Exemple #1
0
 function synlogout($get, $post)
 {
     global $_SGLOBAL;
     if (!API_SYNLOGOUT) {
         return API_RETURN_FORBIDDEN;
     }
     //note 同步登出 API 接口
     obclean();
     header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
     clearcookie();
 }
Exemple #2
0
function checkauth()
{
    global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;
    if ($_SGLOBAL['mobile'] && $_GET['m_auth']) {
        $_SCOOKIE['auth'] = $_GET['m_auth'];
    }
    if ($_SCOOKIE['auth']) {
        @(list($password, $uid) = explode("\t", authcode($_SCOOKIE['auth'], 'DECODE')));
        $_SGLOBAL['supe_uid'] = intval($uid);
        if ($password && $_SGLOBAL['supe_uid']) {
            $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('session') . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
            if ($member = $_SGLOBAL['db']->fetch_array($query)) {
                if ($member['password'] == $password) {
                    $_SGLOBAL['supe_username'] = addslashes($member['username']);
                    $_SGLOBAL['session'] = $member;
                } else {
                    $_SGLOBAL['supe_uid'] = 0;
                }
            } else {
                $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('member') . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
                if ($member = $_SGLOBAL['db']->fetch_array($query)) {
                    if ($member['password'] == $password) {
                        $_SGLOBAL['supe_username'] = addslashes($member['username']);
                        $session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);
                        include_once S_ROOT . './source/function_space.php';
                        insertsession($session);
                        //登录
                    } else {
                        $_SGLOBAL['supe_uid'] = 0;
                    }
                } else {
                    $_SGLOBAL['supe_uid'] = 0;
                }
            }
        }
    }
    if (empty($_SGLOBAL['supe_uid'])) {
        clearcookie();
    } else {
        $_SGLOBAL['username'] = $member['username'];
    }
}
Exemple #3
0
function checkauth()
{
    global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;
    if ($_COOKIE['auth']) {
        @(list($password, $uid) = explode(" ", authcode($_COOKIE['auth'], 'DECODE')));
        $_SGLOBAL['supe_uid'] = intval($uid);
        if ($password && $_SGLOBAL['supe_uid']) {
            $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("open_session") . " WHERE uid=" . $_SGLOBAL['supe_uid']);
            if ($session = $_SGLOBAL['db']->fetch_array($query)) {
                if ($session['password'] == $password) {
                    $_SGLOBAL['supe_username'] = addslashes($session['username']);
                    insertsession($session);
                    //更新session
                } else {
                    $_SGLOBAL['supe_uid'] = 0;
                }
            } else {
                $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("open_member") . " WHERE uid=" . $_SGLOBAL['supe_uid']);
                if ($member = $_SGLOBAL['db']->fetch_array($query)) {
                    if ($member['password'] == $password) {
                        $_SGLOBAL['supe_username'] = addslashes($member['username']);
                        $session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);
                        insertsession($session);
                        //登录
                    } else {
                        $_SGLOBAL['supe_uid'] = 0;
                    }
                } else {
                    $_SGLOBAL['supe_uid'] = 0;
                }
            }
        }
    }
    if (empty($_SGLOBAL['supe_uid'])) {
        clearcookie();
    }
    return $_SGLOBAL['supe_uid'];
}
Exemple #4
0
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
if (submitcheck('pwdsubmit')) {
    if ($_POST['newpasswd1'] != $_POST['newpasswd2']) {
        capi_showmessage_by_data('password_inconsistency');
    }
    if ($_POST['newpasswd1'] != addslashes($_POST['newpasswd1'])) {
        capi_showmessage_by_data('profile_passwd_illegal');
    }
    @(include_once S_ROOT . './uc_client/client.php');
    $ucresult = uc_user_edit($_SGLOBAL['supe_username'], $_POST['password'], $_POST['newpasswd1'], $space['email']);
    if ($ucresult == -1) {
        capi_showmessage_by_data('old_password_invalid');
    } elseif ($ucresult == -4) {
        capi_showmessage_by_data('email_format_is_wrong');
    } elseif ($ucresult == -5) {
        capi_showmessage_by_data('email_not_registered');
    } elseif ($ucresult == -6) {
        capi_showmessage_by_data('email_has_been_registered');
    } elseif ($ucresult == -7) {
        capi_showmessage_by_data('no_change');
    } elseif ($ucresult == -8) {
        capi_showmessage_by_data('protection_of_users');
    }
    clearcookie();
    capi_showmessage_by_data('getpasswd_succeed', 0);
}
//$actives = array('profile' => ' class="active"');
//include_once template("cp_password");
capi_showmessage_by_data('non_normal_operation');
function checkauth()
{
    global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;
    /* 不采用uchome的cookie来检查登陆状态,统一采用eycp这个cookie同步登陆通行证,注释掉下边这段 防止出现第三方网站删除了eycp后这里不能同步登出
    	if($_SGLOBAL['mobile'] && $_GET['m_auth']) $_SCOOKIE['auth'] = $_GET['m_auth'];
     		if($_SCOOKIE['auth']) {
    		@list($password, $uid) = explode("\t", authcode($_SCOOKIE['auth'], 'DECODE'));
    		$_SGLOBAL['supe_uid'] = intval($uid);
    		if($password && $_SGLOBAL['supe_uid']) {
    			$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('session')." WHERE uid='$_SGLOBAL[supe_uid]'");
    			if($member = $_SGLOBAL['db']->fetch_array($query)) {
    				if($member['password'] == $password) {
    					$_SGLOBAL['supe_username'] = addslashes($member['username']);
    					$_SGLOBAL['session'] = $member;
    				} else {
    					$_SGLOBAL['supe_uid'] = 0;
    				}
    			} else {
    				$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('member')." WHERE uid='$_SGLOBAL[supe_uid]'");
    				if($member = $_SGLOBAL['db']->fetch_array($query)) {
    					if($member['password'] == $password) {
    						$_SGLOBAL['supe_username'] = addslashes($member['username']);
    						$session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);
    						include_once(S_ROOT.'./source/function_space.php');
    						insertsession($session);//登录
    					} else {
    						$_SGLOBAL['supe_uid'] = 0;
    					}
    				} else {
    					$_SGLOBAL['supe_uid'] = 0;
    				}
    			}
    		}
    	} 
     	不采用uchome的cookie来检查登陆状态,统一采用eycp这个cookie同步登陆通行证,注释掉上边这段 */
    if ($_COOKIE['eycp']) {
        login_from_ey_cookie_passport();
    }
    if (empty($_SGLOBAL['supe_uid'])) {
        clearcookie();
    } else {
        $_SGLOBAL['username'] = $member['username'];
    }
}