/** * 添加帐号 */ public function addUser($data) { if (empty($data['username'])) { $this->error = '用户名不能为空'; return false; } if (empty($data['password'])) { $this->error = '密码不能为空'; return false; } $code = $this->getUserCode(); $data['code'] = $code; $data['password'] = md5($data['password'] . $data['code']); $data['nickname'] = $data['username']; $data['domain'] = $data['username']; $data['regtime'] = time(); $data['logintime'] = time(); $data['regip'] = ip_get_client(); $data['lastip'] = ip_get_client(); $data['credits'] = C('init_credits'); //设置用户头像 if ($uid = $this->add($data)) { return true; } else { $this->error = '帐号注册失败'; return false; } }
/** * 写入SESSION * @param key $id key名称 * @param mixed $data 数据 * @return bool */ public function write($id, $data) { $ip = ip_get_client(); $sql = "REPLACE INTO " . $this->table . "(sessid,data,atime) "; $sql .= "VALUES('{$id}','{$data}'," . time() . ')'; return mysql_query($sql, $this->link); }
/** * 添加帐号 */ public function addUser() { if (empty($_POST['username'])) { $this->error = '用户名不能为空'; return false; } if (empty($_POST['password'])) { $this->error = '密码不能为空'; return false; } $code = $this->getUserCode(); $_POST['code'] = $code; $_POST['password'] = md5($_POST['password'] . $_POST['code']); $_POST['nickname'] = $_POST['username']; $_POST['regtime'] = time(); $_POST['logintime'] = time(); $_POST['regip'] = ip_get_client(); $_POST['lastip'] = ip_get_client(); $_POST['credits'] = C('init_credits'); //设置用户头像 if ($uid = $this->add()) { //空间id return M('user')->save(array('uid' => $uid, 'domain' => "hd{$uid}")); } else { $this->error = '帐号注册失败'; return false; } }
public function login() { if (IS_POST) { $data = $_POST; if ($info = K('User')->validate($data['username'], $data['password'])) { $_SESSION['gz_username'] = $info['username']; $_SESSION['gz_userid'] = $info['id']; $login = M('userLogin'); if ($login->where("uid='" . $info['id'] . "'")->one()) { $login->where("uid='" . $info['id'] . "'")->update(array('login_time' => time(), 'login_ip' => ipton(ip_get_client()))); } else { $login->add(array('uid' => $info['id'], 'login_time' => time(), 'login_ip' => ipton(ip_get_client()))); } $this->success('登录成功,正在跳转至首页...', U('Index/index/index')); if ($data['remanber']) { cookie('gezi_username', $info['username']); cookie('gezi_userid', $info['id']); } } else { $this->error('登录失败,请检查用户名和密码', U('Index/Login/login')); } return; } $this->v(); }
/** * 写入SESSION * @param key $id key名称 * @param mixed $data 数据 * @return bool */ public function write($id, $data) { $ip = ip_get_client(); $sql = "REPLACE INTO " . $this->table . "(sessid,Data,atime,ip) "; $sql .= "VALUES('{$id}','{$data}'," . NOW . ",'{$ip}')"; mysql_query($sql, $this->link); return mysql_affected_rows($this->link) ? true : false; }
public function write($id, $data) { $id = addslashes($id); $card = $this->card; //SESSION令牌 $replace_data = array("sessid" => $id, "card" => $card, "data" => $data, "atime" => time(), "ip" => ip_get_client()); $this->db->replace($replace_data); }
/** * 用户登录处理 * @access public */ public function Login() { if (intval(Q('session.admin'))) { go(__APP__); exit; } if (IS_POST) { $Model = K("User"); $code = Q('post.code', null, 'strtoupper'); $username = Q('username'); $password = Q('post.password', null, ''); if (empty($code) || $code != $_SESSION['code']) { $this->error = '验证码错误'; $this->display(); exit; } if (empty($username)) { $this->error = '帐号不能为空'; $this->display(); exit; } if (empty($password)) { $this->error = '密码不能为空'; $this->display(); exit; } $user = $Model->where(array('username' => $username))->find(); if (!$user) { $this->error = "帐号不存在"; $this->display(); exit; } if ($user['password'] !== md5($password . $user['code'])) { $this->error('密码输入错误'); $this->display(); } setcookie('login', 1, 0, '/'); unset($user['password']); unset($user['code']); //是否为超级管理员 $_SESSION['WEB_MASTER'] = strtolower(C("WEB_MASTER")) == strtolower($user['username']); $_SESSION = array_merge($_SESSION, $user); if (empty($user['icon'])) { $_SESSION['icon'] = __ROOT__ . '/data/image/user/250.png'; } else { $_SESSION['icon'] = __ROOT__ . '/' . $user['icon']; } $_SESSION['icon250'] = $_SESSION['icon']; $_SESSION['icon150'] = str_replace(250, 150, $_SESSION['icon250']); $_SESSION['icon100'] = str_replace(250, 100, $_SESSION['icon250']); $_SESSION['icon50'] = str_replace(250, 50, $_SESSION['icon250']); $Model->save(array('uid' => $user['uid'], 'logintime' => time(), 'lastip' => ip_get_client())); go(__APP__); } else { $this->display(); } }
