public function register()
{
if (is_post()) {
$this->loadHelper('Validator');
if (captcha()) {
$data = ['email' => validate('email', 'email'), 'username' => validate('required', 'username'), 'password' => password_hash(validate('required', 'register_token'), PASSWORD_BCRYPT), 'token' => str_rand(40)];
if (validator($data)) {
if ($this->user->checkExistUser($data['email'])) {
$data2 = ['firstname' => validate('required', 'firstname'), 'lastname' => validate('required', 'lastname'), 'nickname' => validate('required', 'nickname'), 'major' => validate('required', 'major')];
if (validator($data2)) {
$this->user->createUser($data, $data2);
$validate = $this->user->validate($data['email'], $_POST['register_token']);
if (!empty($validate)) {
$_SESSION['auth'] = $validate;
$_SESSION['user'] = $this->user->getDetail($validate['id']);
cache_forgot('user.members.' . user('major'));
cache_forgot('user.get.members.' . user('major'));
}
}
}
}
}
}
return redirect('');
}
function send_password($email)
{
global $tblprefix;
global $ePwdSubject, $ePwdBody;
$config = Config::getInstance();
// generate a new password
$password = str_rand();
$dao = getUsersDAO();
if ($dao->resetPassword() != 0) {
return 0;
}
$email = $config->email;
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPAuth = true;
// SMTP username
$mail->Host = $config->smtp_host;
$mail->Username = $config->smtp_user;
$mail->Password = $config->smtp_password;
$mail->From = $config->trackemail;
$mail->AddAddress($email, '');
$mail->Subject = $ePwdSubject;
$mail->Body = str_replace("\$1", $username . "/" . $password, $ePwdBody);
if (!$mail->Send()) {
echo "Message could not be sent. <p>";
echo "Mailer Error: " . $mail->ErrorInfo;
exit;
}
}
public static function regenerateSession()
{
session_write_close();
session_regenerate_id(true);
session_id(str_rand(60));
session_start();
}
function resetPassword($email, $newpass)
{
global $tblprefix, $pdo;
// check we have a valid email address
// just drop out if we don't
$stmt = $pdo->prepare("SELECT id FROM " . $tblprefix . "users WHERE email = ?");
$stmt->bindParam(1, $email, PDO::PARAM_STR);
$stmt->execute();
$i = 0;
foreach ($stmt->fetch(PDO::FETCH_ASSOC) as $row) {
$id = $row["id"];
$i++;
}
$stmt->closeCursor();
if ($i != 0) {
return -1;
}
// generate a new password
$password = str_rand();
// update the table
// just drop out if it doesn't work out right
if (!$this->updatePasswordById($id, $password)) {
return -1;
}
return 0;
}
public function checkout_f()
{
$rslist = $this->model('cart')->get_all($this->cart_id);
if (!$rslist) {
error(P_Lang('您的购物车里没有任何产品'), $this->url, "notice", 5);
}
//生成随机码,以确定客户通过正确途径下单
$_SESSION['order_spam'] = str_rand(10);
$totalprice = 0;
foreach ($rslist as $key => $value) {
$totalprice += price_format_val($value['price'] * $value['qty'], $value['currency_id'], $this->site['currency_id']);
}
$price = price_format($totalprice, $this->site['currency_id']);
$this->assign('price', $price);
$this->assign("rslist", $rslist);
$shipping = $billing = array();
if ($_SESSION['user_id']) {
$shipping_list = $this->model('address')->address_list($_SESSION['user_id'], 'shipping');
if ($shipping_list) {
foreach ($shipping_list as $key => $value) {
if ($value['is_default']) {
$shipping = $value;
}
}
if (!$shipping) {
reset($shipping_list);
$shipping = current($shipping_list);
}
}
if ($this->site['biz_billing']) {
$billing_list = $this->model('address')->address_list($_SESSION['user_id'], 'billing');
if ($billing_list) {
foreach ($billing_list as $key => $value) {
if ($value['is_default']) {
$billing = $value;
}
}
if (!$billing) {
reset($billing_list);
$billing = current($billing_list);
}
}
}
} else {
if ($_SESSION['address']['shipping']) {
$shipping = $_SESSION['address']['shipping'];
