📂 code /
📄 正在查看:admin/control/index_control.class.php
大小:2,463 字节 · 修改:2014-01-24 01:15:24 · 行数:84
1<?php
2/**
3 * (C)2012-2014 twcms.com TongWang Inc.
4 * Author: wuzhaohuan <kongphp@gmail.com>
5 */
6
7defined('TWCMS_PATH') or exit;
8
9class index_control extends admin_control{
10 // 后台首页
11 public function index() {
12 unset($this->_navs[1]['my-newtab']);
13 foreach ($this->_navs[1] as $k => $v) {
14 $this->_navs[2][$v['p']][$k] = $v;
15 }
16 unset($this->_navs[1]);
17
18 $this->display();
19 exit;
20 }
21
22 // 后台登陆
23 public function login() {
24 if(empty($_POST)) {
25 $this->display();
26 }elseif(form_submit()) {
27 $user = &$this->user;
28 $username = R('username', 'P');
29 $password = R('password', 'P');
30
31 if($message = $user->check_username($username)) {
32 exit('{"name":"username", "message":"啊哦,'.$message.'"}');
33 }elseif($message = $user->check_password($password)){
34 exit('{"name":"password", "message":"啊哦,'.$message.'"}');
35 }
36
37 // 防IP暴力破解
38 $ip = &$_ENV['_ip'];
39 if($user->anti_ip_brute($ip)) {
40 exit('{"name":"password", "message":"啊哦,请15分钟之后再试!"}');
41 }
42
43 $data = $user->get_user_by_username($username);
44 if($data && $user->verify_password($password, $data['salt'], $data['password'])) {
45 // 写入 cookie
46 $admauth = str_auth("$data[uid]\t$data[username]\t$data[password]\t$data[groupid]\t$ip", 'ENCODE');
47 _setcookie('admauth', $admauth, 0, '', '', false, true);
48
49 // 更新登陆信息
50 $data['lastip'] = $data['loginip'];
51 $data['lastdate'] = $data['logindate'];
52 $data['loginip'] = ip2long($ip);
53 $data['logindate'] = $_ENV['_time'];
54 $data['logins']++;
55 $user->update($data);
56
57 // 删除密码错误记录
58 $this->runtime->delete('password_error_'.$ip);
59
60 exit('{"name":"", "message":"登录成功!"}');
61 }else{
62 // 记录密码错误日志
63 $log_password = '******'.substr($password, 6);
64 log::write("密码错误:$username - $log_password", 'login_log.php');
65
66 // 记录密码错误次数
67 $user->password_error($ip);
68
69 exit('{"name":"password", "message":"啊哦,帐号或密码不正确!"}');
70 }
71 }else{
72 exit('{"name":"username", "message":"啊哦,表单失效!请刷新后再试!"}');
73 }
74 }
75
76 // 后台登出
77 public function logout(){
78 _setcookie('admauth', '', 1);
79 exit('<html><body><script>window.location="index.php?u=index-login"</script></body></html>');
80 }
81
82 // hook admin_index_control_after.php
83}
84