get_admin_user_shell(); // 权限 // 凡是有POST参数过来的都验证token信息 if ($this -> config['sy_iscsrf'] != '2') { if (! $_SESSION['pytoken']) { $_SESSION['pytoken'] = substr(md5(uniqid() . $_SESSION['auid'] . $_SESSION['ausername'] . $_SESSION['ashell']), 8, 12); } if ($_POST) { if ($_POST['pytoken'] != $_SESSION['pytoken']) { $this -> ACT_layer_msg('来源地址非法！', 8, $this->config['sy_weburl']); } unset($_POST['pytoken']); } $this -> yunset('pytoken', $_SESSION['pytoken']); } } // wap站后台公共部分 function wapadmin(){ $UA = strtoupper($_SERVER['HTTP_USER_AGENT']); if (strpos($UA, 'WINDOWS NT') !== false) { // header('location:'.Url('index',array('c'=>'wap'))); } if ($_SESSION['wuid'] || $_GET['c']) { $shell = $this -> admin_get_user_shell($_SESSION['wuid'], $_SESSION['wshell']); if (! is_array($shell)) { unset($_SESSION['authcode']); unset($_SESSION['wuid']); unset($_SESSION['wusername']); unset($_SESSION['wshell']); unset($_SESSION['md']); unset($_SESSION['tooken']); unset($_SESSION['xsstooken']); header('location:' . $this->config['sy_weburl'] . '/wapadmin/'); exit(); } } } function get_admin_user_shell(){ $shellMsg = '暂无操作权限'; // cache要判断C ajax不需要判断 if ($_SESSION['auid'] && $_SESSION['ashell']) { //验证登录信息 $row = $this -> admin_get_user_shell($_SESSION['auid'], $_SESSION['ashell']); if (!$row) { $this -> adminlogout(); $this -> ShellMsg('登录超时，请刷新后重新登录！');exit(); } if ($_GET['m'] == '' || $_GET['m'] == 'index' || $_GET['m'] == 'admin_nav') { $_GET['m'] = 'admin_right'; } if ($this->config['did'] && $_GET['a']) { $_GET['c'] = $_GET['a']; } $c = $_GET['c']; $m = $_GET['m']; if ($_GET['m'] != 'admin_right') { //优先验证4级权限池（各类子模块权限） $moduleNav = $this -> get_shell_module($row['m_id'],$m,$c); if($moduleNav['error'] == '2'){//子权限验证未通过 $this -> ShellMsg($shellMsg);exit(); }elseif($moduleNav['error'] == '1'){//子权限验证通过 直接放行 OR 继续父级权限的认证 //return true; } $url = 'index.php?m=' . $m; $c_array = array( 'cache', 'markcom', 'markuser', 'advertise', 'zhaopinhui', 'admin_user', 'wx', 'admin_siteadmin' ); $wx_c_arr = array( 'Getpubtool', 'wxPubTempList', 'wxPubTemp', 'wxPubTempSave', 'wxPubTempDel', 'twTask', 'delTwTask', 'getTW', 'taskFinish' ); $navM = $this -> MODEL('navigation'); if ($c && $c != 'savagroup' && in_array($m, $c_array)) { if ($m == 'admin_user' && $c == 'pass') { $c = 'myuser'; }elseif ($m == 'wx' && in_array($c,$wx_c_arr)) { $c = 'pubtool'; } $url .= '&c=' . $c; $info = $navM -> getAdminNav(array('url'=>$url)); if (empty($info)) { $url = 'index.php?m=' . $m; } } if ($m == 'admin_memberlog'){ $m = 'admin_member'; $url = 'index.php?m=' . $m; } $nav = $this -> get_shell($row['m_id'], $url); if (! $nav) { // $this->adminlogout(); $this -> ShellMsg($shellMsg);exit(); } if (is_numeric($this->config['did'])) { if ($m == 'admin_user') { $where['url'] = 'index.php?m=admin_user&c=myuser'; $where['dids'] = 1; } else { $where['url'] = $url; $where['dids'] = 1; } $info = $navM -> getAdminNav($where); } else { $info = $navM -> getAdminNav(array('url'=>$url)); } if (! $info) { $this -> ShellMsg($shellMsg);exit(); } } } else { if ($_GET['m'] != '') { $this -> adminlogout(); $this -> ShellMsg('登录超时，请刷新后重新登录！');exit(); } } } // 用户退出 function adminlogout(){ unset($_SESSION['authcode']); unset($_SESSION['auid']); unset($_SESSION['ausername']); unset($_SESSION['ashell']); unset($_SESSION['md']); unset($_SESSION['tooken']); unset($_SESSION['xsstooken']); } function ShellMsg($msg = '您暂无操作权限！'){ //三种提醒方式 JS/AJAX：自定义错误状态 表单POST：ACT_MSG GET：普通提示 header('HTTP/1.1 777 Not