function getRandString($size)
{
for ($string = '', $i = 0; $i < $size; $i++) {
$string .= getRandChar();
}
return $string;
}
<?php
require_once 'common.php';
// check login first
if (!already_login()) {
error_jump();
}
$username = $_SESSION['user'];
$token = getRandChar(32);
// echo '$token='.$token.'<br>';
$query = "UPDATE User SET Token = '{$token}' WHERE Name='{$username}'";
// echo '$query='.$query.'<brs>';
$result = mysql_query($query);
if ($row = mysql_fetch_array($result)) {
// echo 'True';
}
?>
<script>document.location.href='user.php';</script>
} else {
echo "<div class=\"alert alert-dismissable alert-danger\">\n\t<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">\n\t\t\t\t\t×\n\t\t\t\t</button>\n\t\t\t\t<h4>\n\t\t\t\t\tWaring\n\t\t\t\t</h4> <strong>错误:</strong>无法查询到你的用户名\n\t\t\t</div>";
}
}
if (isset($_GET["gp"])) {
function getRandChar($length)
{
$str = null;
$strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($strPol) - 1;
for ($i = 0; $i < $length; $i++) {
$str .= $strPol[rand(0, $max)];
}
return $str;
}
$password = md5(getRandChar("10"));
$query = "SELECT email FROM admin ";
$result = mysql_query($query) or die("Query failed : " . mysql_error());
$line = mysql_fetch_array($result, MYSQL_ASSOC);
$arr = array($line);
extract($arr);
$email = $arr[0]["email"];
mysql_query("UPDATE admin SET password ='******' WHERE email ='{$email}' ");
$smtpemailto = $email;
//发送给谁
$mailtitle = "Root Password - Ucon";
//邮件主题
$mailcontent = "<link href=\"cdn.bootcss.com/bootstrap/3.3.5/css/bootstrap-theme.css\" rel=\"stylesheet\"><h1>Hello 超级管理员 ,你的密码为:" . $password . "</h1><br><br><footer>---Power By CTOS</footer>";
//邮件内容
$mailtype = "HTML";
//邮件格式(HTML/TXT),TXT为文本邮件
/**
* 写入数据
*
* @author Vonwey <*****@*****.**>
* @CreateDate: 2015-6-2 下午3:46:39
*/
private function wirteData($data, $key)
{
if (empty($data) || !$data['user_name']) {
return FALSE;
// 读取数据出错
} else {
$time = time();
// 写入users表
$user['user_name'] = $data['user_name'];
$salt = getRandChar(4);
$user['user_pass'] = md5(md5($data['user_pass']) . $salt);
$user['salt'] = $salt;
$user['create_time'] = $time;
// 写入user_info表
$user_info['user_name'] = $data['user_name'];
$user_info['nick_name'] = $data['nick_name'];
$user_info['headimg'] = $data['headimg'];
$user_info['sex'] = 'U';
$user_info['create_time'] = $time;
$user_info['last_login_time'] = $time;
$user_info['update_time'] = $time;
if ($this->isExsitRecord($user['user_name'])) {
// 已存在 更新
$sql = "update user_info set nick_name=\"" . $user_info['nick_name'] . "\",headimg='" . $user_info['headimg'] . "',sex='" . $user_info['sex'] . "' where user_name='" . $user_info['user_name'] . "'";
$this->model->query($sql);
return TRUE;
} else {
$this->db->trans_start();
$inser_id = $this->model->insert($user, 'users');
// 写入user_info表
$user_info['user_id'] = $inser_id;
$user_info['create_by'] = $inser_id;
$user_info['update_by'] = $inser_id;
$this->model->insert($user_info, 'user_info');
