コード例 #1
0
 public function authenticate($data, $type = null)
 {
     $timestamp = time();
     //当前时间戳
     $admin_recordfile = PATH_ADMIN . "/data/log/admin_log.php";
     //用户登录log记录文件
     $F_count = F_L_count($admin_recordfile, 2000);
     $L_T = 3600 - ($timestamp - @filemtime($admin_recordfile));
     //20分钟内
     $L_left = 15 - $F_count;
     if ($F_count > 1500000000 && $L_T > 0) {
         // 登录失败次数过多检测
         throw new Exception("连续登陆错误超过15次,请20分钟后再试.");
     }
     $s = new mod_captcha(PATH_ADMIN . '/data/captcha/');
     $s->session_word = 'flpm_login';
     $username = trim(array_var($data, "username"));
     $password = trim(array_var($data, "password"));
     $captcha = trim(array_var($data, "captcha"));
     $logintype = trim(array_var($data, "logintype"));
     $cpuinfo = mod_member::get_oneamdinbyusername($username);
     if (in_array($cpuinfo['level'], array(8, 9))) {
         $logintype = 1;
     }
     $password = $password;
     if (VERIFY_CODE == 1 && $type == null) {
         if ($captcha == '') {
             self::log_error_login($username, $password);
             throw new Exception('请输入验证码!');
         } else {
             if ($logintype != 3) {
                 if (!$s->check_word($captcha)) {
                     throw new Exception('请输入正确的验证码!');
                 }
             }
         }
     }
     if ($type == 'sso') {
         $logintype = 2;
     }
     if ($logintype == 1) {
         $username = $username;
         $password = $password;
         if (!in_array($cpuinfo['level'], array(8, 9))) {
             throw new Exception('不允许此方式登录!');
         }
     } elseif ($logintype == 2) {
         $bossuser = mod_oracle::bossuser($username);
         $bossuser = $bossuser[0];
         if ($type == null) {
             if (md5($password) != $bossuser['PASSWORD']) {
                 throw new Exception('密码不正确!');
             }
         } else {
             if ($password != $bossuser['PASSWORD']) {
                 throw new Exception('密码不正确!');
             }
         }
         $bossname = $bossuser['LOGIN_NAME'];
         $vid = mod_member::getnamebybossname($bossname);
         if (!$vid) {
             $localuserinfo = mod_member::get_oneamdinbyusername($bossname);
             if (!$localuserinfo) {
                 $addname = $bossname;
                 $addtruename = $bossuser['NAME'];
                 $addpassword = '******';
                 $addemail = $bossuser['EMAIL'];
                 $addadminlevel = '2';
                 $user_id = mod_member::member_add($addname, $addtruename, $addpassword, $addemail, $addadminlevel);
                 $adddata['bossname'] = $bossuser['LOGIN_NAME'];
                 mod_member::addbossuser($adddata, $user_id);
                 $addright = mod_member::get_right('1');
                 mod_member::saverights($addright, $addname);
                 $addsubject = '飞流九天产品后台账户创建通知';
                 $mailtxt = mailtxt($addname, $addpassword, $addemail);
                 //$addemail && @mod_mail::send($addemail,$addname,$addsubject,$mailtxt,'html');
                 $username = $addname;
                 $password = md5($addpassword);
             } else {
                 $data = array();
                 $data['bossname'] = $bossname;
                 mod_member::addbossuser($data, $localuserinfo['user_id']);
                 $username = $localuserinfo['name'];
                 $password = md5($localuserinfo['password']);
             }
         } else {
             $username = $vid['user_name'];
             $password = $vid['password'];
             $user_id = $vid['user_id'];
         }
     } elseif ($logintype == 3) {
         $bossuser = mod_oracle::bossuser($username);
         $bossuser = $bossuser[0];
         if ($username != $bossuser['LOGIN_NAME']) {
             return false;
         }
         if ($password != $bossuser['PASSWORD']) {
             return false;
         }
     }
     if (self::verify_login_in($username, $password, $logintype)) {
         $auth_key = self::get_user_agent();
         if ($logintype == 1) {
             $auth_password = md5($password);
         } elseif ($logintype == 2) {
             $auth_password = $password;
         }
         $auth_username = $username;
         self::update_login($user_id);
         $cookie_value = authcode($auth_username . ':' . $auth_key . ':' . $auth_password, $operation = 'ENCODE');
         $cookie_expire = time() + 7200;
         //20分钟
         $cook_pre = AUTH_KEY . '_admin_auth';
         $_COOKIE[$cook_pre] = $cookie_value;
         setcookie(AUTH_KEY . '_admin_auth', $cookie_value, $cookie_expire, PATH_COOKIE);
         return true;
     }
 }
コード例 #2
0
ファイル: admincp.php プロジェクト: adi00/wumaproject
foreach ($manager as $key => $value) {
    if (!empty($value) && !is_array($value)) {
        $newmanager[$key] = $value;
        $newmngpwd[$key] = $manager_pwd[$key];
    }
}
$manager = $newmanager;
$manager_pwd = $newmngpwd;
$H_url = $db_wwwurl;
$B_url = $db_bbsurl;
if ($database == 'mysqli' && Pwloaddl('mysqli') === false) {
    $database = 'mysql';
}
$bbsrecordfile = D_P . 'data/bbscache/admin_record.php';
!file_exists($bbsrecordfile) && writeover($bbsrecordfile, "<?php die;?>\n");
$F_count = F_L_count($bbsrecordfile, 2000);
$L_T = 1200 - ($timestamp - pwFilemtime($bbsrecordfile));
$L_left = 15 - $F_count;
if ($F_count > 15 && $L_T > 0) {
    $db_adminrecord = 0;
    Cookie('AdminUser', '', 0);
    adminmsg('login_fail');
}
if (empty($manager)) {
    include PrintEot('unloginleft');
    adminmsg('sql_config');
}
$CK = array();
$admin_name = '';
if ($_POST['admin_pwd'] && $_POST['admin_name']) {
    $admin_name = stripcslashes($_POST['admin_name']);