/** * 编辑管理员 **/ public function edit() { $Admin = D($this->tab); $Role = D($this->rotab); $data = $Admin->where('id=' . I('id'))->find(); if ($this->isPost()) { if (!I('password')) { unset($_POST['password']); unset($_POST['password2']); } else { $_POST['sign'] = $sign = randCode(5); if (I('password') != I('password2')) { $this->error('两次密码不一致'); } $_POST['password'] = md5(I('password') . $sign); $_POST['password2'] = md5(I('password2') . $sign); } //添加用户 if (!$Admin->create()) { $this->error($Admin->getError()); } else { $lastid = $Admin->where('id=' . I('id'))->save(); if ($lastid > 0) { $this->success('系统用户添加成功', U('index')); } else { $this->error('系统用户添加失败'); } } } else { $list_role = $Role->where('isshow=1')->order('sort asc , id asc')->select(); $this->assign('list_role', $list_role); $this->assign('data', $data); $this->display(); } }
public function auth($datas) { $datas = $_POST; #var_dump(session("yanzhengma")); # var_dump($_SESSION['verify']); #echo "<br/>"; # var_dump($_POST['verify_code']); # exit; /*if ($_SESSION['verify'] != ($_POST['verify_code'])) { die(json_encode(array('status' => 0, 'info' => "验证码错误啦,再输入吧"))); } */ $M = M("Admin"); if ($M->where("`a_name`='" . $datas['name'] . "'")->count() >= 1) { $info = $M->where("`a_name`='" . $datas["name"] . "'")->find(); if ($info['status'] == 0) { return array('status' => 0, 'info' => "你的账号被禁用,有疑问联系管理员吧"); } if ($datas['op_type'] == 2) { $rc = randCode(5); $code = $info['aid'] . md5($rc); $url = str_replace(C("webPath"), "", C("WEB_ROOT")) . U("Public/findPwd", array("code" => $code)); $body = "请在浏览器上打开地址:<a href='{$url}'>{$url}</a> 进行密码重置操作 "; $return = send_mail($datas["name"], "", "找回密码", $body); if ($return == 1) { $info['find_code'] = $rc; $M->save($info); return array('status' => 1, 'info' => "重置密码邮件已经发往你的邮箱" . $_POST['name'] . "中,请注意查收"); } else { return array('status' => 0, 'info' => "{$return}"); } exit; } if ($info['a_pwd'] == encrypt($datas['pwd'])) { $loginMarked = C("TOKEN"); $loginMarked = md5($loginMarked['admin_marked']); $shell = $info['a_id'] . md5($info['a_pwd'] . C('AUTH_CODE')); $_SESSION[$loginMarked] = "{$shell}"; $shell .= "_" . time(); setcookie($loginMarked, "{$shell}", 0, "/"); $_SESSION['my_info'] = $info; //修改最后登录的时间和IP地址 $M->where("a_id=" . $info['a_id'])->save(array("last_login" => time(), "last_ip" => $_SERVER['REMOTE_ADDR'])); //获取管理员的角色 $role_list = M("RoleUser")->where("user_id=" . $info['a_id'])->find(); $_SESSION['my_info']['role'] = $role_list['role_id']; return array('status' => 1, 'info' => "登录成功", 'url' => U("Index/index")); } else { return array('status' => 0, 'info' => "账号或密码错误"); } } else { return array('status' => 0, 'info' => "不存在账户为:" . $datas["name"] . '的管理员账号!'); } }
/** *短信验证处理 * *Return $msg,ok为正常处理,pass为次数超出 ,having 为已经注册了,time 为时间限定条件,三分钟内不发 */ public function phonecodesend() { $phone = I('param.phone', 'null'); $code = strtolower(randCode()); //随机验证码 $condition['telephone'] = $phone; $usercheck = M('user', 'yijiayi.')->where($condition)->find(); //用户是否存在 $sessionValue = array('phone' => $phone, 'time' => time(), 'value' => $code, 'number' => '1'); //缓存数据设置 $checktruecode = session('getsession'); $codeTime = date("d", $checktruecode['time']); $nowTime = date("d", time()); /** *判定是否存在session 空,发 *判定session时间有效性 */ $tpl_value = '【一家依】您的验证码是' . $code; //发送信息的母板 if (empty($usercheck)) { if (empty($checktruecode)) { //session 为空 echo 'need to setting session'; $_SESSION['getsession'] = $sessionValue; send_sms('cf34160f4719430181a3d387f9dda3c8', $tpl_value, $phone); //发送信息 $res_code = "ok"; //操作成功标注 } else { if ($codeTime != $nowTime) { //当天没发送记录 send_sms('cf34160f4719430181a3d387f9dda3c8', $tpl_value, $phone); $_SESSION['getsession'] = $sessionValue; $res_code = "ok"; } else { if ($checktruecode['number'] <= '5') { //当天没发送记录>5 $setNumber = $checktruecode['number'] + "1"; $_SESSION['getsession'] = array('phone' => $phone, 'time' => time(), 'value' => $code, 'number' => $setNumber); send_sms('cf34160f4719430181a3d387f9dda3c8', $tpl_value, $phone); $type = "ok"; } else { $type = "pass"; } $res_code = $type; } } } else { $res_code = "having"; } $res_data['msg'] = $res_code; $this->ajaxReturn($res_data); }
