Esempio n. 1
0
function finish_auth($username, $auth_key, $url)
{
    // not a good design
    if (mb_strlen($auth_key, 'utf-8') != 32) {
        return json_encode(array('errorno' => 1));
    }
    $result = get_user_information($username);
    if ($result == null) {
        return json_encode(array('errorno' => 2));
    }
    if (process_auth_key($result['auth_key'], $result['last_time'], $url) != $auth_key) {
        return json_encode(array('errorno' => 3));
    }
    // not good design +1
    $new_auth_key = rand_string();
    $sql = "UPDATE `account` SET `auth_key`= ? WHERE username= ? LIMIT 1";
    $params = array($new_auth_key, $username);
    $count = (new MysqlDAO())->execute($sql, $params, 'ss');
    $username = $result['username'];
    $email = $result['email'];
    $verified = $result['verified'];
    $reg_time = $result['reg_time'];
    $res = array('errorno' => 0, 'user' => array('username' => $username, 'email' => $email, 'verified' => $verified, 'reg_time' => $reg_time));
    return json_encode($res);
}
Esempio n. 2
0
function start_auth($username, $url)
{
    $result = get_user_information($username);
    if ($result == null) {
        return '(null)';
    }
    $auth_key = $result['auth_key'];
    $last_time = $result['last_time'];
    $auth_key = process_auth_key($auth_key, $last_time, $url);
    return $auth_key;
}
Esempio n. 3
0
function verify($username, $auth_key)
{
    if (mb_strlen($username, 'utf-8') < 1 || mb_strlen($username, 'utf-8') > 12) {
        return 'User not exist';
    }
    if (strlen($auth_key) != 32) {
        return 'Invalid auth key';
    }
    $result = get_user_information($username);
    if ($result == null) {
        return 'User not exist';
    }
    if (process_auth_key($result['auth_key'], $result['last_time']) != $auth_key) {
        return 'Link is out of data';
    }
    $new_auth_key = rand_string();
    $sql = "UPDATE `account` SET `auth_key`= ?, verified='t' WHERE username= ? LIMIT 1";
    $params = array($new_auth_key, $username);
    $count = (new MysqlDAO())->execute($sql, $params, 'ss');
    if ($count == 1) {
        return '1';
    } else {
        return 'Sth is wrong with server';
    }
}
Esempio n. 4
0
function reset_pwd($username, $auth_key, $new_pwd)
{
    if (is_name_valid($username) != '') {
        return '用户不存在';
    }
    if (strlen($new_pwd) != 32) {
        return '无效的密码';
    }
    if (strlen($auth_key) != 32) {
        return '链接已失效';
    }
    $profile = get_user_information($username);
    if ($profile == null) {
        return '用户不存在';
    }
    if (process_auth_key($profile['auth_key'], $profile['last_time']) != $auth_key) {
        return '链接已经失效';
    }
    $new_salt = rand_string();
    $new_pwd = crypt_pwd($new_pwd, $new_salt);
    $new_auth_key = rand_string(32);
    $sql = 'UPDATE `ewu_account` SET `auth_key`= ?, `pwd`=?, `salt`=? WHERE username= ? LIMIT 1';
    $a_params = array($new_auth_key, $new_pwd, $new_salt, $username);
    $count = (new MysqlPDO())->execute($sql, $a_params);
    if ($count == 1) {
        return '1';
    } else {
        return '服务器繁忙,操作失败';
    }
}