You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

376 lines
13 KiB
PHTML

5 years ago
<?php
namespace Admin\Controller;
use User\Api\UserApi;
use Com\Wechat;
use Com\WechatAuth;
/**
* 后台首页控制器
* @author 麦当苗儿 <zuojiazi@vip.qq.com>
*/
class PublicController extends \Think\Controller
{
/**
* 后台用户登录
* @author 麦当苗儿 <zuojiazi@vip.qq.com>
*/
public function login($username = null, $password = null, $verify = null)
{
if (IS_POST) {
/* 检测验证码 TODO: */
if (!check_verify($verify)) {
$this->error('验证码输入错误!');
}
/* 调用UC登录接口登录 */
$User = new UserApi;
$uid = $User->login($username, $password);
if (0 < $uid) { //UC登录成功
/* 登录用户 */
$Member = D('Member');
if ($Member->login($uid)) { //登录用户
//TODO:跳转到登录前页面
$this->success('登录成功!', U('Index/index'));
} else {
$this->error($Member->getError());
}
} else { //登录失败
switch ($uid) {
case -1:
$error = '用户不存在或被禁用!';
break; //系统级别禁用
case -2:
$error = '密码错误!';
break;
default:
$error = '未知错误!';
break; // 0-接口参数错误(调试阶段使用)
}
$this->error($error);
}
} else {
if (is_login()) {
$this->redirect('Index/index');
} else {
/* 读取数据库中的配置 */
$config = S('DB_CONFIG_DATA');
if (!$config) {
$config = D('Config')->lists();
S('DB_CONFIG_DATA', $config);
}
C($config); //添加配置
$this->display();
}
}
}
/**
* 后台用户登录
* @author 麦当苗儿 <zuojiazi@vip.qq.com>
*/
public function cp_login($mobile = null, $verify = null)
{
if (IS_POST) {
/* 检测验证码 TODO: */
$this->checksafecode($mobile, $verify, false);
$promote = M('promote', 'tab_')->where([
'mobile_phone' => $mobile,
'level' => 1,
])->find();
if ($promote) {
/* 记录登录SESSION和COOKIES */
$cp_auth = array(
'user_id' => $promote['id'],
'account' => $promote['account'],
'mobile_phone' => $promote['mobile_phone'],
'nickname' => $promote['nickname'],
'username' => $promote['nickname'] ?: $promote['account'],
'company_id' => $promote['company_id'],
);
$session_name = 'cp_user_auth';
if (I('auto_login')) {
session(['name' => $session_name, 'expire' => 60*60*24*30], $cp_auth);
session(['name' => $session_name.'_sign', 'expire' => 60*60*24*30], data_auth_sign($cp_auth));
} else {
session($session_name, $cp_auth);
session($session_name.'_sign', data_auth_sign($cp_auth));
}
$uid = $promote['id'];
} else {
$partner = M('partner', 'tab_')->where(['link_man' => $mobile,])->find();
if ($partner) {
/* 记录登录SESSION和COOKIES */
$cp_auth = array(
'user_id' => $partner['id'],
'account' => $partner['link_phone'],
'mobile_phone' => $partner['link_phone'],
'nickname' => $partner['link_man'],
'company_id' => $partner['id'],
'username' => $partner['link_man'] ?: $partner['account'],
);
$session_name = 'cp_user_auth';
if (I('auto_login')) {
session(['name' => $session_name, 'expire' => 60*60*24*30], $cp_auth);
session(['name' => $session_name.'_sign', 'expire' => 60*60*24*30], data_auth_sign($cp_auth));
} else {
session($session_name, $cp_auth);
session($session_name.'_sign', data_auth_sign($cp_auth));
}
$uid = $promote['id'];
}
}
if (0 < $uid) { //UC登录成功
/* 登录用户 */
$this->success('登录成功!', U('VerifyBill/index'));
} else { //登录失败
$this->error('该账号没有权限登录对账系统');
}
} else {
if (session('cp_user_auth')) {
$this->redirect('VerifyBill/index');
} else {
/* 读取数据库中的配置 */
$config = S('DB_CONFIG_DATA');
if (!$config) {
$config = D('Config')->lists();
S('DB_CONFIG_DATA', $config);
}
C($config); //添加配置
$this->display();
}
}
}
public function cp_logout()
{
session('cp_user_auth', null);
session('cp_user_auth_sign', null);
$this->redirect('cp_login');
}
5 years ago
/* 退出登录 */
public function logout()
{
if (is_login()) {
D('Member')->logout();
session('user_auth', null);
session('user_auth_sign', null);
session('user_auth_promote_ids', null);
5 years ago
cookie('think_language', Null);
// $this->success('退出成功!', U('login'));
$this->ajaxReturn(array('status' => 1, 'msg' => '退出成功!'));
} else {
$this->redirect('login');
}
}
public function checkVerify()
{
$verify = $_POST['verify'];
if (!check_verify($verify)) {
$this->ajaxReturn(array('status' => 0, 'msg' => '验证码输入错误!'));
}
}
public function verify()
{
$config = array(
'seKey' => 'ThinkPHP.CN', //验证码加密密钥
'fontSize' => 22, // 验证码字体大小(px)
'imageH' => 50, // 验证码图片高度
'imageW' => 180, // 验证码图片宽度
'length' => 4, // 验证码位数
'fontttf' => '4.ttf', // 验证码字体,不设置随机获取
);
ob_clean();
$verify = new \Think\Verify($config);
$verify->codeSet = '0123456789';
$verify->entry(1);
}
public function get_openid()
{
$appid = C('wechat.appid');
$appsecret = C('wechat.appsecret');
