namespace app\admin\myclass;
class admin
{
//登陆验证
public static function login($name,$password)
{
$where=null;
$where[“admin_name”]=$name;
$data=db(“Admin”)->where($where)->find();
if(isset($data[“admin_id”]))
{
$where[“password”]=password($password);
$data1=db(“Admin”)->where($where)->find();
if(isset($data1[“admin_id”]))
{
if($data1[“is_active”]==1)
{
$re[“state”]=1;
$re[“mag”]=”登陆成功”;
session(“admin”,$data);
$d=null;
$d[“last_login_at”]=time();
db(“Admin”)->where($data1)->update($d);
admin::login_log($data1[“admin_id”],1);
}else{
$re[“state”]=0;
$re[“mag”]=”你的帐号已被禁用,请联系管理员开通”;
admin::login_log($data[“admin_id”],0);
}
}else{
$re[“state”]=0;
$re[“mag”]=”密码错误,请重新输入”;
admin::login_log($data[“admin_id”],0);
}
}else{
$re[“state”]=0;
$re[“mag”]=”帐号密码错误,请重新输入”;
}
return $re;
}
//登陆日志写入
public static function login_log($admin_id,$state)
{
$where=null;
$where[“admin_id”]=$admin_id;
if(getValue($admin_id,”Admin”,”admin_id”,”admin_id”,”0″)>0)
{
$data=null;
$data[“admin_id”]=$admin_id;
$data[“ip”]=\think\Request::instance()->ip();
$data[“login_at”]=time();
$data[“is_correct”]=$state;
db(“Admin_log”)->insert($data);
return true;
}
return false;
}
//导航生成
public static function menu()
{
$where[“status”]=1;
$where[“pid”]=0;
$menu=db(“Menu”)->where($where)->order(“ord asc”)->select();
$re_menu=array();
if(count($menu)>0)
{
foreach($menu as $k=>$v)
{
$auth=admin::auth_action($v[“controller”]);
if($auth[“state”]==1)
{
$re_menu[]=$v;
}
}
}
foreach($re_menu as $k=>$v)
{
$where=null;
$where[“status”]=1;
$where[“pid”]=$v[“menu_id”];
$var_arr=db(“Menu”)->where($where)->order(“ord asc”)->select();
$re_menu[$k][“sub_menu”]=array();
if(count($var_arr)>0)
{
foreach($var_arr as $k1=>$v1)
{
$auth=admin::auth_action($v1[“controller”],$v1[“action”]);
if($auth[“state”]==1)
{
$re_menu[$k][“sub_menu”][]=$v1;
}
}
}
}
return $re_menu;
}
//权限验证
public static function auth()
{
$admin=session(“admin”);
if(isset($admin[“admin_id”]))
{
$where=null;
$where[“admin_id”]=$admin[“admin_id”];
$admin=db(“Admin”)->where($where)->find();
if(isset($admin[“admin_id”]) &&$admin[“is_active”])
{
session(“admin”,$admin);
if($admin[“is_supper”]==1)
{
$re[“state”]=1;
$re[“msg”]=”你有权权限”;
$re[“url”]=””;
}else{
$request = \think\Request::instance();
$module= strtolower($request->module());
$controller= strtolower($request->controller());
$action=strtolower($request->action());
if($controller!=”index”)
{
if(getValue($admin[“role_id”],”Role”,”role_id”,”status”,0)==1)
{
$where=null;
$where[“node_name”]=$controller;
$where[“level”]=1;
$where[“status”]=1;
$data_controller=db(“Node”)->where($where)->find();
if(isset($data_controller[“node_id”]))
{
$where=null;
$where[“node_name”]=$action;
$where[“level”]=2;
$where[“pid”]=$data_controller[“node_id”];
$where[“status”]=1;
$data_action=db(“Node”)->where($where)->find();
if(isset($data_action[“node_id”]))
{
$where=null;
$where[“role_id”]=$admin[“role_id”];
$where[“node_id”]=$data_action[“node_id”];
$where[“status”]=1;
$auth=db(“Role_node”)->where($where)->find();
if(isset($auth[“role_node_id”]))
{
$re[“state”]=1;
$re[“msg”]=”你有权操作”;
$re[“url”]=url(“index/index”);
}else{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}else{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}else
{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}else{
$re[“state”]=0;
$re[“msg”]=”角色已被禁用”;
$re[“url”]=url(“index/index”);
}
}else{
$re[“state”]=1;
$re[“msg”]=”默认首页不需要权限”;
$re[“url”]=url(“index/index”);
}
}
}else{
session(“admin”,null);
$re[“state”]=0;
$re[“msg”]=”你的帐号已被禁用,请联系管理员开通”;
$re[“url”]=url(“pub/login”);
}
}else{
$re[“state”]=0;
$re[“msg”]=”你暂未登陆,请先登陆再行操作”;
$re[“url”]=url(“pub/login”);
}
return $re;
}
//操作验证权限
public static function auth_action($controller,$action=””)
{
$controller=strtolower($controller);
$action=strtolower($action);
$admin=session(“admin”);
if(isset($admin[“is_supper”])&&$admin[“is_supper”]==1)
{
$re[“state”]=1;
$re[“msg”]=”你有权操作”;
$re[“url”]=url(“index/index”);
}elseif(isset($admin[“admin_id”])){
$where=null;
$where[“node_name”]=$controller;
$where[“level”]=1;
$where[“status”]=1;
$data_controller=db(“Node”)->where($where)->find();
if(isset($data_controller[“node_id”]))
{
if($action==””)
{
$where=null;
$where[“role_id”]=$admin[“role_id”];
$where[“node_id”]=$data_controller[“node_id”];
$where[“status”]=1;
$auth=db(“Role_node”)->where($where)->find();
if(isset($auth[“role_node_id”]))
{
$re[“state”]=1;
$re[“msg”]=”你有权操作”;
$re[“url”]=url(“index/index”);
}else{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}else{
$where=null;
$where[“node_name”]=$action;
$where[“level”]=2;
$where[“pid”]=$data_controller[“node_id”];
$where[“status”]=1;
$data_action=db(“Node”)->where($where)->find();
if(isset($data_action[“node_id”]))
{
$where=null;
$where[“role_id”]=$admin[“role_id”];
$where[“node_id”]=$data_action[“node_id”];
$where[“status”]=1;
$auth=db(“Role_node”)->where($where)->find();
if(isset($auth[“role_node_id”]))
{
$re[“state”]=1;
$re[“msg”]=”你有权操作”;
$re[“url”]=url(“index/index”);
}else{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}else{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}
}else
{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
}else{
$re[“state”]=0;
$re[“msg”]=”你并无权限”;
$re[“url”]=url(“index/index”);
}
return $re;
}
}