jiliangzhifu/protected/class/auth.php

<?php

session_start(); // starts new or resumes existing session
session_regenerate_id(true); // regenerates SESSIONID to prevent hijacking

Doo::loadModel('users');
Doo::loadModel('usession');
Doo::loadModelAt('ausers', 'admin');
Doo::loadClass('user');
Doo::loadModel('uprofile');

class Auth {

    private $users, $usession, $user, $uinfo, $ausers, $profile;

    public function __construct() {
	$this->users = new Users();
	$this->usession = new Usession();
	$this->user = new User();
	$this->ausers = new AUsers();
	$this->profile = new Uprofile();
    }

    private function __setcookie($key, $value) {
	setcookie($this->cookiePre . $key, $value, 0, '/', $this->siteUrl, 0);
    }

    public function login($uname, $upasswd) {
	$uinfo = $this->checkLogin($uname, $upasswd);
	if (isset($uinfo['uid'])) {
	    $this->uinfo = $uinfo;
	    return TRUE;
	} else {
	    return FALSE;
	}
    }

    public function getUinfo() {
	return $this->uinfo;
    }

    public function getUid() {
	if (isset($_SESSION['uid']) && $_SESSION['uid']) {
	    return $_SESSION['uid'];
	} else {
	    return FALSE;
	}
    }

    public function getUemail() {
	if (isset($_SESSION['uemail']) && $_SESSION['uemail']) {
	    return $_SESSION['uemail'];
	} else {
	    return 0;
	}
    }

    public function setUid($uid) {
	return $_SESSION['uid'] = $uid;
    }

    public function setUemail($uemail) {
	return $_SESSION['uemail'] = $uemail;
    }

    public function getAvatar($uid) {
//	$dir1 = ceil($uid / 10000);
//	$dir2 = ceil($uid % 10000 / 1000);
//	$url = 'http://sso.smartcost.com.cn/' . 'data/avatar/' . $dir1 . '/' . $dir2 . '/' . $uid . '/';
//	$avatar = array('180' => $url . '180x180.jpg', '90' => $url . '90x90.jpg', '45' => $url . '45x45.jpg', '30' => $url . '30x30.jpg');
//	return $avatar;
	$valArray = $this->profile->getOne(array('where' => 'userid=?', 'param' => array($uid), 'asArray' => TRUE));
	return Doo::conf()->APP_URL . $valArray['avatar'];
    }

    public function checkLogin($uemail, $upasswd) {
	return $this->user->login($uemail, $upasswd);
    }

    public function logout() {
	session_destroy();
	setcookie('token', '-1', 0, '/', 'jl.local', FALSE, TRUE);
    }

    public function checkauth() {
	//TODO 启用SESSION变量避免重复查询数据库
	if (isset($_COOKIE['M0s5Yi_yn_k']) && isset($_COOKIE['M0s5Yi_yn_v'])) {
	    $uname = $this->decryptCookie($_COOKIE['M0s5Yi_yn_k']);
	    $passwd = $this->decryptCookie($_COOKIE['M0s5Yi_yn_v']);
	    if ($uname && $passwd) {
		return TRUE;
	    } else {
		return FALSE;
	    }
	} else {
	    return FALSE;
	}
    }

    function isLoggedIn() {
	if (isset($_SESSION['token']) && isset($_COOKIE['token'])) {
	    if ($_SESSION['token'] != $_COOKIE['token']) {
		return TRUE;
	    }
	}
	return FALSE;
    }

    public function getUname() {
	//TODO 启用SESSION变量避免重复查询数据库
	if (isset($_COOKIE['M0s5Yi_yn_k']) && isset($_COOKIE['M0s5Yi_yn_v'])) {
	    $uname = $this->decryptCookie($_COOKIE['M0s5Yi_yn_k']);
	    $passwd = $this->decryptCookie($_COOKIE['M0s5Yi_yn_v']);
	    if ($uname && $passwd) {
		return $uname;
	    } else {
		return FALSE;
	    }
	} else {
	    return FALSE;
	}
    }

    private function encryptCookie($value) {
	if (!$value) {
	    return false;
	}
	$key = '290234lk23jk23djLHSWCs92s';
	$text = $value;
	$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
	$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
	$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
	return trim(base64_encode($crypttext)); //encode for cookie
    }

    private function decryptCookie($value) {
	if (!$value) {
	    return false;
	}
	$key = '290234lk23jk23djLHSWCs92s';
	$crypttext = base64_decode($value); //decode cookie
	$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
	$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
	$decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $crypttext, MCRYPT_MODE_ECB, $iv);
	return trim($decrypttext);
    }

}

?>