+ add the feature of keep login.

module/common/control.php

@@ -37,7 +37,8 @@ class common extends control
         $module = $this->app->getModuleName();
         $method = $this->app->getMethodName();
         if($this->common->isOpenMethod($module, $method)) return true;
-        if(isset($this->app->user) and $this->app->user->account == 'guest' and $this->server->php_auth_user) $this->common->identifyPhpAuth();
+        if(!$this->loadModel('user')->isLogon() and $this->server->php_auth_user) $this->user->identifyByPhpAuth();
+        if(!$this->loadModel('user')->isLogon() and $this->cookie->za) $this->user->identifyByCookie();
 
         if(isset($this->app->user))
         {

module/common/model.php

@@ -108,25 +108,6 @@ class commonModel extends model
         return false;
     }
 
-    /**
-     * Identify user by PHP_AUTH_USER.
-     * 
-     * @access public
-     * @return void
-     */
-    public function identifyPhpAuth()
-    {
-        $account  = $this->server->php_auth_user;
-        $password = $this->server->php_auth_pw;
-        $user     = $this->loadModel('user')->identify($account, $password);
-        if(!$user) return false;
-
-        $user->rights = $this->user->authorize($account);
-        $this->session->set('user', $user);
-        $this->app->user = $this->session->user;
-        $this->loadModel('action')->create('user', $user->id, 'login');
-    }
-
     /**
      * Deny access.
      * 
@@ -194,8 +175,8 @@ class commonModel extends model
             echo html::a(helper::createLink('user', 'login'), $lang->login);
         }
         echo html::a('#', $lang->switchHelp, '', "onclick='toggleHelpLink();'");
-        echo html::a(helper::createLink('misc', 'about'), $lang->aboutZenTao, '', "class='about'");
         echo html::select('', $app->config->langs, $app->getClientLang(), 'class=switcher onchange="selectLang(this.value)"');
+        echo html::a(helper::createLink('misc', 'about'), $lang->aboutZenTao, '', "class='about'");
     }
 
     /**

module/user/control.php

@@ -334,6 +334,9 @@ class user extends control
                 $this->app->user = $this->session->user;
                 $this->loadModel('action')->create('user', $user->id, 'login');
 
+                /* Keep login. */
+                if($this->post->keepLogin) $this->user->keepLogin($user);
+
                 /* Go to the referer. */
                 if($this->post->referer and 
                    strpos($this->post->referer, $loginLink) === false and 
@@ -358,9 +361,10 @@ class user extends control
         else
         {
             $header['title'] = $this->lang->user->login;
-            $this->view->header  = $header;
-            $this->view->referer = $this->referer;
-            $this->view->s       = $this->loadModel('setting')->getItem('system', 'global', 'sn');
+            $this->view->header    = $header;
+            $this->view->referer   = $this->referer;
+            $this->view->s         = $this->loadModel('setting')->getItem('system', 'global', 'sn');
+            $this->view->keepLogin = $this->cookie->keepLogin ? $this->cookie->keepLogin : 'off';
             $this->display();
         }
     }
@@ -399,6 +403,8 @@ class user extends control
     {
         $this->loadModel('action')->create('user', $this->app->user->id, 'logout');
         session_destroy();
+        setcookie('za', false);
+        setcookie('zp', false);
         $vars = !empty($referer) ? "referer=$referer" : '';
         $this->locate($this->createLink('user', 'login', $vars));
     }

module/user/lang/en.php

@@ -47,6 +47,7 @@ $lang->user->gendarList->m = 'Male';
 $lang->user->gendarList->f = 'Female';
 $lang->user->statusList['active'] = 'Activate';
 $lang->user->statusList['delete'] = 'Deleted';
+$lang->user->keepLogin['on']      = 'Keep login';
 
 $lang->user->id        = 'ID';
 $lang->user->company   = 'Company';

module/user/lang/zh-cn.php

@@ -47,6 +47,7 @@ $lang->user->gendarList->m = '男';
 $lang->user->gendarList->f = '女';
 $lang->user->statusList['active'] = '正常';
 $lang->user->statusList['delete'] = '删除';
+$lang->user->keepLogin['on']      = '保持登录状态';
 
 $lang->user->id        = '用户编号';
 $lang->user->company   = '所属公司';

module/user/model.php

@@ -205,27 +205,72 @@ class userModel extends model
         /* Get the user first. If $password length is 32, don't add the password condition.  */
         $user = $this->dao->select('*')->from(TABLE_USER)
             ->where('account')->eq($account)
-            ->beginIF(strlen($password) != 32)->andWhere('password')->eq(md5($password))->fi()
+            ->beginIF(strlen($password) < 32)->andWhere('password')->eq(md5($password))->fi()
             ->andWhere('deleted')->eq(0)
             ->fetch();
 