}
if ($_SESSION['address']['billing']) {
$billing = $_SESSION['address']['billing'];
}
}
$this->assign('shipping', $shipping);
$this->assign('billing', $billing);
$this->view("cart_checkout");
}
/**
* 生成口令
* 6位随机数字字母组合+1位密钥长度(2~9)+12位密文+8位十六进制字符串(时间),总共27位
*/
static function token_create($expire = 10)
{
$secret_key = 'qO~H#!Z$j)@*p&#';
//密钥
$secret_key_len = mt_rand(2, 9);
//用于加密的密钥长度,使用动态长度的密钥来进行加密,增加破解难度
$secret_len = 12;
//密文长度
$text = str_rand(6, false);
//6位随机数字和字母组合
$secret_key = substr($secret_key, 0, $secret_key_len);
$time = dechex($_SERVER['REQUEST_TIME'] - ord($text) * $secret_key_len);
return $text . $secret_key_len . substr(md5(md5($text) . $secret_key), 0, $secret_len) . $time;
}
function random_alias()
{
$haveUnique = FALSE;
do {
$alias = str_rand(6);
$count = 0;
$r = db_query("select\n\t\tcount(`entity_id`) as count\n\t\tfrom field_data_field_alias\n\t\twhere `field_alias_value` = ':str'", array(":str" => $alias));
$obj = $r->fetchObject();
$count += $obj->count;
$r2 = db_query("select\n\t\tcount(link_path) as count\n\t\tfrom {menu_links} where link_path LIKE :str", array(":str" => $alias . '%'));
$obj2 = $r2->fetchObject();
$count += $obj2->count;
if ($count === 0) {
$haveUnique = TRUE;
}
} while (!$haveUnique);
return $alias;
}
private function _delete_key($type, $key)
{
$redis = $this->redis_model->get_redis_instance();
switch ($type) {
default:
//如果传空,即是整key删除
//如果传空,即是整key删除
case 'string':
$redis->delete($key);
break;
case 'hash':
$hkey = get_arg('hkey');
if ($hkey !== NULL) {
$redis->hDel($key, $hkey);
}
break;
case 'list':
$index = get_arg('index');
if ($index !== NULL) {
/*
* 说明:
* List本身并不具备单独移除单个值的操作
* 目前的操作方式为:将此index的值设置为一个很特殊的随机值,然后将此值移出list
* 此操作是一个风险点,我们是假定这个随机值是不存在于list中的,而事实上出现相同的机率很低
*/
$value = str_rand(69);
$redis->lSet($key, $index, $value);
$redis->lRem($key, $value, 1);
}
break;
case 'set':
$value = get_arg('value');
if ($value !== NULL) {
$redis->sRem($key, $value);
}
break;
case 'zset':
$value = get_arg('value');
if ($value !== NULL) {
$redis->zDelete($key, $value);
}
break;
}
}
if ($ret == -1) {
echo $strMonError . "\n";
} elseif ($ret == 1) {
// You are now monitoring this person
echo $strMonAccept . "\n";
} elseif ($ret == 2) {
// You are now not monitoring this person
echo $strMonCease . "\n";
}
} elseif (isset($person) && isset($email) && isset($action)) {
// we want to subscribe
$dao->delete_expired();
echo "<hr />\n";
echo "<h3>" . htmlspecialchars($_REQUEST["name"]) . "</h3>\n";
// produce a new key (md5 hash of email and person requested)
$newkey = md5(str_rand(20));
if ($action == "sub") {
$ret = $dao->trackByUnregistered($person, $_REQUEST["name"], $newkey, $email);
// if we get this error then already tracking
if ($ret == 1) {
echo $strAlreadyMon . "\n";
} else {
if ($ret == 0) {
echo $strMonRequest . "\n";
}
}
} elseif ($action == "unsub") {
$ret = $dao->untrackByUnregistered($person, $_REQUEST["name"], $newkey, $email);
if ($ret == 0) {
echo $strCeaseRequest . "\n";
} else {
public function create_f()
{
$rslist = $this->model('cart')->get_all($this->cart_id);
if (!$rslist) {
$this->json(P_Lang("您的购物车里没有产品"));
}
$totalprice = 0;
$qty = 0;
foreach ($rslist as $key => $value) {
$totalprice += price_format_val($value['price'] * $value['qty'], $value['currency_id'], $this->site['currency_id']);
$qty += $value['qty'];
}
$shipping = $this->shipping();
$billing = $this->billing();
$sn = $this->create_sn();
$array['sn'] = $sn;
$array['user_id'] = $_SESSION['user_id'];
$array['addtime'] = $this->time;
$array['qty'] = $qty;
$array['price'] = $totalprice;
$array['currency_id'] = $this->site['currency_id'];
$array['status'] = P_Lang('审核中');
$array['passwd'] = md5(str_rand(10));
$oid = $this->model('order')->save($array);
if (!$oid) {
