Example #1
0
 function locate($ip = null)
 {
     global $_SERVER;
     if (is_null($ip)) {
         $ip = getIP();
     }
     $host = str_replace('{IP}', $ip, $this->host);
     $host = str_replace('{CURRENCY}', $this->currency, $host);
     $data = array();
     $response = $this->fetch($host);
     $data = unserialize($response);
     //set the geoPlugin vars
     $this->ip = $ip;
     $this->city = array_key_exists('geoplugin_city', $data) ? $data['geoplugin_city'] : 'N/A';
     $this->region = array_key_exists('geoplugin_region', $data) ? $data['geoplugin_region'] : 'N/A';
     $this->regionCode = array_key_exists('geoplugin_regionCode', $data) ? $data['geoplugin_regionCode'] : 'N/A';
     $this->areaCode = array_key_exists('geoplugin_areaCode', $data) ? $data['geoplugin_areaCode'] : 'N/A';
     $this->dmaCode = array_key_exists('geoplugin_dmaCode', $data) ? $data['geoplugin_dmaCode'] : 'N/A';
     $this->countryCode = array_key_exists('geoplugin_countryCode', $data) ? $data['geoplugin_countryCode'] : 'N/A';
     $this->countryName = array_key_exists('geoplugin_countryName', $data) ? $data['geoplugin_countryName'] : 'N/A';
     $this->continentCode = array_key_exists('geoplugin_continentCode', $data) ? $data['geoplugin_continentCode'] : 'N/A';
     $this->latitude = array_key_exists('geoplugin_latitude', $data) ? $data['geoplugin_latitude'] : 'N/A';
     $this->longitude = array_key_exists('geoplugin_longitude', $data) ? $data['geoplugin_longitude'] : 'N/A';
     $this->currencyCode = array_key_exists('geoplugin_currencyCode', $data) ? $data['geoplugin_currencyCode'] : 'N/A';
     $this->currencySymbol = array_key_exists('geoplugin_currencySymbol', $data) ? $data['geoplugin_currencySymbol'] : 'N/A';
     $this->currencyConverter = array_key_exists('geoplugin_currencyConverter', $data) ? $data['geoplugin_currencyConverter'] : 'N/A';
 }
Example #2
0
 function isAllowedIP()
 {
     if (in_array(getIP(), _get("allowIP"))) {
         return true;
     }
     return false;
 }
Example #3
0
/**
 * [login description]
 * @return [type]       [description]
 */
function login()
{
    $name = $_REQUEST["name"];
    $password = $_REQUEST["password"];
    global $mysql, $prefix;
    $password = md5($prefix . $password);
    $user = $mysql->DBGetOneRow("`user`", "*", "`name` = '{$name}' and `isDeleted` = 'false' ");
    if ($user["name"] == $name && $user["password"] == $password) {
        $sessionId = session_id();
        $userName = $user["name"];
        $_SESSION["name"] = $userName;
        $_SESSION["realname"] = $user["realname"];
        $_SESSION["password"] = $user["password"];
        $_SESSION["level"] = $user["level"];
        $_SESSION["phone"] = $user["phone"];
        $_SESSION["mail"] = $user["mail"];
        $ip = getIP();
        $userAgent = $_SERVER['HTTP_USER_AGENT'];
        //update
        $mysql->DBUpdate('online_user', array('lastUpdateTime' => 'now()', 'offlineTime' => 'now()'), "`userName` = '?' and `offlineTime` is null ", array($userName));
        $obj = array('userName' => $name, 'onlineTime' => 'now()', 'sessionId' => $sessionId, 'lastUpdateTime' => 'now()', 'ip' => $ip, 'userAgent' => $userAgent);
        $mysql->DBInsertAsArray("`online_user`", $obj);
        return array('status' => 'successful', 'errMsg' => '', 'token' => $sessionId);
    }
    throw new Exception('用户或密码不正确!');
}
Example #4
0
function getOnlineUsers()
{
    global $Load;
    $Db = $Load->core("Db");
    $date = time();
    $time = 10;
    $time = $date - $time * 60;
    $IP = getIP();
    $user = SESSION("ZanUser");
    $Db->deleteBySQL("Start_Date < {$time}", "users_online_anonymous");
    $Db->deleteBySQL("Start_Date < {$time}", "users_online");
    if ($user) {
        $users = $Db->findBy("User", $user, "users_online");
        if (!$users) {
            $Db->insert("users_online", array("User" => $user, "Start_Date" => $date));