-        /* If the length of $password is 32, checking by the auth hash. */
+        /* If the length of $password is 32 or 40, checking by the auth hash. */
         if(strlen($password) == 32)
         {
             $hash = $this->session->rand ? md5($user->password . $this->session->rand) : $user->password;
             $user = $password == $hash ? $user : '';
         }
+        elseif(strlen($password) == 40)
+        {
+            $hash = sha1($user->account . $user->password . $user->last);
+            $user = $password == $hash ? $user : '';
+        }
 
         if($user)
         {
             $ip   = $this->server->remove_addr;
-            $last = time();
+            $last = $this->server->request_time;
             $this->dao->update(TABLE_USER)->set('visits = visits + 1')->set('ip')->eq($ip)->set('last')->eq($last)->where('account')->eq($account)->exec();
             $user->last = date(DT_DATETIME1, $user->last);
         }
         return $user;
     }
 
+    /**
+     * Identify user by PHP_AUTH_USER.
+     * 
+     * @access public
+     * @return void
+     */
+    public function identifyByPhpAuth()
+    {
+        $account  = $this->server->php_auth_user;
+        $password = $this->server->php_auth_pw;
+        $user     = $this->identify($account, $password);
+        if(!$user) return false;
+
+        $user->rights = $this->authorize($account);
+        $this->session->set('user', $user);
+        $this->app->user = $this->session->user;
+        $this->loadModel('action')->create('user', $user->id, 'login');
+    }
+
+    /**
+     * Identify user by cookie.
+     * 
+     * @access public
+     * @return void
+     */
+    public function identifyByCookie()
+    {
+        $account  = $this->cookie->za;
+        $authHash = $this->cookie->zp;
+        $user     = $this->identify($account, $authHash);
+        if(!$user) return false;
+
+        $user->rights = $this->authorize($account);
+        $this->session->set('user', $user);
+        $this->app->user = $this->session->user;
+        $this->loadModel('action')->create('user', $user->id, 'login');
+
+        $this->keepLogin($user);
+    }
+
     /**
      * Authorize a user.
      * 
@@ -259,6 +304,21 @@ class userModel extends model
         return $rights;
     }
 
+    /**
+     * Keep the user in login state.
+     * 
+     * @param  string    $account 
+     * @param  string    $password 
+     * @access public
+     * @return void
+     */
+    public function keepLogin($user)
+    {
+        setcookie('keepLogin', 'on', $this->config->cookieLife, $this->config->webRoot);
+        setcookie('za', $user->account, $this->config->cookieLife, $this->config->webRoot);
+        setcookie('zp', sha1($user->account . $user->password . $this->server->request_time), $this->config->cookieLife, $this->config->webRoot);
+    }
+
     /* 
     /**
      * Judge a user is logon or not.

module/user/view/login.html.php

@@ -25,6 +25,7 @@ table, tr, td, th, input{ border:none;}
 #poweredby{color:#fff; margin-top:40px; text-align:center; line-height:1}
 #poweredby a {color:#fff}
 .button-s, .button-c {padding:3px 5px 3px 5px; width:80px; font-size:14px; font-weight:bold}
+#keeplogin {color:white; font-size:14px}
 </style>
 <script language='Javascript'>
 $(document).ready(function(){
@@ -36,19 +37,20 @@ $(document).ready(function(){
     <table align='center' class='table-4'> 
       <caption id='welcome'><?php printf($lang->welcome, $app->company->name);?></caption>
       <tr>
-        <td class='rowhead pt-10px'><?php echo $lang->user->account;?>：</td>  
-        <td class='pt-10px'><input class='text-2' type='text' name='account' id='account' /></td>
+        <td class='rowhead'><?php echo $lang->user->account;?>：</td>  
+        <td><input class='text-2' type='text' name='account' id='account' /></td>
       </tr>  
       <tr>
         <td class='rowhead'><?php echo $lang->user->password;?>：</td>  
         <td><input class='text-2' type='password' name='password' /></td>
       </tr>
       <tr>
-        <td class='rowhead'>Language:</td>  
+        <td class='rowhead' valign='top'>Language:</td>  
         <td><?php echo html::select('lang', $config->langs, $this->app->getClientLang(), 'class=select-2 onchange=selectLang(this.value)');?></td>
       </tr>
+      <tr><td></td><td id='keeplogin'><?php echo html::checkBox('keepLogin', $lang->user->keepLogin, $keepLogin);?></td></tr>
       <tr>
-        <td colspan='2' class='a-center pt-20px'>
+        <td colspan='2' class='a-center'>
         <?php 
         echo html::submitButton($lang->login);
         if($app->company->guest) echo html::linkButton($lang->user->asGuest, $this->createLink($config->default->module));
@@ -57,12 +59,14 @@ $(document).ready(function(){
         </td>
       </tr>  
     </table>
-    <div class='yui-d0' id='debugbar'><iframe frameborder='0' name='hiddenwin' id='hiddenwin' class='hidden'></iframe></div>
     <div id='poweredby'>
     powered by <a href='http://www.zentao.net' target='_blank'>ZenTaoPMS</a>(<?php echo $config->version;?>). <br />
     <script src='http://www.zentao.net/check.php?v=<?php echo $config->version;?>&s=<?php echo $s;?>'></script>
     </div>
   </form>
 </div>  
+<div class='yui-d0'>
+ <iframe frameborder='0' name='hiddenwin' class='<?php $config->debug ? print("debugwin") : print('hidden')?>'></iframe>
+</div>
 </body>
 </html>