obj = new dAdminUser(); $this->tbl = 'tcm_admin_user'; } public function getAdminUserByName($name) { return $this->obj->select($this->tbl, array('sql' => '`username`=?', 'vals' => array($name))); } public function getAdminUserById($id) { return $this->obj->select($this->tbl, array('sql' => '`id`=?', 'vals' => array($id))); } public function getUserList() { return $this->obj->selectAll($this->tbl); } public function createUser($info) { return $this->obj->insert($this->tbl, $info); } public function updateUser($id, $info) { return $this->obj->update($this->tbl, $info, array('sql' => '`id`=?', 'vals' => array($id))); } public function checkAdminLogin($name, $password) { if (empty($name) || empty($password)) { $this->setError('参数错误'); return false; } $admin_user = $this->getAdminUserByName($name); if (empty($admin_user)) { $this->setError('用户不存在'); return false; } if ($admin_user['password'] !== md5($password)) { $this->setError('密码不正确'); return false; } if ($admin_user['status'] != 0) { $this->setError('用户已禁用'); return false; } //设置登录状态 setcookie("uid", $admin_user['id'], time() + 3600 * 24, '/'); setcookie("token", $this->getToken($admin_user['id']), time() + 3600 * 24, '/'); return true; } public function getUserByOpenid($openid) { return $this->obj->select($this->tbl, array('sql' => '`openid`=?', 'vals' => array($openid))); } function createUniqueID($openid) { $uuid = uniqid($openid, true); $hash = hash('sha256', $uuid); $decimal = base_convert(substr($hash, 0, 16), 16, 10); return substr($decimal, 0, 10); } public function getUserByIdentifier($identifier) { return $this->obj->select($this->tbl, array('sql' => '`identifier`=?', 'vals' => array($identifier))); } public function getUserByUid($uid) { return $this->obj->select($this->tbl, array('sql' => '`uid`=?', 'vals' => array($uid))); } public function getToken($uid) { $secretKey = JWT_KEY; $timestamp = time(); $data = $uid . '|' . $timestamp; $token = hash_hmac('sha256', $data, $secretKey); return base64_encode($data . '|' . $token); } public function validateToken($uid, $token) { $secretKey = JWT_KEY; $decodedToken = base64_decode($token); list($valid_uid, $timestamp, $tokenHash) = explode('|', $decodedToken); $data = $uid . '|' . $timestamp; $validToken = hash_hmac('sha256', $data, $secretKey); if (hash_equals($validToken, $tokenHash) && time() - $timestamp < 7200) { return true; } return false; } }