function olpay_end($numcode) { global $db, $pre, $webdb, $banktype, $pay_code, $lfjuid; $pay_code = str_replace('QIBO', '=', $pay_code); //这个符号“=”容易出问题 if (!$pay_code) { showerr("数据有误!!"); } list($type, $atc_moeny, $atc_numcode, $mid, $shopmoney) = explode("\t", mymd5($pay_code, 'DE')); if ($atc_numcode != intval($numcode)) { showerr("数据被修改过!!"); } //主要是针对支付宝不能单纯一位数字的问题,inc/olpay/alipay.php,文件中做了修改 $numcode = str_replace("code", "", $numcode); //万能表单订单 if ($type == 'form') { $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `formid`='{$mid}'"); //商城订单 } elseif ($type == 'module') { $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `moduleid`='{$mid}'"); $db->query("UPDATE {$pre}shoporderuser SET ifpay='1' WHERE id='{$atc_numcode}'"); //奖励积分 if ($shopmoney) { add_user($lfjuid, $shopmoney, '购买商品得分'); } } if (!$rt) { showerr('系统中没有您的订单,无法完成支付!'); } if ($rt['ifpay'] == 1) { showerr('该订单已经支付成功!'); } $db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'"); refreshto("{$webdb['www_url']}/", "恭喜你支付成功", 60); }
public function login() { $username = $this->data['username']; $password = $this->data['password']; $row = $this->field('id,username,status,password,salt,total_score')->where(array('username' => $username))->find(); if ($row) { switch ($row['status']) { case 2: $this->error = '未激活!'; return false; case 0: case -1: $this->error = '锁定或删除!'; return false; } if ($row['password'] == mymd5($password, $row['salt'])) { //得到用户的会员价格和折扣 $memberLevel = $this->getMemberLevel($row['total_score']); $row = array_merge($row, $memberLevel); return $row; } else { $this->error = '密码错误!'; return false; } } else { $this->error = '用户名不存在!'; return false; } }
function login() { $uname = request('uname'); $passwd = request('passwd'); if (false == ($uname && $passwd)) { $this->ajaxError('用户名或者密码没有填写'); } //echo mymd5($passwd); $user = UserModel::get('', $uname); if (!$user) { $this->ajaxError('用户不存在'); } if ($user['passwd'] != mymd5($passwd)) { $this->ajaxError('密码不正确'); } $_SESSION['user'] = $user; $this->ajaxSuccess($user); }
} else { if (!($in = @fopen("php://input", "rb"))) { die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'); } } while ($buff = fread($in, 4096)) { fwrite($out, $buff); } @fclose($out); @fclose($in); // Check if file has been uploaded if (!$chunks || $chunk == $chunks - 1) { // Strip the temp .part suffix off rename("{$filePath}.part", $filePath); rename($filePath, $uploadPath); array_push($md5File, mymd5($uploadPath)); $md5File = array_unique($md5File); file_put_contents('md5list2.txt', join($md5File, "\n")); } function mymd5($file) { $fragment = 65536; $rh = fopen($file, 'rb'); $size = filesize($file); $part1 = fread($rh, $fragment); fseek($rh, $size - $fragment); $part2 = fread($rh, $fragment); fclose($rh); return md5($part1 . $part2); } // Return Success JSON-RPC response
<?php include "include/function.php"; echo mymd5("aaaaaa", "EN");
