function captcha($lang, $arglist = false) { $id = false; if (is_array($arglist)) { if (isset($arglist[0])) { $id = $arglist[0]; } } $accepted = array('login', 'register', 'remindme', 'mailme', 'subscribe', 'unsubscribe', 'comment'); if ($id and !in_array($id, $accepted)) { return run('error/badrequest', $lang); } $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $code = strrand($charset, 4); if ($id) { $_SESSION['captcha'][$id] = $code; } $img = strtag($code); header('Content-Type: image/png'); header("Content-Disposition: inline; filename=captcha.png"); header("Cache-Control: no-cache"); imagepng($img); imagedestroy($img); return false; }
function createImage($strSessionVar, $rgBgColor, $rgTextColor, $x, $y) { $iRandVal = strrand(10); $_SESSION[$strSessionVar] = $iRandVal; $im = imagecreate($x, $y) or die("Cannot Initialize new GD image stream"); $background_color = imagecolorallocate($im, $rgBgColor[0], $rgBgColor[1], $rgBgColor[2]); $text_color = imagecolorallocate($im, $rgTextColor[0], $rgTextColor[1], $rgTextColor[2]); $white = imagecolorallocate($im, 0xff, 0xff, 0xff); // genaueres zur Funktion auf php.net imagestring($im, 5, 3, 3, $iRandVal, $text_color); //some obfuscation for ($i = 0; $i < 3; $i++) { $x1 = rand(0, $x - 1); $y1 = rand(0, round($y / 10, 0)); $x2 = rand(0, round($x / 10, 0)); $y2 = rand(0, $y - 1); imageline($im, $x1, $y1, $x2, $y2, $white); $x1 = rand(0, $x - 1); $y1 = $y - rand(1, round($y / 10, 0)); $x2 = $x - rand(1, round($x / 10, 0)); $y2 = rand(0, $y - 1); imageline($im, $x1, $y1, $x2, $y2, $white); } // Header schicken header("Content-type: image/png"); // PNG Bild erzeugen und senden imagepng($im); // Bild auf dem Server loeschen imagedestroy($im); }
function createImage($strSessionVar) { $cfg = EasySCP_Registry::get('Config'); $rgBgColor = $cfg->LOSTPASSWORD_CAPTCHA_BGCOLOR; $rgTextColor = $cfg->LOSTPASSWORD_CAPTCHA_TEXTCOLOR; $x = $cfg->LOSTPASSWORD_CAPTCHA_WIDTH; $y = $cfg->LOSTPASSWORD_CAPTCHA_HEIGHT; $font = $cfg->LOSTPASSWORD_CAPTCHA_FONT; $iRandVal = strrand(8, $strSessionVar); $im = imagecreate($x, $y) or die('Cannot initialize new GD image stream.'); // Set background color imagecolorallocate($im, $rgBgColor[0], $rgBgColor[1], $rgBgColor[2]); $text_color = imagecolorallocate($im, $rgTextColor[0], $rgTextColor[1], $rgTextColor[2]); $white = imagecolorallocate($im, 0xff, 0xff, 0xff); imagettftext($im, 34, 0, 5, 50, $text_color, $font, $iRandVal); // some obfuscation for ($i = 0; $i < 3; $i++) { $x1 = mt_rand(0, $x - 1); $y1 = mt_rand(0, round($y / 10, 0)); $x2 = mt_rand(0, round($x / 10, 0)); $y2 = mt_rand(0, $y - 1); imageline($im, $x1, $y1, $x2, $y2, $white); $x1 = mt_rand(0, $x - 1); $y1 = $y - mt_rand(1, round($y / 10, 0)); $x2 = $x - mt_rand(1, round($x / 10, 0)); $y2 = mt_rand(0, $y - 1); imageline($im, $x1, $y1, $x2, $y2, $white); } // send Header header("Content-type: image/png"); // create and send PNG image imagepng($im); // destroy image from server imagedestroy($im); }
public function forgetpsw() { //发送验证码 $messagekey = $_POST['messagekey']; //判断是否是发送短信 $vipcode = $_POST['vipcode']; //获取vip会员卡号 if (IS_POST) { if (empty($vipcode)) { $this->error("请填写vip卡号"); } $parm = new StdClass(); $parm->astr_request = new StdClass(); $parm->astr_request->header = new StdClass(); $parm->astr_request->header->username = "******"; $parm->astr_request->header->password = "******"; $parm->astr_request->header->pagerecords = 20; //每页显示多少条信息 $parm->astr_request->header->pageno = 1; //当前第几页 $parm->astr_request->header->updatecount = 1; $parm->astr_request->search->vipcode = $vipcode; $parm->astr_request->search->fromage = 0; $parm->astr_request->search->toage = 0; $parm->astr_request->search->frombirthdaymm = 