public function Login() { if (IS_POST) { $Model = K("User"); if (Q('post.code', '', 'strtoupper') != session('code')) { $this->error = '验证码错误'; $this->display(); exit; } if (empty($_POST['username'])) { $this->error = '帐号不能为空'; $this->display(); exit; } if (empty($_POST['password'])) { $this->error = '密码不能为空'; $this->display(); exit; } $user = $Model->where(array('username' => $_POST['username']))->find(); if (!$user) { $this->error = "帐号不存在"; $this->display(); exit; } if ($user['password'] !== md5($_POST['password'] . $user['code'])) { $this->error('密码输入错误'); $this->display(); } unset($user['password']); unset($user['code']); //删除验证码 session('code', null); //是否为站长 $user['web_master'] = strtolower($user['username']) == strtolower(C('WEB_MASTER')); //头像设置 if (empty($user['icon'])) { $user['icon'] = __APP__ . '/Static/image/user.png'; } else { $user['icon'] = __ROOT__ . '/' . $user['icon']; } $_SESSION['user'] = $user; $Model->save(array('uid' => $user['uid'], 'logintime' => time(), 'lastip' => ip_get_client())); go("Index/index"); } else { $this->display(); } }
public function login() { if (IS_POST) { $admin = K('AdminUser'); $userInfo = $admin->validate($_POST['admin_username'], $_POST['admin_pwd']); if ($userInfo) { $_SESSION['uid'] = $userInfo['id']; $_SESSION['uname'] = $userInfo['admin_username']; $data = array('admin_logintime' => time(), 'admin_loginip' => ipton(ip_get_client())); // p($userInfo); $admin->update_admin('id=' . $userInfo['id'], $data); Rbac::login($userInfo['admin_username'], $userInfo['admin_pwd']); // p($_SESSION);die; $this->success('登录成功', __APP__ . '?c=Index'); } else { $this->error('登录失败,请检查您的用户名和密码'); } } }
/** * 添加帐号 */ public function addUser() { if ($this->create()) { $code = $this->getUserCode(); $this->data['code'] = $code; $this->data['password'] = md5($this->data['password'] . $code); $this->data['nickname'] = $this->data['username']; $this->data['regtime'] = time(); $this->data['logintime'] = time(); $this->data['regip'] = ip_get_client(); $this->data['lastip'] = ip_get_client(); $this->data['credits'] = C('init_credits'); //设置用户头像 if ($uid = $this->add()) { return true; } else { $this->error = '添加失败'; return false; } } }
public function addComment() { if (!isset($_SESSION['user'])) { $this->error('登陆用户才可发表评论。'); } //----------完善数据 $_POST['userid'] = $_SESSION['user']['uid']; $_POST['username'] = $_SESSION['user']['username']; $_POST['comment_status'] = 1; $_POST['create_time'] = time(); $_POST['ip'] = ip_get_client(); $_POST['content'] = Q('post.content'); if (empty($_POST['content'])) { $this->error('评论内容不能为空'); } //-----------回复处理 if ($comment_id = Q('get.comment_id', 0, 'intval')) { $data = $this->db->find($comment_id); if ($data['reply']) { //回复另一个回复 $_POST['content'] = '<div class="comment-content">' . $data['content'] . '</div>' . $_POST['content']; $replace = '<span class="comment-info">' . $data['username'] . ' 于 ' . date('Y-m-d H:i:s', $data['create_time']) . '发布</span>'; $_POST['content'] = str_replace('<span></span>', $replace, $_POST['content']); } else { //回复评论 $_POST['content'] = '<div class="comment-content"><span class="comment-info">' . $data['username'] . ' 于 ' . date('Y-m-d H:i:s', $data['create_time']) . '发布</span>' . $data['content'] . '</div><span></span>' . $_POST['content']; } $_POST['reply'] = 1; } if ($this->db->create()) { if ($this->db->add()) { $this->success('发表成功'); } else { $this->error($this->db->error); } } else { $this->error($this->db->error); } }
