function captcha($lang, $arglist = false)
{
$id = false;
if (is_array($arglist)) {
if (isset($arglist[0])) {
$id = $arglist[0];
}
}
$accepted = array('login', 'register', 'remindme', 'mailme', 'subscribe', 'unsubscribe', 'comment');
if ($id and !in_array($id, $accepted)) {
return run('error/badrequest', $lang);
}
$charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$code = strrand($charset, 4);
if ($id) {
$_SESSION['captcha'][$id] = $code;
}
$img = strtag($code);
header('Content-Type: image/png');
header("Content-Disposition: inline; filename=captcha.png");
header("Cache-Control: no-cache");
imagepng($img);
imagedestroy($img);
return false;
}
function createImage($strSessionVar, $rgBgColor, $rgTextColor, $x, $y)
{
$iRandVal = strrand(10);
$_SESSION[$strSessionVar] = $iRandVal;
$im = imagecreate($x, $y) or die("Cannot Initialize new GD image stream");
$background_color = imagecolorallocate($im, $rgBgColor[0], $rgBgColor[1], $rgBgColor[2]);
$text_color = imagecolorallocate($im, $rgTextColor[0], $rgTextColor[1], $rgTextColor[2]);
$white = imagecolorallocate($im, 0xff, 0xff, 0xff);
// genaueres zur Funktion auf php.net
imagestring($im, 5, 3, 3, $iRandVal, $text_color);
//some obfuscation
for ($i = 0; $i < 3; $i++) {
$x1 = rand(0, $x - 1);
$y1 = rand(0, round($y / 10, 0));
$x2 = rand(0, round($x / 10, 0));
$y2 = rand(0, $y - 1);
imageline($im, $x1, $y1, $x2, $y2, $white);
$x1 = rand(0, $x - 1);
$y1 = $y - rand(1, round($y / 10, 0));
$x2 = $x - rand(1, round($x / 10, 0));
$y2 = rand(0, $y - 1);
imageline($im, $x1, $y1, $x2, $y2, $white);
}
// Header schicken
header("Content-type: image/png");
// PNG Bild erzeugen und senden
imagepng($im);
// Bild auf dem Server loeschen
imagedestroy($im);
}
function createImage($strSessionVar)
{
$cfg = EasySCP_Registry::get('Config');
$rgBgColor = $cfg->LOSTPASSWORD_CAPTCHA_BGCOLOR;
$rgTextColor = $cfg->LOSTPASSWORD_CAPTCHA_TEXTCOLOR;
$x = $cfg->LOSTPASSWORD_CAPTCHA_WIDTH;
$y = $cfg->LOSTPASSWORD_CAPTCHA_HEIGHT;
$font = $cfg->LOSTPASSWORD_CAPTCHA_FONT;
$iRandVal = strrand(8, $strSessionVar);
$im = imagecreate($x, $y) or die('Cannot initialize new GD image stream.');
// Set background color
imagecolorallocate($im, $rgBgColor[0], $rgBgColor[1], $rgBgColor[2]);
$text_color = imagecolorallocate($im, $rgTextColor[0], $rgTextColor[1], $rgTextColor[2]);
$white = imagecolorallocate($im, 0xff, 0xff, 0xff);
imagettftext($im, 34, 0, 5, 50, $text_color, $font, $iRandVal);
// some obfuscation
for ($i = 0; $i < 3; $i++) {
$x1 = mt_rand(0, $x - 1);
$y1 = mt_rand(0, round($y / 10, 0));
$x2 = mt_rand(0, round($x / 10, 0));
$y2 = mt_rand(0, $y - 1);
imageline($im, $x1, $y1, $x2, $y2, $white);
$x1 = mt_rand(0, $x - 1);
$y1 = $y - mt_rand(1, round($y / 10, 0));
$x2 = $x - mt_rand(1, round($x / 10, 0));
$y2 = mt_rand(0, $y - 1);
imageline($im, $x1, $y1, $x2, $y2, $white);
}
// send Header
header("Content-type: image/png");
// create and send PNG image
imagepng($im);
// destroy image from server
imagedestroy($im);
}
public function forgetpsw()
{
//发送验证码
$messagekey = $_POST['messagekey'];
//判断是否是发送短信
$vipcode = $_POST['vipcode'];
//获取vip会员卡号
if (IS_POST) {
if (empty($vipcode)) {
$this->error("请填写vip卡号");
}
$parm = new StdClass();
$parm->astr_request = new StdClass();
$parm->astr_request->header = new StdClass();
$parm->astr_request->header->username = "******";
$parm->astr_request->header->password = "******";
$parm->astr_request->header->pagerecords = 20;
//每页显示多少条信息
$parm->astr_request->header->pageno = 1;
//当前第几页
$parm->astr_request->header->updatecount = 1;
$parm->astr_request->search->vipcode = $vipcode;
$parm->astr_request->search->fromage = 0;
$parm->astr_request->search->toage = 0;
$parm->astr_request->search->frombirthdaymm = 0;