        } else {
            $Db->updateBySQL("users_online", "Start_Date = '{$date}' WHERE User = '******'");
        }
    } else {
        $users = $Db->findBy("IP", $IP, "users_online_anonymous");
        if (!$users) {
            $Db->insert("users_online_anonymous", array("IP" => $IP, "Start_Date" => $date));
        } else {
            $Db->updateBySQL("users_online", "Start_Date = '{$date}' WHERE IP = '{$IP}'");
        }
    }
}
Example #5
0
function checkLogin()
{
    global $db;
    $m_name = be("post", "m_name");
    $m_name = chkSql($m_name, true);
    $m_password = be("post", "m_password");
    $m_password = chkSql($m_password, true);
    $m_password = md5($m_password);
    $m_check = be("post", "m_check");
    if (isN($m_name) || isN($m_password) || isN($m_check)) {
        alertUrl("请输入您的用户名或密码!", "?action=login");
    }
    $row = $db->getRow("SELECT * FROM {pre}manager WHERE m_name='" . $m_name . "' AND m_password = '******' AND m_status=1");
    if ($row && $m_check == app_safecode) {
        sCookie("adminid", $row["m_id"]);
        sCookie("adminname", $row["m_name"]);
        sCookie("adminlevels", $row["m_levels"]);
        $randnum = md5(rand(1, 99999999));
        sCookie("admincheck", md5($randnum . $row["m_name"] . $row["m_id"]));
        $db->Update("{pre}manager", array("m_logintime", "m_loginip", "m_random"), array(date("Y-m-d H:i:s"), getIP(), $randnum), " m_id=" . $row["m_id"]);
        echo "<script>top.location.href='index.php';</script>";
    } else {
        alertUrl("您输入的用户名和密码不正确或者您不是系统管理员!", "?action=login");
    }
}
Example #6
0
 public static function load()
 {
     global $app;
     //IP判断=====================================
     $onlineip = getIP();
     $ipCity = new IpLocation(INCLUDE_DIR . 'ipdata/QQWry.Dat');
     $uCity = $ipCity->getlocation($onlineip);
     try {
         if (strcmp(trim($uCity['country']), '北京市') != 0) {
             throw new Exception('对不起您的IP不符合要求');
         }
     } catch (Exception $e) {
         $app->error($e->getMessage(), SITE_URL);
     }
     //===========================================
     if (isset($_SESSION[self::SESSION_KEY]) && isset($_SESSION[self::SESSION_KEY]['username'])) {
         if (isset($_SESSION[self::SESSION_KEY]['record'])) {
             $user = $_SESSION[self::SESSION_KEY]['record'];
         } else {
             $user = new User('username', $_SESSION[self::SESSION_KEY]['username']);
         }
     } else {
         if (isset($_COOKIE[self::COOKIE_KEY])) {
             $user = self::checkCookie($_COOKIE[self::COOKIE_KEY]);
         } else {
             return false;
         }
     }
     if (!$user) {
         return self::logout();
     }
     self::setInfos($user);
     return true;
 }
Example #7
0
function logUserAction()
{
    $command = "--";
    if (isset($_POST['command'])) {
        $command = strtolower($_POST['command']);
    }
    if ($command == 'user_login' || $command == 'user_logout' || $command == 'new_comment' || $command == 'rate_comment' || $command == 'register_new_user' || $command == 'update_page_rating' || $command == 'add_tag' || $command == 'rate_tag' || $command == 'delete_tag' || $command == 'get_pages_with_tag' || $command == 'follow_contact' || $command == 'unfollow_contact' || $command == 'add_link' || $command == 'rate_link') {
        $IP = getIP();
        $user_id = -1;
        if (isset($_SESSION['user_id'])) {
            $user_id = $_SESSION['user_id'];
        } else {
            if (isset($_POST['user_name'])) {
                $user_name = $_POST['user_name'];
                $query = "SELECT id FROM User WHERE name = '" . $user_name . "'";
                $result = mysql_query($query);
                if (mysql_num_rows($result) != 0) {
                    $result_row = mysql_fetch_assoc($result);
                    $user_id = $result_row['id'];
