UserIdentity.php
<?php
/**
* UserIdentity represents the data needed to identity a user.
* It contains the authentication method that checks if the provided
* data can identity the user.
*/
class UserIdentity extends CUserIdentity
{
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
//校验数据的真实性
//find 没有就返回空 findAll返回空数组
$user_model = AdminUser::model()->find('user_name=:username',array(':username'=>$this->username));
if ($user_model === null) {
//用户名判断
$this->errorCode = self::ERROR_USERNAME_INVALID;
return false;
}elseif ($user_model->password !== md5(md5($this->password).$user_model->ec_salt)){
//用户输入密码 . ec_salt 之后md5加密即可
//密码判断
//echo $user_model->password.' '.md5(md5($this->password).$user_model->ec_salt).'<br>';
//echo $this->password.' '.md5($this->password).$user_model->ec_salt.' '.md5(md5($this->password).$user_model->ec_salt);
//die;
$this->errorCode = self::ERROR_PASSWORD_INVALID;
return false;
}else{
//合法
$this->errorCode = self::ERROR_NONE;
$lifeTime = 30 * 24 * 3600;
session_set_cookie_params($lifeTime);
Yii::app()->session['admin_msg'] = $user_model;//将对象存入admin_msg中
Yii::app()->session['YD[admin_id]'] = $user_model->user_id;
Yii::app()->session['YD[admin_name]'] = $user_model->user_name;
Yii::app()->session['YD[action_list]'] = $user_model->action_list;
Yii::app()->session['YD[belong_house]'] = $user_model->belong_house;// 管辖范围
Yii::app()->session['YD[imgURL]'] = trim($user_model->custom_head_img) ? '/'.$user_model->custom_head_img : '';// 头像URL
Yii::app()->session['YD[audioURL]'] = trim($user_model->custom_ringtones) ? '/'.$user_model->custom_ringtones : '';// 个性提醒URL
if (empty($user_model->ec_salt)) {
$ec_salt = rand(1, 9999);
$new_possword = md5(md5($this->password).$ec_salt);
YD_MysqlUtil::YD_execute("UPDATE {{admin_user}} SET ec_salt='$ec_salt', password='$new_possword' WHERE user_id='".Yii::app()->session['YD[admin_id]']."'");
}
return true;
}
/* $users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
);
if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
elseif($users[$this->username]!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode; */
}
}