Authorization'); if($_POST){ $this->ACT_layer_msg( $msg ,8); }else{ echo $msg; } exit(); } /** *@desc 后台用户登录 */ function admin_get_user_login($username, $password, $url = 'index.php'){ global $config; $username = str_replace(' ', '', $username); $adminM = $this -> MODEL('admin'); if ($config['sy_web_site'] == '1') { $where['username'] = $username; $where['PHPYUNBTWSTART'] = ''; $where['did'] = $config['did']; $where['isdid'] = array('=',1,'OR'); $where['PHPYUNBTWEND'] = ''; $where['status'] = 1; $user = $adminM -> getAdminUser($where, array()); } else { $user = $adminM -> getAdminUser(array('username' => $username,'status' => 1), array()); } //判断是否有登录时间控制 if($user['control_login']){ $timeArr = explode(" - ",$user['control_login']); $currtime = time(); $stime = strtotime(date('Y-m-d ',time()).$timeArr[0]) ; $etime = strtotime(date('Y-m-d ',time()).$timeArr[1]); if($stime>$currtime || $etime<$currtime){ $this -> ACT_layer_msg('不在规定登录时间内', 8, $url); } } $verify = $adminM -> verifyPass($password, $user['password']); $logM = $this -> MODEL('log'); if ($verify) { $_SESSION['auid'] = $user['uid']; $_SESSION['ausername'] = $user['username']; $_SESSION['xsstooken'] = sha1($config['sy_safekey']); $_SESSION['ashell'] = md5($user['username'] . $user['password'] . $this -> md); $adminLog = $logM -> getAdminLog(array('uid' => $_SESSION['auid'],'content' => '登录成功','orderby' => 'ctime')); $time = time(); if ($adminLog) { $this -> cookie -> setCookie('lasttime', $adminLog['ctime'], $time + 80000); } else { $this -> cookie -> setCookie('lasttime', $time, $time + 80000); } $this -> cookie -> setCookie('ashell', md5($user['username'] . $user['password'] . $this -> md), $time + 80000); $adminM -> upAdminUser(array('lasttime' => $time), array('uid' => $user['uid'])); $logM -> addAdminLog('登录成功', '', '', ''); $this -> ACT_layer_msg('登录成功！', 9, $url); } else { $logM -> addAdminLog("管理员：".$username.' 登录失败，登录密码：'.$password, '', '', '',array('auid'=>$user['uid'],'ausername'=>$username)); $this -> ACT_layer_msg('用户名或密码不正确！', 8, $url); } } /** * 手机WAP后台用户登录 */ function wapadmin_get_user_login($username, $password, $url = 'index.php'){ global $config; $username = str_replace(' ', '', $username); $adminM = $this -> MODEL('admin'); if ($config['sy_web_site'] == '1') { $where['username'] = $username; $where['PHPYUNBTWSTART'] = ''; $where['did'] = $config['did']; $where['isdid'] = array('=',1,'OR'); $where['PHPYUNBTWEND'] = ''; $where['status'] = 1; $user = $adminM -> getAdminUser($where); } else { $user = $adminM -> getAdminUser(array('username' => $username,'status' => 1)); } $verify = $adminM -> verifyPass($password, $user['password']); if ($verify) { $_SESSION['wuid'] = $user['uid']; $_SESSION['wusername'] = $user['username']; $_SESSION['xsstooken'] = sha1($config['sy_safekey']); $_SESSION['wshell'] = md5($user['username'] . $user['password'] . $this -> md); $time = time(); $this -> cookie -> setCookie('wshell', md5($user['username'] . $user['password'] . $this -> md), $time + 80000); $adminM -> upAdminUser(array('lasttime' => $time), array('uid' => $user['uid'])); $this -> MODEL('log') -> addAdminLog('登录成功'); return true; } else { return false; } } /** * 管理员用户登录权限验证 */ function admin_get_user_shell($uid, $shell){ global $config; if (! preg_match("/^\d*$/", $uid)) { return false; } $adminM = $this -> MODEL('admin'); if ($config['sy_web_site'] == '1') { $where['uid'] = $uid; $where['PHPYUNBTWSTART'] = ''; $where['did'] = $config['did']; $where['isdid'] = array('=',1,'OR'); $where['PHPYUNBTWEND'] = ''; $user = $adminM -> getAdminUser($where); } else { $user = $adminM -> getAdminUser(array('uid' => $uid)); } $ps = !empty($user) ? $shell == md5($user['username'] . $user['password'] . $this->md) : FALSE; return $ps ? $user : NULL; } /** * 检查访问地址 */ function check_token(){ if ($this->config['sy_iscsrf'] != '2') { if ($_SESSION['pytoken'] != $_GET['pytoken'] || ! $_SESSION['pytoken']) { unset($_SESSION['pytoken']); $this -> ACT_layer_msg('来源地址非法！', 8, 'index.php'); exit(); } } } /** * 后台顶部导航条默认页面 * @param $id * @param $power */ function GET_web_default($id, $power){ if ($this->config['sy_web_site'] == '1' && $this->config['did']) { $where['dids'] = 1; } $navM = $this -> MODEL('navigation'); $web = $navM -> getAdminNavList(array('keyid'=>array('in',pylode(',', $id)),'orderby'=>'sort,asc')); if (is_array($web['list'])) { foreach ($web['list'] as $v) { if (@in_array($v['id'], $power)) { $arr[] = $v['id']; $arr2[$v['id']] = $v['keyid']; } } $where['keyid'] = array('in',pylode(',', $arr)); $where['orderby'] = 'sort,asc'; $webaa = $navM -> getAdminNavList($where); if (is_array($webaa)) { foreach ($webaa['list'] as $va) { if (@in_array($va['id'], $power)) { $value[$arr2[$va['keyid']]] = $va['url']; } } } } return $value; } /** * 管理员组操作模块权限认证 * @param string $mid 管理员类型id * @param string $web 要检测的链接url * @param string $type * @return boolean */ function get_shell_module($mid, $m,$c){ $navM = $this -> MODEL('navigation'); //首先检测当前链接是否在操作模块权限池中 $nav = $navM -> getAdminNav(array('url'=>'index.php?m='.$m.'&c='.$c,'level'=>4)); //不在权限池就无需验证 if(!empty($nav)){ $adminM = $this->MODEL('admin'); $row = $adminM -> getPower(array('id'=>$mid)); //判断当前管理员类型有权限、且该类型下有用户 if ($row['power'] && $row['username']){ if(in_array($nav['id'], $row['power'])){ $return['error'] = 1; $return['power'] = $row; }else{ $return['error'] = 2; } } else { $return['error'] = 2; } }else{ $return['error'] = 3; } return $return; } /** * 管理员组导航菜单权限检测 * @param string $mid 管理员类型id * @param string $web 要检测的链接url * @param string $type * @return boolean */ function get_shell($mid, $web, $type = ''){ // $web=str_replace('&','&',$web); $adminM = $this->MODEL('admin'); $row = $adminM -> getPower(array('id'=>$mid),1); //判断当前管理员类型有权限、且该类型下有用户 if ($row['power'] && $row['group_name']){ $navM = $this -> MODEL('navigation'); $nav = $navM -> getAdminNav(array('url'=>$web)); $return = @in_array($nav['id'], $row['power']) ? true : false; } else { $return = false; } return $return; } /** * 获取页面名称 * @param string $id * @return string */ function GET_web_check($id){ $navM = $this -> MODEL('navigation'); $nav = $navM -> getAdminNav(array('id'=>$id)); if (is_array($nav)) { $value = $this -> GET_web_check($nav['keyid']); $value .= $nav['name'] . ' - '; } return $value; } /** * 获取微信/公众号/小程序绑定状态 * @param string $id * @return string */ function wxBindState($wxBind){ if(!empty($wxBind['wxid'])){ if(!empty($wxBind['unionid'])){ $wxGzhmsg = '公众号已绑定，微信开放平台已绑定'; }else{ $wxGzhmsg = '公众号已绑定'; } }else{ $wxGzhmsg= '公众号未绑定'; } $wxBindmsg = $wxGzhmsg; if(!empty($this->config['sy_xcxappid'])){ if(!empty($wxBind['wxopenid'])){ if($this->config['mini_wxopen']==1){ $wxXcxmsg = '微信小程序已绑定，微信开放平台已绑定'; }else{ $wxXcxmsg = '微信小程序已绑定'; } }else{ $wxXcxmsg= '微信小程序未绑定'; } $wxBindmsg .= '
'.$wxXcxmsg; } if($this->config['sy_app_open'] ==1){ if(!empty($wxBind['app_wxid'])){ $wxAppmsg = 'APP微信已绑定'; }else{ $wxAppmsg = 'APP微信未绑定'; } $wxBindmsg .= '
'.$wxAppmsg; } return $wxBindmsg; } } ?>