diff --git a/conf/app.php b/conf/app.php index 6f324a4..908b468 100644 --- a/conf/app.php +++ b/conf/app.php @@ -47,6 +47,7 @@ return array( 'admin' => array( 'username' => 'filesite', 'password' => '88888888', + 'captcha' => true, //后台登陆是否开启验证码 ), ); diff --git a/controller/ApiController.php b/controller/ApiController.php index 430d76c..6732dfa 100644 --- a/controller/ApiController.php +++ b/controller/ApiController.php @@ -37,6 +37,10 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); + if ($this->isUserLogined() == false) { + $err = '没登陆或登陆已过期!'; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } $scanner = new DirScanner(); $scanner->setWebRoot(FSC::$app['config']['content_directory']); @@ -86,6 +90,11 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); + if ($this->isUserLogined() == false) { + $err = '没登陆或登陆已过期!'; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + $parentDir = $this->post('parent', ''); $newDir = $this->post('dir', ''); @@ -134,6 +143,11 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); + if ($this->isUserLogined() == false) { + $err = '没登陆或登陆已过期!'; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + $parentDir = $this->post('parent', ''); $delDir = $this->post('dir', ''); @@ -176,6 +190,11 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); + if ($this->isUserLogined() == false) { + $err = '没登陆或登陆已过期!'; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + $parentDir = $this->post('parent', ''); $fromDir = $this->post('from', ''); @@ -216,6 +235,11 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); + if ($this->isUserLogined() == false) { + $err = '没登陆或登陆已过期!'; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + $parentDir = $this->post('parent', ''); $fromDir = $this->post('from', ''); @@ -259,6 +283,11 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); + if ($this->isUserLogined() == false) { + $err = '没登陆或登陆已过期!'; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + $parentDir = $this->post('parent', ''); $delFile = $this->post('file', ''); @@ -301,7 +330,7 @@ Class ApiController extends Controller { $msg = $err = ''; $data = array(); - $refresh = (int)$this->get('refresh', 0); + $refresh = (int)$this->post('refresh', 0); try { $builder = new CaptchaBuilder; @@ -351,4 +380,72 @@ Class ApiController extends Controller { return @file_put_contents($logFile, json_encode($data)); } + //登陆 + public function actionLogin() { + $code = 0; + $msg = $err = ''; + $data = array(); + + $username = $this->post('username', ''); + $password = $this->post('password', ''); + $captcha = $this->post('captcha', ''); + $maxUsernameLen = 20; + $maxPasswordLen = 30; + if (empty($username) || mb_strlen($username, 'utf-8') > $maxUsernameLen) { + $err = "用户名不能为空且最长 {$maxUsernameLen} 个字符"; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + }else if (empty($password) || mb_strlen($password, 'utf-8') > $maxPasswordLen) { + $err = "密码不能为空且最长 {$maxPasswordLen} 个字符"; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + + $admConfig = FSC::$app['config']['admin']; + + try { + //get captcha code + $userData = $this->getAdmUserData(); + $captcha_code = !empty($userData['captcha_code']) ? $userData['captcha_code'] : ''; + if ($admConfig['captcha'] && empty($captcha_code)) { + $err = "请刷新网页,如果验证码图片无法显示请联系管理员!"; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + }else if ($admConfig['captcha'] && !empty($captcha_code) && $captcha != $captcha_code) { + $err = "验证码不正确,请注意字母大小写!"; + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + + if ($username == $admConfig['username'] && $password == $admConfig['password']) { + //保存登陆成功信息 + $userData['login_user'] = $username; + $userData['login_time'] = time(); + $this->saveAdmUserData($userData); + + $code = 1; + $msg = '登陆成功。'; + }else { + $err = "用户名或密码错误,请注意字母大小写!"; + } + }catch(Exception $e) { + $err = '登陆失败:' . $e->getMessage(); + } + + return $this->renderJson(compact('code', 'msg', 'err', 'data')); + } + + protected function isUserLogined() { + $logined = false; + + try { + $admConfig = FSC::$app['config']['admin']; + + //get user data + $userData = $this->getAdmUserData(); + if (!empty($userData) && $userData['login_user'] == $admConfig['username']) { + $logined = true; + } + }catch(Exception $e) { + } + + return $logined; + } + } diff --git a/plugins/Captcha/README.md b/plugins/Captcha/README.md index aaeff98..13a0801 100644 --- a/plugins/Captcha/README.md +++ b/plugins/Captcha/README.md @@ -1,8 +1,6 @@ Captcha ======= -![Captchas examples](http://gregwar.com/captchas.png) -[![paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=YUXRLWHQSWS6L) Installation ============