public function action_login() { if (HTTP_Request::POST == $this->request->method() && Security::check(Arr::get($this->request->post(), 'csrf', '')) && Captcha::valid($_POST['captcha'])) { $remember = array_key_exists('remember', $this->request->post()) ? (bool) $this->request->post('remember') : FALSE; $user = Auth::instance()->login($this->request->post('username'), $this->request->post('password'), $remember); if ($user) { HTTP::redirect($this->config->get('admin_url')); } else { Session::instance()->set('error', 'Логин или пароль не верный'); $errors = array('Логин или пароль не верный.'); } } $this->template = 'login'; parent::before(); $captcha = Captcha::instance(); $csrf = Security::token(true); $this->template->title = 'Вход в админ панель'; $this->template->bind('errors', $errors)->bind('csrf', $csrf)->bind('captcha', $captcha); $errors = null; if (Auth::instance()->get_user()) { $auth = Auth::instance(); $has_admin_role = $auth->logged_in('admin'); if ($has_admin_role) { $session = Session::instance(); $session->set('redirectAfterLogin', $_SERVER['REQUEST_URI']); HTTP::redirect('/' . $this->admin_url . '/'); } } }
public function action_register() { //check user logged in or not if (Auth::instance()->logged_in()) { Request::instance()->redirect('/'); //go to home page } $captcha = Captcha::instance('login'); if (Request::$method == "POST") { if (Captcha::valid($_POST['captcha'])) { $user = new User(); $post = $user->validate_register($_POST); if ($post->check()) { $post = $post->as_array(); $user->email = $post['email']; $user->username = $post['username']; $user->active = false; $user->sex = $post['sex']; $user->active_code = md5(time()); $user->save(); Session::set('reg_email', $user->email); Request::instance()->redirect('/site/register_done'); } else { $_POST = $post->as_array(); $data['errors'] = $post->errors(); } } else { $data['errors'] = array('captcha' => 'Mã bảo mật không đúng!'); } } $this->template->title = __('Đăng ký tài khoản'); $data['captcha'] = $captcha; $this->template->content = View::factory('frontend/site/register', $data); }
public function action_login() { $captcha = Captcha::instance(); $this->template->captcha = $captcha; $this->template->message = ''; if (Auth::instance()->logged_in()) { $this->redirect('/'); } $username = Arr::get($_POST, 'username', ''); $password = Arr::get($_POST, 'password', ''); $remember = (bool) Arr::get($_POST, 'remember', false); $error = false; $message = false; if ($this->request->method() == Request::POST) { $cpt = Captcha::valid($_POST['captcha']); if ($cpt) { if (Auth::instance()->login($username, $password, $remember)) { $this->redirect('manage'); } else { $error = true; //$this->set('error', true); } } else { $message = true; //$this->set('error', true); } } $this->set('username', $username)->set('remember', $remember ? 'checked' : '')->set('error', $error)->set('message', $message); }
function action_index() { // Check if already logged in if ($this->admin->islogged() === TRUE) { $this->template->content = $this->admin->genpage(); } else { $this->template->content = $this->admin->showlogin(); } // Check if login data sended if (isset($_POST['login']) and isset($_POST['password']) and isset($_POST['captcha'])) { if (Captcha::valid($_POST['captcha'])) { // Check auth $auth = $this->admin->checklogin(); if ($auth === TRUE) { Session::instance()->set('islogged', 'on'); $this->request->redirect('admin'); } else { if (gettype($auth) == 'string') { $this->template->err = $auth; } } } else { $this->template->err = 'Неверно введена капча'; } } }