$parm->astr_request->search->tobirthdaymm = 0;
$parm->astr_request->search->frombirthdaydd = 0;
$parm->astr_request->search->tobirthdaydd = 0;
$parm->astr_request->search->fromcurrentbonus = 0;
$parm->astr_request->search->tocurrentbonus = 0;
$parm->astr_request->search->fromaccumulatedsalesamt = 0;
$parm->astr_request->search->toaccumulatedsalesamt = 0;
$parm->astr_request->search->fromaccumulatedbonus = 0;
$parm->astr_request->search->toaccumulatedbonus = 0;
$parm->astr_request->search->activitycount = 0;
$parm->astr_request->search->salesamount = 0;
$client = new SoapClient('http://221.133.247.163/VIP_NWBJ_EC/nwvip_ec.asmx?WSDL', array('trace' => 1, 'exceptions' => 0));
$result = $client->GetNwVipMaster($parm);
$list = object_to_array($result);
$list = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster'];
if (empty($list)) {
$this->error("卡号错误");
}
$telephone = $list['telephone'];
$stoser = $list['issuestorecode'];
$str = strrand();
session("messageretu", $str);
send_message($telephone, $str . iconv('UTF-8', 'GBK', "(新世界会员网站找回密码验证码,泄漏有风险)"), $stoser);
$p = substr($telephone, 0, 3) . "*****" . substr($telephone, 8, 3);
$this->success('已发送:' . $p);
}
$this->display();
}
function newpassword($len = 6)
{
$charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
return strrand($charset, $len);
}
public function index()
{
if (IS_POST) {
$vipcode = trim($_POST['vipcode']);
$v_password = trim($_POST['password']);
if (empty($vipcode)) {
$this->error("请填写卡号");
}
if (empty($v_password)) {
$this->error("请填写密码");
}
$parm = new StdClass();
$parm->astr_request = new StdClass();
$parm->astr_request->header = new StdClass();
$parm->astr_request->header->username = "******";
$parm->astr_request->header->password = "******";
$parm->astr_request->header->pagerecords = 20;
//每页显示多少条信息
$parm->astr_request->header->pageno = 1;
//当前第几页
$parm->astr_request->header->updatecount = 1;
$parm->astr_request->search->vipcode = $vipcode;
$parm->astr_request->search->fromage = 0;
$parm->astr_request->search->toage = 0;
$parm->astr_request->search->frombirthdaymm = 0;
$parm->astr_request->search->tobirthdaymm = 0;
$parm->astr_request->search->frombirthdaydd = 0;
$parm->astr_request->search->tobirthdaydd = 0;
$parm->astr_request->search->fromcurrentbonus = 0;
$parm->astr_request->search->tocurrentbonus = 0;
$parm->astr_request->search->fromaccumulatedsalesamt = 0;
$parm->astr_request->search->toaccumulatedsalesamt = 0;
$parm->astr_request->search->fromaccumulatedbonus = 0;
$parm->astr_request->search->toaccumulatedbonus = 0;
$parm->astr_request->search->activitycount = 0;
$parm->astr_request->search->salesamount = 0;
$client = new SoapClient('http://221.133.247.163/VIP_NWBJ_EC/nwvip_ec.asmx?WSDL', array('trace' => 1, 'exceptions' => 0));
$result = $client->GetNwVipMaster($parm);
$list = object_to_array($result);
if (empty($list['getnwvipmasterResult']['vipmasters'])) {
$this->error("卡号错误");
}
$str = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['password'];
/**判断会员卡号是否存在密码
* */
if (!empty($list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['password'])) {
$password = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['password'];
} else {
/**
* 如果密码是空值 那么密码为当前身份证后6位
* */
$vipid = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['vipid'];
$password = substr(trim($vipid), -6, 6);
}
if ($password == $v_password) {
//发送短信
$telephone = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['telephone'];
$stoser = $list['getnwvipmasterResult']['vipmasters']['nwvipmaster']['issuestorecode'];
$str = strrand();
session("wapmessagekey", $str);
send_message($telephone, $str . iconv('UTF-8', 'GBK', "(新世界会员手机网站登录验证码,泄漏有风险)"), $stoser);
$this->success("OK");
} else {
$this->error("密码错误");
}
}
$this->display();
}