public function auth($datas) { $datas = $_POST; if ($_SESSION['verify'] != md5($_POST['verify_code'])) { die(json_encode(array('status' => 0, 'info' => "验证码错误啦,再输入吧"))); } $M = M("Admin"); if ($M->where("`email`='" . $datas['email'] . "'")->count() >= 1) { $info = $M->where("`email`='" . $datas["email"] . "'")->find(); if ($info['status'] == 0) { return array('status' => 0, 'info' => "你的账号被禁用,有疑问联系管理员吧"); } if ($datas['op_type'] == 2) { $rc = randCode(5); $code = $info['aid'] . md5($rc); $url = str_replace(C("webPath"), "", C("WEB_ROOT")) . U("Public/findPwd", array("code" => $code)); $body = "请在浏览器上打开地址:<a href='{$url}'>{$url}</a> 进行密码重置操作 "; $return = send_mail($datas["email"], "", "找回密码", $body); if ($return == 1) { $info['find_code'] = $rc; $M->save($info); return array('status' => 1, 'info' => "重置密码邮件已经发往你的邮箱" . $_POST['email'] . "中,请注意查收"); } else { return array('status' => 0, 'info' => "{$return}"); } exit; } if ($info['pwd'] == encrypt($datas['pwd'])) { $loginMarked = C("TOKEN"); $loginMarked = md5($loginMarked['admin_marked']); $shell = $info['aid'] . md5($info['pwd'] . C('AUTH_CODE')); $_SESSION[$loginMarked] = "{$shell}"; $shell .= "_" . time(); setcookie($loginMarked, "{$shell}", 0, "/"); $_SESSION['my_info'] = $info; return array('status' => 1, 'info' => "登录成功", 'url' => U("Index/index")); } else { return array('status' => 0, 'info' => "账号或密码错误"); } } else { return array('status' => 0, 'info' => "不存在邮箱为:" . $datas["email"] . '的管理员账号!'); } }
function unzipSqlfile() { if (!IS_POST) { return FALSE; } if ($_SESSION['unzip']) { $files = $_SESSION['unzip']['files']; } else { $_SESSION['unzip']['time'] = time(); if (!$_POST['zipFiles'] || count($_POST['zipFiles']) == 0) { die(evaljson_encode(array("status" => 0, "info" => "请选择要解压的zip文件"))); } $files = $_POST['zipFiles']; $_SESSION['unzip']['files'] = $files; $_SESSION['unzip']['count'] = count($files); } foreach ($files as $k => $file) { D("SysData")->unzip($file); if (count($files) > 1) { echo json_encode(array("status" => 1, "info" => "正在解压缩请耐心等待,解压期间请勿刷新本页 <font color=\"red\">当前已经解压完{$file}</font>", "url" => U('SysData/unzipSqlfile', array(randCode() => randCode())))); unset($_SESSION['unzip']['files'][$k]); exit; } } $time = time() - $_SESSION['unzip']['time']; unset($_SESSION['unzip']); die(json_encode(array("status" => 1, "info" => "已解压完成<br/>耗时:{$time} 秒"))); //, "url" => U('SysData/restore') }
/** * @param $params * @param $DB * @param $scopeNames * @return string */ function createCodeToken($params, $scopeNames) { global $DB; $code = randCode(8); $DB->delete_records('broadecos_token', array('course_id' => $params['course_id'], 'service_id' => $params['client_id'], 'token' => 0)); $token = new stdClass(); $token->token = 0; $token->code = $code; $token->participant_id = null; $token->course_id = $params['course_id']; $token->service_id = $params['client_id']; $token->session_id = 0; $token->approved_scopes = implode(';', $scopeNames); $token->timecreated = time(); $token->timeupdated = time(); $token->id = $DB->insert_record('broadecos_token', $token); return $token; }
function getcookieid() { if (trim(cookie("cartuuid")) != "") { return cookie("cartuuid"); } else { $md5cookie = md5(get_client_ip() . "+" . randCode(8, 0)); cookie("cartuuid", $md5cookie); return $md5cookie; } }
