/** * 找回密码 * * @access public * @return void */ public function doForgot() { require_once 'theme/forgot.php'; if ($this->request->isPost()) { /* 验证表单 */ if ($error = $this->forgotForm()->validate()) { $this->notice->set($error, 'error'); return false; } $db = Typecho_Db::get(); $user = $db->fetchRow($db->select()->from('table.users')->where('mail = ?', $this->request->mail)); if (empty($user)) { // 返回没有该用户 $this->notice->set(_t('该邮箱还没有注册'), 'error'); return false; } /* 生成重置密码地址 */ $hashString = $user['name'] . $user['mail'] . $user['password']; $hashValidate = Typecho_Common::hash($hashString); $token = base64_encode($user['uid'] . '.' . $hashValidate . '.' . $this->options->gmtTime); $url = Typecho_Common::url('/passport/reset?token=' . $token, $this->options->index); /* 发送重置密码地址 */ require_once 'PHPMailer/PHPMailerAutoload.php'; $phpMailer = new PHPMailer(); /* SMTP设置 */ $phpMailer->isSMTP(); $phpMailer->SMTPAuth = true; $phpMailer->Host = $this->config->host; $phpMailer->Port = $this->config->port; $phpMailer->Username = $this->config->username; $phpMailer->Password = $this->config->password; $phpMailer->isHTML(true); if ('none' != $this->config->secure) { $phpMailer->SMTPSecure = $this->config->secure; } $phpMailer->setFrom($this->config->username, $this->options->title); $phpMailer->addAddress($user['mail'], $user['name']); $phpMailer->Subject = '密码重置'; $phpMailer->Body = '<p>' . $user['name'] . ' 您好,您申请了重置登录密码</p>' . '<p>请在 1 小时内点击此链接以完成重置 <a href="' . $url . '">' . $url . '</a>'; if (!$phpMailer->send()) { $this->notice->set(_t('邮件发送失败, 请重试或联系站长'), 'error'); } else { $this->notice->set(_t('邮件已成功发送, 请注意查收'), 'success'); } } }
/** * 初始化函数 * * @access public * @return void */ public function action() { /** 如果已经登录 */ if ($this->user->hasLogin() || !$this->options->allowRegister) { /** 直接返回 */ $this->response->redirect($this->options->index); } /** 初始化验证类 */ $validator = new Typecho_Validate(); $validator->addRule('name', 'required', _t('必须填写用户名称')); $validator->addRule('name', 'minLength', _t('用户名至少包含2个字符'), 2); $validator->addRule('name', 'maxLength', _t('用户名最多包含32个字符'), 32); $validator->addRule('name', 'xssCheck', _t('请不要在用户名中使用特殊字符')); $validator->addRule('name', array($this, 'nameExists'), _t('用户名已经存在')); $validator->addRule('mail', 'required', _t('必须填写电子邮箱')); $validator->addRule('mail', array($this, 'mailExists'), _t('电子邮箱地址已经存在')); $validator->addRule('mail', 'email', _t('电子邮箱格式错误')); $validator->addRule('mail', 'maxLength', _t('电子邮箱最多包含200个字符'), 200); /** 如果请求中有password */ if (array_key_exists('password', $_REQUEST)) { $validator->addRule('password', 'required', _t('必须填写密码')); $validator->addRule('password', 'minLength', _t('为了保证账户安全, 请输入至少六位的密码'), 6); $validator->addRule('password', 'maxLength', _t('为了便于记忆, 密码长度请不要超过十八位'), 18); $validator->addRule('confirm', 'confirm', _t('两次输入的密码不一致'), 'password'); } /** 截获验证异常 */ if ($error = $validator->run($this->request->from('name', 'password', 'mail', 'confirm'))) { Typecho_Cookie::set('__typecho_remember_name', $this->request->name); Typecho_Cookie::set('__typecho_remember_mail', $this->request->mail); /** 设置提示信息 */ $this->widget('Widget_Notice')->set($error); $this->response->goBack(); } $generatedPassword = Typecho_Common::randString(7); $dataStruct = array('name' => $this->request->name, 'mail' => $this->request->mail, 'screenName' => $this->request->name, 'password' => Typecho_Common::hash($generatedPassword), 'created' => $this->options->gmtTime, 'group' => 'subscriber'); $dataStruct = $this->pluginHandle()->register($dataStruct); $insertId = $this->insert($dataStruct); $this->db->fetchRow($this->select()->where('uid = ?', $insertId)->limit(1), array($this, 'push')); $this->pluginHandle()->finishRegister($this); $this->user->login($this->request->name, $generatedPassword); Typecho_Cookie::delete('__typecho_first_run'); Typecho_Cookie::delete('__typecho_remember_name'); Typecho_Cookie::delete('__typecho_remember_mail'); $this->widget('Widget_Notice')->set('message', _t('用户 <strong>%s</strong> 已经成功注册, 密码为 <strong>%s</strong>', $this->screenName, $generatedPassword), 'success'); $this->response->goBack(); }