                }
            }
        }
        $country = IPtoCountry($IP);
        $query = "INSERT INTO ActivityLog (user_id, command, ip, country_code2) VALUE ('{$user_id}', '{$command}', '{$IP}', '{$country}')";
        $result = mysql_query($query);
    }
}
Example #8
0
 public function __construct()
 {
     global $canonical;
     $this->pageNum = $canonical->currentPage;
     $this->comList = array();
     $this->aID = $this->listBlocked = false;
     $this->totalCom = 0;
     $this->myIP = getIP();
 }
Example #9
0
 public function isBlockedIp($zoneID)
 {
     $ip = getIP();
     $cacheKey = "BlockIP_{$zoneID}_{$ip}";
     if (RedisHelper::hExist($cacheKey, 1)) {
         return true;
     }
     return false;
 }
Example #10
0
 function get_user($where)
 {
     $sql = $this->table($this->table)->where($where)->limit(1)->create_query();
     $row = $this->query($sql)->fetchrow();
     if (count($row) > 0) {
         $id = $row[0]['user_id'];
         $dt = array('user_lastlogin' => date("Y-m-d H:i:d"), 'user_lastloginip' => getIP());
         $update = $this->update($this->table, $dt, 'user_id = ' . $id);
     }
     return $row;
 }
Example #11
0
 public function tools($param)
 {
     $tid = $param['tid'];
     $ttype = $param['ttype'];
     $title = $param['title'];
     $contents = $param['contents'];
     $old_data = $param['old_data'];
     $nickname = $_SESSION[$this->config->item('rbac_auth_key')]["INFO"]["nickname"];
     $sql = "INSERT INTO system_tools_log (tid,ttype,title,contents,auser,aip,old_data)\n\t\t\t\tVALUES('{$tid}','{$ttype}','{$title}','{$contents}','{$nickname}','" . getIP() . "','{$old_data}')\n\t\t\t\t";
     $this->db->query($sql);
 }
function ExceedGuests()
{
    // ENTER MYSQL AND INSERT IP AND RANDOM ID IN TABLE
    // THEN SEND TO QUEUE LIST
    $IP = getIP();
    $insert = "INSERT INTO QueueList({$IP}), VALUES (?)";
    if ($connection->query($insert) === TRUE) {
        // successful
    } else {
        echo "Error";
    }
}
Example #13
0
 public function actionInstall()
 {
     $languages = get_all_langs();
     $language = isset($_GET['l']) && in_array($_GET['l'], $languages) ? $_GET['l'] : 'en';
     $installed = FALSE;
     $tips = array();
     if (!file_exists(CONFIGFILE)) {
         // Check the configuration file permissions
         $tips[] = t('CONFIG_FILE_NOTEXISTS', array('{config_file}' => CONFIGFILE), $language);
     } elseif (!is_writable(CONFIGFILE)) {
         $tips[] = t('CONFIG_FILE_NOTWRITABLE', array('{config_file}' => CONFIGFILE), $language);
     }
     if (!is_writable(APPROOT . '/data/')) {
         $tips[] = t('DATADIR_NOT_WRITABLE', array(), $language);
     }
     if (isset($_POST['dbtype'])) {
         if (!empty($_POST['adminname']) && !empty($_POST['adminpass']) && !empty($_POST['dbtype']) && !empty($_POST['dbusername']) && !empty($_POST['dbname']) && !empty($_POST['dbhost']) && strlen(trim($_POST['adminname'])) > 2) {
             $adminname = maple_quotes($_POST['adminname']);
             $adminpass = maple_quotes($_POST['adminpass']);
             $dbname = maple_quotes($_POST['dbname']);
             $tbprefix = $_POST['tbprefix'];
             $url = $_POST['dbtype'] . '://' . $_POST['dbusername'] . ':' . $_POST['dbpwd'] . '@' . $_POST['dbhost'] . '/' . $_POST['dbname'];
             #$db=YDB::factory($url);
             $formError = '';
             try {
                 $db = YDB::factory($url);
             } catch (Exception $e) {
                 $formError = $e->getMessage();
             }
         } else {
             $formError = t('FILL_NOT_COMPLETE', array(), $language);
         }
         if (!$formError) {
             $url_string = "<?php\n\$db_url = '{$url}';\n\$db_prefix = '{$tbprefix}';\n?>";
             file_put_contents(CONFIGFILE, $url_string);
             $sql_file = APPROOT . DIRECTORY_SEPARATOR . 'data' . DIRECTORY_SEPARATOR . $_POST['dbtype'] . '.sql';
