Base.php 4.63 KB

Edit Raw Blame History

<?php

/**
 * tpshop
 * ============================================================================
 * 版权所有 2015-2027 深圳搜豹网络科技有限公司，并保留所有权利。
 * 网站地址: http://www.tp-shop.cn
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件！您只能在不用于商业目的的前提下对程序代码进行修改和使用 .
 * 不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
 * Author: 当燃
 * Date: 2015-09-09
 */

namespace app\manager\controller;
use app\manager\logic\UpgradeLogic;
use think\Controller;
use think\Db;
use think\response\Json;
use think\Session;
use think\Cookie;
class Base extends Controller {

    /**
     * 析构函数
     */
    function __construct()
    {
        Session::start();
        parent::__construct();
        $upgradeLogic = new UpgradeLogic();
        //$upgradeMsg = $upgradeLogic->checkVersion(); //升级包消息
        //$this->assign('upgradeMsg',$upgradeMsg);
        //用户中心面包屑导航
        $navigate_admin = navigate_admin();
        $this->assign('navigate_admin',$navigate_admin);

        //腾讯云地址前缀
        $qclurl=QCLOUD_IMGURL;
        $this->assign('qclurl',$qclurl);

        tpversion();
   }

    /*
     * 初始化操作
     */
    public function _initialize()
    {
        $this->request->isAjax() ? define('IS_AJAX',true) : define('IS_AJAX',false);  // 
        ($this->request->method() == 'GET') ? define('IS_GET',true) : define('IS_GET',false);  // 
        ($this->request->method() == 'POST') ? define('IS_POST',true) : define('IS_POST',false);  //
        define('MODULE_NAME',$this->request->module());  // 当前模块名称是
        define('CONTROLLER_NAME',$this->request->controller()); // 当前控制器名称
        define('ACTION_NAME',$this->request->action()); // 当前操作名称是
        define('PREFIX',C('database.prefix')); // 数据库表前缀

        $this->assign('action',ACTION_NAME);
        //过滤不需要登录的行为
        if(in_array(ACTION_NAME,array('login','logout','vertify','forget_pwd')) || in_array(CONTROLLER_NAME,array('Ueditor','Uploadify'))){
        	//return;
        }else{
        	if(session('manager_id') > 0 ){
        		$this->check_priv();//检查管理员菜单操作权限
        	}else{
        	    $ck=Cookie::get('manager_id');
        	    if($ck) {
                    $admin_info = M('manager_admin')->alias('a')->join('manager_role b', 'a.manager_role_id=b.manager_role_id', 'INNER')->where("a.manager_id = " . $ck)->find();
                    session('manager_id', $ck);
                    session('act_list', $admin_info['manager_act_list']);
                    session('last_login_time', time());
                    session('last_login_ip', getIP());
                    $this->check_priv();//检查管理员菜单操作权限
                }else{
                    $this->error('请先登录', U('manager/landing/login'), 1);
                }
        	}
        }
        $this->public_assign();
    }

    /**
     * 保存公告变量到 smarty中 比如 导航 
     */
    public function public_assign()
    {
       $tpshop_config = array();
       $tp_config = M('config')->select();
       foreach($tp_config as $k => $v)
       {
          $tpshop_config[$v['inc_type'].'_'.$v['name']] = $v['value'];
       }
       $this->assign('tpshop_config', $tpshop_config);
    }

    public function check_priv()
    {

    	$ctl = CONTROLLER_NAME;
    	$act = ACTION_NAME;
        $act_list = session('act_list');
		//无需验证的操作
		$uneed_check = array('login','logout','vertifyHandle','vertify','imageUp','upload','login_task');

    	if($ctl == 'Index' || $act_list == 'all'){
    		//后台首页控制器无需验证,超级管理员无需验证
    		return true;
    	}elseif(strpos($act,'ajax') || in_array($act,$uneed_check)){
    		//所有ajax请求不需要验证权限
    		return true;
    	}else{

    		$right = M('manager_menu')->where("id", "in", $act_list)->getField('right',true);
    		foreach ($right as $val){
    			$role_right .= $val.',';
    		}
    		$role_right = explode(',', $role_right);
    		//检查是否拥有此操作权限
    		if(!in_array($ctl.'@'.$act, $role_right)){
    			$this->error('您没有操作权限,请联系超级管理员分配权限',U('manager/Index/welcome'));
    		}
    	}
    }

    public function ajaxReturn($data,$type = 'json'){
            exit(json_encode($data));
    }
}