/** * 以用户名和密码登录 * * @access public * @param string $name 用户名 * @param string $password 密码 * @param boolean $temporarily 是否为临时登录 * @param integer $expire 过期时间 * @return boolean */ public function login($name, $password, $temporarily = false, $expire = 0) { //插件接口 $result = $this->pluginHandle()->trigger($loginPluggable)->login($name, $password, $temporarily, $expire); if ($loginPluggable) { return $result; } /** 开始验证用户 **/ $user = $this->db->fetchRow($this->db->select()->from('table.users')->where((strpos($name, '@') ? 'mail' : 'name') . ' = ?', $name)->limit(1)); if (empty($user)) { return false; } $hashValidate = $this->pluginHandle()->trigger($hashPluggable)->hashValidate($password, $user['password']); if (!$hashPluggable) { if ('$P$' == substr($user['password'], 0, 3)) { $hasher = new PasswordHash(8, true); $hashValidate = $hasher->CheckPassword($password, $user['password']); } else { $hashValidate = Typecho_Common::hashValidate($password, $user['password']); } } if ($user && $hashValidate) { if (!$temporarily) { $authCode = function_exists('openssl_random_pseudo_bytes') ? bin2hex(openssl_random_pseudo_bytes(16)) : sha1(Typecho_Common::randString(20)); $user['authCode'] = $authCode; Typecho_Cookie::set('__typecho_uid', $user['uid'], $expire); Typecho_Cookie::set('__typecho_authCode', Typecho_Common::hash($authCode), $expire); //更新最后登录时间以及验证码 $this->db->query($this->db->update('table.users')->expression('logged', 'activated')->rows(array('authCode' => $authCode))->where('uid = ?', $user['uid'])); } /** 压入数据 */ $this->push($user); $this->_hasLogin = true; $this->pluginHandle()->loginSucceed($this, $name, $password, $temporarily, $expire); return true; } $this->pluginHandle()->loginFail($this, $name, $password, $temporarily, $expire); return false; }
/** * 设置用户登陆状态 */ protected function setUserLogin($uid, $expire = 30243600) { Typecho_Widget::widget('Widget_User')->simpleLogin($uid); $authCode = function_exists('openssl_random_pseudo_bytes') ? bin2hex(openssl_random_pseudo_bytes(16)) : sha1(Typecho_Common::randString(20)); Typecho_Cookie::set('__typecho_uid', $uid, time() + $expire); Typecho_Cookie::set('__typecho_authCode', Typecho_Common::hash($authCode), time() + $expire); //更新最后登录时间以及验证码 $this->db->query($this->db->update('table.users')->expression('logged', 'activated')->rows(array('authCode' => $authCode))->where('uid = ?', $uid)); }
protected function authLogin($uid, $expire = 0) { $authCode = function_exists('openssl_random_pseudo_bytes') ? bin2hex(openssl_random_pseudo_bytes(16)) : sha1(Typecho_Common::randString(20)); Typecho_Cookie::set('__some_uid', $uid, $expire); Typecho_Cookie::set('__some_authCode', Typecho_Common::hash($authCode), $expire); //更新最后登录时间以及验证码 $this->db->query($this->db->update('table.users')->expression('logged', 'activated')->rows(array('authCode' => $authCode))->where('uid = ?', $uid)); }
/** * 更新密码 * * @access public * @return void */ public function updatePassword() { /** 验证格式 */ if ($this->passwordForm()->validate()) { $this->response->goBack(); } $password = Typecho_Common::hash($this->request->password); /** 更新数据 */ $this->update(array('password' => $password), $this->db->sql()->where('uid = ?', $this->user->uid)); /** 设置高亮 */ $this->widget('Widget_Notice')->highlight('user-' . $this->user->uid); /** 提示信息 */ $this->widget('Widget_Notice')->set(_t('密码已经成功修改'), NULL, 'success'); /** 转向原页 */ $this->response->goBack(); }