             $sql_array = file($sql_file);
             $translate = array('{time}' => time(), '{ip}' => getIP(), '{admin}' => $adminname, '{adminpass}' => $adminpass, '{lang}' => $language, '<' => $tbprefix, '>' => '');
             foreach ($sql_array as $sql) {
                 $_sql = html_entity_decode(strtr(trim($sql), $translate), ENT_COMPAT, 'UTF-8');
                 $db->query($_sql);
             }
             $installed = TRUE;
             $_SESSION['admin'] = $_POST['adminname'];
         }
     }
     if (file_exists(dirname(dirname(__FILE__)) . '/install.php')) {
         include dirname(dirname(__FILE__)) . '/install.php';
     } else {
         die('Access denied!');
     }
 }
Example #14
0
/**
 * Checks whether the requesting ip is a known dilps system and is allowed access to this system
 *
 * @return boolean
 */
function interdilpsRequestorAllowed()
{
    global $config;
    require_once "{$config['includepath']}db.inc.php";
    global $db, $db_prefix;
    $ip = getIP();
    $allowed = false;
    $sql = "select access from {$db_prefix}interdilps_hosts where ip = " . $db->qstr($ip) . " and access > 0";
    if ($access = $db->GetOne($sql)) {
        $allowed = true;
    }
    return $allowed;
}
Example #15
0
 /**
  * 文件日志 
  * Enter description here ...
  * @param unknown_type $content
  * @param unknown_type $file
  * @param unknown_type $rank
  */
 public static function FileLog($content, $file = NULL, $rank = 0)
 {
     $filename = date("Y-m-d");
     $file ? $file = AppDir . "/Runtime/Log/" . $file . ".log" : ($file = AppDir . "/Runtime/Log/" . $filename . ".log");
     try {
         if ($f = fopen($file, "a+")) {
             $content = "服务器时间:[" . date("Y-m-d H:i:s") . "] 等级:" . $rank . " 日志内容如下:\r\n" . $content . " \r\n网址来源:http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "  来源IP:" . getIP() . "\r\n----------------------------------------------------------------------------------\r\n";
             return fwrite($f, $content);
         } else {
             return false;
         }
     } catch (Exception $es) {
         throw $es->getMessage();
     }
 }
Example #16
0
 /**
  * 表单提交
  */
 public function post()
 {
     //$this->load->helper('curl');
     $_SESSION['token'] = session_id();
     $ret = 0;
     $msg = '';
     $this->db->trans_start();
     try {
         $name = isset($_REQUEST['name']) ? trim(strip_tags($_REQUEST['name'])) : null;
         $tel = isset($_REQUEST['tel']) ? trim(strip_tags($_REQUEST['tel'])) : null;
         $address = isset($_REQUEST['address']) ? trim(strip_tags($_REQUEST['address'])) : null;
         $type = isset($_REQUEST['type']) ? trim(strip_tags($_REQUEST['type'])) : null;
         if (empty($name)) {
             $ret = 1001;
             $msg = 'name 不能为空~';
         } elseif (empty($tel)) {
             $ret = 1002;
             $msg = 'tel 不能为空~';
         } elseif (empty($address)) {
             $ret = 1003;
             $msg = 'address 不能为空~';
         } elseif (empty($type)) {
             $ret = 1004;
             $msg = 'type 不能为空~';
         } else {
             $data = array('name' => $name, 'tel' => $tel, 'address' => $address, 'type' => $type, 'create_ip' => getIP(), 'create_time' => date('Y-m-d H:i:s'));
             $this->db->insert('love2015_user', $data);
         }
         /*
         $this->db->where('phone', $phone);
         $count = $this->db->count_all_results('t_user');
         if($count < 0){
         	$ret = 1001;
         	$msg = '该手机号码已经被申领';
         }
         else{
         
         }
         */
     } catch (Exception $e) {
         $ret = 2000;
         $msg = $e->getMessage();
     }
     $this->db->trans_complete();
     $result = array('ret' => $ret, 'msg' => $msg);
     $this->output->set_content_type('application/json')->set_output(json_encode($result));