} $rs[nowprice] = str_replace(",", "", $rs[nowprice]); $totalmoney += $rs[nowprice]; $buydb[$value] = 1; } if ($sendType == 'EMS快递') { $totalmoney += $webdb[ShopEmsSend]; } elseif ($sendType == '其他快递') { $totalmoney += $webdb[ShopOtherSend]; } elseif ($sendType == '平邮') { $totalmoney += $webdb[ShopNormalSend]; } $db->query("UPDATE `{$pre}shoporderuser` SET `totalmoney`='{$totalmoney}' WHERE id='{$orderid}'"); setcookie("buyid", ''); if ($payType == '在线支付' && $totalmoney > 0) { $pay_code = str_replace('+', '%2B', mymd5("module\t{$totalmoney}\t{$orderid}\t{$rs['mid']}\t{$shopmoney}")); echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$webdb['www_url']}/do/olpay.php?pay_code={$pay_code}'>"; exit; } echo '<meta http-equiv="Content-Type" content="text/html; charset=gb2312">'; die("<CENTER>恭喜你,订单提交成功,请劳记你的订单号,方便查询,你的订单号是:<font color=red>{$orderid}</font><br><br><A HREF='{$webdb['www_url']}/'>点击返回首页</A></CENTER>"); } $detail = explode(",", $buyid); foreach ($detail as $key => $value) { if (!is_numeric($value)) { unset($detail[$key]); } $numdb[$value]++; } $fids = implode(",", $detail); $totalmoney = 0;
'; include "../include/conn.php"; include "../include/function.php"; if ($action == "changepass") { $hint = ""; if (trim($pwd1) == "") { $hint .= "请输入密码\\n"; } if ($pwd2 != $pwd1) { $hint .= "两次密码不一致\\n"; } if ($hint != "") { echo "<script>alert('" . $hint . "');history.back();</script>"; exit; } $sql = "update {$db_prefix}admin set pwd='" . mymd5($pwd1, "EN") . "' where id='" . $_SESSION["glo_adminid"] . "'"; $db->query($sql); echo "<script>alert('密码已修改');location.href='changepass.php';</script>"; exit; } echo '</HEAD><body> <form name="form1" method="post" action="?action=changepass"> <br> <TABLE width="421" border=0 align="center" cellPadding=0 cellSpacing=0 class=Table_xt> <TBODY> <TR><TD width="421" colSpan=4> <TABLE cellSpacing=0 cellPadding=0 width="100%" background="images/tab_05.gif"><TBODY><TR> <TD width=213 height=23> <strong>密码修改</strong></TD> <TD > </TD> </TR></TBODY></TABLE>
public function edit($id = '') { if (!$id) { $id = request('id'); } if (isset($_POST['id'])) { $uname = request('uname'); $user = UserModel::get('', $uname); if ($user && $user['id'] != $id) { $this->error('用户名重复'); } $passwd = request('passwd'); if ($passwd) { if ($passwd != request('passwd2')) { $this->error('两次输入的密码不一致'); } $data['passwd'] = mymd5($passwd); } if ($GLOBALS['method'] != 'my') { $data['group_id'] = request('group_id'); $data['department_id'] = request('department_id'); } $data['alias'] = request('alias'); $data['uname'] = request('uname'); $data['phone'] = request('phone'); if (UserModel::update($id, $data)) { $this->success(request('reffer')); } else { $this->error('更新失败'); } } else { $user = UserModel::get($id); if (!$user) { $this->error('用户不存在'); } $this->assign('user', $user); $this->display('user_edit'); } }
//注册时间间隔处理 if ($webdb[limitRegTime]) { set_cookie("limitRegTime", 1, $webdb[limitRegTime] * 60); } //注册用户自定义字段 Reg_memberdata_field($uid, $postdb); //通行证处理 if ($_COOKIE[passport_url] || $_POST[passport_url]) { $passport_url = urldecode($_COOKIE[passport_url] ? $_COOKIE[passport_url] : $_POST[passport_url]); setcookie('passport_url', ''); $userDB->passport_server($username, $passport_url); } $jumpto && ($jumpto = urldecode($jumpto)); add_user($uid, $webdb[regmoney], '注册得分'); //捆绑QQ帐号 list($token, $secret, $openid) = explode("\t", mymd5(get_cookie('token_secret'), 'DE')); if ($openid) { $rs1 = $db->get_one("SELECT * FROM {$pre}memberdata WHERE `qq_api`='{$openid}'"); if (!$rs1) { $db->query("UPDATE {$pre}memberdata SET `qq_api`='{$openid}' WHERE username='******'"); refreshto("{$webdb['www_url']}", "帐号捆绑成功!!", 1); } } if (strstr($jumpto, $webdb[www_url])) { refreshto("{$jumpto}", "恭喜你,注册成功", 1); } else { refreshto("{$webdb['www_url']}", "恭喜你,注册成功", 1); } } else { //通行证处理 if ($_GET[passport_url]) {