$this->db->trans_complete();
if ($this->db->trans_status() === FALSE) {
return FALSE;
}
return TRUE;
}
}
}
/**
* 上传头像
* @access public
*/
public function uploadImg()
{
$upload = new \Think\Upload();
$upload->maxSize = 1 * 1024 * 1024;
$upload->exts = array('jpg', 'png', 'gif');
$upload->replace = true;
$upload->saveName = getRandChar(30);
$upload->autoSub = false;
$path = './Public/uploads/user_avatar/';
$upload->rootPath = $path;
$info = $upload->upload();
if (!$info) {
// 上传错误提示错误信息
$this->ajaxReturn('', $upload->getError(), 0, 'json');
} else {
// 上传成功 获取上传文件信息
$temp_size = getimagesize($path . $info['user_avatar']['savename']);
//判断宽和高是否符合头像要求
if ($temp_size[0] < 100 || $temp_size[1] < 100) {
$this->ajaxReturn(0, '图片宽或高不得小于100px!', 0, 'json');
}
$data['picName'] = $info['user_avatar']['savename'];
$data['status'] = 1;
$data['url'] = __ROOT__ . '/Public/uploads/user_avatar/' . $data['picName'];
$data['info'] = $info;
$this->ajaxReturn($data, 'json');
}
}
$sql = " insert into stu( STUNAME , qq ,age ,ADDRESS ) values ( '{$_POST['uname']}','{$_POST['qq']}' , '{$_POST['age']}', '{$_POST['addr']}') ";
$db->exec($sql);
}
function getRandChar($length)
{
$str = null;
$strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($strPol) - 1;
for ($i = 0; $i < $length; $i++) {
$str .= $strPol[rand(0, $max)];
//rand($min,$max)生成介于min和max两个数之间的一个随机整数
}
return $str;
}
for ($i = 0; $i < 300000; $i++) {
$sql = " insert into stu( STUNAME , qq ,age ,ADDRESS ) values ( 'TT " . getRandChar(2) . " " . getRandChar(4) . "','" . rand(10000, 30000) . "' , '" . rand(4, 77) . "', '" . getRandChar(5) . "') ";
$db->exec($sql);
}
exit;
/*
}
$db->exec(" create table t2(a int , b varchar(20) ) ");
$db->exec(" insert into t2 values(1253,'asd123')");
$db->exec(" insert into t2 values(12543,'asd123')");
*/
$sql = "select * from stu order by id ";
$rs = $db->query($sql);
$l = $rs->fetchAll();
echo "<hr/>";
foreach ($l as $r) {
mysql_query("UPDATE admin SET password ='******' WHERE email = '{$eamil}' ");
}
}
$max = $_POST["max"];
$dtime = $_POST["dtime"];
function getRandChar($length)
{
$str = null;
$strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($strPol) - 1;
for ($i = 0; $i < $length; $i++) {
$str .= $strPol[rand(0, $max)];
}
return $str;
}
$inser = getRandChar("10");
$arr = range(2000, 3000);
//端口分配范围,第一个为起始范围,第二个为结束
shuffle($arr);
foreach ($arr as $values) {
$query = "SELECT * FROM op WHERE sport='{$values}'";
$rs = mysql_query($query);
$num = mysql_num_rows($rs);
if ($num) {
} else {
$port = $values;
break;
}
}
$arr = range(4000, 5000);
//端口分配范围,第一个为起始范围,第二个为结束
public function changePwd()
{
$userId = $this->get_user_id(TRUE);
$oldpassword = check_empty($this->input->post('password'), FALSE, '1004');
//仅验证是否填写
$new_password = check_empty($this->input->post('newPassword'), FALSE, '5004');
$repassword = check_empty($this->input->post('confirm'), FALSE, '5004');
