function callback($ctx) { $jump = htmlspecialchars(trim($_GET['jump'])); self::validate_url($jump); if (!$this->appid || !$this->secret) { _redirect($jump); } $code = urlencode(htmlspecialchars(trim($_GET['code']))); if (!$code) { _redirect($jump); } $wx_url = 'https://api.weixin.qq.com/sns/oauth2/access_token'; $wx_url = "{$wx_url}?appid={$this->appid}&secret={$this->secret}&code={$code}&grant_type=authorization_code"; $resp = Http::get($wx_url); $ret = @json_decode($resp, true); if (is_array($ret) && $ret['openid']) { $connect = WxConnect::get_by('wx_openid', $ret['openid']); if ($connect) { Logger::info("wx_openid[{$ret['openid']}] oauth login, uid: {$connect->user_id}"); $profile = Profile::get($connect->user_id); if ($profile && $profile->status != Profile::STATUS_LOCK) { UC::force_login($profile); } } else { // 兼容 /weixin/bind, 因为它依赖 session 中的 openid, 所以这里设置 session_start(); $_SESSION['wx_openid'] = $ret['openid']; } } else { Logger::info("weixin oauth, code: {$code}, resp: {$resp}, " . Http::$error); } _redirect($jump); }
function edit($ctx) { _render('form'); try { $channel_id = (string) $_GET['id'] !== '' ? intval($_GET['id']) : ''; $m = Channel::get($channel_id); if (!$m) { _redirect($this->_list_url()); return; } $wx_info = WxChannelInfo::get($channel_id); if ($_POST) { $f = $_POST['f']; // 生成二维码 每次保存都更新一次 但是如果已经发放了 其实不能更新的 因为会过期 所以,永久的不能更新 临时的更新可以处理 $expire_type = intval($f['expire_type']); $expire_seconds = intval($f['expire_seconds']); $expire_seconds = max(0, $expire_seconds); $status = intval($f['status']); $wx_info = WxChannelInfo::qrcode_create($channel_id, $expire_type, $expire_seconds, $status); _redirect($this->_list_url()); } $ctx->wx_info = $wx_info; $ctx->m = $m; } catch (Exception $e) { $msg = $e->getMessage(); $ctx->errmsg = $msg; $ctx->m = $m; $ctx->wx_info = $wx_info; } }
function index($ctx) { $conf = App::$config['login']; if (strlen($conf['password']) < 6 || $conf['password'] == '12345678') { $ctx->errmsg = 'Password is not configured strong enough, you can not login'; return; } if ($_POST) { session_start(); $vcode = strtolower(htmlspecialchars($_POST['verify_code'])); if (!$vcode || $vcode !== strtolower($_SESSION['verify_code'])) { $ctx->errmsg = 'Wrong captcha code'; return; } $name = htmlspecialchars(trim($_POST['name'])); $password = htmlspecialchars(trim($_POST['password'])); if ($name === $conf['name'] && $password === $conf['password']) { $_SESSION['login_user'] = 1; _redirect('/'); return; } else { $ctx->errmsg = "Wrong username or password!"; } } }
function refresh_js_token($ctx) { $id = intval($_GET['id']); $account = WxAccount::get($id); $account->refresh_js_token(); _redirect(_list_url()); }
function init($ctx) { session_start(); $user = $_SESSION['admin_user']; if (!$user) { _redirect('admin/login'); } }
function del($ctx) { $id = intval($_GET['id']); $contract = Contract::get($id); if ($contract) { $contract->set_del(); } _redirect(_list_url()); }
function set_new($ctx) { $id = intval($_GET['id']); $tactics = Tactics::get($id); if ($tactics) { $tactics->set_new(); } _redirect(_list_url()); }
function init($ctx) { parent::init($ctx); $ctx->user = UC::auth(); if (!$ctx->user) { $url = $_SERVER['REQUEST_URI']; _redirect('login', array('jump' => $url)); return; } }