 }
Example #17
0
 function add_writing($id, &$writing, $user_id)
 {
     try {
         $ip = getIP();
         if (!isset($user_id)) {
             $user_id = "NULL";
         }
         date_default_timezone_set('PRC');
         $sql = "INSERT INTO\r\n                        `tomoe_writing`\t(\r\n                        `char_id`,\r\n                        `writing`,\r\n                        `user_id`,\r\n                        `ip`,\r\n                        `add_date`)\r\n                    VALUES(\r\n                        '" . $id . "',\r\n                \t'" . json_encode($writing) . "',\r\n                \t" . $user_id . ",\r\n                        '" . $ip . "',\r\n                \t'" . date("Y-m-d H:i:s") . "');";
         $result = $this->db->insert($sql);
         if ($result == 0) {
             throw new Exception("无法添加数据");
         }
     } catch (Exception $e) {
         throw $e;
     }
 }
Example #18
0
function guardarAccion($email, $accion)
{
    if (isset($_SESSION["codSesion"])) {
        $cod = $_SESSION["codSesion"];
        usuarioEstaOnline();
    } else {
        $cod = NULL;
        $email = NULL;
    }
    date_default_timezone_set("Europe/Madrid");
    $date = date('Y-m-d H:i:s');
    $ip = getIP();
    $sql = "INSERT INTO Acciones (cod_conexion,email,accion,time,ip) VALUES ('{$cod}','{$email}','{$accion}','{$date}','{$ip}')";
    $link = Conectar();
    $link->query($sql);
    $link->close();
}
Example #19
0
function verifyLogin()
{
    global $configArray;
    if (isset($_GET['logout'])) {
        unset($_SESSION['userId']);
        unset($_SESSION['username']);
        unset($_SESSION['userPassword']);
        unset($_SESSION['userEmail']);
        unset($_SESSION['userType']);
    }
    if (isset($_POST['login'])) {
        $email = $_POST['email'];
        $pass = $_POST['pass'];
        $loginSql = "SELECT *\n\t\t\t\tFROM conturi_admin c \n\t\t\t\tWHERE c.email = '" . $email . "' AND c.parola = '" . $pass . "' AND c.activ = '1' LIMIT 1";
        $_USER = getQueryInArray($loginSql, $configArray['dbcnx']);
        //print_r('<!-- qwerty '.$loginSql.' -->');
        $isUser = false;
        if (!count($_USER)) {
            $isUser = false;
        } else {
            $isUser = true;
        }
        if ($isUser) {
            $insertIntoLog = "INSERT INTO log SET ip = '" . mySqlEscape(getIP()) . "', " . " data = '" . mySqlEscape(date("Y-m-d H:i:s")) . "', " . " query = '" . mySqlEscape($loginSql) . "', " . " id_conturi = '" . mySqlEscape($_USER[0]['id']) . "', " . " obs ='AUTENTIFICARE ADMINISTRATOR' ";
            @mysql_query($insertIntoLog);
            $_SESSION['userId'] = intval($_USER[0]['id']);
            //cont_admin ID
            //$_SESSION['userId'] = intval($_USER[0]['user_id']); //conturi ID
            $_SESSION['username'] = ucwords(strtolower($_USER[0]['nume'])) . ' ' . ucwords(strtolower($_USER[0]['prenume']));
            $_SESSION['userEmail'] = $_USER[0]['email'];
            $_SESSION['userType'] = $_USER[0]['cont_tip'];
            $_SESSION['userPassword'] = $pass;
        }
        //endif isUser
        if (isset($_POST['backurl'])) {
            redirect($_POST['backurl']);
        }
    }
    //endif $_POST['login']
    if (!isset($_SESSION['userId']) && (!stristr($_SERVER['SCRIPT_NAME'], 'index.php') && !stristr($_SERVER['SCRIPT_NAME'], 'forgot_pass.php'))) {
        redirect('index.php?msg=1&url=' . $_SERVER['REQUEST_URI']);
    }
}
Example #20
0
 public static function login($login, $pw)
 {
     global $mysql;
     $query = "SELECT password FROM peq_admin WHERE login=\"{$login}\"";
     $result = $mysql->query_assoc($query);
     if ($result == '') {
         $_SESSION['error'] = 1;
         logSQL("Invalid login attempt. Bad username from IP: '" . getIP() . "'. Username: '******' Password: '******'.");
         return;