if ($new_password != $repassword) {
response_code('5005');
}
$passlen = strlen($new_password);
if ($passlen < 6 || $passlen > 16) {
response_code('5004');
}
$user = $this->model->get_user_auth_by_name($userId, TRUE);
if (!$user) {
response_code('4005');
}
if (md5(md5($oldpassword) . $user['salt']) != $user['user_pass']) {
response_code('5006');
}
if ($oldpassword != $new_password) {
$user['user_id'] = $userId;
$user['salt'] = getRandChar(4);
$user['user_pass'] = md5(md5($new_password) . $user['salt']);
if (!$this->model->update_user_password($user)) {
response_code('4000');
}
}
response_code('1');
}
public function imagesUpload()
{
$size = 8388608;
//8M
$upload = new \Think\Upload();
// 实例化上传类
$upload->maxSize = $size;
// 设置附件上传大小
$upload->exts = array('jpg', 'gif', 'png', 'jpeg');
// 设置附件上传类型
$upload->rootPath = './Public/web_image/';
// 设置附件上传根目录
$upload->savePath = '';
// 设置附件上传(子)目录
//判断当前文件夹是否存在,不存在则创建此文件夹
if (!file_exists($upload->rootPath)) {
mkdir($upload->rootPath);
}
// 上传文件
$info = $upload->upload();
if (!$info) {
// 上传错误提示错误信息
$this->error($upload->getError());
} else {
// 上传成功
//返回绝对路径
$fileurl = $upload->rootPath . $info['images']['savepath'] . $info['images']['savename'];
$imgInfo = getimagesize($fileurl);
//获取图片信息
$width = 225;
//宽度
$rath = $width / $imgInfo[0];
//按照宽度计算比例
$height = $rath * $imgInfo[1];
//等比例计算高度
$url = $upload->rootPath . $info['images']['savepath'] . getRandChar(13) . '.' . $info['images']['ext'];
$image = new \Think\Image();
$image->open($fileurl);
//压缩图片
$image->thumb($width, $height)->save($url);
//返回绝对路径
$fileurl = substr($fileurl, 1);
//原图路径
$url = substr($url, 1);
//缩略图路径
$return = array('status' => 1, 'info' => '上传成功', 'imgurl' => $url, 'fileurl' => $fileurl);
$this->ajaxReturn($return);
}
}
function generatePositions($answer, $answer2 = false, $randcolor = false)
{
$pos = array();
$pos[1] = 11;
if ($answer2) {
$answer[1] = getRandChar($answer2, $pos[1], $randcolor);
}
switch ($answer[1]) {
case 1:
$pos[2] = 4;
if ($answer2) {
$answer[2] = getRandChar($answer2, $pos[2], $randcolor);
}
switch ($answer[2]) {
case 1:
$pos[3] = 25;
$pos[4] = 2;
break;
case 2:
$pos[3] = 15;
$pos[4] = 21;
break;
case 3:
$pos[3] = 1;
$pos[4] = 30;
break;
case 4:
$pos[3] = 19;
$pos[4] = 13;
break;
case 5:
$pos[3] = 30;
$pos[4] = 2;
break;
case 6:
$pos[3] = 5;
$pos[4] = 20;
break;
}
break;
case 2:
$pos[2] = 19;
if ($answer2) {
$answer[2] = getRandChar($answer2, $pos[2], $randcolor);
}
switch ($answer[2]) {
case 1:
$pos[3] = 5;
$pos[4] = 22;
break;
case 2:
$pos[3] = 17;
$pos[4] = 26;
break;
case 3:
$pos[3] = 3;
$pos[4] = 6;
break;
case 4:
$pos[3] = 2;
$pos[4] = 27;
break;
case 5:
$pos[3] = 28;
$pos[4] = 25;
break;
case 6:
$pos[3] = 16;
$pos[4] = 9;
break;
}
break;
case 3:
$pos[2] = 8;
if ($answer2) {
$answer[2] = getRandChar($answer2, $pos[2], $randcolor);
}
switch ($answer[2]) {
case 1:
$pos[3] = 2;
$pos[4] = 12;
break;
case 2:
$pos[3] = 27;
$pos[4] = 9;
break;
case 3:
$pos[3] = 19;
$pos[4] = 3;
break;
case 4:
$pos[3] = 13;
$pos[4] = 21;
break;
case 5:
$pos[3] = 31;
$pos[4] = 30;
break;
case 6:
$pos[3] = 9;
$pos[4] = 5;
break;
}
break;
case 4:
$pos[2] = 29;
if ($answer2) {
$answer[2] = getRandChar($answer2, $pos[2], $randcolor);
}
switch ($answer[2]) {
case 1:
$pos[3] = 32;
$pos[4] = 1;
break;
case 2:
$pos[3] = 4;
$pos[4] = 21;
break;
case 3:
$pos[3] = 16;
$pos[4] = 15;
break;
case 4:
$pos[3] = 24;
$pos[4] = 8;
break;
case 5:
$pos[3] = 5;
$pos[4] = 19;
break;
case 6:
$pos[3] = 14;
$pos[4] = 7;
break;
}
break;
case 5:
$pos[2] = 23;
if ($answer2) {
$answer[2] = getRandChar($answer2, $pos[2], $randcolor);
}
switch ($answer[2]) {
case 1:
$pos[3] = 1;
$pos[4] = 19;
break;
case 2:
$pos[3] = 30;
$pos[4] = 1;
break;
case 3:
$pos[3] = 25;
$pos[4] = 32;
break;
case 4:
$pos[3] = 10;
$pos[4] = 13;
break;
case 5:
$pos[3] = 20;
$pos[4] = 3;
break;
case 6:
$pos[3] = 21;
$pos[4] = 12;
break;
}
break;
case 6:
$pos[2] = 7;
if ($answer2) {
$answer[2] = getRandChar($answer2, $pos[2], $randcolor);
}
switch ($answer[2]) {
case 1:
$pos[3] = 17;
$pos[4] = 32;
break;
case 2:
$pos[3] = 24;
$pos[4] = 5;
break;
case 3:
$pos[3] = 5;
$pos[4] = 25;
break;
case 4:
$pos[3] = 32;
$pos[4] = 1;
break;
case 5:
$pos[3] = 20;
$pos[4] = 9;
break;
case 6:
$pos[3] = 13;
$pos[4] = 4;
break;
}
break;
}
if ($answer2) {
$answer[3] = getRandChar($answer2, $pos[3], $randcolor);
$answer[4] = getRandChar($answer2, $pos[4], $randcolor);
return $answer;
}
$positionset = array();
for ($i = 1; $i <= 32; $i++) {
$positionset[$i] = 0;
}
foreach ($pos as $key => $val) {
$positionset[$val] = $key;
}
return $positionset;
}
function generateUserID()
{
date_default_timezone_set('Asia/Shanghai');
//代码中设定时区,防止开发环境和生产环境默认时区不一致
$currentTime = date("YmdHis");
//取14位当前时间YYYYMMDDHHMMSS
$microTime = getMillisecond(3);
//取3位毫秒值
$randomValue = getRandChar(5);
// 取5位随机数
$userID = "{$currentTime}{$microTime}{$randomValue}";
return $userID;
}
/**
* 发送邮件
* @access public
* @param string $to 收件人地址
* @param stirng $user_name 用户名
* @param string $user_id 用户id
* @return boolen
*/
private function sendMail($to, $user_name, $user_id)
{
$info = M('password_key')->where(array('user_id' => $user_id))->find();
if (!empty($info)) {
return false;
}
$data['user_id'] = $user_id;
$data['key'] = getRandChar($length = 64);
$re = M('password_key')->data($data)->add();
if ($re) {
$url = 'http://post.kotori.love' . U('User/forgetPassword/step/3/key/' . $data['key']);
} else {
return false;
}
$title = 'Posutoba贴吧系统:重置密码';
$content = '<div style="margin: 16px 40px;background-color: #eef2fa;border: 1px solid #d8e3e8;padding: 0 15px;-moz-border-radius: 5px;-webkit-border-radius: 5px;-khtml-border-radius: 5px;border-radius: 5px">
<p>' . $user_name . ':您收到这封邮件,是由于这个邮箱地址在 Posutoba贴吧系统 被登记为用户邮箱, 且该用户请求使用 Email 密码重置功能所致。</p>
<p><strong>!!!重要!!!</strong></p>
<p>如果您没有提交密码重置的请求或不是 Posutoba贴吧系统 的注册用户,请立即忽略 并删除这封邮件。只有在您确认需要重置密码的情况下,才需要继续阅读下面的 内容。</p>