function success($ctx) { $ctx->title = '绑定成功'; $prj_subscribe_status = $_COOKIE['no_subscribe_prj'] ? WxConnect::PRJ_UNSUBSCRIBED : WxConnect::PRJ_SUBSCRIBED; setcookie('no_subscribe_prj', '', time() + 3600); if (!$ctx->user) { _redirect(_action('/')); } $uid = $ctx->user['id']; $wx_openid = $this->openid; if ($uid && $wx_openid) { WxConnect::bind($uid, $wx_openid); } setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, '', time() - 1, '/'); unset($_SESSION['wx_openid']); }
function index($ctx) { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!SafeUtil::verify_captcha($_POST['verify_code'])) { $ctx->errmsg = '验证码错误!'; return; } $name = htmlspecialchars(trim($_POST['name'])); $password = htmlspecialchars(trim($_POST['password'])); if ($name === 'admin' && $password === 'yuhun666') { $_SESSION['admin_user'] = 1; $url = _url('admin'); _redirect($url); return; } else { $ctx->errmsg = "用户名或密码错误!"; } } }
function index($ctx) { $conf = App::$config['login']; if (strlen($conf['password']) < 6) { $ctx->errmsg = 'Password is not configured strong enough, you can not login'; return; } if ($_POST) { $name = htmlspecialchars(trim($_POST['name'])); $password = htmlspecialchars(trim($_POST['password'])); if ($name === $conf['name'] && $password === $conf['password']) { $_SESSION['login_user'] = 1; _redirect('/'); return; } else { $ctx->errmsg = "Wrong username or password!"; } } }
function index($ctx) { $jump = htmlspecialchars(trim($_GET['jump'])); $host = Html::host(); if (!preg_match("/http(s)?:\\/\\/[^\\/]*{$host}\\//", $jump)) { $jump = ''; } // 验证 token $token = htmlspecialchars(trim($_GET['token'])); if (strlen($token) == 32) { $sess = WxTmpLogin::get_session($token); if ($sess) { WxTmpLogin::del_session($token); } } if (!$sess) { #if($token && !$_SESSION['wx_openid']){ # _throw("链接已经过期, 请重新获取微信消息!", 200); #} _redirect($jump); } session_start(); $_SESSION['wx_openid'] = $sess['openid']; $connect = WxConnect::get_by('wx_openid', $sess['openid']); if (!$connect) { setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, 1, time() + 3600 * 24, '/'); Logger::info("not connected wx_openid: {$sess['openid']}"); UC::logout(); } else { $uid = $connect->user_id; $profile = Profile::get($uid); setcookie('ltz_wx_binded', 1, time() + 3600 * 24 * 365, "/"); // 已经绑定了,直接删除该cookie if (isset($_COOKIE[WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX])) { setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, '', time() - 1, '/'); } Logger::info("wx_openid[{$sess['openid']}] login, uid: {$uid}, {$profile->name}"); UC::force_login($profile); } _redirect($jump); }
function index($ctx) { $aid = $_GET['aid'] ? intval($_GET['aid']) : 0; $account = WxAccount::get($aid); if (count($account) <= 0) { _redirect('/admin/weixin/account'); return; } $str_menu = $account->menu; $arr_menu = $this->format_wx_menu($str_menu); if (empty($arr_menu) || !isset($arr_menu['button'])) { $arr_menu = array(); } else { $arr_menu = $arr_menu['button']; } // 需要对sub_button 进行特殊处理,javascript对object和array的处理不一致 $ctx->aid = $aid; $ctx->menus = json_encode($arr_menu); $ctx->count = count($arr_menu); $ctx->account = $account; }
private function on_submit($ctx) { $conf = App::$config['login']; $req = array('name' => $_POST['name'], 'password' => $_POST['password']); $req = SafeUtil::safe_decrypt($req); if (!$req) { _throw("decrypt failed"); } $name = htmlspecialchars(trim($req['name'])); $password = htmlspecialchars(trim($req['password'])); $ctx->name = $name; $vcode = strtolower(htmlspecialchars($_POST['verify_code'])); if (!$vcode || $vcode !== strtolower($_SESSION['verify_code'])) { $ctx->errmsg = 'Wrong captcha code'; return; } if ($name === $conf['name'] && $password === $conf['password']) { $_SESSION['login_user'] = 1; _redirect('/'); return; } else { $ctx->errmsg = "Wrong username or password!"; } }
