<?phpclass Auth extends CActiveRecord {  public static function model($className = __CLASS__) {    return parent::model($className);  }  public function tableName() {    return '{{auth}}';  }}

<?phpclass IndexForm extends CFormModel {  public $a_account;  public $a_password;  public $rememberMe;  public $verifyCode;  public $_identity;  public function rules() {    return array(      array('verifyCode', 'captcha', 'allowEmpty' => !CCaptcha::checkRequirements(), 'message'=>'請輸入正確的驗證碼'),      array('a_account', 'required', 'message' => '用戶名必填'),      array('a_password', 'required', 'message' => '密碼必填'),      array('a_password', 'authenticate'),      array('rememberMe', 'boolean'),    );  }  public function authenticate($attribute, $params) {    if (!$this->hasErrors()) {      $this->_identity = new UserIdentity($this->a_account, $this->a_password);      if (!$this->_identity->authenticate()) {        $this->addError('a_password', '用戶名或密碼不存在');      }    }  }  public function login() {    if ($this->_identity === null) {      $this->_identity = new UserIdentity($this->a_account, $this->a_password);      $this->_identity->authenticate();    }    if ($this->_identity->errorCode === UserIdentity::ERROR_NONE) {      $duration = $this->rememberMe ? 60*60*24*7 : 0;      Yii::app()->user->login($this->_identity, $duration);      return true;    } else {      return false;    }  }  public function attributeLabels() {    return array(      'a_account'   => '用戶名',      'a_password'   => '密碼',      'rememberMe'  => '記住登錄狀態',      'verifyCode'  => '驗證碼'    );  }}

<?phpclass IndexController extends Controller {  public function actions() {    return array(      'captcha' => array(        'class' => 'CCaptchaAction',        'width'=>100,        'height'=>50      )    );  }  public function actionLogin() {    if (Yii::app()->user->id) {      echo "<div>歡迎" . Yii::app()->user->id . "，<a href='" . SITE_URL . "admin/index/logout'>退出</a></div>";    } else {      $model = new IndexForm();      if (isset($_POST['IndexForm'])) {        $model->attributes = $_POST['IndexForm'];        if ($model->validate() && $model->login()) {          echo "<div>歡迎" . Yii::app()->user->id . "，<a href='" . SITE_URL . "admin/index/logout'>退出</a></div>";exit;        }      }      $this->render('login', array('model' => $model));    }  }  public function actionLogout() {    Yii::app()->user->logout();    $this->redirect(SITE_URL . 'admin/index/login');  }}

<meta http-equiv="content-type" content="text/html;charset=utf-8"><?php$form = $this->beginWidget('CActiveForm', array(  'id'            => 'login-form',  'enableClientValidation'  => true,  'clientOptions'       => array(    'validateOnSubmit'   => true  )));?>  <div class="row">    <?php echo $form->labelEx($model,'a_account'); ?>    <?php echo $form->textField($model,'a_account'); ?>    <?php echo $form->error($model,'a_account'); ?>  </div>  <div class="row">    <?php echo $form->labelEx($model,'a_password'); ?>    <?php echo $form->passwordField($model,'a_password'); ?>    <?php echo $form->error($model,'a_password'); ?>  </div>  <?php if(CCaptcha::checkRequirements()) { ?>  <div class="row">    <?php echo $form->labelEx($model, 'verifyCode'); ?>    <?php $this->widget('CCaptcha'); ?>    <?php echo $form->textField($model, 'verifyCode'); ?>    <?php echo $form->error($model, 'verifyCode'); ?>  </div>  <?php } ?>  <div class="row rememberMe">    <?php echo $form->checkBox($model,'rememberMe'); ?>    <?php echo $form->label($model,'rememberMe'); ?>    <?php echo $form->error($model,'rememberMe'); ?>  </div>  <div class="row buttons">    <?php echo CHtml::submitButton('Submit'); ?>  </div><?php $this->endWidget(); ?>

<?php/** * UserIdentity represents the data needed to identity a user. * It contains the authentication method that checks if the provided * data can identity the user. */class UserIdentity extends CUserIdentity{  /**   * Authenticates a user.   * The example implementation makes sure if the username and password   * are both 'demo'.   * In practical applications, this should be changed to authenticate   * against some persistent user identity storage (e.g. database).   * @return boolean whether authentication succeeds.   */  public function authenticate()  {    /*    $users=array(      // username => password      'demo'=>'demo',      'admin'=>'admin',    );    if(!isset($users[$this->username]))      $this->errorCode=self::ERROR_USERNAME_INVALID;    elseif($users[$this->username]!==$this->password)      $this->errorCode=self::ERROR_PASSWORD_INVALID;    else      $this->errorCode=self::ERROR_NONE;    return !$this->errorCode;    */    $user_model = Auth::model()->find('a_account=:name',array(':name'=>$this->username));    if($user_model === null){      $this -> errorCode = self::ERROR_USERNAME_INVALID;      return false;    } else if ($user_model->a_password !== md5($this -> password)){      $this->errorCode=self::ERROR_PASSWORD_INVALID;      return false;    } else {      $this->errorCode=self::ERROR_NONE;      return true;    }  }}