public function action_doreg() { $mobile = Arr::get($_POST, 'mobile'); $pwd = Arr::get($_POST, 'password'); $checkcode = Arr::get($_POST, 'checkcode'); $backurl = Arr::get($_POST, 'backurl'); //验证码 $checkcode = strtolower($checkcode); $flag = Model_Member::checkExist('mobile', $mobile); if (!$flag) { Common::showMsg('手机号码重复,请重新填写', '-1'); } if (!Captcha::valid($checkcode)) { Common::showMsg('验证码错误', '-1'); } $model = ORM::factory('member'); $model->mobile = $mobile; $model->pwd = md5($pwd); $model->logintime = time(); $model->nickname = substr_replace($mobile, '***', 3, 3); $model->save(); if ($model->saved()) { Model_Member::login($mobile, $pwd); Common::showMsg('注册成功', $backurl); } else { //Common::showMsg('注册失败,请联系网站管理员','-1'); } }
public function action_register() { if (!empty($_POST)) { $username = Arr::get($_POST, 'username'); $password = Arr::get($_POST, 'password'); $password2 = Arr::get($_POST, 'password2'); $vcode = Arr::get($_POST, 'vcode'); if ($password !== $password2) { exit('两次密码不匹配'); } if (!Captcha::valid($vcode)) { exit('验证码错误'); } $auth = Auth::instance('member'); $password = $auth->hash($password); $user_data = array('username' => $username, 'password' => $password, 'created_at' => time()); $m_member = Model::factory('member', 'admin'); $user_exist = $m_member->has(array('username' => $username)); if (!$user_exist) { $ret = $m_member->insert($user_data); if ($ret !== false) { $user_data['id'] = $ret[0]; if ($auth->force_login($user_data)) { $this->redirect(Request::$referrer); } } else { exit('注册失败'); } } else { exit('用户名已存在'); } } $this->content = View::factory('common/user_register'); }
protected function rule_captcha() { if ($this->value === '' or $this->value === NULL) { $this->errors['required'] = TRUE; } elseif (Captcha::valid($this->value, $this->group) == FALSE) { $this->errors['captcha'] = TRUE; } }
protected function validate_this() { // use Captcha's buit-in validation if (!Captcha::valid(Input::instance()->post($this->name))) { $this->error = $this->error_msg; return $this->error; } }
function action_login() { if ($_POST) { if (Captcha::valid($_POST['captcha']) and $this->auth->login($_POST['username'], $_POST['password'], !empty($_POST['remember']) ? TRUE : FALSE) == TRUE) { $this->request->redirect('admin'); } else { $this->request->redirect('admin'); } } }
/** * The default action - show the home page */ public function index() { if ($this->request->isPost()) { var_dump(Captcha::valid($this->request->getParam('vcode'))); } else { //echo '<p><img src="' . $this->getBaseUrl(). 'captcha/basic"></p>'; echo '<p><img src="' . $this->getBaseUrl() . 'captcha/alpha"></p>'; //echo '<p><img src="' . $this->getBaseUrl(). 'captcha/black"></p>'; echo '<form method="post"><input type="text" name="vcode"><input type="submit" value="Valid"></form>'; } exit; }
public function action_signin() { //echo Auth::instance()->hash_password('hungxalo'); #If user already signed-in if (Auth::instance()->logged_in() != 0) { #redirect to the user account Request::instance()->redirect('admin/site/index'); } $captcha = Captcha::instance(); $data = array(); $data['captcha'] = $captcha; #If there is a post and $_POST is not empty if ($_POST) { //print_r($_POST); if (Captcha::valid($_POST['captcha'])) { #Instantiate a new user $array = Validate::factory($_POST)->rules('email', array('not_empty' => NULL, 'min_length' => array(4), 'max_length' => array(127), 'email' => NULL))->rules('password', array('not_empty' => null))->filter(TRUE, 'trim'); // Get the remember login option $remember = isset($array['remember']); // Login starts out invalid $status = FALSE; if ($array->check()) { $user = Auth::instance(); #Check Auth $status = $user->login($array['email'], $array['password'], $remember); #If the post data validates using the rules setup in the user model if ($status) { #redirect to the user account Request::instance()->redirect('admin/site/index'); } else { $array->error('email', 'username_available'); #Get errors for display in view $data['errors'] = $array->errors('admin/login'); } } else { $data['errors'] = $array->errors('admin/login'); } } else { $data['errors'] = array('captcha' => 'Captcha invalid!'); } // Captcha::invalid_count() //echo $captcha->invalid_count(); } $this->template->title = "Đăng nhập vào hệ thống"; $this->template->section_title = "Đăng nhập vào hệ thống"; $this->template->content = View::factory('/admin/site/login', $data); }