0; $parm->astr_request->search->tobirthdaymm = 0; $parm->astr_request->search->frombirthdaydd = 0; $parm->astr_request->search->tobirthdaydd = 0; $parm->astr_request->search->fromcurrentbonus = 0; $parm->astr_request->search->tocurrentbonus = 0; $parm->astr_request->search->fromaccumulatedsalesamt = 0; $parm->astr_request->search->toaccumulatedsalesamt = 0; $parm->astr_request->search->fromaccumulatedbonus = 0; $parm->astr_request->search->toaccumulatedbonus = 0; $parm->astr_request->search->activitycount = 0; $parm->astr_request->search->salesamount = 0; $client = new SoapClient('http://221.133.247.163/VIP_NWBJ_EC/nwvip_ec.asmx?WSDL', array('trace' => 1, 'exceptions' => 0)); $result = $client->GetNwVipMaster($parm); $list = object_to_array($result); $list = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']; if (empty($list)) { $this->error("卡号错误"); } $telephone = $list['telephone']; $stoser = $list['issuestorecode']; $str = strrand(); session("messageretu", $str); send_message($telephone, $str . iconv('UTF-8', 'GBK', "(新世界会员网站找回密码验证码,泄漏有风险)"), $stoser); $p = substr($telephone, 0, 3) . "*****" . substr($telephone, 8, 3); $this->success('已发送:' . $p); } $this->display(); }
function newpassword($len = 6) { $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; return strrand($charset, $len); }
public function index() { if (IS_POST) { $vipcode = trim($_POST['vipcode']); $v_password = trim($_POST['password']); if (empty($vipcode)) { $this->error("请填写卡号"); } if (empty($v_password)) { $this->error("请填写密码"); } $parm = new StdClass(); $parm->astr_request = new StdClass(); $parm->astr_request->header = new StdClass(); $parm->astr_request->header->username = "******"; $parm->astr_request->header->password = "******"; $parm->astr_request->header->pagerecords = 20; //每页显示多少条信息 $parm->astr_request->header->pageno = 1; //当前第几页 $parm->astr_request->header->updatecount = 1; $parm->astr_request->search->vipcode = $vipcode; $parm->astr_request->search->fromage = 0; $parm->astr_request->search->toage = 0; $parm->astr_request->search->frombirthdaymm = 0; $parm->astr_request->search->tobirthdaymm = 0; $parm->astr_request->search->frombirthdaydd = 0; $parm->astr_request->search->tobirthdaydd = 0; $parm->astr_request->search->fromcurrentbonus = 0; $parm->astr_request->search->tocurrentbonus = 0; $parm->astr_request->search->fromaccumulatedsalesamt = 0; $parm->astr_request->search->toaccumulatedsalesamt = 0; $parm->astr_request->search->fromaccumulatedbonus = 0; $parm->astr_request->search->toaccumulatedbonus = 0; $parm->astr_request->search->activitycount = 0; $parm->astr_request->search->salesamount = 0; $client = new SoapClient('http://221.133.247.163/VIP_NWBJ_EC/nwvip_ec.asmx?WSDL', array('trace' => 1, 'exceptions' => 0)); $result = $client->GetNwVipMaster($parm); $list = object_to_array($result); if (empty($list['getnwvipmasterResult']['vipmasters'])) { $this->error("卡号错误"); } $str = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['password']; /**判断会员卡号是否存在密码 * */ if (!empty($list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['password'])) { $password = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['password']; } else { /** * 如果密码是空值 那么密码为当前身份证后6位 * */ $vipid = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['vipid']; $password = substr(trim($vipid), -6, 6); } if ($password == $v_password) { //发送短信 $telephone = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['telephone']; $stoser = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['issuestorecode']; $str = strrand(); session("wapmessagekey", $str); send_message($telephone, $str . iconv('UTF-8', 'GBK', "(新世界会员手机网站登录验证码,泄漏有风险)"), $stoser); $this->success("OK"); } else { $this->error("密码错误"); } } $this->display(); }