$this->db->update(array('card'=>''), array('userid'=>$userid));
showmessage(L('the_binding_success'), '?m=admin&c=admin_manage&a=card&userid='.$userid);
}
} else {
showmessage(L('users_were_not_found'));
}
}
//添加修改用户 验证串验证
private function check_admin_manage_code(){
$admin_manage_code = $_POST['info']['admin_manage_code'];
$pc_auth_key = md5(C('auth_key').'adminuser');
$admin_manage_code = sys_auth($admin_manage_code, 'DECODE', $pc_auth_key);
if($admin_manage_code==""){
return false;
}
$admin_manage_code = explode("_", $admin_manage_code);
if($admin_manage_code[0]!="adminuser" || $admin_manage_code[1]!=$_POST[pc_hash]){
return false;
}
return true;
}
//添加修改用户 生成验证串
private function get_admin_manage_code(){
$pc_auth_key = md5(C('auth_key').'adminuser');
$code = sys_auth("adminuser_".$_GET[pc_hash]."_".time(), 'ENCODE', $pc_auth_key);
return $code;
}
}
复制代码
角色管理
class RoleController extends AdminController {
private $db, $priv_db;
function __construct() {
parent::__construct();
$this->db = M('admin_role');
$this->priv_db = M('admin_role_priv');
$this->op = new \Admin\Classes\role_op(); //pc_base::load_app_class('role_op');
}
/**
* 角色管理列表
*/
public function init() {
$infos = $this->db->order('listorder DESC, roleid DESC')->select();
$this->assign('infos',$infos);
$this->display('role_list');
}
/**
* 添加角色
*/
public function add() {
if(isset($_POST['dosubmit'])) {
if(!is_array($_POST['info']) || empty($_POST['info']['rolename'])){
showmessage(L('operation_failure'));
}
if($this->op->checkname($_POST['info']['rolename'])){
showmessage(L('role_duplicate'));
}
$insert_id = $this->db->add($_POST['info']);
$this->_cache();
if($insert_id){
showmessage(L('operation_success'),'?m=admin&c=role&a=init');
}
} else {
$this->display('role_add');
}
}
/**
* 编辑角色
*/
public function edit() {
if(isset($_POST['dosubmit'])) {
$_POST['roleid'] = intval($_POST['roleid']);
if(!is_array($_POST['info']) || empty($_POST['info']['rolename'])){
showmessage(L('operation_failure'));
}
$this->db->where(array('roleid'=>$_POST['roleid']))->save($_POST['info']);
$this->_cache();
showmessage(L('operation_success'),'?m=admin&c=role&a=init');
} else {
$info = $this->db->where(array('roleid'=>$_GET['roleid']))->find();
extract($info);
$this->assign($info);
$this->display('role_edit');
}
}
/**
* 删除角色
*/
public function delete() {
$roleid = intval($_GET['roleid']);
if($roleid == '1') showmessage(L('this_object_not_del'), HTTP_REFERER);
$this->db->where(array('roleid'=>$roleid))->delete();
$this->priv_db->where(array('roleid'=>$roleid))->delete();
$this->_cache();
showmessage(L('role_del_success'));
}
/**
* 更新角色排序
*/
public function listorder() {
if(isset($_POST['dosubmit'])) {
foreach($_POST['listorders'] as $roleid => $listorder) {
$this->db->where(array('roleid'=>$roleid))->save(array('listorder'=>$listorder));
}
showmessage(L('operation_success'));
} else {
showmessage(L('operation_failure'));
}
}
/**
* 角色权限设置
*/
public function role_priv() {
$this->menu_db = M('menu');
$siteid = $siteid ? $siteid : self::get_siteid();
if(isset($_POST['dosubmit'])){
if (is_array($_POST['menuid']) && count($_POST['menuid']) > 0) {
$this->priv_db->where(array('roleid'=>$_POST['roleid'],'siteid'=>$_POST['siteid']))->delete();
$menuinfo = $this->menu_db->field('`id`,`m`,`c`,`a`,`data`')->select();