public function page1() { $view = new View('signup/page1'); // Load Captcha library, you can supply the name of the config group you would like to use. $captcha = new Captcha(); // Form info $form = array('username' => '', 'password' => '', 'password_confirm' => '', 'email' => ''); // copy the form as errors, so the errors will be stored with keys corresponding to the form field names $errors = $form; // Ban bots (that accept session cookies) after 50 invalid responses. // Be careful not to ban real people though! Set the threshold high enough. if ($captcha->invalid_count() > 49) { exit('Bye! Stupid bot.'); } // Form submitted if ($_POST) { // Add some rules, the input field, followed by a list of checks, carried out in order $valid_c = Captcha::valid($this->input->post('captcha_response')); $this->user = ORM::factory('user'); $post = $this->input->post(); if ($this->user->validate($post) && $valid_c) { $this->user->save(); $this->session->set('uid', $this->user->id); $this->user->add(ORM::factory('role', 'login')); $this->auth->login($this->user, $post['password']); url::redirect('/signup/page2'); exit(0); } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); $errors = arr::overwrite($errors, $post->errors('signup_errors')); if (!$valid_c) { $errors['captcha_response'] = "Invalid"; } } } // Put the vars in the template $view->set("errors", $errors); $this->template->content = $view; $this->template->content->captcha = $captcha; $this->template->content->form = $form; }
public function action_ajax_login() { $checkcode = Arr::get($_POST, 'checkcode'); $username = Arr::get($_POST, 'username'); $password = Arr::get($_POST, 'password'); $out = array(); //验证码 $checkcode = strtolower($checkcode); if (!Captcha::valid($checkcode)) { $out['status'] = 'checkcode_err'; echo json_encode($out); exit; } //用户名密码验证 $password = md5($password); $userinfo = ORM::factory('admin')->where("username='******' and password='******'")->find(); if (!$userinfo->loaded()) { $out['status'] = 'password_err'; echo json_encode($out); exit; } $logintime = time(); $ip = $this->getIp(); $userinfo->logintime = $logintime; $userinfo->loginip = $ip; $userinfo->update(); $userinfo = $userinfo->as_array(); //将用户信息保存到session $session = Session::instance(); $serectkey = Common::authcode($userinfo['username'] . '||' . $userinfo['password'], ''); $session->set('username', $serectkey); Cookie::set('username', $serectkey); $session->set('userid', $userinfo['id']); $session->set('roleid', $userinfo['roleid']); $rolemodule = ORM::factory('role_module')->where("roleid='{$userinfo['roleid']}'")->as_array(); $session->set('rolemodule', $rolemodule); $out['status'] = 'ok'; echo json_encode($out); }
public function action_index() { //смотрим шаблон для виджета $id = $this->request->param('id'); $widget = new Model_Widget(); $template = $widget->getTempalte('callback', $id); if ($template) { $this->template = View::factory('widgets/' . $template); } if (isset($_POST['callback-order'])) { if (Captcha::valid(Arr::get($_POST, 'comm-captcha'))) { $base = new Model_Base(); $options = $base->getOptions(); $vData = $_POST; $validation = Validation::factory($vData); $validation->rule('cb-name', 'not_empty'); $validation->rule('cb-name', 'min_length', array(':value', '2')); $validation->rule('cb-name', 'max_length', array(':value', '250')); $validation->rule('cb-phone', 'not_empty'); $validation->rule('cb-phone', 'phone'); $validation->rule('cb-phone', 'min_length', array(':value', '6')); $validation->rule('cb-phone', 'max_length', array(':value', '15')); if (!