SiteController.php
8.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
<?php
namespace app\ht\controllers;
use Yii;
use yii\filters\AccessControl;
use app\ht\helpers\Password;
use common\helpers\ImageManager;
use common\helpers\Utils;
use common\models\SysUser as SysUserModel;
use domain\admin\models\LoginLog as LoginLogModel;
use function json_encode;
use function time;
use function explode;
use function date;
use function end;
use function round;
use function in_array;
use function implode;
use function rand;
/**
* Class SiteController
* @package app\ht\controllers
*/
class SiteController extends BaseController
{
/**
* @param \yii\base\Action $action
* @return bool
* @throws \yii\web\BadRequestHttpException
*/
public function beforeAction($action)
{
$this->enableCsrfValidation = false;
return parent::beforeAction($action);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error', 'forgot', 'reset', 'do-login'],
'allow' => true,
// 'roles' => ['?'],
],
[
'actions' => ['logout', 'index', 'region', 'test', 'editor-upload'],
'allow' => true,
'roles' => ['@'],
],
],
],
];
}
/**
* author: alen <948306245@qq.com>
* 默认首页 (工程师列表)
* 可以在config/main.php中重写 defaultRoute
* @return string
*/
public function actionIndex()
{
//return $this->redirect("home/welcome/index");
$this->layout = '/main';
$username = Yii::$app->user->identity->username;
return $this->render('index', [
'username' => $username,
]);
}
/**
* 错误页面
* @return string
*/
public function actionError()
{
$this->layout = '/error';
$exception = Yii::$app->errorHandler->exception;
$code = isset($exception->statusCode)?$exception->statusCode:404;
if (Yii::$app->request->isAjax) {
return json_encode(['success' => false]);
}
// 针对 $.ajaxFileUpload控件,无法识别是ajax
// $routes = [
// 'trade/order-import/order-import',
// 'trade/order/express-import'
// ];
// foreach ($routes as $r) {
// if (strpos($_SERVER['REQUEST_URI'], $r) !== false) {
// return json_encode(['success' => false]);
// }
// }
$viewTpl = 'error/' . $code . '.php';
return $this->render($viewTpl);
}
/**
* 登陆页面
* @return string
*/
public function actionLogin()
{
$this->layout = '/login';
return $this->render('login');
}
/**
* 执行登陆动作
* @return \yii\web\Response
*/
public function actionDoLogin()
{
$post = Yii::$app->request->post();
if (empty($post['name']) || empty($post['password'])) {
Yii::$app->session->setFlash('error', '请输入账号和密码');
return $this->redirect('site/login');
}
/*
* 接收表单提交的数据
*/
$username = $post['name'];
$password = $post['password'];
$sysUser = SysUserModel::findOne(['username' => $username]);
if (!$sysUser) {
Yii::$app->session->setFlash('error', '账号不存在,请重新输入');
return $this->redirect(['site/login']);
} elseif ($sysUser->is_enable == 0) {
Yii::$app->session->setFlash('error', '账号被禁用, 请联系管理员');
return $this->redirect(['site/login']);
} elseif (Password::validate($password, $sysUser['password_hash'])) { // 验证密码
// 使用配置文件的登录超时常量
$duration = Yii::$app->user->authTimeout;
Yii::$app->getUser()->login($sysUser, $duration);
// 记录登录这信息
$log = new LoginLogModel();
$log->user_id = $sysUser->id;
$log->username = $sysUser->username;
$log->client_ip = Utils::clientIp();
$log->client = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$log->referer_url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$log->created_at = time();
$log->save();
return $this->goHome();
} else {
Yii::$app->session->setFlash('error', '账号与密码不匹配,请重新输入');
return $this->redirect(['site/login']);
}
}
/**
* 执行退出动作
* @return \yii\web\Response
*/
public function actionLogout()
{
Yii::$app->user->logout();
return $this->goHome();
}
/**
* 编辑器服务端配置
*/
public function actionEditorUpload()
{
$maxSize = 1048576; // 1024 * 1024 = 1MB
//定义允许上传的文件扩展名
$extArr = array('gif', 'jpg', 'jpeg', 'png', 'bmp');
//PHP上传失败
if (!empty($_FILES['imgFile']['error'])) {
switch ($_FILES['imgFile']['error']) {
case '1':
$error = '图片超过系统允许的大小。'; // php.ini允许的大小(默认2MB)
break;
case '2':
$error = '图片超过表单允许的大小。';
break;
case '3':
$error = '图片只有部分被上传。';
break;
case '4':
$error = '请选择图片。';
break;
case '6':
$error = '找不到临时目录。';
break;
case '7':
$error = '写文件到硬盘出错。';
break;
case '8':
$error = 'File upload stopped by extension。';
break;
case '999':
default:
$error = '未知错误。';
}
$this->editorAlert($error);
}
// 确保临时文件夹是否已经创建
//if (!file_exists($savePath)) {
// mkdir($savePath, 0777, true);
//}
//有上传文件时
if (empty($_FILES) === false) {
//原文件名
$fileName = $_FILES['imgFile']['name'];
//服务器上临时文件名
$tmpName = $_FILES['imgFile']['tmp_name'];
//文件大小
$fileSize = $_FILES['imgFile']['size'];
//检查文件名
if (!$fileName) {
$this->editorAlert("请选择文件。");
}
/*
//检查目录
if (@is_dir($savePath) === false) {
$this->editorAlert("上传目录不存在。");
}
//检查目录写权限
if (@is_writable($savePath) === false) {
$this->editorAlert("上传目录没有写权限。");
}
//检查是否已上传
if (@is_uploaded_file($tmpName) === false) {
$this->editorAlert("上传失败。");
}
*/
//检查文件大小
if ($fileSize > $maxSize) {
$this->editorAlert("图片大小不能超过" . Utils::formatBytes($maxSize));
}
//获得文件扩展名
// $tempArr = explode(".", $fileName);
// $fileExt = array_pop($tempArr);
// $fileExt = trim($fileExt);
// $fileExt = strtolower($fileExt);
$tmp = explode('.', $fileName);
$fileExt = end($tmp);
//检查扩展名
if (in_array($fileExt, $extArr) === false) {
$this->editorAlert("上传文件扩展名是不允许的扩展名。\n只允许" . implode(",", $extArr) . "格式。");
}
//新文件名
$newFileName = date("YmdHis") . '_' . rand(10000, 99999) . '.' . $fileExt;
$savePath = ImageManager::getTempImgPath($fileExt);
//移动文件
$filePath = $savePath . '/' . $newFileName;
ImageManager::add($tmpName, $filePath);
$fileUrl = ImageManager::getUrl($filePath);
echo json_encode(array('error' => 0, 'url' => $fileUrl));
exit;
}
}
/**
* 编辑器提示框显示
* @param $msg
*/
protected function editorAlert($msg)
{
echo json_encode(array('error' => 1, 'message' => $msg));
exit;
}
}