if (empty($manager)) { if (file_exists(D_P . 'data/sql_config.php')) { adminmsg('managerinfo_error'); } else { adminmsg('sql_config'); } } $CK = array(); $admin_name = ''; if ($_POST['admin_pwd'] && $_POST['admin_name']) { if ($db_gdcheck & 32) { GdConfirm($_POST['lg_num']); } $admin_name = stripcslashes($_POST['admin_name']); $safecv = $db_ifsafecv ? questcode($_POST['question'], $_POST['customquest'], $_POST['answer']) : ''; $CK = array($timestamp, $_POST['admin_name'], md5(PwdCode(md5($_POST['admin_pwd'])) . $timestamp . getHashSegment()), $safecv); Cookie('AdminUser', StrCode(implode("\t", $CK))); } else { $AdminUser = GetCookie('AdminUser'); if ($AdminUser) { $CK = explode("\t", StrCode($AdminUser, 'DECODE')); $admin_name = stripcslashes($CK[1]); } } if (!empty($CK)) { PwNewDB(); $rightset = checkpass($CK); } else { $db = null; $rightset = array(); }
/** * 检查cookie是否过期 * * @global int $timestamp * @param array $cookieData cookie数据 * @param string $pwdCode 用户私有信息 * @param string $cookieName cookie名 * @param int $expire 过期秒数 * @param bool $clearCookie 验证错误是否清除cookie * @param bool $refreshCookie 是否刷新cookie * @return bool */ function SafeCheck($cookieData, $pwdCode, $cookieName = 'AdminUser', $expire = 1800, $clearCookie = true, $refreshCookie = true) { global $timestamp, $db_cloudgdcode, $keepCloudCaptchaCode, $db_hash; if (strtolower($cookieName) == 'cknum' && $db_cloudgdcode) { $cloudCaptchaService = L::loadClass('cloudcaptcha', 'utility/captcha'); list($sessionid, $cloudckfailed) = array(getCookie('cloudcksessionid'), getCookie('cloudckfailed')); $cloudckfailed && Cookie('cloudckfailed', '', 0); $delflag = $refreshCookie && !$keepCloudCaptchaCode ? null : 0; if (!$cloudckfailed) { return $cloudCaptchaService->checkCode($sessionid, $pwdCode, $delflag); } } if ($timestamp - $cookieData[0] > $expire) { Cookie($cookieName, '', 0); return false; } elseif ($cookieData[2] != md5($pwdCode . $cookieData[0] . getHashSegment())) { $clearCookie && Cookie($cookieName, '', 0); return false; } if ($refreshCookie) { $cookieData[0] = $timestamp; $cookieData[2] = md5($pwdCode . $cookieData[0] . getHashSegment()); Cookie($cookieName, StrCode(implode("\t", $cookieData))); } return true; }
function cookie($code) { global $timestamp; Cookie('cknum', StrCode($timestamp . "\t\t" . md5($code . $timestamp . getHashSegment()))); }
/** * 随机机器问题1 * @param boolean $setCookie */ function getMachineQuestion_1($setCookie = true) { global $timestamp; $alg = mt_rand(0, 1); //+- $num1 = mt_rand(1, 100); switch ($alg) { case 0: $num2 = mt_rand(0, 100 - $num1); $symbol = '+'; $answer = $num1 + $num2; break; case 1: $num2 = mt_rand(0, $num1); $symbol = '-'; $answer = $num1 - $num2; break; } $setCookie && Cookie('ckquestion', StrCode($timestamp . "\t\t" . md5($answer . $timestamp . getHashSegment()))); return sprintf('%s %s %s = ?', $num1, $symbol, $num2); }