$validation->check()) { $this->errors = $validation->errors('callbackErrors'); } else { $name = Arr::get($_POST, 'cb-name', ''); $phone = Arr::get($_POST, 'cb-phone', ''); //отправляем письмо $config = Kohana::$config->load('email'); Email::connect($config); $to = $config['options']['callback_email']; //$to = '*****@*****.**'; $subject = 'Поступила заявка с сайта ' . $options['sitename'] . ' от ' . $name . ''; $from = $config['options']['username']; $message = '<h2>Новая заявка</h2>'; $message .= 'Отправитель: <b>' . $name . ', </b><br>'; $message .= 'Тел: <b>' . $phone . ', </b><br>'; $message .= '<em>Отправлено: ' . date("G:i:s M j Y") . '</em>'; Email::send($to, $from, $subject, $message, $html = TRUE); if (count($this->errors) > 0) { $base = new Model_Base(); $options = $base->getOptions(); $to = $options['admin_email']; $subject = 'Ошибки на сайте ' . $options['sitename']; $from = $config['options']['username']; foreach ($this->errors as $error) { $message = '<h2>Ошибка</h2>'; $message .= $error; $message .= ' <em>Отправлено: ' . date("G:i:s M j Y") . '</em>'; } Email::send($to, $from, $subject, $message, $html = TRUE); } else { $this->messages[] = 'Спасибо! Ваш вопрос успешно отправлен.'; } } } else { $this->errors['captcha'] = "Код введен неверно"; } } $captcha_image = Captcha::instance()->render(); $this->template->captcha = $captcha_image; $this->template->errors = $this->errors; $this->template->messages = $this->messages; }
public function action_reminder() { $reminder = false; $template = View::factory('reminder'); if (!Auth::instance()->logged_in()) { if ($this->request->method() == Request::POST) { if (Captcha::valid($_POST['captcha'])) { $user = ORM::factory('User')->where('username', '=', Arr::get($_POST, 'username', ''))->find(); if ($user->loaded() && $user->network_reg == 0 && empty($user->link_activate)) { $date = date("Y-m-d H:i:s"); $code = md5($date . $user->password); $save_code = ORM::factory('User', $user->id); $save_code->link_recovery = $code; $save_code->save(); $reminder = true; } else { $mas_err = array(); $mas_err[] = I18n::get("Пользователь с таким логином не зарегистрирован."); $error = true; $template->set('errors', $mas_err)->set('error', $error); } } else { $mas_err = array(); $mas_err[] = I18n::get("Неправильно ввели код подтверждения."); $error = true; $template->set('errors', $mas_err)->set('error', $error); } } } $template->set('reminder', $reminder)->set('return', '/')->render(); $this->response->body($template->render()); }
function action_add_comment($postid) { $this->allowcomment = $this->post->get_access($this->postid); $this->action_post_main(); $this->action_main_categories(); if (Captcha::valid($_POST['captcha']) and $this->allowcomment == 1) { $this->validate = $this->comment->validate_comment(); if ($this->post->check_post($postid) == TRUE and $this->validate === TRUE) { $this->comment->add_comment($postid); } else { $this->template->content->errors = $this->validate; } } $this->action_comments_params(); }
/** * Validate the captcha * @param Validate $array * @param string $field */ public function captcha_valid(Validate $array, $field) { if (!Captcha::valid($array[$field])) { $array->error($field, 'invalid'); } }