$this->json(P_Lang('订单创建失败'));
}
foreach ($rslist as $key => $value) {
$tmp = array('order_id' => $oid, 'tid' => $value['tid']);
$tmp['title'] = $value['title'];
$tmp['price'] = price_format_val($value['price'], $value['currency_id'], $this->site['currency_id']);
$tmp['qty'] = $value['qty'];
$tmp['thumb'] = $value['thumb'] ? $value['thumb']['id'] : 0;
$tmp['ext'] = $value['ext'] ? serialize(unserialize($value['ext'])) : '';
$this->model('order')->save_product($tmp);
}
if ($shipping) {
$tmp = array('order_id' => $oid, 'type_id' => 'shipping');
$tmp['country'] = $shipping['country'];
$tmp['province'] = $shipping['province'];
$tmp['city'] = $shipping['city'];
$tmp['county'] = $shipping['county'];
$tmp['address'] = $shipping['address'];
$tmp['zipcode'] = $shipping['zipcode'];
$tmp['mobile'] = $shipping['mobile'];
$tmp['tel'] = $shipping['tel'];
$tmp['email'] = $shipping['email'];
$tmp['fullname'] = $shipping['fullname'];
$tmp['gender'] = $shipping['gender'];
$this->model('order')->save_address($tmp);
}
if ($billing) {
$tmp = array('order_id' => $oid, 'type_id' => 'billing');
$tmp['country'] = $billing['country'];
$tmp['province'] = $billing['province'];
$tmp['city'] = $billing['city'];
$tmp['county'] = $billing['county'];
$tmp['address'] = $billing['address'];
$tmp['zipcode'] = $billing['zipcode'];
$tmp['mobile'] = $billing['mobile'];
$tmp['tel'] = $billing['tel'];
$tmp['email'] = $billing['email'];
$tmp['fullname'] = $billing['fullname'];
$tmp['gender'] = $billing['gender'];
$this->model('order')->save_address($tmp);
}
$this->model('cart')->delete($this->cart_id);
$this->save_shipping($shipping);
$this->save_billing($billing);
$this->email_notice($array);
$rs = array('sn' => $sn, 'passwd' => $array['passwd'], 'id' => $oid);
$this->json($rs, true);
}
<?php print str_rand(16, '.-');
<?php
function str_rand($length = 32, $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
{
if (!is_int($length) || $length < 0) {
return false;
}
$characters_length = strlen($characters) - 1;
$string = '';
for ($i = $length; $i > 0; $i--) {
$string .= $characters[mt_rand(0, $characters_length)];
}
return $string;
}
$string = str_rand();
echo $string;
function edit_users($method, $who)
{
global $CONFIG, $TEMPLATE, $db;
if ($method == 'delete') {
// delete a user from users
if (isset($_POST['verify'])) {
$res =& $db->query("SELECT * FROM " . db_tablename('users'));
while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
if (isset($_POST['d' . $row['id']])) {
$db->query("DELETE FROM " . db_tablename('users') . " WHERE id='{$_POST['d' . $row['id']]}'");
$TEMPLATE->add_message(sprintf(lang('user_removed'), htmlspecialchars($row['user'])));
}
}
}
} else {
if ($method == 'update') {
// parse the info from $method == 'edit' into the database
$user = trim($_POST['user']);
if (check_username($user)) {
$db->query("UPDATE " . db_tablename('users') . " SET user="******", level=" . $db->quote((int) $_POST['level']) . " WHERE id=" . $db->quote((int) $who));
if ($_POST['password']) {
$salt = "\$1\$" . str_rand() . "\$";
$db->query("UPDATE " . db_tablename('users') . " SET `password`='" . crypt($_POST['password'], $salt) . "', salt='" . $salt . "' WHERE id=" . $db->quote((int) $who));
}
}
} else {
if ($method == 'edit') {
$res =& $db->query("SELECT * FROM " . db_tablename('users') . " WHERE id=" . $db->quote((int) $who));
$row = $res->fetchRow(DB_FETCHMODE_ASSOC);
if (isset($row['user'])) {
print $TEMPLATE->edit_user_page_form($row['id'], $who, htmlspecialchars($row['user']), $row['level']);
}
}
}
}
$innerhtml = '';
$res =& $db->query("SELECT * FROM " . db_tablename('users') . " ORDER BY level asc, user desc");
while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