function del($ctx) { if ($_POST) { $k = $_POST['k']; if (is_array($k)) { $this->ssdb->multi_del($k); } else { $this->ssdb->del($k); } _redirect($_POST['jump']); return; } $k = $_GET['k']; if (!is_array($k)) { $k = array($k); } $ctx->ks = $k; $ctx->jump = $_SERVER['HTTP_REFERER']; if (!$ctx->jump) { $ctx->jump = _url('kv'); } }
<?php _redirect('admin/post/list');
function _view($m) { _redirect($this->_view_url($m)); }
static function _run() { if (base_path() == 'index.php') { _redirect(''); } ob_start(); App::init(); ob_clean(); $data = self::execute(); return $data; }
public function home() { global $core; error_reporting(0); $v = $this->__(w('v')); if (!$v['v']) { $sql = 'SELECT media_id FROM _bio_media WHERE media_type = ? AND media_mp3 = ? LIMIT 1'; $v['v'] = _field(sql_filter($sql, 1, 0), 'media_id', 0); } $tag_format = 'UTF-8'; $relative_path = '/data/artists/%s/media/'; $absolute_path = '/var/www/vhosts/rockrepublik.net/www' . $relative_path; $sql = 'SELECT m.*, b.bio_id, b.bio_name FROM _bio_media m LEFT JOIN _bio b ON m.media_bio = b.bio_id WHERE m.media_id = ?'; //$spaths = '/data/artists/' . $songd['ub'] . '/media/'; //$spath = '/var/www/vhosts/rockrepublik.net/httpdocs' . $spaths; if ($media = _fieldrow(sql_filter($sql, $v['v']))) { $row_relative = sprintf($relative_path, $media['bio_id']); $row_absolute = $absolute_path . $row_relative; $row_wma = $row_absolute . $media['media_id'] . '.wma'; $row_mp3 = $row_absolute . $media['media_id'] . '.mp3'; $rel_wma = '.' . $row_relative . $media['media_id'] . '.wma'; $rel_mp3 = '.' . $row_relative . $media['media_id'] . '.mp3'; if (@file_exists($rel_wma) && !@file_exists($rel_mp3) && !$media['media_mp3']) { exec('ffmpeg -i ' . $row_wma . ' -vn -ar 44100 -ac 2 -ab 64kb -f mp3 ' . $row_mp3); include_once XFS . XCOR . 'getid3/getid3.php'; $getID3 = new getID3(); $getID3->setOption(array('encoding' => $tag_format)); getid3_lib::IncludeDependency(GETID3_INCLUDEPATH . 'write.php', __FILE__, true); $tagwriter = new getid3_writetags(); $tagwriter->filename = getid3_lib::SafeStripSlashes($row_mp3); $tagwriter->tagformats = array('id3v1'); $tagwriter->overwrite_tags = true; $tagwriter->tag_encoding = $tag_format; $tagwriter->remove_other_tags = true; $tag_comment = 'Visita www.rockrepublik.net'; $media['album'] = !empty($media['media_album']) ? $media['media_album'] : 'Single'; $media['genre'] = !empty($media['media_genre']) ? $media['media_genre'] : 'Rock'; $media_f = array('title', 'name', 'album', 'genre'); foreach ($media_f as $mr) { $media['media_' . $mr] = getid3_lib::SafeStripSlashes(utf8_encode(html_entity_decode($media['media_' . $mr]))); } $tagwriter->tag_data = array('title' => array($media['media_title']), 'artist' => array($media['media_name']), 'album' => array($media['media_album']), 'year' => array(getid3_lib::SafeStripSlashes($media['media_year'])), 'genre' => array($media['media_genre']), 'comment' => array(getid3_lib::SafeStripSlashes($tag_comment)), 'tracknumber' => array('')); $tagwriter->WriteTags(); $sql = 'UPDATE _bio_media SET media_mp3 = ? WHERE media_id = ?'; _sql(sql_filter($sql, 1, $media['media_id'])); $fp = @fopen('./conv.txt', 'a+'); fwrite($fp, $row_mp3 . "\n"); fclose($fp); } if (!@file_exists($rel_wma)) { $sql = 'UPDATE _bio_media SET media_mp3 = ? WHERE media_id = ?'; _sql(sql_filter($sql, 2, $media['media_id'])); } } $sql = 'SELECT media_id FROM _bio_media WHERE media_type = ? AND media_mp3 = ? LIMIT 1'; if ($v_next = _field(sql_filter($sql, 1, 0), 'media_id', 0)) { sleep(1); _redirect(_link($this->m(), array('v' => $v_next))); } else { $this->e('no_next'); } return $this->e('.'); }