public function action_reminder() { $errors = NULL; if (!Auth::instance()->logged_in()) { if ($this->request->post()) { if (Captcha::valid($_POST['captcha'])) { $user = ORM::factory('User')->where('username', '=', Arr::get($_POST, 'username', ''))->find(); if ($user->loaded() && $user->network_reg == 0 && empty($user->link_activate)) { $date = date("Y-m-d H:i:s"); $code = md5($date . $user->password); Email::connect(); Email::View('reminder'); Email::set(array('username' => $user->username, 'id' => $code, 'url' => str_replace('/auth/reminder', '', URL::current(true)))); Email::send($user->email, array('*****@*****.**', 'e-history.kz'), "E-history.kz, ссылка для смены пароля.", '', true); $save_code = ORM::factory('User', $user->id); $save_code->link_recovery = $code; $save_code->save(); Message::success('Ссылка для восстановления пароля отправлена на указанный при регистрации адрес электронной почты.'); $this->redirect('/', 301); } else { $errors['login'] = I18n::get("Пользователь с таким логином не зарегистрирован."); } } else { $errors['captcha'] = I18n::get("Неправильно ввели код подтверждения."); } } } $this->set('errors', $errors); }
/** * 处理提交 * * @param array $data * @return Member 失败则返回false */ protected function post($data, $error_num) { if (!$data['username']) { $this->message = '用户名不能空'; $this->error_input = 'username'; return false; } if (!$data['password']) { $this->message = '密码不能空'; $this->error_input = 'password'; return false; } $db = Database::instance(Model_Admin::DATABASE); try { if ($error_num) { # 有登录错误 $config = Core::config('admin/core'); if ($error_num >= $config['login_error_show_captcha_num'] - 1) { if (Captcha::valid($data['captcha']) < 0) { throw new Exception('验证码错误'); } } } $member = Auth::instance('admin')->check_user($data['username'], $data['password']); if ($error_num) { # 清除登录记录 $db->delete('admin_login_error_log', array('ip' => HttpIO::IP)); } $id = (int) $member->id; $_POST['password'] = '******'; //日志中隐藏密码项 if ($member->project != Core::$project && !$member->perm()->is_super_perm()) { throw new Exception('不允许通过此页面登录', -1); } if ($member->shielded) { throw new Exception('您已被屏蔽', -1); } } catch (Exception $e) { if ($e->getCode() === 0) { # 验证失败 $error_num++; if ($error_num === 1) { $db->insert('admin_login_error_log', array('ip' => HttpIO::IP, 'timeline' => TIME, 'error_num' => 1, 'last_error_msg' => $e->getMessage(), 'last_post_username' => $data['username'])); } else { $db->update('admin_login_error_log', array('timeline' => TIME, 'error_num+' => 1, 'last_error_msg' => $e->getMessage(), 'last_post_username' => $data['username']), array('ip' => HttpIO::IP)); } } $this->message = $e->getMessage(); $this->error_input = 'password'; $id = 0; $member = false; } # 记录登录日志 $db->insert(Core::config('admin/log.tablename'), array('uri' => $_SERVER["REQUEST_URI"], 'type' => 'login', 'ip' => HttpIO::IP, 'referer' => $_SERVER["HTTP_REFERER"], 'post' => serialize($_POST), 'admin_id' => $id)); return $member; }
/** * Returns TRUE if the POST has a valid CSRF * * Usage:<br> * <code> * if ($this->valid_post('upload_photo')) { ... } * </code> * * @param string|NULL $submit Submit value [Optional] * @return boolean Return TRUE if it's valid $_POST * * @uses Request::is_post * @uses Request::post_max_size_exceeded * @uses Request::get_post_max_size * @uses Request::post * @uses Message::error * @uses CSRF::valid * @uses Captcha::valid */ public function valid_post($submit = NULL) { if (!$this->request->is_post()) { return FALSE; } if (Request::post_max_size_exceeded()) { $this->_errors = array('_action' => __('Max file size of :max Bytes exceeded!', array(':max' => Request::get_post_max_size()))); return FALSE; } if (!is_null($submit)) { if (!isset($_POST[$submit])) { $this->_errors = array('_action' => __('This form has altered. Please try submitting it again.')); return FALSE; } } $_token = $this->request->post('_token'); $_action = $this->request->post('_action'); $has_csrf = !empty($_token) and !empty($_action); $valid_csrf = CSRF::valid($_token, $_action); if ($has_csrf and !$valid_csrf) { // CSRF was submitted but expired $this->_errors = array('_token' => __('This form has expired. Please try submitting it again.')); return FALSE; } if (isset($_POST['_captcha'])) { $captcha = $this->request->post('_captcha'); if (empty($captcha)) { // CSRF was not entered $this->_errors = array('_captcha' => __('The security code can\'t be empty.')); return FALSE; } elseif (!Captcha::valid($captcha)) { $this->_errors = array('_captcha' => __('The security answer was wrong.')); return FALSE; } } return $has_csrf and $valid_csrf; }
