if (strcmp($msgSignature, md5($aeskey . $timestamp)) != 0) { Env::iExit('access denied'); } if (!empty($echoStr)) { WxApi::getInstance()->resetCorp(); Env::iExit($echoStr); } // 接收信息处理 $result = trim(file_get_contents("php://input"), " \t\n\r"); // 解析 if (!empty($result)) { $msg = json_decode($result, true); if (!empty($msg)) { $uid = UserBinding::model()->fetchUidByValue($msg['properties']['userId'], 'wxqy'); if ($uid) { dologin($uid); $factory = new Factory(); $res = $factory->createHandle($msg['class'], $msg['properties'])->handle(); } else { $res = resByText($userId, $corpId, $newTime, '您的账号尚未绑定,无法进行任何操作'); } Env::iExit($res); } else { Env::iExit(''); } } /** * 以文本格式回复 * @param string $userId * @param string $corpId * @param integer $newTime
//////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// echo '<html> <head> <title>Github repositories list</title> <style> table{border-spacing: 0;border-collapse:collapse; } td{border:1px solid #333333;vertical-align:top;width: 100%;} pre{max-height: 150px; overflow:auto;} </style> </head> <body> <a href="index.php">Home</a><br />'; switch ($_POST['action']) { case 'dologin': dologin($_POST['user'], $_POST['pass']); break; case 'searchclear': searchclear($_POST); break; default: break; } switch ($_GET['action']) { case 'userlist': echo user_list($_GET, $_POST); break; case 'searchlist': echo search_list($_GET); break; case 'searchclear':
} $err = isset($_GET['error']) ? $_GET['error'] : NULL; $lang_login = lang_login(); $output .= '<div class="top">'; if (1 == $err) { $output .= '<h1><font class="error">' . $lang_login['bad_pass_user'] . '</font></h1>'; } elseif (2 == $err) { $output .= '<h1><font class="error">' . $lang_login['missing_pass_user'] . '</font></h1>'; } elseif (3 == $err) { $output .= '<h1><font class="error">' . $lang_login['banned_acc'] . '</font></h1>'; } elseif (5 == $err) { $output .= '<h1><font class="error">' . $lang_login['no_permision'] . '</font></h1>'; } elseif (6 == $err) { $output .= '<h1><font class="error">' . $lang_login['after_registration'] . '</font></h1>'; } elseif (7 == $err) { $output .= '<h1><font class="error">' . $lang_login['verify_required'] . '</font></h1>'; } else { $output .= '<h1>' . $lang_login['enter_valid_logon'] . '</h1>'; } unset($err); $output .= '</div>'; $action = isset($_GET['action']) ? $_GET['action'] : NULL; if ('dologin' === $action) { dologin($sqlr); } else { login($sqlr); } unset($action); unset($action_permission); unset($lang_login); require_once 'footer.php';
<?php // if (!session_id()) { session_start(); // $sess = md5($_POST['user'] . rand(0, 999999)); // session_id($sess); // }; // really crap security check before we get the login/authentication going //if($_SERVER['REMOTE_ADDR']!="66.46.53.2") { // if($_SERVER['REMOTE_ADDR']!="192.168.56.134") { include "admfuncs.inc"; if ($_POST['act'] == "login") { $logres = checklogin($_POST['username'], $_POST['password']); // printf("login res is: %s", $logres); if (is_numeric($logres)) { dologin($logres); } else { print "<font color=\"#FF0000\">Login failure.</font>"; } } if ($_REQUEST['act'] == "logout") { dologout(); } // debug_array($_SESSION); // print session_id(); if (!is_logged_in()) { include "login.inc"; } else { include "header.inc"; include "content.inc"; include "footer.inc";
$output .= ' <h1><span class="error">' . lang("login", "missing_pass_user") . '</span></h1>'; } elseif ($err == 3) { $output .= ' <h1><span class="error">' . lang("login", "banned_acc") . '</span></h1>'; } elseif ($err == 5) { $output .= ' <h1><span class="error">' . lang("login", "no_permision") . '</span></h1>'; if (isset($info)) { $output .= '<h1><span class="error">' . lang("login", "req_permision") . ': ' . $info . '</span></h1>'; } } else { $output .= ' <h1>' . lang("login", "enter_valid_logon") . '</h1>'; } unset($err); $output .= ' </div> </div>'; $action = isset($_GET["action"]) ? $_GET["action"] : NULL; if ($action == "dologin") { dologin(); } else { login(); } unset($action); $output .= ' </div><!-- bubble --> </body> </html>'; echo $output;