public function login() { if ($this->isPost()) { $Users = D('Users'); //用户表模型 $account = $_POST['account']; //用户账号 $password = md5($_POST['password']); //用户密码 $this->check_me(); //验证提交数据 //数据库验证用户信息 $user_info = $Users->get_user_info(array('account' => $account, 'status' => 0)); if (empty($user_info)) { parent::callback(C('STATUS_NOT_DATA'), '此用户不存在,或已被禁用'); } else { if ($password != $user_info['password']) { parent::callback(C('STATUS_OTHER'), '密码错误'); } else { //生成秘钥 $encryption = $user_info['id'] . ':' . $user_info['account'] . ':' . date('Y-m-d'); //生成解密后的数据 $identity_encryption = passport_encrypt($encryption, C('UNLOCAKING_KEY')); //生成加密字符串,给客户端 //更新用户登录信息 $Users->up_login_info($user_info['id']); //返回给客户端数据 parent::callback(C('STATUS_SUCCESS'), '登录成功', array('user_key' => $identity_encryption, 'account' => $user_info['account'], 'name' => $user_info['name'], 'xmpp_account' => $user_info['account'] . '@' . C('OPEN_FIRE.host'), 'type' => $user_info['type'])); } } } $this->display('Login:register'); }
function jieqi_logindo($gourl) { if (strpos($gourl, 'http') === false) { if ($_SERVER['HTTP_HOST'] != '') { $gourl = 'http://' . $_SERVER['HTTP_HOST'] . $gourl; } else { $gourl = JIEQI_URL . $gourl; } } if ($_SESSION['jieqiUserGroup'] == JIEQI_GROUP_ADMIN) { $isadmin = 1; } else { $isadmin = 0; } $member = array('time' => JIEQI_NOW_TIME, 'username' => $_REQUEST['username'], 'password' => md5($_REQUEST['password']), 'email' => $_SESSION['jieqiUserEmail'], 'isadmin' => $isadmin); $action = 'login'; $auth = passport_encrypt(passport_encode($member), DISCUZ_PASSPORT_KEY); $verify = md5($action . $auth . $gourl . DISCUZ_PASSPORT_KEY); header('Location: ' . DISCUZ_PASSPORT_URL . '?action=' . $action . '&auth=' . rawurlencode($auth) . '&forward=' . rawurlencode($gourl) . '&verify=' . $verify); //jieqi_jumppage($gourl, '*登录成功*', jieqi_htmlstr($_REQUEST['username']).',欢迎您到来!'); }
<?php /** * Created by PhpStorm. * User: Liu * Date: 10/6/2015 * Time: 1:23 AM */ $username = $_POST["username"]; $password = $_POST["password"]; $authority = "student"; $password = passport_encrypt($password); $flag = isValid($username, $password, $authority); //echo 1; echo $username; if ($flag == true) { //echo 1; session_start(); $_SESSION["sid"] = $username; //header header("location:student/view/displayStudentProfile.php"); } else { //header //echo $username; } function isValid($username, $password, $authority) { $con = mysql_connect("localhost:3306", "root", "5656123ljx"); if (!$con) { die('Could not connect: ' . mysql_error()); }
} //LIST SHOW if (is_array($listarr) && $listarr) { $adminmenu = '<input name="importdelete" type="radio" value="1" checked /> ' . $alang['block_delete']; echo label(array('type' => 'form-start', 'name' => 'listform', 'action' => $newurl)); echo label(array('type' => 'table-start', 'class' => 'listtable')); echo '<tr>'; echo '<th>' . $alang['block_select'] . '</th>'; echo '<th>' . $alang['block_blockname'] . '</th>'; echo '<th>' . $alang['block_op'] . '</th>'; echo '</tr>'; foreach ($listarr as $listvalue) { $listvalue['jscode'] = ''; preg_match("/parameter\\=\"(.*?)