public function action_register() { if (Common::config(['admin', 'SignInSignUp'])) { $email = $password = $error = $captcha = ''; if ($this->auth->logged_in()) { self::goMenu(); } if (!empty($_POST)) { if (!empty($_POST['email'])) { $email = \Zver\StringHelper::load($_POST['email'])->toHTMLEntities()->get(); } if (!empty($_POST['password'])) { $password = \Zver\StringHelper::load($_POST['password'])->toHTMLEntities()->get(); } if (!empty($_POST['captcha'])) { $captcha = $_POST['captcha']; } if (!empty($email) && !empty($password) && !empty($captcha)) { $exist = ORM::factory('User')->where('username', '=', $email)->find(); if (!empty($exist->id)) { $error = 'Пользователь с таким email уже существует. Введите другой email.'; } elseif (filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $error = 'Введите email правильно.'; } elseif (!Captcha::valid($_POST['captcha'])) { $error = 'Неправильно введен проверочный код.'; } else { $success = false; try { $user = new Model_User(); $user->username = $email; $user->email = $email; $user->registered = date('Y-m-d H:i:s'); $user->password = $password; $user->save(); DB::insert('roles_users')->values(['user_id' => $user->id, 'role_id' => DB::select('id')->from('roles')->where('name', '=', 'user')])->execute(); if ($this->auth->login($email, $password)) { $success = true; } } catch (\Exception $e) { } if ($success) { Admin::setMessage('Вы успешно зарегистрировались!', 'success'); self::goMenu(); } } } else { if (empty($email)) { $error = 'Введите email.'; } elseif (empty($password)) { $error = 'Введите пароль.'; } else { $error = 'Введите проверочный код'; } } } $this->template->content = View::factory('Admin/Register/Template', ['password' => $password, 'email' => $email, 'error' => $error]); } }
/** * Demontrates how to use the Captcha library. */ public function captcha() { // Look at the counters for valid and invalid // responses in the Session Profiler. new Profiler(); // Load Captcha library, you can supply the name // of the config group you would like to use. $captcha = new Captcha(); // Ban bots (that accept session cookies) after 50 invalid responses. // Be careful not to ban real people though! Set the threshold high enough. if ($captcha->invalid_count() > 49) { exit('Bye! Stupid bot.'); } // Form submitted if ($_POST) { // Captcha::valid() is a static method that can be used as a Validation rule also. if (Captcha::valid($this->input->post('captcha_response'))) { echo '<p style="color:green">Good answer!</p>'; } else { echo '<p style="color:red">Wrong answer!</p>'; } // Validate other fields here } // Show form echo form::open(); echo '<p>Other form fields here...</p>'; // Don't show Captcha anymore after the user has given enough valid // responses. The "enough" count is set in the captcha config. if (!$captcha->promoted()) { echo '<p>'; echo $captcha->render(); // Shows the Captcha challenge (image/riddle/etc) echo '</p>'; echo form::input('captcha_response'); } else { echo '<p>You have been promoted to human.</p>'; } // Close form echo form::submit(array('value' => 'Check')); echo form::close(); }