     }
     extract($result);
     if ($password == md5($pw)) {
         $_SESSION['login'] = $login;
         $_SESSION['password'] = md5($pw);
     } else {
         $_SESSION['error'] = 1;
         logSQL("Invalid login attempt. Bad password from IP: '" . getIP() . "'. Username: '******' Password: '******'.");
     }
 }
function log_mail($sender, $recipient, $subject, $body, $header = "")
{
    // build header
    $header = "From: " . $sender . "\r\n";
    $header .= 'Content-type: text/html; charset=iso-8859-1' . '\\r\\n';
    $status = date("l F j, Y  h:i:s a") . "\r\n";
    $status .= "IP:      " . getIP() . "\r\n";
    $status .= "From:    {$sender}\r\n";
    $status .= "To:      {$recipient}\r\n";
    $status .= "Subject: {$subject}\r\n";
    $result = mail($recipient, $subject, $body, $header);
    if ($result == true) {
        $status .= "Message sent successfully\r\n\r\n";
    } else {
        $status .= "Error sending message\r\n\r\n";
    }
    $fp = fopen("sendmail.log", "a");
    $write = fputs($fp, $status);
    fclose($fp);
    return $result;
}
function createBox($serviceName, $serverName, $customName)
{
    include './functions/dbconnect.php';
    $sql = 'select * from servers';
    $result = mysqli_query($con, $sql);
    if (mysqli_num_rows($result) > 0) {
        while ($row = mysqli_fetch_assoc($result)) {
            echo " Name: " . $row["server_custom_name"] . " | " . getIP($row["server_name"]) . "";
            echo "Response time (ms): " . pingServer($row["server_name"]);
        }
    } else {
        echo 'There are not data to display for this query.';
    }
    echo "<div class='box'>\n<h2>{$customName}  | ";
    getIP($serverName);
    echo "</h2>\n\t<hr>\n\t<span class='pingbox'>\n\t<h3>Ping</h3>";
    pingServer($serverName);
    echo "</span>\n\t<span class='servicebox'>\n\t<h3>Service Status</h3>\n\t";
    serviceStatus($serviceName, $serverName);
    echo "</span>\n</div>";
}
Example #23
0
function make_log_file()
{
    // log文件名
    $filename = 'mylogs.txt';
    // 去除rc-ajax评论以及cron机制访问记录
    if (strstr($_SERVER["REQUEST_URI"], "rc-ajax") == false && strstr($_SERVER["REQUEST_URI"], "wp-cron.php") == false) {
        $word .= date('mdHis', $_SERVER['REQUEST_TIME'] + 3600 * 8) . " ";
        //访问页面
        $word .= $_SERVER["REQUEST_URI"] . " ";
        //协议
        $word .= $_SERVER['SERVER_PROTOCOL'] . " ";
        //方法,POST OR GET
        $word .= $_SERVER['REQUEST_METHOD'] . " ";
        //$word .= $_SERVER['HTTP_ACCEPT'] . " ";
        //获得浏览器信息
        $word .= getbrowser() . " ";
        //传递参数
        $word .= "[" . $_SERVER['QUERY_STRING'] . "] ";
        //跳转地址
        $word .= $_SERVER['HTTP_REFERER'] . " ";
        //获取IP
        $word .= getIP() . " ";
        $word .= "\n";
        $day = date('md', $_SERVER['REQUEST_TIME'] + 3600 * 8);
        if (getIP() != "211.97.6.123") {
            if (file_exists($filename)) {
                $fh = fopen($filename, "r");
                $data = fread($fh, 10);
                if (substr($data, 0, 4) == $day) {
                    $fh = fopen($filename, "a");
                } else {
                    $fh = fopen($filename, "w");
                }
                //w
                fwrite($fh, $word);
                fclose($fh);
            }
        }
    }
}
Example #24
0
 private function write_log()
 {
     $this->load->model('log_model');
     $this->load->helper('ip');
     $first_segment = $this->uri->segment(1);
     $second_segment = $this->uri->segment(2);
     $third_segment = $this->uri->segment(3);
     $arr = array();
     $arr['cm'] = '';
     if ($first_segment == 'Backend') {
         $arr['cm'] = $second_segment . '@' . $third_segment;
     } else {
         $arr['cm'] = $first_segment . '@' . $second_segment;
     }
     $arr['ip'] = ip2long(getIP());
     $arr['opera_time'] = time();