/** * Returns the html for the pagination * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param array $options * * @return int */ public function getPagination($options = array()) { $options = array('url' => doArgs('url', '', $options), 'controls' => doArgs('controls', false, $options), 'type' => doArgs('type', 'pagination-mini', $options), 'showOne' => doArgs('showOne', false, $options)); $objTPL = Core_Classes_coreObj::getTPL(); $objUser = Core_Classes_coreObj::getUser(); // if we have 1 or less pages, then unless we specifically want to see it, hide the pagination if ($this->getTotalPages() <= 1) { if ($options['showOne'] === false) { return ''; } } // generate the pagination handle - each one has to be diff, to support > 1 on a page $handle = 'pagination_' . randCode(6); $objTPL->set_filenames(array($handle => cmsROOT . 'modules/core/views/markup.tpl')); // figure out which one we want to use $switch = IS_ONLINE ? $objUser->get('paginationStyle') : '1'; if (!method_exists($this, 'paginationStyle' . $switch)) { $switch = '1'; } $pages = $this->{'paginationStyle' . $switch}($options['controls']); $pages = isset($pages) ? $pages : array(); // setup the output $objTPL->assign_block_vars('pagination', array('TYPE' => $options['type'])); foreach ($pages as $page) { $objTPL->assign_block_vars('pagination.page', array('NUM' => doArgs('label', doArgs('count', '0', $page), $page), 'STATE' => doArgs('state', '', $page))); if (doArgs('url', true, $page)) { $objTPL->assign_block_vars('pagination.page.url', array('URL' => doArgs('url', true, $page) ? $this->url . $this->instance . '=' . doArgs('count', '0', $page) : '')); } else { $objTPL->assign_block_vars('pagination.page.span', array()); } } // and output $objTPL->parse($handle, false); return $objTPL->get_html($handle); }
public function sendPhoneReg() { include "./PhoneMessage/CCPRestSmsSDK.php"; //2 接受手机号码 $phone = I('post.phone'); //3 设置验证码的长度与类型,以及时间 $code = randCode(4, 1); $time = 2; //4 调用方法 $res = sendTemplateSMS($phone, array($code, $time), "1"); //手机号码,替换内容数组,模板ID //5 判断返回信息 if ($res['sign'] == 1) { //设置cookie session('code', $code); } //6 返回json数据 $this->ajaxReturn(json_encode($res)); }
/** * Returns array('success'=>true) or array('error'=>'error message') */ function handleUpload($uploadDirectory, $replaceOldFile = FALSE) { if (!is_writable($uploadDirectory)) { return array('error' => "Server error. Upload directory isn't writable."); } if (!$this->file) { return array('error' => 'No files were uploaded.'); } $size = $this->file->getSize(); if ($size == 0) { return array('error' => 'File is empty'); } if ($size > $this->sizeLimit) { return array('error' => 'File is too large'); } $pathinfo = pathinfo($this->file->getName()); $filename = preg_replace("/(\\s){1,}/", '_', $pathinfo['filename']); //BugBase Modification $r = randCode(16); $fn = $filename; $filename = $r . "_" . $filename; //-------------------- //$filename = md5(uniqid()); $ext = $pathinfo['extension']; if ($this->allowedExtensions && !in_array(strtolower($ext), $this->allowedExtensions)) { $these = implode(', ', $this->allowedExtensions); return array('error' => 'File has an invalid extension, it should be one of ' . $these . '.'); } if (!$replaceOldFile) { /// don't overwrite previous files that were uploaded while (file_exists($uploadDirectory . $filename . '.' . $ext)) { $filename .= rand(10, 99); } } if ($this->file->save($uploadDirectory . $filename . '.' . $ext)) { //BugBase Modifcation /* Log the attachment in the database */ $link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die("Blibber bobber"); mysql_select_db(DB_NAME) or die("blabber blobber"); $qry = "SELECT MAX( attach_id ) FROM ost_ticket_attachment"; $res = mysql_query($qry); $row = mysql_fetch_row($res); $attach_id = $row[0] + 1; /* max +1 for next */ $ticket = sanitize($_GET['ticket']); $filesize = filesize($uploadDirectory . $filename . '.' . $ext); //insert the attachment, remember at this point we don't have ref_id though. only uploaded it $qry = "INSERT INTO ost_ticket_attachment(attach_id,ticket_id,ref_id,ref_type,file_size,file_name,file_key,deleted,created) VALUES('" . $attach_id . "','" . $ticket . "','222','M','" . $filesize . "','" . ($fn . "." . $ext) . "','" . $r . "','0',NOW())"; $res = mysql_query($qry); mysql_close($link); //------------------- return array('success' => true, 'attach_id' => $attach_id); } else { return array('error' => 'Could not save uploaded file.' . 'The upload was cancelled, or server error encountered'); } }