echo '<HTML><HEAD><title></title><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="/images/datalist.css" type="text/css"> '; include "../include/conn_2.php"; include "../include/function.php"; session_start(); if ($action == "secpwd") { $hint = ""; if ($pwd1 != $re_pwd1) { $hint .= "Different entering\\"; } if ($hint != "") { echo "<script>alert('" . $hint . "');history.back();</script>"; exit; } $sql_1 = "select * from {$db_prefix}users where username='******' and pwd1='" . mymd5($pwd1, "EN") . "'"; $rs_1 = $db->get_one($sql_1); if (empty($rs_1["id"])) { echo "<script>alert('Fail to confirm');history.back();</script>"; exit; } $_SESSION["glo_usersecpwd"] = $rs_1["pwd1"]; header("location:{$fromurl1}"); exit; } echo '</HEAD><body> <form name="form1" method="post" action="?action=secpwd"> <br> <TABLE width="600" border=0 align="center" cellPadding=0 cellSpacing=0 class=Table_xt> <TBODY>
function passport_server($username, $url) { global $WEBURL; if (eregi("^{$WEBURL}", $url)) { showerr("网址有误!"); } if (!strstr($url, '?')) { $url .= '?'; } else { $url .= '&'; } $rs = $this->get_allInfo($username, 'name'); $md5code = "uid={$rs['uid']}&username={$rs['username']}&password={$rs['password']}&email={$rs['email']}"; $md5code = urlencode(mymd5($md5code)); echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$url}md5code={$md5code}'>"; exit; }
function testMyMd5() { $md5 = mymd5("impxl"); my_log($md5); my_log(mymd5($md5, "DE")); }
unset($_ENV, $HTTP_COOKIE, $HTTP_ENV_VARS, $_REQUEST, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_POST_FILES, $HTTP_COOKIE_VARS); $db = new MYSQL_DB(); unset($web_admin, $sort_admin, $lfjid, $lfjuid, $lfjpwd, $lfjdb, $groupdb); $usr_oltime = intval($usr_oltime); /*用户登录模块*/ if ($webdb[passport_type] && is_file(ROOT_PATH . "inc/passport/{$webdb[passport_type]}.php")) { require_once ROOT_PATH . "inc/passport/{$webdb[passport_type]}.php"; $userDB = new qb_user(); $lfjdb = PassportUserdb(); } else { $TB = array("table" => "{$pre}members", "uid" => "uid", "username" => "username", "password" => "password"); $userDB = new qb_user(); $lfjdb = $userDB->login_info(); } //同步后台登录 if ($_COOKIE["adminID"] && ($detail = mymd5($_COOKIE["adminID"], 'DE', $onlineip))) { unset($_uid, $_username, $_password); list($_uid, $_username, $_password) = explode("\t", $detail); $lfjdb = $db->get_one("SELECT * FROM {$pre}memberdata WHERE uid='{$_uid}' AND username='******'"); } if ($lfjdb[yz]) { $lfjid = $lfjdb['username']; $lfjuid = $lfjdb['uid']; $lfjdb[icon] && ($lfjdb[icon] = tempdir($lfjdb[icon])); if ($lfjdb['groupid'] == 3 || $lfjdb['groupid'] == 4) { $web_admin = $sort_admin = '1'; } if (file_exists(ROOT_PATH . "data/group/{$lfjdb[groupid]}.php")) { $groupdb = @(include ROOT_PATH . "data/group/{$lfjdb[groupid]}.php"); } else { $lfjdb['groupid'] = 8;
