function new_resume() { //创建个人简历后台处理 user_session('job/index'); //检测是否已经登录 $data['user_id'] = user_id(); $data['phone'] = I('param.phone'); $data['name'] = I('param.name'); $data['age'] = I('param.age'); $data['degree'] = I('param.degree'); $data['email'] = I('param.email'); $data['about'] = I('param.about'); $data['sex'] = I('param.sex'); $data['position_id'] = I('param.position_id'); $res_create_resume = M('resume', 'yijiayi.')->data($data)->add(); if ($res_create_resume != '') { $res_date['msg'] = 'ok'; $res_date['re_id'] = $res_create_resume; } else { $res_date['msg'] = 'false'; } $this->ajaxReturn($res_date); }
/** * Testing for setup * @global array $profile */ function test_mode() { global $profile, $p, $g; if ($profile['allow_test'] != true) { error_403(); } @ini_set('max_execution_time', 180); $test_expire = time() + 120; $test_ss_enc = 'W7hvmld2yEYdDb0fHfSkKhQX+PM='; $test_ss = base64_decode($test_ss_enc); $test_token = "alpha:bravo\ncharlie:delta\necho:foxtrot"; $test_server_private = '11263846781670293092494395517924811173145217135753406847875706165886322533899689335716152496005807017390233667003995430954419468996805220211293016296351031812246187748601293733816011832462964410766956326501185504714561648498549481477143603650090931135412673422192550825523386522507656442905243832471167330268'; $test_client_public = base64_decode('AL63zqI5a5p8HdXZF5hFu8p+P9GOb816HcHuvNOhqrgkKdA3fO4XEzmldlb37nv3+xqMBgWj6gxT7vfuFerEZLBvuWyVvR7IOGZmx0BAByoq3fxYd3Fpe2Coxngs015vK37otmH8e83YyyGo5Qua/NAf13yz1PVuJ5Ctk7E+YdVc'); $res = array(); // bcmath $res['bcmath'] = extension_loaded('bcmath') ? 'pass' : 'warn - not loaded'; // gmp if ($profile['allow_gmp']) { $res['gmp'] = extension_loaded('gmp') ? 'pass' : 'warn - not loaded'; } else { $res['gmp'] = 'pass - n/a'; } // get_temp_dir $res['logfile'] = is_writable($profile['logfile']) ? 'pass' : "warn - log is not writable"; // session & new_assoc user_session(); list($test_assoc, $test_new_ss) = new_assoc($test_expire); $res['session'] = $test_assoc != session_id() ? 'pass' : 'fail'; // secret @session_unregister('shared_secret'); list($check, $check2) = secret($test_assoc); $res['secret'] = $check == $test_new_ss ? 'pass' : 'fail'; // expire $res['expire'] = $check2 <= $test_expire ? 'pass' : 'fail'; // base64 $res['base64'] = base64_encode($test_ss) == $test_ss_enc ? 'pass' : 'fail'; // hmac $test_sig = base64_decode('/VXgHvZAOdoz/OTa5+XJXzSGhjs='); $check = hmac($test_ss, $test_token); $res['hmac'] = $check == $test_sig ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); if ($profile['use_bigmath']) { // bigmath powmod $test_server_public = '102773334773637418574009974502372885384288396853657336911033649141556441102566075470916498748591002884433213640712303846640842555822818660704173387461364443541327856226098159843042567251113889701110175072389560896826887426539315893475252988846151505416694218615764823146765717947374855806613410142231092856731'; $check = bmpowmod($g, $test_server_private, $p); $res['bmpowmod-1'] = $check == $test_server_public ? 'pass' : sprintf("fail - '%s'", $check); // long $test_client_long = '133926731803116519408547886573524294471756220428015419404483437186057383311250738749035616354107518232016420809434801736658109316293127101479053449990587221774635063166689561125137927607200322073086097478667514042144489248048756916881344442393090205172004842481037581607299263456852036730858519133859409417564'; $res['long'] = long($test_client_public) == $test_client_long ? 'pass' : 'fail'; // bigmath powmod 2 $test_client_share = '19333275433742428703546496981182797556056709274486796259858099992516081822015362253491867310832140733686713353304595602619444380387600756677924791671971324290032515367930532292542300647858206600215875069588627551090223949962823532134061941805446571307168890255137575975911397744471376862555181588554632928402'; $check = bmpowmod($test_client_long, $test_server_private, $p); $res['bmpowmod-2'] = $check == $test_client_share ? 'pass' : sprintf("fail - '%s'", $check); // bin $test_client_mac_s1 = base64_decode('G4gQQkYM6QmAzhKbVKSBahFesPL0nL3F2MREVwEtnVRRYI0ifl9zmPklwTcvURt3QTiGBd+9Dn3ESLk5qka6IO5xnILcIoBT8nnGVPiOZvTygfuzKp4tQ2mXuIATJoa7oXRGmBWtlSdFapH5Zt6NJj4B83XF/jzZiRwdYuK4HJI='); $check = bin($test_client_share); $res['bin'] = $check == $test_client_mac_s1 ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); } else { $res['bigmath'] = 'fail - big math functions are not available.'; } // sha1_20 $test_client_mac_s1 = base64_decode('G4gQQkYM6QmAzhKbVKSBahFesPL0nL3F2MREVwEtnVRRYI0ifl9zmPklwTcvURt3QTiGBd+9Dn3ESLk5qka6IO5xnILcIoBT8nnGVPiOZvTygfuzKp4tQ2mXuIATJoa7oXRGmBWtlSdFapH5Zt6NJj4B83XF/jzZiRwdYuK4HJI='); $test_client_mac_s2 = base64_decode('0Mb2t9d/HvAZyuhbARJPYdx3+v4='); $check = sha1_20($test_client_mac_s1); $res['sha1_20'] = $check == $test_client_mac_s2 ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); // x_or $test_client_mac_s3 = base64_decode('i36ZLYAJ1rYEx1VEHObrS8hgAg0='); $check = x_or($test_client_mac_s2, $test_ss); $res['x_or'] = $check == $test_client_mac_s3 ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); $out = "<table border=1 cellpadding=4>\n"; foreach ($res as $test => $stat) { $code = substr($stat, 0, 4); $color = $code == 'pass' ? '#9f9' : ($code == 'warn' ? '#ff9' : '#f99'); $out .