     $admin = $this->session->userdata('admin');
     $arr['user'] = $admin['username'];
     if (!empty($arr['user'])) {
         $this->log_model->insert($arr);
     }
 }
Example #25
0
function saveData($sType)
{
    if (@$_SESSION['yzm'] == '') {
        Eerr('提示', '验证码失效');
    }
    //if instr("|"& getFormFieldList() &"|","|yzm|") then
    if (@$_SESSION['yzm'] != @$_POST['yzm']) {
        Eerr('提示', '验证码错误');
    }
    @($_SESSION['yzm'] = '');
    //清空验证码
    //保存文章评论
    if ($sType == 'articlecomment') {
        autoSavePostData('', 'tablecomment', 'tablename||ArticleDetail,adddatetime|now,itemid||' . @$_REQUEST['itemid'] . ',adddatetime,ip||' . getIP());
        aspEcho('提示', '评论提交成功,等待管理员审核');
    } else {
        if ($sType == 'feedback') {
            if (@$_POST['guestname'] == '') {
                Eerr('提示', '姓名为空');
            }
            autoSavePostData('', 'feedback', 'isthrough|numb|0,adddatetime|now,ip||' . getIP() . ',columnid||' . @$_GET['columnid']);
            aspEcho('提示', '反馈提交成功,等待管理员审核');
        } else {
            if ($sType == 'guestbook') {
                if (@$_POST['guestname'] == '') {
                    Eerr('提示', '姓名为空');
                }
                autoSavePostData('', 'guestbook', 'isthrough|numb|0,adddatetime|now,ip||' . getIP() . ',columnid||' . @$_GET['columnid']);
                aspEcho('提示', '留言提交成功,等待管理员审核');
            } else {
                if ($sType == 'articledetail') {
                    autoSavePostData('', 'articledetail', 'title|bodycontent,adddatetime|now,ip||' . getIP());
                    aspEcho('提示', '文章提交成功');
                }
            }
        }
    }
    die;
}
Example #26
0
 function regExplore($email, $name, $password)
 {
     //已写入动态
     if (!$this->emailIsExist($email)) {
         if (!$this->nameIsExist($name)) {
             date_default_timezone_set("Etc/GMT+8");
             $this->pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
             //禁用prepared statements的仿真效果
             $userFolder = "user/default/";
             $nowTime = date('Y-m-d H:i:s', time());
             $userIp = getIP();
             $sql = "INSERT INTO `basicprofile`(`email`, `name`, `password`, `location`, `sex`, `intro`, `detailIntro`, `face`, `background`,`backgroundBlur`, `emailVerified`, `place`, `nowPlace`,`sharingNum`, `ip`, `regTime`, `lastLoginTime`) \n\t\t\t\tVALUES (?,?,SHA1(?),'China','futa','explore','explore',?,?,?,0,'China','China',0,?,?,?)";
             $stmt = $this->pdo->prepare($sql);
             if ($stmt != false) {
                 $exeres = $stmt->execute(array($email, $name, $password, $userFolder . "photo.jpg", $userFolder . "background.jpg", $userFolder . "backgroundBlur.jpg", $userIp, $nowTime, $nowTime));
                 if ($exeres) {
                     $sql_dynamic = "INSERT INTO `dynamic`(`uid`, `dynamic`) VALUES (" . $this->pdo->lastInsertId() . ",'注册了Explore')";
                     $rowAffectedNum = $this->pdo->exec($sql_dynamic);
                     if ($rowAffectedNum != 0) {
                         return true;
                     } else {
                         return false;
                     }
                 } else {
                     print_r($stmt->errorInfo());
                     return false;
                 }
             } else {
                 return false;
             }
         } else {
             return -1;
             //名字重复
         }
     } else {
         return -2;
         /*邮箱重复*/
     }
 }
Example #27
0
function CheckSessions()
{
    global $lang, $game_config, $ugamela_root_path, $phpEx;
    includeLang('cookies');
    include $ugamela_root_path . 'config.' . $phpEx;
    $UserRow = array();
    if ($_SESSION[USER_SESSION]) {
        $UserRow = doquery("SELECT * FROM {{table}} WHERE `id` = " . $_SESSION[USER_SESSION][id], 'users', true);
        // USER FOUND?