<?php include _i('inc/authenticate.php'); $lang = _getLang(); $pageTitle = _t('Add New Post'); $id = 0; $id = _arg(3); if ($id) { $pageTitle = _t('Edit Post'); } else { if ($lang != _defaultLang()) { _redirect('admin/post/setup/', null, _defaultLang()); } } include 'query.php'; ?> <!DOCTYPE html> <html lang="<?php echo _lang(); ?> "> <head> <title><?php echo _title($pageTitle); ?> </title> <?php include _i('inc/tpl/head.php'); ?> <?php _css('base.' . _getLang() . '.css');
<?php _redirect('admin/user/list');
<?php if (auth_isAnonymous()) { flash_set(_t('Your session is expired.'), '', 'error'); _redirect('admin/login'); } $timestamp = _arg(2); if ($timestamp) { if ($timestamp == $_auth->timestamp) { # Normal logout process auth_clear(); flash_set(_t('You have signed out successfully.')); _redirect('admin/login'); } }
function logout($ctx) { unset($_SESSION['admin_user']); _redirect('admin/login'); }
} } else { // die($m->ErrorInfo); if ($is_ajax === false) { _redirect('#alert_failed'); exit; } else { die('_failed_'); } } // mail() } else { // mail( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] ) mail($config['send_to'], $config['subject'], $email_body); if ($is_ajax === false) { _redirect('#alert_success'); exit; } else { die('_success_'); } } exit; } /** ******************************** ** * @REDIRECT #alert_success = email sent #alert_failed = email not sent - internal server error (404 error or SMTP problem) #alert_mandatory = email not sent - required fields empty ** ******************************** **/ function _redirect($hash) {
function init($ctx) { session_start(); $ctx->user = $_SESSION['login_user']; if (!$ctx->user) { _redirect('login'); return; } $servers = array(); if (isset(App::$config['ssdb'])) { $servers[] = App::$config['ssdb']; } if (isset(App::$config['servers'])) { $servers = array_merge($servers, App::$config['servers']); } if (!$servers) { _throw("No servers config!"); } $confs = array(); foreach ($servers as $s) { $k = "{$s['host']}:{$s['port']}"; $confs[$k] = $s; } if (isset($_GET['PHPSSDBADMIN_SERVER'])) { $conf_k = $_GET['PHPSSDBADMIN_SERVER']; setcookie('PHPSSDBADMIN_SERVER', $conf_k, time() + 86400 * 300, '/'); $_COOKIE['PHPSSDBADMIN_SERVER'] = $conf_k; } $conf_k = $_COOKIE['PHPSSDBADMIN_SERVER']; if (isset($confs[$conf_k])) { $conf = $confs[$conf_k]; } else { $conf = $servers[0]; } $ctx->conf = $conf; $ctx->conf_k = $conf_k; $ctx->confs = $confs; try { $this->ssdb = new SimpleSSDB($conf['host'], $conf['port']); } catch (Exception $e) { _throw("SSDB error: " . $e->getMessage()); } if (!empty($conf['password'])) { $this->ssdb->auth($conf['password']); } $req = $_GET + $_POST; if (isset($req['size'])) { $ctx->size = intval($req['size']); if ($ctx->size > 0) { setcookie('psa_size', $ctx->size, time() + 86400 * 30, '/'); $_COOKIE['psa_size'] = $ctx->size; } } if (isset($_COOKIE['psa_size'])) { $ctx->size = intval($_COOKIE['psa_size']); } else { $ctx->size = 0; } if ($ctx->size <= 0) { $ctx->size = 10; } }
