static function set_encrypt_info($encrypt, $ttl)
{
$token = SafeUtil::token();
self::set_data('encrypt_' . $token, $encrypt, $ttl);
setcookie(self::ENCRYPT_FIELD_NAME, $token, time() + $ttl, '/');
return $token;
}
function access($ctx)
{
$this->layout = false;
require_once APP_PATH . '/classes/captcha/SimpleCaptcha.php';
$captcha = new SimpleCaptcha();
$code = $captcha->getText();
$token = SafeUtil::set_captcha($code, 300);
$ret = array('img_url' => _action('', array('token' => $token)), 'field_name' => SafeUtil::CAPTCHA_FIELD_NAME, 'field_value' => $token);
return $ret;
}
function index($ctx)
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!SafeUtil::verify_captcha($_POST['verify_code'])) {
$ctx->errmsg = '验证码错误!';
return;
}
$name = htmlspecialchars(trim($_POST['name']));
$password = htmlspecialchars(trim($_POST['password']));
if ($name === 'admin' && $password === 'yuhun666') {
$_SESSION['admin_user'] = 1;
$url = _url('admin');
_redirect($url);
return;
} else {
$ctx->errmsg = "用户名或密码错误!";
}
}
}
private function on_submit($ctx)
{
$conf = App::$config['login'];
$req = array('name' => $_POST['name'], 'password' => $_POST['password']);
$req = SafeUtil::safe_decrypt($req);
if (!$req) {
_throw("decrypt failed");
}
$name = htmlspecialchars(trim($req['name']));
$password = htmlspecialchars(trim($req['password']));
$ctx->name = $name;
$vcode = strtolower(htmlspecialchars($_POST['verify_code']));
if (!$vcode || $vcode !== strtolower($_SESSION['verify_code'])) {
$ctx->errmsg = 'Wrong captcha code';
return;
}
if ($name === $conf['name'] && $password === $conf['password']) {
$_SESSION['login_user'] = 1;
_redirect('/');
return;
} else {
$ctx->errmsg = "Wrong username or password!";
}
}