/** * notice_list function. * * @access public * @return void */ function notice_login() { $_arr_noticeGet = $this->obj_notice->notice_get("get"); if ($_arr_noticeGet["alert"] != "ok") { $this->obj_notice->halt_re($_arr_noticeGet); } $_tm_now = time(); if ($_arr_noticeGet["time"] - $_tm_now > 300) { $_arr_return = array("alert" => "x220213"); $this->obj_notice->halt_re($_arr_return); } $_arr_signature = $this->obj_sso->sso_verify($_arr_noticeGet["time"], $_arr_noticeGet["random"], $_arr_noticeGet["signature"]); if ($_arr_signature["alert"] != "y050403") { $this->obj_notice->halt_re($_arr_signature); } $_arr_decode = $this->obj_sso->sso_decode($_arr_noticeGet["code"], $_arr_noticeGet["key"]); $_arr_adminRow = $this->mdl_admin->mdl_read($_arr_decode["user_id"]); if ($_arr_adminRow["alert"] != "y020102") { $this->obj_notice->halt_re($_arr_adminRow); } if ($_arr_adminRow["admin_status"] == "disable") { $_arr_return = array("alert" => "x020401"); $this->obj_notice->halt_re($_arr_return); } $_str_rand = fn_rand(6); $this->mdl_admin->mdl_login($_arr_decode["user_id"], $_str_rand); fn_session("admin_id", "mk", $_arr_decode["user_id"]); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand)); $this->obj_notice->halt_re($_arr_adminRow); }
/** * ctl_login function. * * @access public * @return void */ function ctl_login() { $_arr_adminLogin = $this->mdl_admin->input_login(); if ($_arr_adminLogin["alert"] != "ok") { return $_arr_adminLogin; exit; } $_arr_adminRow = $this->mdl_admin->mdl_read($_arr_adminLogin["admin_name"], "admin_name"); if ($_arr_adminRow["alert"] != "y020102") { return $_arr_adminRow; exit; } if (fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) { return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020207"); exit; } if ($_arr_adminRow["admin_status"] != "enable") { return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020402"); exit; } $_str_adminRand = fn_rand(6); $this->mdl_admin->mdl_login($_arr_adminRow["admin_id"], fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_str_adminRand), $_str_adminRand); fn_session("admin_id", "mk", $_arr_adminRow["admin_id"]); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_adminRand)); return array("admin_id" => $_arr_adminLogin["admin_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020201"); }
function ajax_chk() { $_str_seccode = strtolower(fn_get("seccode")); if ($_str_seccode != fn_session("seccode")) { $this->obj_ajax->halt_re("x030101"); } $arr_re = array("re" => "ok"); exit(json_encode($arr_re)); }
/** * ajax_check function. * * @access public * @return void */ function ajax_check() { $seccode = fn_getSafe(fn_get("seccode"), "txt", ""); if (strtolower($seccode) == fn_session("seccode")) { $_str_alert = "ok"; } else { $_str_alert = $this->alert["x030101"]; } $arr_re = array("re" => $_str_alert); exit(json_encode($arr_re)); }
/** * ctl_login function. * * @access public * @return void */ function ctl_login() { $_arr_adminLogin = $this->input_login(); if ($_arr_adminLogin["alert"] != "ok") { return $_arr_adminLogin; exit; } $_arr_ssoLogin = $this->obj_sso->sso_login($_arr_adminLogin["admin_name"], $_arr_adminLogin["admin_pass"]); //sso验证 if ($_arr_ssoLogin["alert"] != "y010401") { $_arr_ssoLogin["forward"] = $_arr_adminLogin["forward"]; return $_arr_ssoLogin; exit; } $_arr_adminRow = $this->mdl_admin->mdl_read($_arr_ssoLogin["user_id"]); //本地数据库处理 if ($_arr_adminRow["alert"] != "y020102") { $_arr_adminRow["forward"] = $_arr_adminLogin["forward"]; return $_arr_adminRow; exit; } if ($_arr_adminRow["admin_status"] == "disable") { return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020401"); exit; } $_str_rand = fn_rand(6); $this->mdl_admin->mdl_login($_arr_ssoLogin["user_id"], $_str_rand); fn_session("admin_id", "mk", $_arr_ssoLogin["user_id"]); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand)); if (defined("BG_SSO_SYNLOGON") && BG_SSO_SYNLOGON == "on") { $_arr_sync = $this->obj_sso->sso_sync_login($_arr_ssoLogin["user_id"]); echo $_arr_sync["html"]; } exit; return array("admin_id" => $_arr_ssoLogin["user_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020401"); }