$installDb->query($installDb->insert('table.options')->rows(array('name' => 'routingTable', 'user' => 0, 'value' => 'a:25:{s:5:"index";a:3:{s:3:"url";s:1:"/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:7:"archive";a:3:{s:3:"url";s:6:"/blog/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:2:"do";a:3:{s:3:"url";s:22:"/action/[action:alpha]";s:6:"widget";s:9:"Widget_Do";s:6:"action";s:6:"action";}s:4:"post";a:3:{s:3:"url";s:24:"/archives/[cid:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:10:"attachment";a:3:{s:3:"url";s:26:"/attachment/[cid:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:8:"category";a:3:{s:3:"url";s:17:"/category/[slug]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:3:"tag";a:3:{s:3:"url";s:12:"/tag/[slug]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:6:"author";a:3:{s:3:"url";s:22:"/author/[uid:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:6:"search";a:3:{s:3:"url";s:19:"/search/[keywords]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:10:"index_page";a:3:{s:3:"url";s:21:"/page/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:12:"archive_page";a:3:{s:3:"url";s:26:"/blog/page/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:13:"category_page";a:3:{s:3:"url";s:32:"/category/[slug]/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:8:"tag_page";a:3:{s:3:"url";s:27:"/tag/[slug]/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:11:"author_page";a:3:{s:3:"url";s:37:"/author/[uid:digital]/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:11:"search_page";a:3:{s:3:"url";s:34:"/search/[keywords]/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:12:"archive_year";a:3:{s:3:"url";s:18:"/[year:digital:4]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:13:"archive_month";a:3:{s:3:"url";s:36:"/[year:digital:4]/[month:digital:2]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:11:"archive_day";a:3:{s:3:"url";s:52:"/[year:digital:4]/[month:digital:2]/[day:digital:2]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:17:"archive_year_page";a:3:{s:3:"url";s:38:"/[year:digital:4]/page/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:18:"archive_month_page";a:3:{s:3:"url";s:56:"/[year:digital:4]/[month:digital:2]/page/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:16:"archive_day_page";a:3:{s:3:"url";s:72:"/[year:digital:4]/[month:digital:2]/[day:digital:2]/page/[page:digital]/";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:12:"comment_page";a:3:{s:3:"url";s:53:"[permalink:string]/comment-page-[commentPage:digital]";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}s:4:"feed";a:3:{s:3:"url";s:20:"/feed[feed:string:0]";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:4:"feed";}s:8:"feedback";a:3:{s:3:"url";s:31:"[permalink:string]/[type:alpha]";s:6:"widget";s:15:"Widget_Feedback";s:6:"action";s:6:"action";}s:4:"page";a:3:{s:3:"url";s:12:"/[slug].html";s:6:"widget";s:14:"Widget_Archive";s:6:"action";s:6:"render";}}'))); $installDb->query($installDb->insert('table.options')->rows(array('name' => 'actionTable', 'user' => 0, 'value' => 'a:0:{}'))); $installDb->query($installDb->insert('table.options')->rows(array('name' => 'panelTable', 'user' => 0, 'value' => 'a:0:{}'))); $installDb->query($installDb->insert('table.options')->rows(array('name' => 'attachmentTypes', 'user' => 0, 'value' => '@image@'))); /** 初始分类 */ $installDb->query($installDb->insert('table.metas')->rows(array('name' => _t('默认分类'), 'slug' => 'default', 'type' => 'category', 'description' => _t('只是一个默认分类'), 'count' => 1, 'order' => 1))); /** 初始关系 */ $installDb->query($installDb->insert('table.relationships')->rows(array('cid' => 1, 'mid' => 1))); /** 初始内容 */ $installDb->query($installDb->insert('table.contents')->rows(array('title' => _t('欢迎使用 Typecho'), 'slug' => 'start', 'created' => Typecho_Date::gmtTime(), 'modified' => Typecho_Date::gmtTime(), 'text' => _t('<!--markdown-->如果您看到这篇文章,表示您的 blog 已经安装成功.'), 'authorId' => 1, 'type' => 'post', 'status' => 'publish', 'commentsNum' => 1, 'allowComment' => 1, 'allowPing' => 1, 'allowFeed' => 1, 'parent' => 0))); $installDb->query($installDb->insert('table.contents')->rows(array('title' => _t('关于'), 'slug' => 'start-page', 'created' => Typecho_Date::gmtTime(), 'modified' => Typecho_Date::gmtTime(), 'text' => _t('<!