$result = auto_get_access_token(RUNTIME_PATH . '/access_token_validity.txt');
5 years ago
if ($result['is_validity']) {
session('token', $result['access_token']);
$auth = new WechatAuth($appid, $appsecret, $result['access_token']);
} else {
$auth = new WechatAuth($appid, $appsecret);
$token = $auth->getAccessToken();
$token['expires_in_validity'] = time() + $token['expires_in'];
wite_text(json_encode($token), RUNTIME_PATH . '/access_token_validity.txt');
5 years ago
session('token', $token['access_token']);
}
$scene_id = sp_random_num(4) . '0';
$ticket = $auth->qrcodeCreate($scene_id, 120);//10分钟
if ($ticket['errcode']) {
$return = array('status' => 0, 'data' => '获取ticket失败');
} else {
$qrcode = $auth->showqrcode($ticket['ticket']);
$return = array('status' => 1, 'data' => $qrcode, 'token' => $scene_id);
}
$this->ajaxReturn($return);
}
public function wite_token()
{
$appid = C('wechat.appid');
$appsecret = C('wechat.appsecret');
$auth = new WechatAuth($appid, $appsecret);
$token = $auth->getAccessToken();
$token['expires_in_validity'] = time() + $token['expires_in'];
wite_text(json_encode($token), RUNTIME_PATH . '/access_token_validity.txt');
5 years ago
session('token', $token['access_token']);
$this->get_openid();
}
/** * 第三方微信扫码登陆 * */
public function wechat_qrcode_login($state = 1)
{
if (empty(session("user_auth.user_id")) && !is_weixin()) {
$appid = C('weixin_login.appid');
$appsecret = C('weixin_login.appsecret');
$auth = new WechatAuth($appid, $appsecret);
$result = auto_get_access_token(RUNTIME_PATH . '/qr_access_token_validity.txt');
5 years ago
if ($result['is_validity']) {
session('token', $result['access_token']);
} else {
$token = $auth->getAccessToken();
$token['expires_in_validity'] = time() + $token['expires_in'];
wite_text(json_encode($token), RUNTIME_PATH . '/qr_access_token_validity.txt');
5 years ago
session('token', $token['access_token']);
}
$redirect_uri = "http://" . $_SERVER['HTTP_HOST'] . "/admin.php/Public/wechat_login_callback";
redirect($auth->getQrconnectURL($redirect_uri, $state));
}
}
public function wechat_login_callback()
{
if ($host && $_GET['state'] != $_SERVER['HTTP_HOST']) {
$url = 'http://' . $_GET['state'] . '/admin.php/Public/wechat_login_callback?' . http_build_query($_GET);
Header("Location: $url");
exit;
}
if (is_weixin()) {
$appid = C('wechat.appid');
$appsecret = C('wechat.appsecret');
} else {
$appid = C('weixin_login.appid');
$appsecret = C('weixin_login.appsecret');
}
$auth = new WechatAuth($appid, $appsecret);
$token = $auth->getAccessToken("code", $_GET['code']);
if (isset($_GET['auto_get_openid'])) {
if (base64_decode($_GET['auto_get_openid']) != 'auto_get_openid') {
die('非法操作!');
} else {
session('admin_wechat_token', array('openid' => $token['openid']));
session('admin_openid', $token['openid']);
}
}
$Member = D('UcenterMember');
$admin = $Member->where(array('admin_openid' => $token['openid']))->find();
if ($admin == '') {
$this->error("微信未绑定管理员账号!");
} else {
$User = new UserApi;
$uid = $User->login($admin['username'], $admin['password']);
if (0 < $uid) { //UC登录成功
/* 登录用户 */
$Member = D('Member');
if ($Member->login($uid)) { //登录用户
//TODO:跳转到登录前页面
$this->success('登录成功!', U('Index/index'));
} else {
$this->error($Member->getError());
}
} else { //登录失败
switch ($uid) {
case -1:
$error = '用户不存在或被禁用!';
break; //系统级别禁用
case -2:
$error = '密码错误!';
break;
default:
$error = '未知错误!';
break; // 0-接口参数错误(调试阶段使用)
}
$this->error($error);
}
}
}
public function zh_cn()
{
cookie('think_language', 'zh-cn');
$this->ajaxReturn(['status' => 1]);
}
public function en_us()
{
cookie('think_language', 'en-us');
$this->ajaxReturn(['status' => 1]);
}
/**
* 发动手机验证码
*/
public function telsafecode($phone = '', $delay = 10, $flag = true)
{
$result = R('Common/Sms/send_sms_code', array($phone, $delay, false));
if ($result['code'] == 200) {
$data['status'] = 1;
$data['data'] = $result['data'];
} else {
$data['status'] = 0;
}
$data['msg'] = $result['msg'];
echo json_encode($data);
exit;
}
/**
* 手机安全码验证
* @param bool $flag true 用于直接异步请求 false 用于方法调用
* @param [type] $vcode [description]
*/
public function checksafecode($phone, $vcode, $flag = true)
{
$result = R('Common/Sms/verify_sms_code', array($phone, $vcode, false));
if ($result['code'] == 200) {
$data['status'] = 1;
if ($flag) {
echo json_encode($data);
exit;
}
} else {
$data['status'] = 0;
$data['msg'] = $result['msg'];
echo json_encode($data);
exit;
}
}
5 years ago
}