foreach ($menuinfo as $_v) $menu_info[$_v[id]] = $_v;
foreach($_POST['menuid'] as $menuid){
$info = array();
$info = $this->op->get_menuinfo(intval($menuid),$menu_info);
$info['roleid'] = $_POST['roleid'];
$info['siteid'] = $_POST['siteid'];
$this->priv_db->add($info);
}
} else {
$this->priv_db->where(array('roleid'=>$_POST['roleid'],'siteid'=>$_POST['siteid']))->delete();
}
$this->_cache();
showmessage(L('operation_success'), HTTP_REFERER);
} else {
$siteid = intval($_GET['siteid']);
$roleid = intval($_GET['roleid']);
if ($siteid) {
$menu = new \Think\Tree();
$menu->icon = array('│ ','├─ ','└─ ');
$menu->nbsp = ' ';
$result = $this->menu_db->select();
$priv_data = $this->priv_db->select(); //获取权限表数据
$modules = 'admin,system';
foreach ($result as $n=>$t) {
$result[$n]['cname'] = L($t['name']); //,'',$modules
$result[$n]['checked'] = ($this->op->is_checked($t,$_GET['roleid'],$siteid, $priv_data))? ' checked' : '';
$result[$n]['level'] = $this->op->get_level($t['id'],$result);
$result[$n]['parentid_node'] = ($t['parentid'])? ' class="child-of-node-'.$t['parentid'].'"' : '';
}
$str = "<tr id='node-\$id' \$parentid_node>
<td style='padding-left:30px;'>\$spacer<input type='checkbox' name='menuid[]' value='\$id' level='\$level' \$checked onclick='javascript:checknode(this);'> \$cname</td>
</tr>";
$menu->init($result);
$categorys = $menu->get_tree(0, $str);
}
$show_header = true;
$show_scroll = true;
$this->assign('siteid',$siteid);
$this->assign('categorys',$categorys);
$this->assign('priv_data',$priv_data);
$this->assign('roleid',$roleid);
//print_r($priv_data);
$this->display('role_priv');
}
}
public function priv_setting() {
$sites = new \Admin\Classes\sites() ;// pc_base::load_app_class('sites', 'admin');
$sites_list = $sites->get_list();
$roleid = intval($_GET['roleid']);
$this->assign('sites_list',$sites_list);
$this->assign('roleid',$roleid);
$this->display('role_priv_setting');
}
/**
* 更新角色状态
*/
public function change_status(){
$roleid = intval($_GET['roleid']);
$disabled = intval($_GET['disabled']);
$this->db->update(array('disabled'=>$disabled),array('roleid'=>$roleid));
$this->_cache();
showmessage(L('operation_success'),'?m=admin&c=role');
}
/**
* 成员管理
*/
public function member_manage() {
$this->admin_db = M('admin');
$roleid = intval($_GET['roleid']);
$roles = getcache('role'); // getcache('role','commons');
$infos = $this->admin_db->where(array('roleid'=>$roleid))->select();
$this->assign('roleid',$roleid);
$this->assign('roles',$roles);
$this->assign('infos',$infos);
$this->display('admin_list');
}
/**
* 设置栏目权限
*/
public function setting_cat_priv() {
$roleid = isset($_GET['roleid']) && intval($_GET['roleid']) ? intval($_GET['roleid']) : showmessage(L('illegal_parameters'), HTTP_REFERER);
$op = isset($_GET['op']) && intval($_GET['op']) ? intval($_GET['op']) : '';
$this->assign('roleid',$roleid);
$this->assign('op',$op);
switch ($op) {
case 1:
$siteid = isset($_GET['siteid']) && intval($_GET['siteid']) ? intval($_GET['siteid']) : showmessage(L('illegal_parameters'), HTTP_REFERER);
//pc_base::load_app_class('role_cat', '', 0);
//$role_cat = \Admin\Classes\role_cat;
$category = \Admin\Classes\role_cat::get_category($siteid);
//获取角色当前权限设置
$priv = \Admin\Classes\role_cat::get_roleid($roleid, $siteid);
//加载tree