= sprintf("<tr><th>%s</th><td style='background:%s'>%s</td></tr>\n", $test, $color, $stat); } $out .= "</table>"; wrap_html($out); }
<?php session_start(); # start session include_once './stuff/inc/mn-definitions.php'; if (defined('DEBUG') && DEBUG == true || isset($_GET['debug'])) { error_reporting(E_ALL); } else { error_reporting(0); } header('pragma: no-cache'); header('cache-control: no-cache'); header('expires: ' . gmdate('D, d m Y H:i:s') . ' GMT'); iconv_set_encoding('internal_encoding', 'UTF-8'); define('IN_MNews', true); define('MN_ROOT', './'); @(include_once './data/databases/config.php'); include_once './stuff/inc/mn-functions.php'; $lng = select_lang(); include_once './stuff/lang/lang_' . $lng . '.php'; if (file_exists($file['banned_ips'])) { include_once $file['banned_ips']; } else { $banned_ips = array(); } check_install(); # check install user_session(); # check user logged time ##### Boom De Ah Dah! Boom De Ah Dah! ############################################################ ##### http://youtu.be/at_f98qOGY0 ################################################################
function userlogin($lightmode = false) { global $SITE_ONLINE, $default_language, $tracker_lang, $use_lang, $use_ipbans, $_COOKIE_SALT; unset($GLOBALS["CURUSER"]); if ($_COOKIE_SALT == 'default' && $_SERVER['SERVER_ADDR'] != '127.0.0.1' && $_SERVER['SERVER_ADDR'] != $_SERVER['REMOTE_ADDR']) { die('Скрипт заблокирован! Измените значение переменной $_COOKIE_SALT в файле include/config.local.php на случайное'); } if (empty($_COOKIE_SALT) || !isset($_COOKIE_SALT)) { die('Идите и учите <a href="http://www.php.net">PHP</a>... Сказано было ИЗМЕНИТЬ значение, а не удалить переменную!'); } $ip = getip(); $nip = ip2long($ip); if ($use_ipbans && !$lightmode) { $res = sql_query("SELECT * FROM bans WHERE {$nip} >= first AND {$nip} <= last") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) > 0) { $comment = mysql_fetch_assoc($res); $comment = $comment["comment"]; header("HTTP/1.0 403 Forbidden"); print "<html><body><h1>403 Forbidden</h1>Unauthorized IP address.</body></html>\n"; die; } } $c_uid = $_COOKIE[COOKIE_UID]; $c_pass = $_COOKIE[COOKIE_PASSHASH]; if (!$SITE_ONLINE || empty($c_uid) || empty($c_pass)) { if ($use_lang) { include_once 'languages/lang_' . $default_language . '/lang_main.php'; } user_session(); return; } $id = intval($c_uid); if (!$id || strlen($c_pass) != 32) { die("Cokie ID invalid or cookie pass hash problem."); /*if ($use_lang) include_once('languages/lang_' . $default_language . '/lang_main.php'); user_session(); return;*/ } $res = sql_query("SELECT * FROM users WHERE id = {$id}"); // or die(mysql_error()); $row = mysql_fetch_array($res); if (!$row) { if ($use_lang) { include_once 'languages/lang_' . $default_language . '/lang_main.php'; } user_session(); return; } $subnet = explode('.', getip()); $subnet[2] = $subnet[3] = 0; $subnet = implode('.', $subnet); // 255.255.0.0 if ($c_pass !== md5($row["passhash"] . COOKIE_SALT . $subnet)) { if ($use_lang) { include_once 'languages/lang_' . $default_language . '/lang_main.php'; } user_session(); return; } $updateset = array(); if ($ip != $row['ip']) { $updateset[] = 'ip = ' . sqlesc($ip); $row['ip'] = $ip; } $updateset[] = 'last_access = ' . sqlesc(get_date_time()); if (count($updateset)) { sql_query('UPDATE users SET ' . implode(', ', $updateset) . ' WHERE id = ' . $row['id']) or sqlerr(__FILE__, __LINE__); } if ($row['override_class'] < $row['class']) { $row['class'] = $row['override_class']; } // Override class and save in GLOBAL array below. $GLOBALS["CURUSER"] = $row; if ($use_lang) { include_once 'languages/lang_' . $row['language'] . '/lang_main.php'; } if ($row['enabled'] == 'no') { $GLOBALS['use_blocks'] = 0; list($reason, $disuntil) = mysql_fetch_row(sql_query('SELECT reason, disuntil FROM users_ban WHERE userid = ' . $row['id'])); stderr($tracker_lang['error'], 'Вы забанены на трекере.' . ($disuntil != '0000-00-00 00:00:00' ? '<br />Дата снятия бана: ' . $disuntil : '<br />Дата снятия бана: никогда') . '<br />Причина: ' . $reason); } if (!$lightmode) { user_session(); } }