\"/is", $listvalue['blockcode'], $matches); if (!empty($matches[1]) && strpos($matches[1], 'tpl/data') === false) { $listvalue['jscode'] = '<script language="JavaScript" src="' . S_URL_ALL . '/batch.javascript.php?param=' . rawurlencode(passport_encrypt('blocktype/' . $listvalue['blocktype'] . '/' . $matches[1], $_SCONFIG['sitekey'])) . '"></script>'; } empty($class) ? $class = ' class="darkrow"' : ($class = ''); echo '<tr' . $class . '>'; echo '<td><input type="checkbox" name="item[]" value="' . $listvalue['blockid'] . '" /></td>'; echo '<td>'; echo '<table>'; echo '<tr><td><b>' . $listvalue['blockname'] . '</b> (' . sgmdate($listvalue['dateline']) . ')<br>' . $alang['block_basic_type'] . ': ' . $alang['block_type_' . $listvalue['blocktype']] . '</td></tr>'; echo '<tr><td>' . $alang['block_code_1'] . '<br><textarea name="blcokcode[]" rows="5" cols="100">' . shtmlspecialchars($listvalue['blockcode']) . '</textarea>'; if (!empty($listvalue['jscode'])) { echo '<br>' . $alang['block_code_2'] . '<br><textarea name="blcokcode[]" rows="5" cols="100">' . shtmlspecialchars($listvalue['jscode']) . '</textarea>'; } echo '</td></tr>'; echo '</table>'; echo '</td>'; echo '<td><img src="' . S_URL . '/images/base/icon_edit.gif" align="absmiddle"> <a href="' . $theurl . '&blocktype=' . $listvalue['blocktype'] . '&op=edit&blockid=' . $listvalue['blockid'] . '">' . $alang['space_edit'] . '</a></td>';
function regist($userId, $rurl) { $oMember = $this->system->loadModel('member/member'); $charset = $this->system->loadModel('utility/charset'); $aMember = $oMember->getFieldById($userId); $username = $aMember['uname']; if (true || $SITE_EODING == "UTF-8") { if ($this->_config['encoding'] != 'utf8') { $username = $charset->utf2local($username, $this->_config['encoding']); } } $member = array('cookietime' => 31536000, 'time' => time(), 'username' => $username, 'password' => $aMember['password'], 'gender' => $aMember['sex'], 'email' => $aMember['email'], 'credits' => $aMember['point'], 'regip' => $aMember['reg_ip'], 'regdate' => $aMember['regtime'], 'qq' => ''); $rurl .= "index.php?passport-create.html"; $rurl .= "&plugUrl=" . $this->_config['URL']; $this->setPlugCookie(1); $auth = passport_encrypt(passport_encode($member), $this->_config['PrivateKey']); $shop_loginapi_url = substr($this->_config['URL'], -1) == "/" ? $this->_config['URL'] . "api/shopex.php" : $this->_config['URL']; header('Location: ' . $shop_loginapi_url . '?action=login&auth=' . rawurlencode($auth) . '&forward=' . rawurlencode($rurl) . '&verify=' . md5('login' . $auth . $rurl . $this->_config['PrivateKey'])); exit; }
/** * 会员注册 * member_id 会员id member_name 会员名 password 密码 salt 随机数 type 会员类型 type_name 会员类型名 avatar 头像 signature 个性签名 appid 应用id appname 应用名 create_time 注册时间 update_time 更新时间 ip 注册ip * * $appid * $appkey * $callback * * $mobile_verifycode * * 绑定表 * member_id 会员id platform_id 第三方平台会员id char nick_name 昵称 type 会员类型 type_name 会员类型名称 avatar_url 头像地址 bind_time 绑定时间 bind_ip 绑定ip * * 返回 * member_id * member_name * type * avatar * access_token */ public function register() { try { $this->check_verifycode(); //验证码 $this->oldtype = $this->type = trim($this->input['type']); $member_name = $this->checkRegMemberName(); $this->checkRegType(); $this->checkRegMemberNameError(); $password = trim($this->input['password']); $identifierUserSystem = new identifierUserSystem(); $identifier = $identifierUserSystem->setIdentifier((int) $this->input['identifier'])->checkIdentifier(); //多用户系统 if (empty($this->type)) { $this->errorOutput(NO_MEMBER_TYPE); } $platformInfo = $this->Members->get_platform_name($this->type); if (empty($platformInfo)) { $this->errorOutput(REG_MEMBER_TYPE_ERROR); } else { if (!