{
$model=new LoginForm;
// if it is ajax validation request
if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if(isset($_POST['LoginForm']))
{
$model->attributes=$_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if($model->validate() && $model->login())
$this->redirect(Yii::app()->user->returnUrl);
}
// display the login form
$this->render('login',array('model'=>$model));
}
{
$users=MngUserMain::model()->findByAttributes(array('username'=>$this->username));
if($users==NULL)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($users->password!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else{
$this->_id=$users->id;
$this->setState('department_id', $users->student_num);
$department = MngDepartment::model()->findByPk($users->student_num);
$this->setState('department_name', $department->name);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
{
if($this->_identity===null)
{
$this->_identity=new UserIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
{
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else
return false;
}
{
$id=$identity->getId();//這裏是記錄的id
$states=$identity->getPersistentStates();//這裏是setState函數設置的一些額外的屬性,是array
if($this->beforeLogin($id,$states,false))
{
$this->changeIdentity($id,$identity->getName(),$states);//$identity->getName()爲返回CUserIdentity實例中的username的值
if($duration>0)
{
if($this->allowAutoLogin)
$this->saveToCookie($duration);
else
throw new CException(Yii::t('yii','{class}.allowAutoLogin must be set true in order to use cookie-based authentication.',
array('{class}'=>get_class($this))));
}
$this->afterLogin(false);
}
return !$this->getIsGuest();
}
{
$app=Yii::app();//實例化CApplication
$cookie=$this->createIdentityCookie($this->getStateKeyPrefix());
$cookie->expire=time()+$duration;//cookie有效時間
$data=array(
$this->getId(),//用戶的唯一標識符。如果是空,意味着用戶是來賓用戶。,返回的是$_SESSION[‘id’],
$this->getName(),//返回的是$_SESSION['username']
$duration,
$this->saveIdentityStates(),//返回一個名爲$states數組,存儲了我們自定義的額外屬性
);
$cookie->value=$app->getSecurityManager()->hashData(serialize($data));//先返回CSecurityManager實例,再調用哈希函數hashData,返回的是加密過的數據
$app->getRequest()->getCookies()->add($cookie->name,$cookie);//添加cookie,cookie的name一般爲$this->getStateKeyPrefix()
}
{
if($this->beforeLogout())
{
if($this->allowAutoLogin)
{
Yii::app()->getRequest()->getCookies()->remove($this->getStateKeyPrefix());//銷燬$_COOKIE['$this->getStateKeyPrefix()']
if($this->identityCookie!==null)//identityCookie這個屬性找不到在哪有賦值過!這裏不清楚!我以爲是用戶選擇了記住登錄狀態後,在用戶註銷時保存一些下次能直接登錄用的cookie,
{
$cookie=$this->createIdentityCookie($this->getStateKeyPrefix());
$cookie->value=null;
$cookie->expire=0;//但這裏,當設置cookie過期時間爲0或者忽略不設置的情況下,cookie將會在session過期後過期(即瀏覽器關閉後cookie過期)
Yii::app()->getRequest()->getCookies()->add($cookie->name,$cookie);
}
}
if($destroySession)
Yii::app()->getSession()->destroy();
else
$this->clearStates();
$this->afterLogout();
}
}