unset($sqldb); $sqldb['id'] = "id='{$id}'"; $sqldb['uid'] = "uid='{$lfjuid}'"; /*检查判断辅信息表要插入哪些字段的内容*/ $array = table_field("{$_pre}content_{$fidDB['id']}"); foreach ($array as $key => $value) { if ($value == "id" || $value == "uid") { continue; } isset($postdb[$value]) && ($sqldb["{$value}"] = "`{$value}`='{$postdb[$value]}'"); } $sql = implode(",", $sqldb); $db->query("INSERT INTO `{$_pre}content_{$fidDB['id']}` SET {$sql}"); //在线支付 if ($postdb[paytype] == 'olpay' && $postdb[paymoney] > 0) { $pay_code = str_replace('+', '%2B', mymd5("form\t{$postdb['paymoney']}\t{$id}\t{$mid}")); echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$webdb['www_url']}/do/olpay.php?pay_code={$pay_code}'>"; exit; } refreshto("/", "表单提交成功 ", 5); } elseif ($job == "edit") { $rsdb = $db->get_one("SELECT A.*,B.* FROM `{$_pre}content` A LEFT JOIN `{$_pre}content_{$fidDB['id']}` B ON A.id=B.id WHERE A.id='{$id}'"); if ($rsdb[uid] != $lfjuid && !$web_admin) { showerr("你无权修改"); } /*对附件地址作还原*/ foreach ($m_config[is_html] as $key => $value) { $rsdb[$key] = editor_replace($rsdb[$key]); $rsdb[$key] = En_TruePath($rsdb[$key], 0); } /*表单默认变量作处理*/
<?php require dirname(__FILE__) . "/" . 'global.php'; if ($_POST) { if (!ereg("^[0-9a-z_]+\$", $dir)) { $dir = "other"; } $array[name] = is_array($Filedata) ? $_FILES[Filedata][name] : $Filedata_name; $array[path] = $webdb[updir] . "/" . $dir; $array[size] = is_array($Filedata) ? $_FILES[Filedata][size] : $Filedata_size; $array[updateTable] = 1; //统计用户上传的文件占用空间大小 list($lfjid, $lfjuid) = explode("\t", mymd5($_POST[str], 'DE')); $filename = upfile(is_array($Filedata) ? $_FILES[Filedata][tmp_name] : $Filedata, $array); /* ob_end_clean(); ob_start(); print_r($_POST); $c=ob_get_contents();ob_end_clean(); write_file('a.txt',$c); */ if (!$filename) { echo ""; } else { $newfile = "{$dir}/{$filename}"; echo "{$newfile}|{$array['name']}|{$array['size']}"; } }
<?php require_once dirname(__FILE__) . "/" . "global.php"; header("Content-type: application/xml"); $string = ''; $detail = explode(",", $filetype); foreach ($detail as $key => $value) { if ($value) { $string .= "<items>{$value}</items>\r\n"; } } $uploadMax = intval(ini_get('upload_max_filesize') ? ini_get('upload_max_filesize') : '2'); $str = str_replace('+', '%2B', mymd5("{$lfjid}\t{$lfjuid}")); echo '<?xml version="1.0" encoding="utf-8"?>'; print <<<EOT <sapload> \t<config> \t\t<upLoadUrl>{$webdb['www_url']}/do/swfupload.php</upLoadUrl> \t\t<maxNum>100</maxNum> \t\t<upMaxbig>{$uploadMax}</upMaxbig> \t\t<fileType> \t\t\t{$string} \t\t</fileType> \t\t<arguments> \t\t\t<items atr="str">{$str}</items> \t\t</arguments> \t</config> </sapload> EOT
echo '\');location.href=\'userreg.php?'; reset($_POST); if (count($_POST)) { while (list($key, $val) = each($_POST)) { if (!is_array($_POST[$key])) { echo $key . "=" . urlencode($_POST[$key]) . "&"; } } } echo 'tempt=haha\';</script> '; exit; } $db->query("update {$db_prefix}users set tjnum=tjnum+1 where username='******'"); } $sql = "insert into {$db_prefix}users(username,realname,pwd,pwd1,tjrname,prename,tjstr,glstr,pos,zmdname,price,bv,bdmoney,bdnum,bdnum_team,pv_reg,pv_team_reg,pv_team_regp,rank0,rank,isdp,state,lognum,regtime,confirmtime,sex,province,city,area,mobile,postcode,address,receiver,email,idcard,bank,zhanghao,huzhu,bankaddress,fax,qq,gldept,tjdept,regusername,regrealname,regtype,timepre,tghttp,timeok,tjnet) values('" . trim($username) . "','" . trim($realname) . "','" . mymd5($pwd, "EN") . "','" . mymd5($pwd1, "EN") . "','" . trim($tjrname) . "','" . trim($prename) . "','" . $tjstr . "','" . $glstr . "','{$pos}','" . trim($zmdname) . "','{$price}','{$bv}','{$bdmoney}','{$bdnum}','{$bdnum}','{$bdmoney}','{$bdmoney}','{$bdmoney}','{$rank}','{$rank}','{$isdp}','{$regstate}','0','{$modtime}','{$confirmtime}','{$sex}','{$province}','{$city}','{$area}','{$mobile}','{$postcode}','{$address}','{$receiver}','{$email}','{$idcard}','{$bank}','{$zhanghao}','{$huzhu}','{$bankaddress}','{$fax}','{$qq}','{$gldept}','{$tjdept}','" . $_SESSION["glo_username"] . "','" . $_SESSION["glo_realname"] . "','1','{$timepre}','{$tghttp}','{$timeok}','{$tjnet}')"; $db->query($sql); if ($bdmoney > 0) { if ($regstate == 1) { $db->query("update {$db_prefix}users set tjnum=tjnum+1,rfd=0,zfd=0 where username='******' limit 1"); $tjnetary = explode(",", trim($tjstr)); include "../mjjsalfecals.php"; insertintopv_1($year, $month, $day, $username, $bdmoney, $bdnum, 1); if (trim($glstr) != '') { $glnetary = explode(",", trim($glstr)); foreach ($glnetary as $u => $u1) { updateglnettdpv($year, $month, $day, $u1, $bdmoney, $bdnum, 1); } unset($glnetary); } $tjnetupstr = "";
function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); global $userDB; $rs = $userDB->get_passport($uid); set_cookie("passport", "{$rs['uid']}\t{$username}\t" . mymd5("{$rs['password']}"), 86400); }
if (get_money($lfjuid) < $fen) { showerr("你的{$webdb[MoneyName]}不足{$fen}{$webdb[MoneyDW]}", 1); } else { add_user($lfjuid, -$fen, '观看视频扣分'); //1小时内不重复扣积分 setcookie("down_{$rsdb['aid']}", mymd5("{$ti}\t{$rsdb['aid']}"), $timestamp + 3600); } } } elseif (!$web_admin && $lfjuid !== $rsdb[uid] && $rsdb[money] > 0) { if ($Aid != $rsdb[aid] || $TI != $ti) { if (get_money($lfjuid) < $rsdb[money]) { showerr("你的{$webdb[MoneyName]}不足{$rsdb[money]}{$webdb[MoneyDW]}", 1); } else { add_user($lfjuid, -$rsdb[money], '观看视频扣分'); //1小时内不重复扣积分 setcookie("down_{$rsdb['aid']}", mymd5("{$ti}\t{$rsdb['aid']}"), $timestamp + 3600); } } } //更新点击量 update_hits($mid, $midDB[keywords], $id, $rid, $rsdb[hits_time]); $true_url = tempdir($url); require_once html("player"); //下载与播放视频更新点击率 function update_hits($mid, $keyword, $aid, $rid, $time) { global $lfjid, $db, $pre, $timestamp; if ($keyword == 'download' || $keyword == 'mv') { if (date("W", $time) != date("W", $timestamp)) { $SQL .= ",week_hits=1"; } else {
showmsg("你当前所在用户组,无权访问"); } } else { setcookie("Admin", '', 0, "/"); showmsg("<A HREF='index.php?iframe=1'>请输入正确密码帐号再访问</A>"); } } if ($ForceEnter == 1) { $groupdb = @(include ROOT_PATH . "data/group/3.php"); $Apower = $groupdb[allowadmindb]; } elseif (!$userdb) { include './template/login.htm'; exit; } else { //同步前台登录 $md5code = mymd5("{$lfjdb['uid']}\t{$lfjdb['username']}\t{$lfjdb['password']}", 'EN', $onlineip); setcookie("adminID", $md5code, $timestamp + 1800, '/'); } function login_logs($username, $password) { global $timestamp, $onlineip; $logdb[] = "{$username}\t{$password}\t{$timestamp}\t{$onlineip}"; @(include ROOT_PATH . "cache/adminlogin_logs.php"); $writefile = "<?php\t\r\n"; $jj = 0; foreach ($logdb as $key => $value) { $jj++; $value = addslashes($value); $writefile .= "\$logdb[]='{$value}';\r\n"; if ($jj > 200) { break;