<p><strong>!!!密码重置说明!!!</strong></p>
<p>您只需在提交请求后的三天内,通过点击下面的链接重置您的密码:</p>
<p><a href="' . $url . '">' . $url . '</a></p>
<p>(如果上面不是链接形式,请将该地址手工粘贴到浏览器地址栏再访问)
在上面的链接所打开的页面中输入新的密码后提交,您即可使用新的密码登录网站了。您可以在用户控制面板中随时修改您的密码。</p>
<p>时间:' . getNowDate() . '</p>
<p>此致</p>
<p>Posutoba贴吧系统 管理团队. http://post.kotori.love/</p>
</div>';
Vendor('PHPMailer.PHPMailerAutoload');
$mail = new \PHPMailer();
//实例化
$mail->IsSMTP();
// 启用SMTP
$mail->Host = 'smtp.exmail.qq.com';
//smtp服务器的名称(这里以QQ邮箱为例)
$mail->SMTPAuth = true;
//启用smtp认证
$mail->Username = '******';
//你的邮箱名
$mail->Password = '******';
//邮箱密码
$mail->From = '*****@*****.**';
//发件人地址(也就是你的邮箱地址)
$mail->FromName = 'Posutoba贴吧系统';
//发件人姓名
$mail->AddAddress($to, $user_name);
$mail->WordWrap = 50;
//设置每行字符长度
$mail->IsHTML(true);
// 是否HTML格式邮件
$mail->CharSet = 'utf-8';
//设置邮件编码
$mail->Subject = $title;
//邮件主题
$mail->Body = $content;
//邮件内容
$mail->AltBody = "这是一个纯文本的身体在非营利的HTML电子邮件客户端";
//邮件正文不支持HTML的备用显示
return $mail->Send();
}
function getRandChar($length)
{
$str = null;
$strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($strPol) - 1;
for ($i = 0; $i < $length; $i++) {
$str .= $strPol[rand(0, $max)];
//rand($min,$max)生成介于min和max两个数之间的一个随机整数
}
return $str;
}
//echo getRandNum(5);
//echo getRandChar(5);
for ($i = 0; $i <= 100; $i++) {
$nr = getRandNum(6);
$ur = getRandChar(6);
echo $ur . '----';
echo $nr . '----';
$str = $ur . $nr . "\n";
$open = fopen("log4.txt", "a+");
fwrite($open, $str);
fclose($open);
$snoopy = new Snoopy();
$snoopy->fetch('http://bbs.scol.com.cn/member.php?mod=register');
preg_match('/<input\\s*type="hidden"\\s*name="formhash"\\s*value="(.*?)"\\s*\\/>/i', $snoopy->results, $matches);
if (!empty($matches)) {
$formhash = $matches[1];
echo $formhash;
} else {
die('Not found the forumhash.');
}
function ReqTunnel($protocol, $HostName, $Subdomain, $HttpAuth, $RemotePort)
{
$Payload = array('ReqId' => getRandChar(8), 'Protocol' => $protocol, 'Hostname' => $HostName, 'Subdomain' => $Subdomain, 'HttpAuth' => $HttpAuth, 'RemotePort' => $RemotePort);
$json = array('Type' => 'ReqTunnel', 'Payload' => $Payload);
return json_encode($json);
}
// AES PHP implementation
require 'aesctr.class.php';
// AES Counter Mode implementation
// 生成随机字符串
function getRandChar($length)
{
$str = null;
$strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($strPol) - 1;
for ($i = 0; $i < $length; $i++) {
$str .= $strPol[rand(0, $max)];
//rand($min,$max)生成介于min和max两个数之间的一个随机整数
}
return $str;
}
$RandChar = getRandChar(32) . "==";
echo "随机字符串:" . $RandChar;
$timer = microtime(true);
// initialise password & plaintext if not set in post array
$pw = empty($_POST['pw']) ? $RandChar : $_POST['pw'];
$pt = empty($_POST['pt']) ? 'pssst ... đon’t tell anyøne!' : $_POST['pt'];
$cipher = empty($_POST['cipher']) ? '' : $_POST['cipher'];
$plain = empty($_POST['plain']) ? '' : $_POST['plain'];
// perform encryption/decryption as required
