Home Explore Help
Sign In
wqg
/
typecho_wqg
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
typecho_wqg
/
var
/
Widget
/
Login.php

Login.php 3.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110 
  1. <?php
    2. 

  2. 

  3. namespace Widget;
    4. 

  4. 

  5. use Typecho\Cookie;
    6. 

  6. use Typecho\Validate;
    7. 

  7. use Widget\Base\Users;
    8. 

  8. 

  9. if (!defined('__TYPECHO_ROOT_DIR__')) {
    10. 

  10.     exit;
    11. 

  11. }
    12. 

  12. 

  13. /**
    14. 

  14.  * 登录组件
    15. 

  15.  *
    16. 

  16.  * @category typecho
    17. 

  17.  * @package Widget
    18. 

  18.  * @copyright Copyright (c) 2008 Typecho team (http://www.typecho.org)
    19. 

  19.  * @license GNU General Public License 2.0
    20. 

  20.  */
    21. 

  21. class Login extends Users implements ActionInterface
    22. 

  22. {
    23. 

  23.     /**
    24. 

  24.      * 初始化函数
    25. 

  25.      *
    26. 

  26.      * @access public
    27. 

  27.      * @return void
    28. 

  28.      */
    29. 

  29.     public function action()
    30. 

  30.     {
    31. 

  31.         // protect
    32. 

  32.         $this->security->protect();
    33. 

  33. 

  34.         /** 如果已经登录 */
    35. 

  35.         if ($this->user->hasLogin()) {
    36. 

  36.             /** 直接返回 */
    37. 

  37.             $this->response->redirect($this->options->index);
    38. 

  38.         }
    39. 

  39. 

  40.         /** 初始化验证类 */
    41. 

  41.         $validator = new Validate();
    42. 

  42.         $validator->addRule('name', 'required', _t('请输入用户名'));
    43. 

  43.         $validator->addRule('password', 'required', _t('请输入密码'));
    44. 

  44.         $expire = 30 * 24 * 3600;
    45. 

  45. 

  46.         /** 记住密码状态 */
    47. 

  47.         if ($this->request->remember) {
    48. 

  48.             Cookie::set('__typecho_remember_remember', 1, $expire);
    49. 

  49.         } elseif (Cookie::get('__typecho_remember_remember')) {
    50. 

  50.             Cookie::delete('__typecho_remember_remember');
    51. 

  51.         }
    52. 

  52. 

  53.         /** 截获验证异常 */
    54. 

  54.         if ($error = $validator->run($this->request->from('name', 'password'))) {
    55. 

  55.             Cookie::set('__typecho_remember_name', $this->request->name);
    56. 

  56. 

  57.             /** 设置提示信息 */
    58. 

  58.             Notice::alloc()->set($error);
    59. 

  59.             $this->response->goBack();
    60. 

  60.         }
    61. 

  61. 

  62.         /** 开始验证用户 **/
    63. 

  63.         $valid = $this->user->login(
    64. 

  64.             $this->request->name,
    65. 

  65.             $this->request->password,
    66. 

  66.             false,
    67. 

  67.             1 == $this->request->remember ? $expire : 0
    68. 

  68.         );
    69. 

  69. 

  70.         /** 比对密码 */
    71. 

  71.         if (!$valid) {
    72. 

  72.             /** 防止穷举,休眠3秒 */
    73. 

  73.             sleep(3);
    74. 

  74. 

  75.             self::pluginHandle()->loginFail(
    76. 

  76.                 $this->user,
    77. 

  77.                 $this->request->name,
    78. 

  78.                 $this->request->password,
    79. 

  79.                 1 == $this->request->remember
    80. 

  80.             );
    81. 

  81. 

  82.             Cookie::set('__typecho_remember_name', $this->request->name);
    83. 

  83.             Notice::alloc()->set(_t('用户名或密码无效'), 'error');
    84. 

  84.             $this->response->goBack('?referer=' . urlencode($this->request->referer));
    85. 

  85.         }
    86. 

  86. 

  87.         self::pluginHandle()->loginSucceed(
    88. 

  88.             $this->user,
    89. 

  89.             $this->request->name,
    90. 

  90.             $this->request->password,
    91. 

  91.             1 == $this->request->remember
    92. 

  92.         );
    93. 

  93. 

  94.         /** 跳转验证后地址 */
    95. 

  95.         if (!empty($this->request->referer)) {
    96. 

  96.             /** fix #952 & validate redirect url */
    97. 

  97.             if (
    98. 

  98.                 0 === strpos($this->request->referer, $this->options->adminUrl)
    99. 

  99.                 || 0 === strpos($this->request->referer, $this->options->siteUrl)
    100. 

  100.             ) {
    101. 

  101.                 $this->response->redirect($this->request->referer);
    102. 

  102.             }
    103. 

  103.         } elseif (!$this->user->pass('contributor', true)) {
    104. 

  104.             /** 不允许普通用户直接跳转后台 */
    105. 

  105.             $this->response->redirect($this->options->profileUrl);
    106. 

  106.         }
    107. 

  107. 

  108.         $this->response->redirect($this->options->adminUrl);
    109. 

  109.     }
    110. 

  110. }
    111.