$innerhtml .= $TEMPLATE->edit_user_page_table_row($row['id'], htmlspecialchars($row['user']), htmlspecialchars($row['password']), $row['level']);
}
print $TEMPLATE->edit_user_page_table($innerhtml);
}
public function getpass_f()
{
//判断是否是会员
if ($_SESSION['user_id']) {
$this->json(P_Lang('您已是本站会员,不能执行这个操作'));
}
//检测是否启用验证码
if ($this->config['is_vcode'] && function_exists('imagecreate')) {
$code = $this->get('_chkcode');
if (!$code) {
$this->json(P_Lang('验证码不能为空'));
}
$code = md5(strtolower($code));
if ($code != $_SESSION['vcode']) {
$this->json(P_Lang('验证码填写不正确'));
}
unset($_SESSION['vcode']);
}
$email = $this->get('email');
if (!$email) {
$this->json(P_Lang('邮箱不能为空'));
}
if (!phpok_check_email($email)) {
$this->json(P_Lang('邮箱验证不通过'));
}
$rs = $this->model('user')->user_email($email);
if (!$rs) {
$this->json(P_Lang('邮箱不存在'));
}
if (!$rs['status']) {
$this->json(P_Lang('会员账号审核中,暂时不能使用取回密码功能'));
}
if ($rs['status'] == '2') {
$this->json(P_Lang('会员账号被管理员锁定,不能使用取回密码功能,请联系管理员'));
}
if (!$this->site['email_server'] || !$this->site['email_account'] || !$this->site['email_pass']) {
$this->json(P_Lang('邮箱取回密码功能未启用,请联系我们的客服'));
}
$code = str_rand(10) . $this->time;
$this->model('user')->update_code($code, $rs['id']);
//获取邮件模板ID
$email_rs = $this->model('email')->get_identifier('getpass', $this->site['id']);
if (!$email_rs) {
$this->json(P_Lang('邮件模板为空,请配置邮件模板'));
}
$link = $this->url('login', 'repass', '_code=' . rawurlencode($code), 'www');
$this->assign('link', $link);
$this->assign('email', $email);
$this->assign('code', $code);
$this->assign('user', $rs);
$title = $this->fetch($email_rs["title"], "content");
$content = $this->fetch($email_rs["content"], "content");
//发送邮件
$info = $this->lib('email')->send_mail($email, $title, $content);
if (!$info) {
$this->json($this->lib('email')->error());
}
$this->json(true);
}
<?php
function str_rand($length = 0, $character = '0123456789abcdefghijklmnopqrstuvwyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
{
if (!is_int($length) || $length < 0) {
return false;
}
$character_length = strlen($character) - 1;
$str = '';
for ($i = $length; $i > 0; $i--) {
$str .= $character[mt_rand(0, $character_length - 1)];
}
echo $str;
}
str_rand(10);
function forgotepassword()
{
$data['title'] = 'Forgote password';
$this->load->model('adminmodel');
$this->form_validation->set_rules('email', 'Email', 'required|callback_userEmail_check');
if ($this->form_validation->run() == false) {
$this->load->view('admin/forgotepassword', $data);
} else {
$useremail = $this->input->post('userEmail');
//die($this->form_validation->run());
$userdetail = $this->adminmodel->checkusremail($useremail);
$username = $userdetail['userName'];
$userId = $userdetail['id'];
$newuserpassword = str_rand();
$getresult = $this->adminmodel->updatepassword($userId, md5($newuserpassword));
//die($newuserpassword);
if ($getresult) {
//Send email body
$from = $this->config->item('adminEmail');
$to = $userdetail['userEmail'];
$name = $userdetail['userName'];
$password = $newuserpassword;
$siteURL = NUMERA_SITE;
$subject = " Password Recovery";
$message = '';
$message .= '<tr>
<td bgcolor="#951118" style="font-family:segoe UI, Arial, sans-serif; font-size:13px; color:#FFF; padding:6px 10px;">
<font style="font-size:15px;">' . $subject . '</font>
</td>
</tr>';
$message .= '<tr>';
$message .= '<td valign="top" bgcolor="#ffffff" style="padding:12px;">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="26" style="font-family:Tahoma, Arial, sans-serif; font-size:11px;color:#575757;">
<strong>Hi Administrator,</strong>
</td>
</tr>
<tr>
<td style="font-family:Tahoma, Arial, sans-serif; font-size:11px; color:#575757; line-height:15px; padding-bottom:10px;">
You will find your login data below. Please keep this information secure & safe.