private function _clear_login_attempts() { if (C('AUTH_COUNT_LOGIN_ATTEMPTS')) { $this->auth_model->clear_attempts(ip_get_client()); } }
/** * 更改登录信息 */ public function log() { $data = array('uid' => $_SERVER['user']['uid'], 'logintime' => time(), 'lastip' => ip_get_client()); return $this->save($data); }
/** * 写入SESSION * @param key $id key名称 * @param mixed $data 数据 * @return bool */ public function write($id, $data) { // $sql = sprintf("REPLACE INTO `".$this->table."` VALUES('%s', '%s', '%s','%s')", // mysql_real_escape_string($id), // mysql_real_escape_string($data), // mysql_real_escape_string(time()), // mysql_real_escape_string(ip_get_client()) // ); // // return mysql_query($sql, $this->link); $ip = ip_get_client(); $sql = "REPLACE INTO " . $this->table . "(sessid,data,atime,ip) "; $sql .= "VALUES('{$id}','{$data}'," . time() . ",'{$ip}')"; return mysql_query($sql, $this->link); }
/** * 添加帐号 */ public function addUser() { if ($this->create()) { $map['username'] = array('EQ', $this->data['username']); if (M('user')->where($map)->find()) { $this->error = '用户名已存在'; return false; } $code = $this->getUserCode(); $this->data['code'] = $code; $this->data['password'] = md5($this->data['password'] . $this->data['code']); $this->data['nickname'] = $this->data['username']; $this->data['regtime'] = time(); $this->data['logintime'] = time(); $this->data['regip'] = ip_get_client(); $this->data['lastip'] = ip_get_client(); if ($this->add()) { return true; } else { $this->error = '添加失败'; return false; } } }
function create_user($data) { $data['created'] = time(); $data['last_login'] = time(); $data['last_ip'] = ip_get_client(); $id = $this->user->insert($data); if ($id) { $this->user_role->insert(array('uid' => $id, 'rid' => $data['rid'])); return $id; } return FALSE; }
public function userLogin() { if (!($username = Q('post.username'))) { $this->error = '帐号不能为空'; return false; } if (!($password = Q('post.password'))) { $this->error = '密码不能为空'; return false; } if (!($user = M("user")->join("__user__ u JOIN __role__ r ON u.rid=r.rid")->find("username='******'"))) { $this->error = '帐号不存在'; return false; } if (md5($password . $user['code']) != $user['password']) { $this->error = '密码错误'; return false; } /** * 修改登录IP */ $data['uid'] = $user['uid']; $data['lastip'] = ip_get_client(); M('user')->save($data); unset($user['password']); unset($user['code']); //头像 if (empty($user['icon']) || !is_file($user['icon'])) { $user['icon'] = __STATIC__ . '/image/user.png'; } else { $user['icon'] = __ROOT__ . '/' . $user['icon']; } $user['web_master'] = strtolower($user['username']) == strtolower(C('WEB_MASTER')); $_SESSION['user'] = $user; return true; }
public function ajax_login() { if (IS_AJAX) { $Model = K("User"); $username = Q("post.username", NULL, 'htmlspecialchars,strip_tags,addslashes'); $password = Q('post.password', '', ''); if (empty($username) || empty($password)) { $this->error('用户名与密码不能为空'); } $user = $Model->where(array('username' => $username))->find(); if (!$user) { $this->error('帐号不存在'); } if ($user['password'] !== md5($password . $user['code'])) { $this->error('密码输入错误'); } //是否锁定(限制时间) if (time() < $user['lock_end_time']) { $_SESSION['lock'] = true; } //验证IP是否锁定 if (M('user_deny_ip')->where("ip='{$user['lastip']}'")->find()) { $_SESSION['lock'] = true; } setcookie('login', 1, 0, '/'); unset($user['password']); unset($user['code']); //是否为超级管理员 $_SESSION['WEB_MASTER'] = strtolower(C("WEB_MASTER")) == strtolower($user['username']); $_SESSION = array_merge($_SESSION, $user); if (empty($user['icon'])) { $_SESSION['icon'] = __ROOT__ . '/data/image/user/250.png'; } else { $_SESSION['icon'] = __ROOT__ . '/' . $user['icon']; } $_SESSION['icon250'] = $_SESSION['icon']; $_SESSION['icon150'] = str_replace(250, 100, $_SESSION['icon250']); $_SESSION['icon100'] = str_replace(250, 100, $_SESSION['icon250']); $_SESSION['icon50'] = str_replace(250, 50, $_SESSION['icon250']); //---------------------修改登录IP与时间 $Model->save(array("uid" => $_SESSION['uid'], "logintime" => time(), "lastip" => ip_get_client())); $this->modifyMemberRole(); $this->success('登录成功'); } }