$encr = empty($_POST['encr']) ? $cipher : AesCtr::encrypt($pt, $pw, 256);
$decr = empty($_POST['decr']) ? $plain : AesCtr::decrypt($cipher, $pw, 256);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
private function check_userInfo($actiontype = 'add')
{
$userInfo['real_name'] = check_empty(trimall(strip_tags($this->input->post('real_name'))), FALSE, '1010');
$userInfo['state'] = input_string($this->input->post('state'), array('active', 'suspend'), 'active');
if ($actiontype == 'add') {
$userInfo['user_name'] = input_mobilenum($this->input->post('user_name'), '1004');
$real_user_pass = substr($userInfo['user_name'], -6);
$userInfo['salt'] = getRandChar(4);
$userInfo['user_pass'] = md5(md5($real_user_pass) . $userInfo['salt']);
} else {
//修改个人信息
$userInfo['nick_name'] = check_empty(trimall(strip_tags($this->input->post('nick_name'))), FALSE, '1010');
$userInfo['user_mobile'] = input_mobilenum($this->input->post('user_mobile'), '1004');
}
return $userInfo;
}
public function reg_user($mobile)
{
$real_user_pass = substr($mobile, -6);
$salt = getRandChar(4);
$userpwd = md5(md5($real_user_pass) . $salt);
$user = array('user_name' => $mobile, 'user_pass' => $userpwd, 'salt' => $salt, 'role' => 'user', 'user_mobile' => $mobile, 'create_time' => TIME_NOW);
$this->db->trans_start();
$user_id = $this->insert($user, 'users');
$userInfo = array('user_id' => $user_id, 'user_name' => $mobile, 'nick_name' => '手机用户', 'last_login_time' => TIME_NOW, 'last_login_ip' => $_SERVER['REMOTE_ADDR'], 'create_time' => TIME_NOW, 'create_by' => $user_id, 'update_time' => TIME_NOW, 'update_by' => $user_id);
$this->insert($userInfo, 'user_info');
$this->db->trans_complete();
if ($this->db->trans_status() === FALSE) {
return FALSE;
}
return $user_id;
}
/**
* 注册用户
**/
public function userregpost()
{
$username = checkUserName($this->input->post('username'), '1002');
$identifycode = check_empty($this->input->post('identifycode'), FALSE, '5002');
$password = check_empty($this->input->post('password'), FALSE, '1003');
$passlen = strlen($password);
if ($passlen < 6 || $passlen > 16) {
response_code('1003');
}
/* $user_mobile = $this->get_current_data('check_mobile');
if($user_mobile != $username)
{
response_code('5002');
}*/
$user_mobile = $username;
$mobile_cache = $this->model->check_mobile_send($user_mobile);
//缓存取数据
if (!$mobile_cache) {
response_code('5012');
}
if ($identifycode != $mobile_cache['mobile_identify']) {
response_code('5002');
}
$user = array('password' => $password, 'mobile' => $user_mobile);
$user['salt'] = getRandChar(4);
$user_id = $this->model->reg_user($user);
if ($user_id) {
$this->model->delete_mobile_identify($user_mobile);
/*$session = array(
'user_id' => $user_id,
'user_name' => $user_mobile,
'nick_name' => '手机用户',
);
$this->set_current_data($session);*/
//帮助用户登录
$user['user_id'] = $user_id;
$token = $this->create_token($user);
response_json('1', array('token' => $token));
}
response_code('4000');
}