</td>
</tr>';
$message .= '<tr>
<td height="5">
</td>
</tr>
<tr>
<td align="left">
<table width="287" border="0" bgcolor="#D23D3D" cellspacing="1" cellpadding="6" style="border:solid 3px #D23D3D;">
<tr>
<td colspan="2">
<strong style="color:#FFF;">Login Information</strong>
</td>
</tr>
<tr>';
$message .= '<td bgcolor="#ffffff" width="100"><strong>Username</strong></td>';
$message .= '<td width="270" bgcolor="#ffffff">' . @$name . '</td>';
$message .= '</tr>';
$message .= '<tr>';
$message .= '<td bgcolor="#ffffff"><strong>Password</strong></td>';
$message .= '<td bgcolor="#ffffff">' . @$password . '</td>';
$message .= '</tr>';
$message .= '</table>';
$message .= '</td>
</tr>
<tr>
<td height="25"> </td>
</tr>
<tr>';
$message .= '<td>
</td>
</tr>
<tr>
<td height="25"></td>
</tr>
<tr style="color:black;">
';
$message .= '<td>Regards,<br />';
$message .= '<a href="' . NUMERA_SITE . '">' . $this->config->item('siteName') . '</a><br />';
$message .= '</td></tr>';
$message .= '</table>';
$message .= '</tr>';
$body = getNotificationTheme($siteURL . ' Password Recovery.', $message, '');
$this->email->from($from);
$this->email->to($to);
$this->email->subject($siteURL . ' Password Recovery.');
$this->email->message($body);
$this->email->set_mailtype('html');
//pr($body);
$this->email->send();
$this->session->set_flashdata('message', '<div class="alert-success">New password has been sent on email.</div>');
} else {
$this->session->set_flashdata('message', '<div class="alert-error">Email is not send, try again!</div>');
}
redirect('admin/forgotepassword', 'refresh');
//$this->load->view('admin/forgotepassword',$data);
}
}
// One valid range, send standard reply
http_response_code(206);
// Partial Content
list($start, $end) = $offsets[0];
header("Content-Range: bytes {$start}-{$end}/{$filelength}");
header("Content-Type: {$content_type}");
// Set variables to allow code reuse code across this case and the next one
// Note: 0-0 is 1 byte long, because we're inclusive
$content_length = $end - $start + 1;
$boundaries = array(0 => '', 1 => '');
break;
default:
// Multiple valid ranges, send multipart reply
http_response_code(206);
// Partial Content
$boundary = str_rand(32);
// String to separate each part
/*
Need to compute Content-Length of entire response,
but loading the entire response into a string could use a lot of memory,
so calculate value using the offsets.
Take this opportunity to also calculate the boundaries.
*/
$boundaries = array();
$content_length = 0;
foreach ($offsets as $offset) {
list($start, $end) = $offset;
// Used to split each section
$boundary_header = "\r\n" . "--{$boundary}\r\n" . "Content-Type: {$content_type}\r\n" . "Content-Range: bytes {$start}-{$end}/{$filelength}\r\n" . "\r\n";
$content_length += strlen($boundary_header) + ($end - $start + 1);
$boundaries[] = $boundary_header;
}
require_once 'common.inc.php';
if (isset($_GET['key'])) {
// String
if (!isset($_GET['type']) || $_GET['type'] == 'string') {
// Delete the whole key.
$redis->delete($_GET['key']);
} else {
if ($_GET['type'] == 'hash' && isset($_GET['hkey'])) {
// Delete only the field in the hash.
$redis->hDel($_GET['key'], $_GET['hkey']);
} else {
if ($_GET['type'] == 'list' && isset($_GET['index'])) {
// Lists don't have simple delete operations.
// You can only remove something based on a value so we set the value at the index to some random value we hope doesn't occur elsewhere in the list.
$value = str_rand(69);
// This code assumes $value is not present in the list. To make sure of this we would need to check the whole list and place a Watch on it to make sure the list isn't modified in between.
$redis->lSet($_GET['key'], $_GET['index'], $value);
$redis->lRem($_GET['key'], $value, 1);
} else {
if ($_GET['type'] == 'set' && isset($_GET['value'])) {
// Removing members from a set can only be done by supplying the member.
$redis->sRem($_GET['key'], $_GET['value']);
} else {
if ($_GET['type'] == 'zset' && isset($_GET['value'])) {
// Removing members from a zset can only be done by supplying the value.
