$Error = $Lang['Verification_Code_Error']; $ErrorCode = 101002; break; } $DBUser = $DB->row("SELECT ID,UserName,Salt,Password,UserRoleID,UserMail,UserIntro FROM " . $Prefix . "users WHERE UserName = :UserName", array("UserName" => $UserName)); if (!$DBUser) { $Error = $Lang['User_Does_Not_Exist']; $ErrorCode = 101003; break; } if (!HashEquals($DBUser['Password'], md5($Password . $DBUser['Salt']))) { $Error = $Lang['Password_Error']; $ErrorCode = 101004; break; } UpdateUserInfo(array('LastLoginTime' => $TimeStamp, 'UserLastIP' => CurIP()), $DBUser['ID']); $TemporaryUserExpirationTime = $Expires * 86400 + $TimeStamp; if (!$IsApp) { SetCookies(array('UserID' => $DBUser['ID'], 'UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($DBUser['Password'] . $DBUser['Salt'] . $TemporaryUserExpirationTime . $SALT)), $Expires); if ($ReturnUrl) { header('location: ' . $ReturnUrl); exit('logined'); } else { header('location: ' . $Config['WebsitePath'] . '/'); exit('logined'); } } } while (false); } $DB->CloseConnection(); // 页面变量
} else { $TemplatePath = __DIR__ . '/styles/default/template/'; $Style = 'Default'; header('X-Frame-Options: SAMEORIGIN'); //header('X-XSS-Protection: 1; mode=block'); //X-XSS-Protection may cause some issues in dashboard } $CurView = GetCookie('View', $IsMobile ? 'mobile' : 'desktop'); if ($Config['MobileDomainName'] && $_SERVER['HTTP_HOST'] != $Config['MobileDomainName'] && $CurView == 'mobile' && !$IsApp) { //如果是手机,则跳转到移动版,暂时关闭 header("HTTP/1.1 302 Moved Temporarily"); header("Status: 302 Moved Temporarily"); header('Location: ' . $CurProtocol . $Config['MobileDomainName'] . $RequestURI); exit; } $CurIP = CurIP(); $FormHash = FormHash(); // 限制不能打开.php的网址 if (strpos($RequestURI, '.php')) { AlertMsg('403', 'Forbidden', 403); } $CurrentDate = date('Y-m-d'); if ($Config['DaysDate'] != $CurrentDate) { if (!strtotime($Config['DaysDate'])) { $Config['DaysDate'] = $CurrentDate; } $DB->query('INSERT INTO `' . $Prefix . 'statistics` (`DaysUsers`, `DaysPosts`, `DaysTopics`, `TotalUsers`, `TotalPosts`, `TotalTopics`, `DaysDate`, `DateCreated`) SELECT :DaysUsers, :DaysPosts, :DaysTopics, :TotalUsers, :TotalPosts, :TotalTopics, :DaysDate, :DateCreated FROM dual