//安装测试数据 if ($config['INSERT_TEST_DATA']) { foreach (glob("testData/*") as $f) { if (preg_match('@\\d+.php@', $f)) { require $f; $table = preg_replace('@(hd_|_bk_\\d+\\.php)@', "", basename($f)); return_msg("{$table}数据插入完毕..."); } } } //密码加密key $code = substr(md5(mt_rand() . time()), 0, 10); $db->exe("UPDATE {$db_prefix}config SET value='{$config['WEB_NAME']}' WHERE name='WEBNAME'"); $db->exe("UPDATE {$db_prefix}config SET value='{$config['EMAIL']}' WHERE name='EMAIL'"); $time = time(); $ip = ip_get_client(); $db->exe("REPLACE INTO {$db_prefix}user SET uid=1,rid=1,username='******'ADMIN']}',domain='{$config['ADMIN']}',\n nickname='{$config['ADMIN']}',email='{$config['EMAIL']}',regtime={$time},logintime={$time},regip='{$ip}',lastip='{$ip}',\n code='{$code}',password='******'PASSWORD'] . $code) . "'"); unset($config['WEB_NAME']); unset($config['EMAIL']); unset($config['ADMIN']); unset($config['PASSWORD']); unset($config['INSERT_TEST_DATA']); //修改配置文件 file_put_contents("../data/config/db.inc.php", "<?php if (!defined('HDPHP_PATH'))exit('No direct script access allowed');\nreturn " . var_export($config, true) . ";\n?>"); return_msg("创建完毕!<script>setTimeout(function(){parent.location.href='?step=7'},0);</script>"); break; } function create_install_config() { $VERSION = VERSION; $INSERT_TEST_DATA = isset($_POST['INSERT_TEST_DATA']) ? 1 : 0;
/** * 注册用户 */ function register() { if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['register'])) { if (!isset($_POST['agree']) || $_POST['agree'] != 1) { $this->error('注册失败,你没有同意注册协议!'); } $_POST['rid'] = 4; //普通用户 if ($_POST['id'] == 'company') { $_POST['rid'] = 3; //企业用户 } $data = array('username' => $_POST['name'], 'password' => $_POST['pwd'], 're-password' => $_POST['re-pwd'], 'rid' => $_POST['rid'], 'email' => $_POST['email']); if (isset($_POST['code'])) { $data['validata-code'] = $_POST['code']; } $code = isset($_SESSION['code']) ? $_SESSION['code'] : ''; $this->user->user_model->validate = array(array("username", "user:5,19", "用户名格式错误 ", 2), array("password", "length:5,21", "密码长度为6-20 ", 2), array("re-password", "confirm:pwd", "两次密码不一致 ", 2), array("email", "email", "Email格式错误 ", 2), array("validata-code", "eq:{$code}", "验证码错误", 1)); if (!$this->user->user_model->validate($data)) { $this->error($this->user->user_model->error); } if ($this->user->userExist($_POST['name'])) { $this->error('用户名已经存在!'); } if ($this->user->emailExist($_POST['email'])) { $this->error('Email已经存在!'); } $data['created'] = time(); $data['last_ip'] = ip_get_client(); if ($this->auth->register($data)) { //注册成功 if (C('AUTH_EMAIL_ACTIVATE')) { //如果开启了使用EMAIL验证注册。 $this->success('恭喜你,注册成功。请检查您的电子邮件来激活您的帐户。', __WEB__, 5); } $this->success('恭喜你注册成功,即将跳转到登录页面。<a href="' . __WEB__ . '/login">马上登录</a>', __WEB__ . '/login'); } else { $this->error('注册失败!请仔细检查你的注册资料。还未能解决?<a href="' . __WEB__ . '/index/index/feedback/type/4">提交反馈</a>'); } } else { if (!$this->auth->is_logged_in() && C('ALLOW_REGISTER')) { $show_captcha = C('AUTH_REG_CODE'); $get_type = empty($_GET['type']) ? 'user' : $_GET['type']; $type = $this->getRegType($get_type); $this->assign('type', $type); $this->assign('show_captcha', $show_captcha); //如果显示验证码 $this->display(); } else { if ($this->auth->is_logged_in()) { $this->error('注册时请先注销登录,点击<a href="' . __CONTROL__ . '/logout">注销</a>', __WEB__, 5); } else { $this->error('悲剧了,网站禁止注册!', __WEB__, 10); } } } }
/** * 写入用户操作日志 * @param type $con 操作内容 * @param type $point 积分变化 * @param type $uid 用户ID */ function writeOptLog($con, $point = 0, $uid = NULL) { if (is_null($uid)) { $uid = $_SESSION['uid']; } $data = array('uid' => $uid, 'content' => $con, 'point' => $point, 'created' => time(), 'ip' => ip_get_client(), 'username' => $_SESSION['username']); $db = M('opt_log'); $db->insert($data); }