public function secDo() { $this->createCode(); $this->createBg(); $this->createLine(); $this->createFont(); $this->secOutput(); fn_session("seccode", "mk", strtolower($this->code)); }
/** * fn_ssin_end function. * * @access public * @return void */ function fn_ssin_end() { fn_session("admin_id", "unset"); fn_session("admin_ssin_time", "unset"); fn_session("admin_hash", "unset"); }
/** * fn_token function. * * @access public * @param string $token_action (default: "mk") * @param string $token_method (default: "post") * @param string $cookie_method (default: "post") * @return void */ function fn_token($token_action = "mk", $session_method = "post", $cookie_method = "cookie") { switch ($token_action) { case "chk": switch ($session_method) { case "get": $_str_tokenSession = fn_getSafe(fn_get("token_session"), "txt", ""); break; default: $_str_tokenSession = fn_getSafe(fn_post("token_session"), "txt", ""); break; } switch ($cookie_method) { case "get": $_str_tokenCookie = fn_getSafe(fn_get("token_cookie"), "txt", ""); break; case "post": $_str_tokenCookie = fn_getSafe(fn_post("token_cookie"), "txt", ""); break; default: $_str_tokenCookie = fn_cookie("token_cookie"); break; } if (BG_SWITCH_TOKEN == true) { if ($_str_tokenSession != fn_session("token_session") || $_str_tokenCookie != fn_session("token_cookie")) { $_str_return = false; } else { $_str_return = true; } } else { $_str_return = true; } break; default: if (BG_SWITCH_TOKEN == true) { $_num_tokenSessionDiff = fn_session("token_session_time") + 300; //session有效期 if (!fn_session("token_session") || !fn_session("token_session_time") || $_num_tokenSessionDiff < time()) { $_str_tokenSession = fn_rand(); fn_session("token_session", "mk", $_str_tokenSession); fn_session("token_session_time", "mk", time()); } else { $_str_tokenSession = fn_session("token_session"); } $_num_tokenCookieDiff = fn_session("token_cookie_time") + 300; //cookie有效期 if (!fn_session("token_cookie") || !fn_session("token_cookie_time") || $_num_tokenCookieDiff < time()) { $_str_tokenCookie = fn_rand(); fn_session("token_cookie", "mk", $_str_tokenCookie); fn_session("token_cookie_time", "mk", time()); } else { $_str_tokenCookie = fn_session("token_cookie"); } $_str_return = $_str_tokenSession; fn_cookie("token_cookie", "mk", $_str_tokenCookie); } break; } return $_str_return; }
/** 令牌生成、校对 * fn_token function. * * @access public * @param string $token_action (default: "mk") * @param string $token_method (default: "post") * @return void */ function fn_token($token_action = "mk") { if (fn_isEmpty(fn_session("admin_hash"))) { $_str_nameSession = "token_session"; $_str_nameCookie = "token_cookie"; } else { $_str_tokenName = fn_session("admin_hash"); $_str_nameSession = "token_session_" . $_str_tokenName; $_str_nameCookie = "token_cookie_" . $_str_tokenName; } switch ($token_action) { case "chk": $_str_nameSession = fn_getSafe(fn_post($_str_nameSession), "txt", ""); $_str_nameCookie = fn_cookie($_str_nameCookie); if (BG_SWITCH_TOKEN == 1) { if ($_str_nameSession != fn_session($_str_nameSession) || $_str_nameCookie != fn_session($_str_nameCookie)) { $_str_return = false; } else { $_str_return = true; } } else { $_str_return = true; } break; default: if (BG_SWITCH_TOKEN == 1) { if (fn_isEmpty(fn_session($_str_nameSession))) { $_str_tokenSession = fn_rand(); fn_session($_str_nameSession, "mk", $_str_tokenSession); } else { $_str_tokenSession = fn_session($_str_nameSession); } if (fn_isEmpty(fn_session($_str_nameCookie))) { $_str_tokenCookie = fn_rand(); fn_session($_str_nameCookie, "mk", $_str_tokenCookie); } else { $_str_tokenCookie = fn_session($_str_nameCookie); } $_str_return = $_str_tokenSession; fn_cookie($_str_nameCookie, "mk", $_str_tokenCookie); } break; } return array("token" => $_str_return, "name_session" => $_str_nameSession, "name_sookie" => $_str_nameCookie); }