        if (!$UserRow) {
            message($lang['cookies']['Error2']);
        }
        // CHECK PASS
        $Hash = md5($UserRow["password"] . "--" . $dbsettings["secretword"]);
        if ($Hash !== $_SESSION[USER_SESSION][password]) {
            message($lang['cookies']['Error3']);
        }
        // ONLY 1 IP :D
        if ($UserRow['user_lastip'] != $_SESSION[USER_SESSION][ip]) {
            message($lang['cookies']['Error1']);
        }
        $Qry = "UPDATE {{table}} SET ";
        $Qry .= "`onlinetime` = UNIX_TIMESTAMP(), ";
        $Qry .= "`user_lastip` = '" . getIP() . "', ";
        $Qry .= "`user_agent` = '" . $_SERVER['HTTP_USER_AGENT'] . "'";
        $Qry .= " WHERE `id` = " . $_SESSION[USER_SESSION][id] . " LIMIT 1;";
        doquery($Qry, 'users');
        if ($IsUserChecked == false) {
            $IsUserChecked = true;
        } else {
            $IsUserChecked = true;
        }
    }
    unset($dbsettings);
    $Return['state'] = $IsUserChecked;
    $Return['record'] = $UserRow;
    return $Return;
}
Example #28
0
 /**
  * db 处理统一接口
  */
 public function execute($sql = '', $type = 's')
 {
     $res['status'] = 1;
     $dbRes = false;
     switch ($type) {
         //select
         case 's':
             $dbRes = mysqli_query($this->conn, $sql);
             $data = $this->fetch_all_result($dbRes, 1);
             $res['data'] = $data[0];
             break;
             //insert
         //insert
         case 'i':
             $dbRes = mysqli_query($this->conn, $sql);
             $res['id'] = mysqli_insert_id($this->conn);
             break;
             //update
         //update
         case 'u':
             $dbRes = mysqli_query($this->conn, $sql);
             break;
             //delete
         //delete
         case 'd':
             $dbRes = mysqli_query($this->conn, $sql);
             break;
         default:
             # code...
             break;
     }
     if ($dbRes == true) {
         $res['status'] = 0;
     }
     Doo::logger()->info('time:' . date("Y-m-d H:i:s", time()) . "\tip:" . getIP() . "\tsql:" . $sql . "\t" . var_export($res['status'], true), 'DB');
     return $res;
 }
Example #29
0
{
    $ip = $_SERVER['SERVER_ADDR'];
    if (PHP_OS == 'WINNT') {
        $ip = getHostByName(getHostName());
    }
    if (PHP_OS == 'Linux') {
        $command = "/sbin/ifconfig";
        exec($command, $output);
        // var_dump($output);
        $pattern = '/inet addr:?([^ ]+)/';
        $ip = array();
        foreach ($output as $key => $subject) {
            $result = preg_match_all($pattern, $subject, $subpattern);
            if ($result == 1) {
                if ($subpattern[1][0] != "127.0.0.1") {
                    $ip = $subpattern[1][0];
                }
            }
            //var_dump($subpattern);
        }
    }
    return $ip;
}
echo getIP();
echo get_client_ip();
?>


	</body>
</html>
Example #30
0
    foreach ($banned as $key => $val) {
        if (preg_match("^{$val}", $ip_adr)) {
            $bool = true;
            break;
        }
    }
    if (empty($ip_adr) or $bool or !cek_ip($ip_adr)) {
        $ip_adr = @$_SERVER['REMOTE_ADDR'];
    }
    return $ip_adr;
}