$redis->zDelete($_GET['key'], $_GET['value']);
}
}
}
}
function subscriptionData($op, $mail = FALSE, $key = FALSE, $autoConfirm = false)
{
switch ($op) {
case 'create':
if ($autoConfirm) {
$insert = db_insert('libya_subscriptions')->fields(array('mail' => $mail, 'code' => str_rand(12), 'confirm' => 1, 'sid' => 0))->execute();
} else {
$insert = db_insert('libya_subscriptions')->fields(array('mail' => $mail['mail'], 'code' => $mail['rand'], 'confirm' => 0, 'sid' => 0))->execute();
}
return $insert;
break;
case 'read':
$data = NULL;
if (!$key) {
$r = db_query("select * from libya_subscriptions where `mail` = :mail", array(":mail" => $mail));
$data = $r->fetchObject();
} else {
$r = db_query("select * from libya_subscriptions where `mail` = :mail and code = :code", array(":mail" => $mail, ':code' => $key));
$data = $r->fetchObject();
}
return $data;
break;
case 'update':
$update = db_merge('libya_subscriptions')->key(array('sid' => $mail->sid))->fields(array('mail' => $mail->mail, 'code' => $mail->code, 'confirm' => $mail->confirm, 'sid' => $mail->sid))->execute();
return $update;
break;
case "delete":
$r = db_query("delete from libya_subscriptions where mail = :mail and code = :code", array(":mail" => $mail, ':code' => $key));
break;
default:
return NULL;
break;
}
}
<td><input type="password" name="adminpass" value="password">
</tr>
<tr>
<td>Admin EMail
<td><input type="text" name="admin_email" value="qdb@<?php
echo $_SERVER['SERVER_NAME'];
?>
">
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td>Secret Salt
<td><input type="text" name="secret_salt" value="<?php
echo str_rand();
?>
"> (Used to encrypt some things)
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td>Site Language
<td><select name="language"><?php
foreach ($languages as $l) {
echo '<option value="' . $l . '">' . $l;
}
?>
</select>
</tr>
function mk_user($username, $password)
{
print 'Creating user ' . $username . ': ';
$salt = str_rand();
$level = 1;
$str = "INSERT INTO " . db_tablename('users') . " (user, password, level, salt) VALUES('{$username}', '" . crypt($password, "\$1\$" . substr($salt, 0, 8) . "\$") . "', '{$level}', '\$1\$" . $salt . "\$');";
return db_query($str);
}
$pagearray = array();
$pagearray['title'] = $bhlang['install:title:bytehoard_installation'] . " :: " . $bhlang['install:title:create_administrator'];
# Random string function. Author: Aidan Lister <aidan at php dot net>.
# From http://aidan.dotgeek.org/lib/?file=function.str_rand.php
function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789')
{
$str = '';
$seeds_count = strlen($seeds);
// Seed
list($usec, $sec) = explode(' ', microtime());
$seed = (double) $sec + (double) $usec * 100000;
mt_srand($seed);
// Generate
for ($i = 0; $length > $i; $i++) {
$str .= $seeds[mt_rand(0, $seeds_count - 1)];
}
return $str;
}
require_once "../config.inc.php";
require_once "../includes/db/" . $dbconfig['dbmod'];
require_once "../includes/filesystem/filesystem/filesystem.inc.php";
require_once "../includes/users.inc.php";
require_once "../includes/configfunc.inc.php";
bh_loadconfig();
# Create administrator user with random password and add to database
$adminuser = "******";
$adminpass = str_rand();
bh_adduser($adminuser, $adminpass, "/" . $adminuser, "admin");
$pagearray['content'] = $bhlang['install:createadmin:explain'] . "<br><br>" . $bhlang['label:username'] . " " . $adminuser . "<br>" . $bhlang['label:password'] . " " . $adminpass;
$pagearray['continue'] = 1;
return $pagearray;
public function repass_f()
{
$_SESSION['repass_spam_code'] = str_rand(10);
$code = $this->get('_code');
if (!$code) {
error(P_Lang('验证码不能为空'), '', 'error');
}
$time = intval(substr($code, -10));
if ($this->time - $time > 24 * 60 * 60) {
error(P_Lang('验证码超时过期,请重新获取'), $this->url('login', 'getpass'), 'error', 10);
}
$uid = $this->model('user')->uid_from_chkcode($code);
if (!$uid) {
error(P_Lang('验证码不存在'), $this->url('login', 'getpass'), 'error', 10);
}
$user = $this->model('user')->get_one($uid);
$this->assign("user", $user);