function action_add_comment($postid) { $this->allowcomment = $this->post->get_access($this->postid); $this->action_post_main(); $this->action_main_categories(); $this->username = Auth::instance()->get_user()->username; if (Captcha::valid($_POST['captcha']) and $this->allowcomment == 1 or !empty($this->username)) { $this->validate = $this->comment->validate_comment(); if ($this->post->check_post($postid) == TRUE and $this->validate === TRUE) { $this->comment->add_comment($postid); Cookie::$expiration = Date::WEEK; Cookie::set('comment_username', $_POST['username']); Cookie::set('comment_url', $_POST['url']); $this->request->redirect($_SERVER['HTTP_REFERER']); } else { $this->template->content->errors = $this->validate; } } $this->action_comments_params(); }
/** * 处理提交 * * @param array $data * @return \Member 失败则返回false */ protected function post($data, $error_num) { if (!$data['username']) { $this->message = \__('Username can not be empty'); $this->error_input = 'username'; return false; } if (!$data['password']) { $this->message = \__('The password can not be empty'); $this->error_input = 'password'; return false; } $db = \Database::instance(\Model_Admin::DATABASE); try { if ($error_num) { # 有登录错误 $config = \Core::config('admin.login'); if ($error_num >= $config['error_show_captcha_num'] - 1) { if (\Captcha::valid($data['captcha']) < 0) { $this->error_input = 'captcha'; throw new \Exception(\__('Verification code error')); } } } $member_finder = new \ORM_Admin_Member_Finder(); $member = $member_finder->get_member_by_username($data['username']); if (!$member) { $this->error_input = 'username'; throw new \Exception(\__('User does not exist')); } if (!$member->check_password($data['password'])) { $this->error_input = 'password'; throw new \Exception(\__('Password is incorrect')); } if ($error_num) { # 清除登录记录 $db->delete('admin_login_error_log', array('ip' => \HttpIO::IP)); } $id = (int) $member->id; $_POST['password'] = '******'; //日志中隐藏密码项 if ($member->project != \Bootstrap::$project && !$member->perm()->is_super_perm()) { throw new \Exception(\__('Not allowed to login through this page'), -1); } if ($member->shielded) { $this->error_input = 'username'; throw new \Exception(\__('You have been blocked'), -1); } } catch (\Exception $e) { if (0 === $e->getCode()) { # 验证失败 $error_num++; if (1 === $error_num) { $db->insert('admin_login_error_log', array('ip' => \HttpIO::IP, 'timeline' => \TIME, 'error_num' => 1, 'last_error_msg' => $e->getMessage(), 'last_post_username' => $data['username'])); } else { $db->update('admin_login_error_log', array('timeline' => \TIME, 'error_num+' => 1, 'last_error_msg' => $e->getMessage(), 'last_post_username' => $data['username']), array('ip' => \HttpIO::IP)); } } $this->message = $e->getMessage(); $id = 0; $member = false; } # 记录登录日志 $db->insert('admin_log', array('uri' => $_SERVER["REQUEST_URI"], 'type' => 'login', 'ip' => \HttpIO::IP, 'referer' => $_SERVER["HTTP_REFERER"], 'post' => \serialize($_POST), 'admin_id' => $id)); return $member; }
public function action_index() { $template = View::factory("template"); $content = View::factory("registration"); $captcha = Captcha::instance(); $root_page = "registration"; $template->root_page = $root_page; $username = Arr::get($_POST, 'username', ''); $email = Arr::get($_POST, 'email', ''); $phone = Arr::get($_POST, 'username', ''); $name = Arr::get($_POST, 'name', ''); $content->username = $username; $content->email = $email; $content->phone = $phone; $content->name = $name; $content->error = ""; $content->captcha = $captcha; if (!Auth::instance()->logged_in()) { if (isset($_POST['reg'])) { if (Arr::get($_POST, 'username', '') == "") { $error = View::factory('error'); $error->zag = "Не указан логин!"; $error->mess = " Укажите Ваш логин."; $content->error = $error; } else { if (Arr::get($_POST, 'email', '') == "") { $error = View::factory('error'); $error->zag = "Не