<?php require_once dirname(__FILE__) . '/animatedcaptcha.class.php'; $img = new animated_captcha(); $img->session_name = 'my_session'; $img->magic_words('secret'); $img->grid_color(array('#63A595', '#8FD67F')); $img->text_color(array('#CD1B2D', '#950FC8', '#660033', '#006633', '#0D47B3', '#6600CC', '#000099')); $img->frame_number(2); $img->frame_delay(80); $img->use_background(true); $img->use_distortion(true); $img->distortion_type('normal'); $img->use_grid(true); $img->generate();
<?php require_once dirname(__FILE__) . '/animatedcaptcha.class.php'; require_once "../../zig-api/zigbin.php"; $user_guess = ""; $user_guess = $_POST['user_guess']; $img = new animated_captcha(); $img->session_name = 'my_session'; $img->magic_words('secret'); $valid = $img->validate($user_guess); if ($user_guess == "") { print "<table align='center'><tr><td align='center'><p>Invalid!</p> <a href='../index.php'>please try again<a></td></tr></table>"; } else { if ($valid) { $session = session_id(); $sql = "DELETE FROM zig_session WHERE session='{$session}'"; zig("query", $sql, "redirect.php"); header("Location: ../index.php"); } else { print "<table align='center'><tr><td align='center'><p>Invalid!</p> <a href='../index.php'>please try again<a></td></tr></table>"; } }
function login() { $zig_passed_hash = isset($_GET['zig_hash']) ? $_GET['zig_hash'] : (isset($_POST['zig_hash']) ? $_POST['zig_hash'] : NULL); $zig_hash_decrypted_link = zig("hash", "decrypt", $zig_passed_hash); if (!session_id()) { session_start(); } if (array_key_exists("zig_hash", $_SESSION)) { if ($_SESSION['zig_hash'] != "") { $zig_hash_vars = zig("hash", "vars_decode", $_SESSION['zig_hash']); if (session_id() == $zig_hash_vars['session_id']) { $module = zig("config", "module"); $return_url = $zig_passed_hash ? "http://" . $_SERVER['HTTP_HOST'] . $zig_hash_decrypted_link : "../" . $module; header("Location: {$return_url}"); exit; } } } $login = isset($_GET['login']) ? $_GET['login'] : (isset($_POST['login']) ? $_POST['login'] : ''); $session = session_id(); $pre = $GLOBALS['zig']['sql']['pre']; $zig_global_database = $GLOBALS['zig']['sql']['global_database']; $mod = $GLOBALS['zig']['current']['module']; $GLOBALS[$mod]['current']['method'] = "login"; $buffer = $this->gate_template("login"); $action = $zig_passed_hash ? "index.php?zig_hash={$zig_passed_hash}" : "index.php"; $buffer = str_replace("{action}", $action, $buffer); $sql = "SELECT id FROM `{$zig_global_database}`.`{$pre}session` WHERE `session`='{$session}' AND `event`='logged in' AND `zig_status`<>'deleted' ORDER BY `id` DESC LIMIT 1"; $result = zig("query", $sql); if ($result->RecordCount()) { $fetch = $result->fetchRow(); $id_where = " AND `id`>{$fetch['id']}"; } else { $id_where = ""; } if ($login) { $username = isset($_POST['username']) ? $_POST['username'] : NULL; $password = isset($_POST['password']) ? $_POST['password'] : NULL; $captcha_flag = isset($_POST['captcha_flag']) ? $_POST['captcha_flag'] : NULL; $user_guess = isset($_POST['user_guess']) ? $_POST['user_guess'] : NULL; $zig_authentication = zig("config", "authentication"); $authentication = zig("authenticate", $zig_authentication, $username, $password); if ($captcha_flag and $user_guess) { require_once "../zig-api/plugins/captcha/animatedcaptcha.class.php"; $user_guess = $_POST['user_guess']; $img = new animated_captcha(); $img->session_name = "my_session"; $img->magic_words("secret"); $valid = $img->validate($user_guess); if ($valid and $authentication) { $session = session_id(); } } if ($authentication and ($valid and $user_guess or !$captcha_flag)) { $zig_hash_decrypted_link = $zig_passed_hash ? "http://" . $_SERVER['HTTP_HOST'] . $zig_hash_decrypted_link : NULL; $this->gate_login("gate_login", $username, $zig_hash_decrypted_link, NULL); exit; } else { $sql = "SELECT count(session) as rowcount FROM `{$zig_global_database}`.`{$pre}session` WHERE `session`='{$session}' AND `event`='login failed' AND `zig_status`<>'deleted' {$id_where} ORDER BY `id` DESC LIMIT 3"; $result = zig("query", $sql); $fetch = $result->fetchRow(); $count = $fetch["rowcount"]; if ($count < 3) { $sql = "INSERT INTO `{$zig_global_database}`.`{$pre}session` (`zig_created`,`zig_user`,`username`,`session`,`ip`,`event`) VALUES (NOW(),'gate.lib.php','{$username}','{$session}','{$_SERVER['REMOTE_ADDR']}','login failed')"; zig("query", $sql); $count++; } $message = "authentication failed!"; if ($count >= 3) { $captcha_template = zig("template", "file", "captcha"); $buffer = str_replace("{captcha}", $captcha_template, $buffer); $buffer = str_replace("{captcha_image}", "<img alt='loading...' id='ci' src='../zig-api/plugins/captcha/animatedcaptcha_generate.php?i=md5(microtime()) ;' />", $buffer); } } } $username = isset($username) ? $username : NULL; if (!$username) { if (array_key_exists("current", $GLOBALS['zig'])) { $username = array_key_exists("user", $GLOBALS['zig']['current']) ? $GLOBALS['zig']['current']['user'] : NULL; } } $buffer = str_replace("{username}", $username, $buffer); $buffer = str_replace("{captcha}", "", $buffer); $message = isset($message) ? $message : NULL; $message .= substr($_SERVER['HTTP_HOST'], 0, 5) == "demo." ? "<br />username: <strong>demo</strong> <br />password: <strong>demo</strong>" : NULL; $buffer = str_replace("{message}", $message, $buffer); $buffer = str_replace("{tabs}", zig(array("function" => "tabs", "permit" => false, "new_tab" => false)), $buffer); $zig_result['value'] = $buffer; $zig_result['topmenu'] = 0; $zig_result['applications'] = 0; $zig_result['actions'] = 0; $zig_result['return'] = 1; return $zig_result; }