static function loginCheck()
{
$uname = wf_gpc('wf_uname', 'p', 'trim');
$upawd = wf_gpc('wf_upawd', 'p', 'trim');
$uhash = wf_gpc('wf_uhash', 'p', 'trim');
if (empty($uhash) || $uhash != $_SESSION['wf_uhash']) {
$_SESSION = array();
$_SESSION['wf_error'] = '校验码码非法,请刷新页面后重试';
wf_redirect('login.php?act=in');
}
// 请求API接口
$json_url = WF_API_URL . '?' . http_build_query(array('key' => WF_API_KEY, 'hostid' => WF_API_HOSTID, 'username' => $uname, 'password' => md5(WF_API_KEY . $upawd)));
$user_info = file_get_contents($json_url);
$user_info = json_decode($user_info);
$_SESSION = array();
if (1 === $user_info->code) {
$_SESSION['wf_uauth'] = explode(',', $user_info->data->auth);
$_SESSION['wf_uroot'] = $user_info->data->root;
$_SESSION['wf_upath'] = $user_info->data->path;
$_SESSION['wf_uhost'] = $user_info->data->host;
$_SESSION['wf_tokey'] = self::getTokey();
$_SESSION['wf_error'] = '';
wf_redirect('./');
} else {
$_SESSION['wf_error'] = $user_info->message;
wf_redirect('login.php?act=in');
}
}
private function on_upload()
{
$path = $this->path;
$name = wf_gpc('name', 'r');
$cover = wf_gpc('fs-cover', 'r', 'intval');
$this->code = $this->FileFS->upload($path, $name, $cover) ? 200 : 300;
$this->mess = $this->FileFS->error();
$this->show();
}
static function updateUserPassword()
{
$uname = wf_gpc('wf_uname', 'S');
$uinfo = self::getUserData($uname);
if (!empty($uname) && $uname == $uinfo['uname']) {
$uinfo['upawd'] = md5(wf_gpc('newpasswd', 'r'));
if (self::addUserData($uinfo['uname'], $uinfo['upawd'], $uinfo['upath'], $uinfo['uauth'])) {
show(200, '密码已更新,请谨记新密码:<font color="red">' . wf_gpc('newpasswd', 'r') . '</font>');
}
}
show(300, '更新失败:<font color="red">你可能无权更改此项设置!</font>');
}
<script src="static/plugins/colorBox/jquery.colorBox.min.js?v=1.3.17.2"></script>
<!-- ZeroClipboard 资源文件 -->
<script src="static/plugins/ZeroClipboard/ZeroClipboard.min.js?v=1.3.2"></script>
<!-- app 资源文件-->
<script src="static/js/webftp.core.js"></script>
<script src="static/js/webftp.util.js"></script>
<script src="static/js/webftp.nfs.js"></script>
<script src="static/js/webftp.mui.js"></script>
<script type="text/javascript">
$(function () {
// 配置参数
// app.debug = true;
app.api = {
url: 'webftp.php',
key: '0123456789',
auth:'<?php
$auth = wf_gpc('wf_uauth', 's');
echo implode(',', $auth);
?>
'.split(',')
};
// 执行初始化
app.mui.init();
app.nfs.init();
});
</script>
</body>
</html>
break;
case 'resetpasswd':
WF_Auth::updateUserPassword();
break;
case 'out':
WF_Auth::loginOut();
break;
case 'in':
break;
default:
exit(WF_Session::get('login_error'));
}
}
//
$uhash = $_SESSION['wf_uhash'] = rand(1000, 9999);
$error = wf_gpc('wf_error', 'S');
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="renderer" content="webkit">
<title>站长附件上传下载管理平台 - Power By AdminSheng.com</title>
<style type="text/css">
html { }
body { color:#fff; font-size:14px; padding:0; overflow:hidden; margin:0; width:100%; height:100%; min-height:400px; background:#2784bd url(static/images/login/bg_line.gif) repeat-x left top; }
#body { background:url(static/images/login/bg.jpg) no-repeat center top; }
h1 { font-wieght:bold; font-size:20px; padding:0 28px; margin:0; text-shadow:0 1px 2px rgba(0, 0, 0, 0.4); }
#login_form { position:absolute; width:500px; }
.input { font-family: Georgia, serif;margin-left:5px;font-size: 22px; padding-left: 12px; padding-right: 0px; width: 234px; height:30px; background:url(static/images/login/spacer.gif); color:#383838; outline:medium none; border:none; }
/**
* 文件上传
*
*/
public function upload($path, $name, $cover = false)
{
// HTTP headers for no cache etc
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// Look for the content type header
if (isset($_SERVER['HTTP_CONTENT_TYPE'])) {
$contentType = $_SERVER['HTTP_CONTENT_TYPE'];
}
if (isset($_SERVER['CONTENT_TYPE'])) {
$contentType = $_SERVER['CONTENT_TYPE'];
}
// Get parameters
$chunk = wf_gpc('chunk', 'r', 'intval');
$chunks = wf_gpc('chunks', 'r', 'intval');
// 处理文件名
$file = $this->get_gpath($path . $name);
if (!is_writeable($this->get_gpath($path))) {
$this->error = '文件系统错误,当前目录没有写入权限';
return false;
} else {
if (!$cover && file_exists($file)) {
$this->error = '文件系统错误,目标文件已存在';
return false;
} else {
if ($cover && file_exists($file) && !unlink($file)) {
$this->error = '文件系统错误,无法删除原始文件';
return false;
}
}
}
// 上传写文件步骤,这一部分以下的代码可直接引用
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if (strpos($contentType, 'multipart') !== false) {
if (!isset($_FILES['file']['tmp_name']) || !is_uploaded_file($_FILES['file']['tmp_name'])) {
$this->error = 'Failed to move uploaded file.';
return false;
}
// 分块一直接move,减小不分块时服务器负载
if (0 == $chunk) {
if (!move_uploaded_file($_FILES['file']['tmp_name'], "{$file}.part")) {
$tihs->error = 'Failed to open output stream.';
return false;
}
} else {
// 合并剩余分块数据
$out = fopen("{$file}.part", $chunk == 0 ? 'wb' : 'ab');
if (!$out) {
$tihs->error = 'Failed to open output stream.';
return false;
}
$in = fopen($_FILES['file']['tmp_name'], 'rb');
if (!$in) {
$tihs->error = 'Failed to open input stream.';
return false;
}
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
fclose($in);
fclose($out);
}
file_exists($_FILES['file']['tmp_name']) && unlink($_FILES['file']['tmp_name']);
} else {
$out = fopen("{$file}.part", $chunk == 0 ? 'wb' : 'ab');
if (!$out) {
$tihs->error = 'Failed to open output stream.';
return false;
}
// Read binary input stream and append it to temp file
$in = fopen("php://input", 'rb');
if (!$in) {
$tihs->error = 'Failed to open input stream.';
return false;
}
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
fclose($in);
fclose($out);
}
// Check if file has been uploaded
if (!$chunks || $chunk == $chunks - 1) {
return rename("{$file}.part", $file);
}
return true;
}