} $md5code = str_replace('+', '%2B', mymd5("{$code}\t{$mobphone}\t{$lfjuid}", "EN")); require dirname(__FILE__) . "/" . "head.php"; require dirname(__FILE__) . "/" . "template/yz.htm"; require dirname(__FILE__) . "/" . "foot.php"; } elseif ($action == 'mobphone2') { if ($lfjdb[mob_yz]) { showerr("请不要重复验证手机号码!"); } if (!$yznum) { showerr("请输入验证码"); } elseif (!$md5code) { showerr("资料有误"); } else { unset($code, $mobphone, $uid); list($code, $mobphone, $uid) = explode("\t", mymd5($md5code, "DE")); if ($code != $yznum || $uid != $lfjuid) { showerr("验证码不对"); } } add_user($lfjuid, $webdb[YZ_MobMoney], '手机号码审核奖分'); $db->query("UPDATE {$pre}memberdata SET mobphone='{$mobphone}',mob_yz='1' WHERE uid='{$lfjuid}'"); refreshto("yz.php?job=mob", "恭喜你,你的手机号码成功通过审核,你同时得到 {$webdb[YZ_MobMoney]} 个积分奖励!", 10); } else { unset($idcardpic); if ($job == 'idcard') { if (is_file(ROOT_PATH . "{$webdb['updir']}/idcard/{$lfjuid}.jpg")) { $idcardpic = "idcard/{$lfjuid}.jpg"; } } require dirname(__FILE__) . "/" . "head.php";
<?php !function_exists('html') && exit('ERR'); unset($name, $uid, $email); list($name, $uid, $email) = explode("\t", mymd5($eid, 'DE')); if ($name && $uid && $email) { $rsdb = $userDB->get_info($uid); if ($rsdb[email_yz] == 1) { showerr("请不要重复验证"); } elseif ($rsdb) { $array = array('username' => $name, 'uid' => $uid, 'email_yz' => 1, 'email' => $email); $userDB->edit_user($array); add_user($rsdb[uid], $webdb[YZ_EmailMoney], '邮箱审核奖分'); refreshto("{$webdb['www_url']}/", "恭喜你!邮箱验证成功,同时你的{$webdb[MoneyName]}增加了{$webdb[YZ_EmailMoney]}{$webdb[MoneyDW]}", 3); } else { showerr("邮箱验证失败,可能当前帐号已被删除!"); } } else { showerr("验证失败!"); }
$smtp->debug = false; if ($smtp->sendmail($atc_email, $webdb[MailId], $Title, $Content, "HTML")) { $succeeNUM++; } } else { if (mail($atc_email, $Title, $Content)) { $succeeNUM++; } } if ($succeeNUM) { refreshto("../", "系统已经成功发送邮件到你的邮箱:“{$atc_email}”,请注意查收!", 5); } else { showerr("邮件发送失败,可能你的邮箱有误,或者是服务器发送邮件功能有问题!!"); } } elseif ($job == 'activate') { list($username, $password) = explode("\t", mymd5($md5_id, 'DE')); $rs = $userDB->get_allInfo($username, 'name'); if ($rs && $rs[password] == $password) { $db->query("UPDATE {$pre}memberdata SET `yz`='1' WHERE uid='{$rs['uid']}'"); refreshto("login.php", "恭喜你,你的帐号“{$username}”激活成功,请立即登录,体验会员特有的功能!", 10); } else { showerr("帐号激活失败!"); } } if ($username) { $rs = $userDB->get_allInfo($username, 'name'); $email = $rs[email]; } require ROOT_PATH . "inc/head.php"; require html("activate"); require ROOT_PATH . "inc/foot.php";
/** * @brief redirect to QQ login page * rfc1738 urlencode * @param $appid * @param $appkey * @param $callback */ function redirect_to_login($appid, $appkey, $callback) { //授权登录页 $redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&"; //获取request token $result = array(); $request_token = get_request_token($appid, $appkey); parse_str($request_token, $result); //request token, request token secret 需要保存起来 //在demo演示中,直接保存在全局变量中.真实情况需要网站自己处理 //$_SESSION["token"] = $result["oauth_token"]; //$_SESSION["secret"] = $result["oauth_token_secret"]; set_cookie('token_secret', mymd5($result["oauth_token"] . "\t" . $result["oauth_token_secret"]), 3600); if ($result["oauth_token"] == "") { showerr('API信息不对!'); //demo中不对错误情况做处理 //网站需要自己处理错误情况 // exit; } //302跳转到授权页面 $redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback); header("Location:{$redirect}"); }