$tree = new \Think\Tree();
$categorys = array();
foreach ($category as $k=>$v) {
if ($v['type'] == 1) {
$v['disabled'] = 'disabled';
$v['init_check'] = '';
$v['add_check'] = '';
$v['delete_check'] = '';
$v['listorder_check'] = '';
$v['push_check'] = '';
$v['move_check'] = '';
} else {
$v['disabled'] = '';
$v['add_check'] = isset($priv[$v['catid']]['add']) ? 'checked' : '';
$v['delete_check'] = isset($priv[$v['catid']]['delete']) ? 'checked' : '';
$v['listorder_check'] = isset($priv[$v['catid']]['listorder']) ? 'checked' : '';
$v['push_check'] = isset($priv[$v['catid']]['push']) ? 'checked' : '';
$v['move_check'] = isset($priv[$v['catid']]['remove']) ? 'checked' : '';
$v['edit_check'] = isset($priv[$v['catid']]['edit']) ? 'checked' : '';
}
$v['init_check'] = isset($priv[$v['catid']]['init']) ? 'checked' : '';
$category[$k] = $v;
}
$show_header = true;
$str = "<tr>
<td align='center'><input type='checkbox' value='1' onclick='select_all(\$catid, this)' ></td>
<td>\$spacer\$catname</td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$init_check value='init' ></td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$disabled \$add_check value='add' ></td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$disabled \$edit_check value='edit' ></td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$disabled \$delete_check value='delete' ></td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$disabled \$listorder_check value='listorder' ></td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$disabled \$push_check value='push' ></td>
<td align='center'><input type='checkbox' name='priv[\$catid][]' \$disabled \$move_check value='remove' ></td>
</tr>";
$tree->init($category);
$categorys = $tree->get_tree(0, $str);
$this->assign('categorys',$categorys);
$this->assign('siteid',$siteid);
$this->display('role_cat_priv_list');
break;
case 2:
$siteid = isset($_GET['siteid']) && intval($_GET['siteid']) ? intval($_GET['siteid']) : showmessage(L('illegal_parameters'), HTTP_REFERER);
//pc_base::load_app_class('role_cat', '', 0);
\Admin\Classes\role_cat::updata_priv($roleid, $siteid, $_POST['priv']);
showmessage(L('operation_success'),'?m=admin&c=role&a=init', '', 'edit');
break;
default:
$sites = new \Admin\Classes\sites();
$sites_list = $sites->get_list();
$this->assign('sites_list',$sites_list);
$this->display('role_cat_priv');
break;
}
}
/**
* 角色缓存
*/
private function _cache() {
$infos = $this->db->select(array('disabled'=>'0'), $data = '`roleid`,`rolename`', '', 'roleid ASC');
$role = array();
foreach ($infos as $info){
$role[$info['roleid']] = $info['rolename'];
}
$this->_cache_siteid($role);
setcache('role', $role);
return $infos;
}
/**
* 缓存站点数据
*/
private function _cache_siteid($role) {
$sitelist = array();
foreach($role as $n=>$r) {
$sitelistsarr = $this->priv_db->field('siteid')->where(array('roleid'=>$n))->select();
$sitelists = array();
foreach($sitelists as $val){
$sitelists[$val['siteid']] = $val;
}
foreach($sitelists as $site) {
foreach($site as $v){
$sitelist[$n][] = intval($v);
}
}
}
if(is_array($sitelist)) {
$sitelist = @array_map("array_unique", $sitelist);
setcache('role_siteid', $sitelist);
}
return $sitelist;
}
}
复制代码
作者:
admin
时间:
2017-11-5 18:25
静态方法可以直接使用 不用new实例化。
欢迎光临 ѡ̳ (http://www.sunminxuan.cn/bbs/)
Powered by Discuz! X3.4