$this->assign('code', $code);
$this->view('login_repass');
}
public function upload()
{
$this->middleware('Auth');
$this->loadHelper('User');
if (role_check() && is_post()) {
if (!empty($_FILES['image'])) {
$_path = APP_PATH . 'contents/major/' . user('major') . '/';
if (!file_exists($_path)) {
mkdir($_path, 0755, true);
mkdir($_path . 'thumbs', 0755, true);
}
$getSize = @glob($_path . '*.*', GLOB_BRACE);
$size = (int) 0;
foreach ($getSize as $list) {
$size = $size + filesize($list);
}
unset($getSize, $list);
$size = round($size / 1000 / 1000);
if ($size <= 50) {
$file = $_FILES['image']['tmp_name'];
$filesize = filesize($file) / 1000;
if ($filesize <= 1024) {
$thumbs_width = 125;
$thumbs_height = 125;
$mime = @getimagesize($file);
switch ($mime['mime']) {
case 'image/jpeg':
$image = imagecreatefromjpeg($file);
$ext = '.jpg';
break;
case 'image/png':
$image = imagecreatefrompng($file);
$ext = '.png';
break;
case 'image/bmp':
$image = imagecreatefromwbmp($file);
$ext = '.bmp';
break;
case 'image/gif':
$image = imagecreatefromgif($file);
$ext = '.gif';
break;
default:
exit(' "{code": 0,"data":"Errors." }');
break;
}
$thumbs = ImageCreateTrueColor($thumbs_width, $thumbs_height);
$dst_ratio = $mime['0'] / $mime['1'];
$img_ratio = $thumbs_width / $thumbs_height;
if ($dst_ratio >= $img_ratio) {
$dst_h = $mime['1'];
$dst_w = $dst_h / $img_ratio;
$dst_x = ($mime['0'] - $dst_w) / 2;
$dst_y = 0;
} else {
$dst_w = $mime['0'];
$dst_h = $dst_w / $img_ratio;
$dst_x = 0;
$dst_y = ($mime['1'] - $dst_h) / 2;
}
$img_name = str_rand(10);
$thumbs_path = APP_PATH . 'contents/major/' . user('major') . '/thumbs/' . $img_name . '.jpg';
$image_path = 'major/' . user('major') . '/' . $img_name . $ext;
imagecopyresampled($thumbs, $image, 0, 0, $dst_x, $dst_y, $thumbs_width, $thumbs_height, $dst_w, $dst_h);
imagejpeg($thumbs, $thumbs_path, 70);
move_uploaded_file($file, APP_PATH . 'contents/' . $image_path);
imagedestroy($thumbs);
imagedestroy($image);
echo '{ "code": 1,"data":"' . content($image_path) . '" }';
exit;
}
echo '{ "code": 2,"data":"ขนาดไฟล์ใหญ่เกิน 1 Mb" }';
exit;
}
echo '{ "code": 3,"data":"พื้นที่เก็บข้อมูลเต็ม" }';
exit;
}
}
echo '{ "code": 0,"data":"Errors." }';
}
function add_user_page()
{
return ' <div id="admin_add-user_all">
<h1 id="admin_add-user_title">' . lang('add_user_title') . '</h1>
<form method="post" action="?' . urlargs('add_user', 'update') . '">
<table>
<tr><td>' . lang('add_user_username_label') . '</td><td><input type="text" name="username" id="admin_add-user_username" /></td></tr>
<tr><td>' . lang('add_user_randomsalt_label') . '</td><td><input type="text" name="salt" value="' . str_rand(8, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') . '" id="admin_add-user_salt" /></td></tr>
<tr><td>' . lang('add_user_password_label') . '</td><td><input type="text" name="password" /></td></tr>
<tr><td>' . lang('add_user_level_label') . '</td><td>' . user_level_select() . '</td></tr>
<tr><td></td><td><input type="submit" value="' . lang('add_user_btn') . '" id="admin_add-user_submit" /></td></tr>
</table>
</form>
</div>
';
}
function libya_quick_subscribe_form_submit($form, &$form_state)
{
$mail = $form_state['values']['mail'];
$data = array('rand' => str_rand(12), 'mail' => $mail, 'confirm' => 0);
subscriptionData('create', $data);
subscribeSendMail($data);
drupal_set_message(t('Email subscribed. Please check your mail for the confirmation link. You must confirm your email for your subscription to become active. Thank you.'));
}
/**
* @ Function Name : forgotPassword
* @ Function Purpose : display the forgot password form to user to recover a password
* @ Function Returns :
*/
function forgotPassword()
{
$data['title'] = 'Forgot password';
$this->form_validation->set_rules('email', 'Email', 'required|callback_userEmail_check');
if ($this->form_validation->run() == false) {
$this->load->view('users/forgotpassword', $data);
} else {
$useremail = $this->input->post('email');
//die($this->form_validation->run());