if ($glo_s_idcard) { echo '<span class="style1">*</span> '; } echo '</TD> </TR> <TR> <TD align="right" valign="middle" bgColor="#FBFDFF" >一级密码:</TD> <TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="pwd" type="password" id="pwd" value="'; echo mymd5($rs["pwd"], "DE"); echo '"> <span class="style1">*</span> </TD> </TR> <TR> <TD align="right" valign="middle" bgColor="#FBFDFF" >二级密码:</TD> <TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="pwd1" type="password" id="pwd1" value="'; echo mymd5($rs["pwd1"], "DE"); echo '"> <span class="style1">*</span> </TD> </TR> <!--<TR> <TD align="right" valign="middle" bgColor="#FBFDFF" >旅游记录:</TD> <TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="lvyou" type="text" id="lvyou" value="'; echo $rs["lvyou"]; echo '" size="55"> </TD> </TR>--> <TR> <TD align="right" valign="middle" bgColor="#FBFDFF" >性别:</TD> <TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="sex" type="radio" value="男" '; if ($rs["sex"] == "男") { echo "checked"; }
session_start(); if ($action == "login") { $hint = ''; if (trim($username) == '') { $hint .= "请输入用户名/手机号\\n"; } if (trim($password) == '') { $hint .= "请输入密码\\n"; } if ($hint != "") { echo "<script>alert('" . $hint . "');history.back();</script>"; exit; } $check_ary = array(" ", "'", "or", "OR", "and", "AND", "%", "union", "UNION", "join", "JOIN", ";", "\\%", "{", "}", "\$", "=", "/", "\\", "|", "||"); $username = str_replace($check_ary, "", $username); $sql_lgn = "select * from {$db_prefix}users where (username='******' or mobile='" . $username . "') and pwd='" . mymd5($password, "EN") . "' and state=1"; $rs_lgn = $db->get_one($sql_lgn); if (empty($rs_lgn["id"])) { $hint .= "登录失败\\n"; } if ($glo_identify_1) { if ($verifycode != $_SESSION["code_2"]) { $hint .= "验证码错误\\n"; } } if ($hint != "") { echo "<script>alert('" . $hint . "');history.back();</script>"; exit; } $_SESSION["glo_userid"] = $rs_lgn["id"]; $_SESSION["glo_username"] = $rs_lgn["username"];
<?php !function_exists('html') && exit('ERR'); //当前文件是注册时通过手机或邮箱获取注册码的功能 if (!is_table("{$pre}regnum")) { $db->query("CREATE TABLE `{$pre}regnum` (\n\t`sid` varchar( 8 ) NOT NULL default '',\n\t`num` varchar( 6 ) NOT NULL default '',\n\t`posttime` int( 10 ) NOT NULL default '0',\n\tUNIQUE KEY `sid` ( `sid` ) ,\n\tKEY `posttime` ( `num` , `posttime` ) \n\t) ENGINE = HEAP"); } if (!$webdb[yzNumReg]) { showerr('系统没开放这个功能!'); } $time = $timestamp - 60; if ($db->get_one("SELECT * FROM {$pre}regnum WHERE sid='{$usr_sid}' AND posttime>{$time}")) { showerr("如果你的注册码还没有收到的话?请一分钟后再重发!"); } $randNum = rands(2) . substr(mymd5($num), 0, 2); $content = $webdb['webname'] . "提供给您的注册码是:(" . $randNum . ")这四位数"; if ($webdb['yzNumReg'] == 2) { if (!ereg("^1([0-9]{10})\$", $num)) { showerr('手机号码有误!' . $num); } if (sms_send($num, $randNum)) { $db->query("REPLACE INTO `{$pre}regnum` ( `sid` , `num` , `posttime` ) VALUES ('{$usr_sid}', '{$randNum}', '{$timestamp}')"); showerr("信息已经成功发送到您指定的手机号码中,请注意查收,有可能会延迟几分钟,请耐心等待!", 1); } else { showerr("信息发送失败,可能是手机短信接口有问题!"); } } elseif ($webdb['yzNumReg'] == 1) { $email = $num; $title = $webdb['webname'] . "提供给你的注册码信息"; if (send_mail($email, $title, $content, $ifcheck = 1)) { $db->query("REPLACE INTO `{$pre}regnum` ( `sid` , `num` , `posttime` ) VALUES ('{$usr_sid}', '{$randNum}', '{$timestamp}')");