include_once "./templates/s3.php"; exit; case '4': if (intval($_GET['install'])) { $n = intval($_GET['n']); $arr = array(); $dbHost = trim($_POST['dbhost']); $dbPort = trim($_POST['dbport']); $dbName = trim($_POST['dbname']); $dbHost = empty($dbPort) || $dbPort == 3306 ? $dbHost : $dbHost . ':' . $dbPort; $dbUser = trim($_POST['dbuser']); $dbPwd = trim($_POST['dbpw']); $dbPrefix = empty($_POST['dbprefix']) ? 'think_' : trim($_POST['dbprefix']); $email = trim($_POST['manager_email']); $password = trim($_POST['manager_pwd']); $verify = randCode(6); $config = array(); $config['SITE_INFO']['name'] = addslashes(trim($_POST['sitename'])); //网站名称 $config['SITE_INFO']['keyword'] = trim($_POST['sitekeywords']); //关键词 $config['SITE_INFO']['description'] = trim($_POST['siteinfo']); //描述 $config['WEB_ROOT'] = trim($_POST['siteurl']); //网站域名 $config['AUTH_CODE'] = $verify; $config['ADMIN_AUTH_KEY'] = $email; $config['DB_HOST'] = $dbHost; $config['DB_NAME'] = $dbName; $config['DB_USER'] = $dbUser; $config['DB_PWD'] = $dbPwd;
public function sendSMSCheckNO() { $phone = $this->post('phone'); $code = randCode(); $redis_key = $_SESSION['uid'] . ':sms'; $code_key = $_SESSION['uid'] . ':sms_code'; if (strlen($code) != 4) { echo '短信发送异常'; exit; } if (mobileCheck($phone)) { echo '手机号码不对'; exit; } //限制发送时间 if ($this->cacheKV()->exists($redis_key)) { echo '请稍后再发送'; exit; } $this->cacheKV()->setex($redis_key, $this->kvExTime(), 1); //发送成功标识,用来重发 Doo::loadClassAt('SmsApi', 'default'); $clapi = new SmsApi(); $result = $clapi->sendSMS($phone, '您好,您的验证码是 ' . $code . ' <微微乐>', 'true'); $result = $clapi->execResult($result); if ($result[1] == 0) { echo '发送成功'; $this->cacheKV()->setex($code_key, $this->kvExTime() * 10, $code); //10分钟内有效 } else { echo "发送失败{$result[1]}"; } exit; }
function randImgName($num = 20) { return uniqid() . randCode($num); }
/** * Gets the token for the session * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param bool $forceNew * * @return string $token */ public function getToken($forceNew = false) { if (empty($_SESSION['token']) || $forceNew) { $token = randCode(12); $_SESSION['token'] = md5($token); } return $_SESSION['token']; }
<?php require '../engine/fun.php'; echo randCode(30); echo "<br/>"; echo randImgName(30); echo "<br/>"; echo uniqid();
if ($type == 0) { array_pop($arr); $string = implode("", $arr); } elseif ($type == "-1") { $string = implode("", $arr); } else { $string = $arr[$type]; } $count = strlen($string) - 1; $code = ''; for ($i = 0; $i < $length; $i++) { $code .= $string[rand(0, $count)]; } return $code; } $rand = randCode(10, 1); var_dump($rand); $address = $_SERVER["REMOTE_ADDR"]; mysqli_select_db($conn, "`ouch`"); $sql = "INSERT INTO `ouch`.`cookies`(`randomname`,`ipaddress`)\n VALUES('.{$rand}.','.{$address}.')"; mysqli_query($conn, $sql); // echo 'sqltext:'.$sql; $n = 0; $result = mysqli_query($conn, "SELECT * FROM `ouch`.`cookies`"); $row = mysqli_fetch_array($result); $coo[$n] = $row['randomname']; if ($coo[0] != NULL) { echo "植入成功"; } else { echo "植入失败,请回炉重造。"; }
public function __construct() { parent::__construct(); $this->sign = randCode(5); }
function forget() { $post = $this->req->post; if (count($post)) { $phone = $post['phone']; $code = $post['code']; if (!validate('phone', $phone)) { setHint('手机号格式不正确', 'bad'); $this->res->redirect('home/forget'); } if (!validate('code', $code)) { setHint('验证码格式不正确', 'bad'); $this->res->redirect('home/forget'); } $user = $this->load->model('user'); $result = $user->findByPhone($phone); if ($result) { $newpass = randCode(8); $result2 = $user->updatePassByPhone($phone, md5($newpass)); if ($result2) { //发送sms sendSmscode($phone, '您的新密码是' . $newpass); setHint('密码已发送到您的手机,请稍后……'); $this->res->redirect('home/login'); } else { setHint('变更密码失败', 'bad'); $this->res->redirect('home/forget'); } } else { setHint('没有此用户', 'bad'); $this->res->redirect('home/forget'); } } else { return $this->load->view('forget'); } }