указана почта!"; $error->mess = " Укажите Вашу почту."; $content->error = $error; } else { if (Arr::get($_POST, 'password', '') == "") { $error = View::factory('error'); $error->zag = "Не указан пароль!"; $error->mess = " Укажите Ваш пароль."; $content->error = $error; } else { if (Arr::get($_POST, 'password', '') != Arr::get($_POST, 'password2', '')) { $error = View::factory('error'); $error->zag = "Пароли не совпадают!"; $error->mess = " Проверьте правильность подтверждения пароля."; $content->error = $error; } else { if (!Captcha::valid($_POST['checkcode'])) { $error = View::factory('error'); $error->zag = "Контрольный текст не совпадает!"; $error->mess = " Укажите правильно контрольный текст."; $content->error = $error; } else { if (strlen(preg_replace("/[^0-9]+/i", "", $_POST['username'])) != 11) { $error = View::factory('error'); $error->zag = "Некорректный номер телефона!"; $error->mess = " Укажите правильно номер телефона."; $content->error = $error; } else { $user = ORM::factory('User'); $user->values(array('username' => $_POST['username'], 'email' => $_POST['email'], 'password' => $_POST['password'], 'password_confirm' => $_POST['password2'])); $some_error = false; try { $user->save(); $user->add("roles", ORM::factory("Role", 1)); } catch (ORM_Validation_Exception $e) { $some_error = $e->errors('models'); } if ($some_error) { $error = View::factory('error'); $error->zag = "Ошибка регистрационных данных!"; $error->mess = " Проверьте правильность ввода данных."; if (isset($some_error['username'])) { if ($some_error['username'] == "models/user.username.unique") { $error->zag = "Такое имя уже есть в базе!"; $error->mess = " Придумайте новое."; } } else { if (isset($some_error['email'])) { if ($some_error['email'] == "email address must be an email address") { $error->zag = "Некорректный формат почты!"; $error->mess = " Проверьте правильность написания почты."; } if ($some_error['email'] == "models/user.email.unique") { $error->zag = "Такая почта есть в базе!"; $error->mess = " Укажите другую почту."; } } } $content->error = $error; } else { Auth::instance()->login($_POST['username'], $_POST['password'], true); Model::factory("Users")->addNewUser($_POST); $to = $_POST['email']; $subj_tpl = View::factory('register_subject'); $body_tpl = View::factory('register_body'); $subject = $subj_tpl->render(); $from = '*****@*****.**'; $body_tpl->login = $_POST['username']; $body_tpl->password = $_POST['password']; $message = $body_tpl->render(); $bound = "0"; $header = "From: Teleantenna25.ru<*****@*****.**>\r\n"; $header .= "Subject: {$subject}\n"; $header .= "Mime-Version: 1.0\n"; $header .= "Content-Type: multipart/mixed; boundary=\"{$bound}\""; $body = "\n\n--{$bound}\n"; $body .= "Content-type: text/html; charset=\"utf-8\"\n"; $body .= "Content-Transfer-Encoding: quoted-printable\n\n"; $body .= "{$message}"; $result = false; if (mail($to, $subject, $body, $header)) { $result = true; } if ($result) { $site_result = $result; $content = View::factory('alert_success'); $content->zag = "Вы успешно зарегистрированы! "; $content->mess = ""; } } } } } } } } } } $template->content = $content; $this->response->body($template); }
/** * add book */ public function action_addguest() { $data = array('msg' => ''); $captcha = Captcha::instance('default'); $session = Session::instance(); $data['page'] = $session->get("page", ''); if (isset($_POST['btnSubmit'])) { $book = new Model_Guestbook(); if (Captcha::valid($_POST['captcha'])) { if ($book->insBook()) { $data['msg'] = 'Запись добавлена'; } else { $data['msg'] = 'Запись не добавлена'; } } else { $data['msg'] = 'Капча не верна'; } } $content = View::factory('addguestview'); $content->captcha = $captcha; $content->bind('data', $data); $this->template->content = $content; }