--markdown-->本页面由 Typecho 创建, 这只是个测试页面.'), 'authorId' => 1, 'order' => 0, 'type' => 'page', 'status' => 'publish', 'commentsNum' => 0, 'allowComment' => 1, 'allowPing' => 1, 'allowFeed' => 1, 'parent' => 0))); /** 初始评论 */ $installDb->query($installDb->insert('table.comments')->rows(array('cid' => 1, 'created' => Typecho_Date::gmtTime(), 'author' => 'Typecho', 'ownerId' => 1, 'url' => 'http://typecho.org', 'ip' => '127.0.0.1', 'agent' => $options->generator, 'text' => '欢迎加入 Typecho 大家族', 'type' => 'comment', 'status' => 'approved', 'parent' => 0))); /** 初始用户 */ $password = empty($config['userPassword']) ? substr(uniqid(), 7) : $config['userPassword']; $installDb->query($installDb->insert('table.users')->rows(array('name' => $config['userName'], 'password' => Typecho_Common::hash($password), 'mail' => $config['userMail'], 'url' => 'http://www.typecho.org', 'screenName' => $config['userName'], 'group' => 'administrator', 'created' => Typecho_Date::gmtTime()))); unset($_SESSION['typecho']); Typecho_Cookie::delete('__typecho_config'); header('Location: ./install.php?finish&user='******'userName']) . '&password='******'安装失败!'); ?> </h1> <div class="typecho-install-body"> <form method="post" action="?start" name="check"> <?php if ('Mysql' == $type && (1050 == $code || '42S01' == $code) || 'SQLite' == $type && ('HY000' == $code || 1 == $code) || 'Pgsql' == $type && '42P07' == $code) {
/** * 以用户名和密码登录 * * @access public * @param string $name 用户名 * @param string $password 密码 * @param boolean $temporarily 是否为临时登录 * @param integer $expire 过期时间 * @return boolean */ public function login($name, $password, $temporarily = false, $expire = 0) { //插件接口 $result = $this->pluginHandle()->trigger($loginPluggable)->login($name, $password, $temporarily, $expire); if ($loginPluggable) { return $result; } /** 开始验证用户 **/ $user = $this->db->fetchRow($this->db->select()->from('table.users')->where('name = ?', $name)->limit(1)); $hashValidate = $this->pluginHandle()->trigger($hashPluggable)->hashValidate($password, $user['password']); if (!$hashPluggable) { $hashValidate = Typecho_Common::hashValidate($password, $user['password']); } if ($user && $hashValidate) { if (!$temporarily) { $authCode = sha1(Typecho_Common::randString(20)); $user['authCode'] = $authCode; Typecho_Cookie::set('__typecho_uid', $user['uid'], $expire, $this->options->siteUrl); Typecho_Cookie::set('__typecho_authCode', Typecho_Common::hash($authCode), $expire, $this->options->siteUrl); //更新最后登录时间以及验证码 $this->db->query($this->db->update('table.users')->expression('logged', 'activated')->rows(array('authCode' => $authCode))->where('uid = ?', $user['uid'])); } /** 压入数据 */ $this->push($user); $this->_hasLogin = true; $this->pluginHandle()->loginSucceed($this, $name, $password, $temporarily, $expire); return true; } $this->pluginHandle()->loginFail($this, $name, $password, $temporarily, $expire); return false; }
/** * 更新用户 * * @access public * @return void */ public function updateUser() { if ($this->form('update')->validate()) { $this->response->goBack(); } /** 取出数据 */ $user = $this->request->from('mail', 'screenName', 'password', 'url', 'group'); $user['screenName'] = empty($user['screenName']) ? $user['name'] : $user['screenName']; if (empty($user['password'])) { unset($user['password']); } else { $user['password'] = Typecho_Common::hash($user['password']); } /** 更新数据 */ $this->update($user, $this->db->sql()->where('uid = ?', $this->request->uid)); /** 设置高亮 */ $this->widget('Widget_Notice')->highlight('user-' . $this->request->uid); /** 提示信息 */ $this->widget('Widget_Notice')->set(_t('用户 %s 已经被更新', $user['screenName']), NULL, 'success'); /** 转向原页 */ $this->response->redirect(Typecho_Common::url('manage-users.php?' . $this->getPageOffsetQuery($this->request->uid), $this->options->adminUrl)); }
/** * 底部输出 * * @access public * @return void */ public static function footer() { Typecho_Widget::widget('Widget_Options')->to($options); $js = $options->pluginUrl . '/Remix/dist/js/remix.concat.min.js'; $swf = $options->pluginUrl . '/Remix/dist/swf'; ?> <script> // Remix Config var remix = { url: '<?php $options->index('/action/remix'); ?> ', swf: '<?php echo $swf; ?> /', hash: '<?php echo Typecho_Common::hash($options->plugin('Remix')->hash); ?> ' }; </script> <?php echo '<script src="' . $js . '"></script>' . "\n"; }