AuthController.class.php 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
  1. <?php
  2. namespace Common\Controller;
  3. use Think\Controller;
  4. use Think\Auth;
  5. use Common;
  6. //权限认证
  7. class AuthController extends BaseController {
  8. protected $site_url;
  9. public function __construct() {
  10. parent::__construct();
  11. $common = new Common\Common\Common();
  12. $common->auto_load_func('Application/Common/Server/'); //自动导入Server
  13. $common->auto_load_func('Application/Common/Common/util/'); //自动导入工具类(自己写的)
  14. $this->site_url = SITE_URL;
  15. $admin = self::get_my_info();
  16. //自动运行,为了判断左侧导航、右侧导航的选中状态,S为导航ID
  17. cookie('s',I('s'),86400);
  18. //session不存在时,不允许直接访问
  19. if(!$admin['aid']){
  20. $this->error('还没有登录,正在跳转到登录页',U('Admin/Login/login'));
  21. }
  22. //session存在时,不需要验证的权限
  23. $not_check = array('Index/index','Index/panel','Login/login','Common/base64_upload','Common/file_upload','Common/img_upyun','Common/upload_upyun');
  24. //当前操作的请求 模块名/方法名
  25. if(in_array(CONTROLLER_NAME.'/'.ACTION_NAME, $not_check)){
  26. return true;
  27. }
  28. //下面代码动态判断权限
  29. $auth = new Auth();
  30. if(!$auth->check(CONTROLLER_NAME.'/'.ACTION_NAME,$admin['aid'])){
  31. $this->error('没有权限');
  32. }
  33. }
  34. /**
  35. * get封装
  36. * @param type $get
  37. * $defalut默认值 默认null
  38. */
  39. public function myGet($get, $defalut = null) {
  40. $result = $_GET[$get];
  41. !empty($result) ? ($result = $result) : ($result = $defalut);
  42. $result = htmlspecialchars($result);
  43. return $result;
  44. }
  45. /**
  46. * post封装
  47. * @param type $post
  48. */
  49. public function myPost($post, $defalut = null) {
  50. $result = $_POST[$post];
  51. !empty($result) ? ($result = $result) : ($result = $defalut);
  52. $result = htmlspecialchars($result);
  53. return $result;
  54. }
  55. /**
  56. * $request封装
  57. * @param type $request
  58. * @param type $default
  59. * @return type
  60. */
  61. public function myRequest($request, $defalut = null) {
  62. $result = $_REQUEST[$request];
  63. !empty($result) ? ($result = $result) : ($result = $defalut);
  64. $result = htmlspecialchars($result);
  65. return $result;
  66. }
  67. //空操作
  68. public function _empty() {
  69. header("HTTP/1.0 404 Not Found");
  70. $this->assign('info', 'baseAction/_empty');
  71. $this->display('./Tpl/404.html');
  72. exit;
  73. }
  74. /**
  75. * 自动加载函数库 .php文件
  76. * @param string $path 文件夹
  77. */
  78. public function auto_load_func($path) {
  79. $auto_funcs = glob($path . "*.php");
  80. if (!empty($auto_funcs)) {
  81. foreach ($auto_funcs as $fileName) {
  82. include_once $fileName;
  83. }
  84. }
  85. }
  86. /**
  87. * 返回并重载上一页
  88. * Transient_1988
  89. */
  90. public function goBack() {
  91. echo '<script>location.href = document.referrer;</script>';
  92. exit;
  93. }
  94. /**
  95. * 保存登录信息
  96. * @param array $info
  97. * @param int $time
  98. */
  99. static public function set_my_info($info) {
  100. session('admin_motion', $info);
  101. }
  102. /**
  103. * 获取保存的登录信息
  104. */
  105. static public function get_my_info(){
  106. return session('admin_motion');
  107. }
  108. /**
  109. * 清除登录信息
  110. */
  111. static public function del_my_info(){
  112. session('admin_motion', null);
  113. }
  114. /**
  115. * 获取面包屑
  116. * @return array
  117. */
  118. static function get_bread_crumbs(){
  119. $name = CONTROLLER_NAME . '/' . ACTION_NAME ;
  120. $where = array('name' => $name);
  121. $field = 'id,name,title,pid';
  122. $model = M('auth_rule');
  123. $data = array();
  124. $temp = $model->where($where)->field($field)->find();
  125. while(!empty($temp)){
  126. $data[] = $temp;
  127. $where = array('id' => $temp['pid']);
  128. $temp = $model->where($where)->field($field)->find();
  129. }
  130. $data = array_reverse($data);
  131. return $data;
  132. }
  133. }
  134. ?>