HEX
Server: nginx/1.28.1
System: Linux 10-41-63-61 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 00:40:06 UTC 2024 x86_64
User: www (1001)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/wwwroot/oa.umchkw.com/app/home/controller/
Upload Files
File: /www/wwwroot/oa.umchkw.com/app/home/controller/Login.php
<?php
/**
 * @copyright Copyright (c) 2021 勾股工作室
 * @license https://opensource.org/licenses/GPL-3.0
 * @link https://www.gougucms.com
 */

declare (strict_types = 1);

namespace app\home\controller;

use app\home\validate\UserCheck;
use think\exception\ValidateException;
use think\facade\Db;
use think\facade\Session;

class Login
{
    //登录
    public function index()
    {
        return View();
    }
    //提交登录
    public function login_submit()
    {
        $param = get_params();
        try {
            validate(UserCheck::class)->check($param);
        } catch (ValidateException $e) {
            // 验证失败 输出错误信息
            return to_assign(1, $e->getError());
        }

        $admin = Db::name('Admin')->where(['username' => $param['username']])->find();
        if (empty($admin)) {
            $admin = Db::name('Admin')->where(['mobile' => $param['username']])->find();
            if (empty($admin)) {
                return to_assign(1, '用户名或密码错误');
            }
        }
        $param['pwd'] = set_password($param['password'], $admin['salt']);
        if ($admin['pwd'] !== $param['pwd']) {
            return to_assign(1, '用户名或密码错误');
        }
        if ($admin['status'] != 1) {
            return to_assign(1, '该用户禁止登录,请与管理者联系');
        }
        $data = [
			'is_lock' => 0,
            'last_login_time' => time(),
            'last_login_ip' => request()->ip(),
            'login_num' => $admin['login_num'] + 1,
        ];
        Db::name('admin')->where(['id' => $admin['id']])->update($data);
        $session_admin = get_config('app.session_admin');
        Session::set($session_admin, $admin['id']);
        $token = make_token();
        set_cache($token, $admin, 7200);
        $admin['token'] = $token;
		$logdata = [
			'uid' => $admin['id'],
            'type' => 'login',
            'action' => '登录',
            'subject' => '系统',
			'param_id'=>$admin['id'],
			'param'=>'[]',
            'ip' => request()->ip(),
			'create_time' => time()
        ];
		Db::name('AdminLog')->strict(false)->field(true)->insert($logdata);
        return to_assign(0, '登录成功', ['uid' => $admin['id']]);
    }

    //退出登录
    public function login_out()
    {
        $session_admin = get_config('app.session_admin');
        Session::delete($session_admin);
        return to_assign(0, "退出成功");
    }

	//锁屏
    public function lock()
    {
		$session_admin = get_config('app.session_admin');
		$admin= Session::get($session_admin);
		if (request()->isAjax()) {
			$param = get_params();
			if($param['lock_password'] == ''){
				return to_assign(1, '请输入登录密码解锁');
			}			
			if(empty($admin)){
				return to_assign(2, '登录超时,请重新登录');
			}
			$pwd = set_password($param['lock_password'], $admin['salt']);
			if ($admin['pwd'] !== $pwd) {
				return to_assign(1, '密码错误');
			}
			else{
				Db::name('admin')->where('id',$admin['id'])->update(['is_lock'=>0]);
				return to_assign(0, '解锁成功', ['uid' => $admin['id']]);
			}
        }
		Db::name('admin')->where('id',$admin['id'])->update(['is_lock'=>1]);
        return View();
    }
}
@ Telegram