コード例 #1
0
ファイル: common.php プロジェクト: MrMoDoor/Carbon-Forum
$CurUserInfo = null;
//当前用户信息,Array,以后判断是否登陆使用if($CurUserID)
$CurUserRole = 0;
$CurUserID = intval(GetCookie('UserID'));
$CurUserExpirationTime = intval(GetCookie('UserExpirationTime'));
$CurUserCode = GetCookie('UserCode');
if ($CurUserExpirationTime > $TimeStamp && $CurUserExpirationTime < $TimeStamp + 2678400 && $CurUserID && $CurUserCode) {
    $TempUserInfo = array();
    if ($MCache) {
        $TempUserInfo = $MCache->get(MemCachePrefix . 'UserInfo_' . $CurUserID);
    }
    if (!$TempUserInfo) {
        $TempUserInfo = $DB->row("SELECT * FROM " . $Prefix . "users WHERE ID = :UserID", array("UserID" => $CurUserID));
        if ($MCache && $TempUserInfo) {
            $MCache->set(MemCachePrefix . 'UserInfo_' . $CurUserID, $TempUserInfo, 86400);
        }
    }
    //Using hash_equals() in the future
    if ($TempUserInfo && HashEquals(md5($TempUserInfo['Password'] . $TempUserInfo['Salt'] . $CurUserExpirationTime . $SALT), $CurUserCode)) {
        $CurUserName = $TempUserInfo['UserName'];
        $CurUserRole = $TempUserInfo['UserRoleID'];
        $CurUserInfo = $TempUserInfo;
    } else {
        SetCookies(array('UserID' => '', 'UserExpirationTime' => '', 'UserCode' => ''), 1);
        $CurUserID = 0;
    }
    unset($TempUserInfo);
} elseif ($CurUserExpirationTime || $CurUserID || $CurUserCode) {
    SetCookies(array('UserID' => '', 'UserExpirationTime' => '', 'UserCode' => ''), 1);
    $CurUserID = 0;
}
コード例 #2
0
ファイル: login.php プロジェクト: rssawhney/Carbon-Forum
     $ErrorCode = 101002;
     break;
 }
 session_write_close();
 if ($VerifyCode !== $TempVerificationCode) {
     $Error = $Lang['Verification_Code_Error'];
     $ErrorCode = 101002;
     break;
 }
 $DBUser = $DB->row("SELECT ID,UserName,Salt,Password,UserRoleID,UserMail,UserIntro FROM " . $Prefix . "users WHERE UserName = :UserName", array("UserName" => $UserName));
 if (!$DBUser) {
     $Error = $Lang['User_Does_Not_Exist'];
     $ErrorCode = 101003;
     break;
 }
 if (!HashEquals($DBUser['Password'], md5($Password . $DBUser['Salt']))) {
     $Error = $Lang['Password_Error'];
     $ErrorCode = 101004;
     break;
 }
 UpdateUserInfo(array('LastLoginTime' => $TimeStamp, 'UserLastIP' => CurIP()), $DBUser['ID']);
 $TemporaryUserExpirationTime = $Expires * 86400 + $TimeStamp;
 if (!$IsApp) {
     SetCookies(array('UserID' => $DBUser['ID'], 'UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($DBUser['Password'] . $DBUser['Salt'] . $TemporaryUserExpirationTime . $SALT)), $Expires);
     if ($ReturnUrl) {
         header('location: ' . $ReturnUrl);
         exit('logined');
     } else {
         header('location: ' . $Config['WebsitePath'] . '/');
         exit('logined');
     }
コード例 #3
0
if (count($AccessTokenArray) === 3) {
    $UserName = $AccessTokenArray[0];
    $TokenExpirationTime = intval($AccessTokenArray[1]);
    $Token = $AccessTokenArray[2];
} else {
    AlertMsg('Bad Request', 'Bad Request', 400);
}
if ($TokenExpirationTime < $TimeStamp || $TokenExpirationTime >= $TimeStamp + 7200) {
    AlertMsg($Lang['Page_Has_Expired'], $Lang['Page_Has_Expired']);
}
$UserInfo = array();
$UserInfo = $DB->row('SELECT * FROM ' . $Prefix . 'users Where UserName=:UserName', array('UserName' => $UserName));
if (!$UserInfo) {
    AlertMsg('404 Not Found', '404 Not Found', 404);
} else {
    if (HashEquals(md5($UserInfo['Password'] . $UserInfo['Salt'] . md5($TokenExpirationTime) . md5($SALT)), $Token)) {
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
            //重设密码
            $Password = Request('Post', 'Password');
            $Password2 = Request('Post', 'Password2');
            $VerifyCode = intval(Request('Post', 'VerifyCode'));
            if ($Password && $Password2 && $VerifyCode) {
                if ($Password === $Password2) {
                    session_start();
                    if (isset($_SESSION[$Prefix . 'VerificationCode']) && $VerifyCode === intval($_SESSION[$Prefix . 'VerificationCode'])) {
                        $NewSalt = $UserInfo['Salt'];
                        $NewPasswordHash = md5(md5($Password) . $NewSalt);
                        if (UpdateUserInfo(array('Salt' => $NewSalt, 'Password' => $NewPasswordHash), $UserInfo['ID'])) {
                            $TemporaryUserExpirationTime = 30 * 86400 + $TimeStamp;
                            //默认保持30天登陆状态
                            SetCookies(array('UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($NewPasswordHash . $NewSalt . $TemporaryUserExpirationTime . $SALT)), 30);