$post = _post($_POST); extract($post); $validations = array('txtName' => array('caption' => _t('Name'), 'value' => $txtName, 'rules' => array('mandatory')), 'txtEmail' => array('caption' => _t('Email'), 'value' => $txtEmail, 'rules' => array('mandatory', 'email')), 'txtConfirmEmail' => array('caption' => _t('Re-type Email'), 'value' => $txtConfirmEmail, 'rules' => array('mandatory', 'email', 'validate_emailRetyped'), 'parameters' => array('validate_emailRetyped' => array($txtEmail)), 'messages' => array('mandatory' => _t('Please re-type Email.'), 'validate_emailRetyped' => _t('Your re-typed email address does not match.'))), 'txaComment' => array('caption' => _t('Comment'), 'value' => $txaComment, 'rules' => array('mandatory'))); /* form token check && input validation check */ if (form_validate($validations)) { /** * //// Database operation example * * $data = array( * // 'fieldname' => data * 'name' => $txtName, * 'email' => $txtEmail, * 'comment' => $txaComment * ); * * if (db_insert('comment', $data, $useSlug = false)) { // if the third parameter is omitted, your table must have a field "slug". * $commentId = db_insertId(); * $success = true; * } */ $success = true; # this should be set to true only when db operation is successful. if ($success) { form_set('success', true); flash_set(_t('Your comment has been posted.'), 'comment_posted'); _redirect(); } } else { form_set('error', validation_get('errors')); } }
$cArray = explode(',', $cids); $_Ccount = count($cArray); $k = isset($_GET['k']) ? $_GET['k'] : 0; $rs = $DreamCMS->db->get_results("SELECT id FROM #DC@__article WHERE cid in ({$cids}) and `visible`='1'"); empty($totle) && ($totle = count($rs)); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $totle ? $totle : $i + $speed; for ($j = $i; $j < $max; $j++) { MakeArticleHtm($rs[$j]['id']); echo "文章ID:" . $rs[$j]['id'] . "生成…<span style='color:green;'>√</span><br />"; flush(); } _header('admincp.php?do=html&operation=create&action=article&cid=' . $cids . '&totle=' . $totle . '&loop=' . ($loop + 1) . '&i=' . $j . $QUERY_STRING); } else { _redirect("生成列表", "文章更新完毕", 'create&action=catalog&cid=all', 'article'); } } } elseif ($startid && $endid) { $startid > $endid && !isset($_GET['g']) && alert("开始ID不能大于结束ID"); empty($totle) && ($totle = $endid - $startid + 1); empty($i) && ($i = $startid); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $endid ? $endid : $i + $speed; for ($j = $i; $j <= $max; $j++) { MakeArticleHtm($j); echo "文章ID:{$j}生成…<span style='color:green;'>√</span><br />"; flush(); } _header('admincp.php?do=html&operation=create&action=article&startid=' . $startid . '&endid=' . $endid . '&g&loop=' . ($loop + 1) . '&i=' . $j . $QUERY_STRING);
function hclear($ctx) { $req = $_POST + $_GET; if (!is_array($req['n'])) { $req['n'] = array(trim($req['n'])); } if ($_POST) { foreach ($req['n'] as $index => $n) { $n = trim($n); if (!strlen($n)) { continue; } $this->ssdb->hclear($n); } _redirect($_POST['jump']); } $ctx->ns = $req['n']; $ctx->jump = $_SERVER['HTTP_REFERER']; if (!$ctx->jump) { $ctx->jump = _url('hash/hscan', array('n' => $n)); } }
<?php $post = new stdClass(); $post->postBody = ''; $post->postTitle = ''; $post->slug = ''; if ($id) { $post = db_select('post', 'p')->where()->condition('postId', $id)->getSingleResult(); if ($post) { $post = _getTranslationStrings($post, array('postTitle', 'postBody'), $lang); } else { _redirect('admin/property/list'); } } $condition = array('deleted' => null); if ($id) { $condition[] = db_and(array('catId' => $post->catId, 'deleted !=' => null)); } $categories = db_select('category')->orWhere($condition)->orderBy('catName')->getResult();
/** * Redirect to 404 page * @return void */ function _page404() { _redirect('404'); }