/* Check email id is valid or not */
$userdetail = $this->usermodel->getUserDetailsByEmail($useremail);
if (isset($userdetail) && !empty($userdetail)) {
/* Check email id is client email or user email */
if (isset($userdetail->id)) {
$usergoogledetail = $this->usermodel->getUserGoogleidbyemail($useremail, $userdetail->id);
}
if (isset($usergoogledetail->email) && isset($userdetail->id)) {
/* Client information */
$IsuserEamil = 'Client';
$getuserpassword = $usergoogledetail->password;
$name = $userdetail->userName;
$loginName = $usergoogledetail->email;
} else {
/* User information */
$IsuserEamil = 'User';
$newuserpassword = str_rand();
$getuserpassword = $newuserpassword;
$name = $userdetail->userName;
$userId = $userdetail->id;
$loginName = $userdetail->userName;
$getresult = $this->usermodel->updatepassword($userId, md5($newuserpassword));
}
if (isset($IsuserEamil) && isset($getuserpassword)) {
//Send email body
$from = $this->config->item('adminEmail');
$to = $userdetail->userEmail;
$name = $name;
$loginName = $loginName;
$password = $getuserpassword;
$siteURL = NUMERA_SITE;
$subject = $this->lang->line("forgote_password_lbl");
$message = '';
$message .= '<tr>
<td bgcolor="#951118" style="font-family:segoe UI, Arial, sans-serif; font-size:13px; color:#FFF; padding:6px 10px;">
<font style="font-size:15px;">' . $subject . '</font>
</td>
</tr>';
$message .= '<tr>';
$message .= '<td valign="top" bgcolor="#ffffff" style="padding:12px;">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="26" style="font-family:Tahoma, Arial, sans-serif; font-size:11px;color:#575757;">
<strong>' . $this->lang->line("hi_label") . ' ' . ucfirst(@$name) . ',</strong>
</td>
</tr>
<tr>
<td style="font-family:Tahoma, Arial, sans-serif; font-size:11px; color:#575757; line-height:15px; padding-bottom:10px;">
' . $this->lang->line('your_login_data_below') . '
</td>
</tr>';
$message .= '<tr>
<td height="5">
</td>
</tr>
<tr>
<td align="left">
<table width="287" border="0" bgcolor="#D23D3D" cellspacing="1" cellpadding="6" style="border:solid 3px #D23D3D;">
<tr>
<td colspan="2">
<strong style="color:#FFF;">' . $this->lang->line('login_information_label') . '</strong>
</td>
</tr>
<tr>';
$message .= '<td bgcolor="#ffffff" width="100" style="font-family:segoe UI, Arial, sans-serif; font-size:13px;" ><strong>' . $this->lang->line('admin_user_name_label') . '</strong></td>';
$message .= '<td width="270" bgcolor="#ffffff">' . @$loginName . '</td>';
$message .= '</tr>';
$message .= '<tr>';
$message .= '<td bgcolor="#ffffff" style="font-family:segoe UI, Arial, sans-serif; font-size:13px; ><strong>' . $this->lang->line('admin_user_password_label') . '</strong></td>';
$message .= '<td bgcolor="#ffffff">' . @$password . '</td>';
$message .= '</tr>';
$message .= '</table>';
$message .= '</td>
</tr>
<tr>
<td height="25"> </td>
</tr>
<tr>';
$message .= '<td>
</td>
</tr>
<tr>
<td height="25"></td>
</tr>
<tr style="color:black;">
';
$message .= '<td>' . $this->lang->line('admin_thanksandregards_label') . ',<br />';
$message .= '<a href="' . NUMERA_SITE . '">' . $this->config->item('siteName') . '</a><br />';
$message .= '</td></tr>';
$message .= '</table>';
$message .= '</tr>';
$body = getNotificationTheme($siteURL . $this->lang->line("forgote_password_lbl"), $message, '');
$this->email->from($from);
$this->email->to($to);
$this->email->subject($siteURL . $this->lang->line("forgote_password_lbl"));
$this->email->message($body);
$this->email->set_mailtype('html');
//pr($body);
$this->email->send();
$this->session->set_flashdata('message', '<div class="alert-success">' . $this->lang->line('password_sent_label') . '</div>');
} else {
$this->session->set_flashdata('message', '<div class="alert-error">' . $this->lang->line('password_not_sent_label') . '</div>');
}
} else {
$this->session->set_flashdata('message', '<div class="alert-error">' . $this->lang->line('email_not_exist_label') . '</div>');
}
redirect('users/forgotpassword');
//$this->load->view('admin/forgotepassword',$data);
}
}
