|
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
include_once(SERVER_ROOT . "/model/mBase.php");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class mAdminUser extends mBase {
|
|
|
|
|
private $obj;
|
|
|
|
|
private $tbl;
|
|
|
|
|
|
|
|
|
|
public function __construct() {
|
|
|
|
|
$this->obj = new dAdminUser();
|
|
|
|
|
$this->tbl = 'tcm_admin_user';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getAdminUserByName($name) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`username`=?', 'vals' => array($name)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getAdminUserById($id) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`id`=?', 'vals' => array($id)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserList() {
|
|
|
|
|
return $this->obj->selectAll($this->tbl);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function createUser($info) {
|
|
|
|
|
return $this->obj->insert($this->tbl, $info);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function updateUser($id, $info) {
|
|
|
|
|
return $this->obj->update($this->tbl, $info, array('sql' => '`id`=?', 'vals' => array($id)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function checkAdminLogin($name, $password) {
|
|
|
|
|
if (empty($name) || empty($password)) {
|
|
|
|
|
$this->setError('参数错误');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$admin_user = $this->getAdminUserByName($name);
|
|
|
|
|
if (empty($admin_user)) {
|
|
|
|
|
$this->setError('用户不存在');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($admin_user['password'] !== md5($password)) {
|
|
|
|
|
$this->setError('密码不正确');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($admin_user['status'] != 0) {
|
|
|
|
|
$this->setError('用户已禁用');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//设置登录状态
|
|
|
|
|
setcookie("uid", $admin_user['id'], time() + 3600 * 24, '/');
|
|
|
|
|
setcookie("token", $this->getToken($admin_user['id']), time() + 3600 * 24, '/');
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserByOpenid($openid) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`openid`=?', 'vals' => array($openid)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function createUniqueID($openid) {
|
|
|
|
|
$uuid = uniqid($openid, true);
|
|
|
|
|
$hash = hash('sha256', $uuid);
|
|
|
|
|
$decimal = base_convert(substr($hash, 0, 16), 16, 10);
|
|
|
|
|
return substr($decimal, 0, 10);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserByIdentifier($identifier) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`identifier`=?', 'vals' => array($identifier)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getUserByUid($uid) {
|
|
|
|
|
return $this->obj->select($this->tbl, array('sql' => '`uid`=?', 'vals' => array($uid)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getToken($uid) {
|
|
|
|
|
$secretKey = JWT_KEY;
|
|
|
|
|
$timestamp = time();
|
|
|
|
|
$data = $uid . '|' . $timestamp;
|
|
|
|
|
$token = hash_hmac('sha256', $data, $secretKey);
|
|
|
|
|
return base64_encode($data . '|' . $token);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function validateToken($uid, $token) {
|
|
|
|
|
$secretKey = JWT_KEY;
|
|
|
|
|
$decodedToken = base64_decode($token);
|
|
|
|
|
list($valid_uid, $timestamp, $tokenHash) = explode('|', $decodedToken);
|
|
|
|
|
|
|
|
|
|
$data = $uid . '|' . $timestamp;
|
|
|
|
|
$validToken = hash_hmac('sha256', $data, $secretKey);
|
|
|
|
|
|
|
|
|
|
if (hash_equals($validToken, $tokenHash) && time() - $timestamp < 3600 * 24) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