$platformInfo['status']) { $this->errorOutput(REG_MEMBER_TYPE_CLOSE); } } $type_name = $platformInfo['name']; $signature = trim($this->input['signature']); $ip = hg_getip(); $appid = intval($this->input['appid']); $appkey = trim($this->input['appkey']); $platform_id = ''; $mobile_verifycode = trim($this->input['mobile_verifycode']); $email = trim($this->input['email']); $reg_mail = $this->Members->check_reg_mail($email, 0, $identifier); if ($reg_mail == -4) { $this->errorOutput(EMAIL_FORMAT_ERROR); } elseif ($reg_mail == -5) { $this->errorOutput(EMAIL_NO_REGISTER); } elseif ($reg_mail == -6) { $this->errorOutput(EMAIL_HAS_BINDED); } $this->type == 'email' && $this->checkEmailVerifyCode($member_name); $this->type != 'email' && $email && $this->checkEmailVerifyCode($email); $_mobile = trim($this->input['mobile']); //简单验证手机号格式 if ($_mobile && !hg_verify_mobile($_mobile)) { $this->errorOutput(MOBILE_NUMBER_FORMAT_ERROR); } else { if ($_mobile && (isset($this->input['mobile_verifycode']) || defined('NO_VERIFY_MOBILEBIND') && NO_VERIFY_MOBILEBIND)) { $check_bind = new check_Bind(); if ($check_bind->checkmembernamereg($_mobile, $identifier)) { $this->errorOutput(MOBILE_REG_BIND); } } } if ($this->type != 'shouji' && $_mobile && isset($this->input['mobile_verifycode'])) { //验证码 $verifycode = $this->mSmsServer->get_verifycode_info($_mobile, $mobile_verifycode); if (empty($verifycode)) { $this->errorOutput(VERIFY_FAILED); } //删除验证码 $this->mSmsServer->mobile_verifycode_delete($_mobile, $mobile_verifycode); if (TIMENOW > $verifycode['create_time'] + VERIFYCODE_EXPIRED_TIME) { $this->errorOutput(VERIFY_EXPIRED); } $this->ismobileverify = 1; } else { if ($this->type != 'shouji' && $_mobile && defined('NO_VERIFY_MOBILEBIND') && NO_VERIFY_MOBILEBIND) { $this->ismobileverify = 1; } } $device_token = $this->Members->check_device_token(trim($this->input['device_token'])); if ($device_token === 0) { $this->errorOutput(ERROR_DEVICE_TOKEN); } $udid = $this->Members->check_udid(trim($this->input['uuid'])); if ($udid === 0) { $this->errorOutput(ERROR_UDID); } //验证设备号和ip是否在黑名单 if ($udid) { $device_res = $this->Blacklist->detailDeviceBlacklist(array('device_token' => $udid, 'identifier' => $identifier)); if ($device_res[0]['deadline'] == -1 && $device_res[0]['type'] == 2) { $this->errorOutput(DEVICE_BLACKLIST_FOREVER); } elseif ($device_res[0]['deadline'] == -1) { $this->errorOutput(DEVICE_BLACKLIST); } } if ($ip) { $ip_res = $this->Blacklist->detailIpBlacklist(array('ip' => ip2long($ip), 'identifier' => $identifier)); if ($ip_res[0]['deadline'] == -1 && $ip_res[0]['type'] == 2) { $this->errorOutput(IP_BLACKLIST_FOREVER); } elseif ($ip_res[0]['deadline'] == -1) { $this->errorOutput(IP_BLACKLIST); } } //密码 if (!$password) { $this->errorOutput(NO_PASSWORD); } //验证手机验证码 if ($this->type == 'shouji') { $check_bind = new check_Bind(); if ($check_bind->checkmembernamereg($member_name, $identifier)) { $this->errorOutput(MOBILE_REG_BIND); } $platform_id = $mobile = $member_name; $_mobile = $mobile ? $mobile : $_mobile; //简单验证手机号格式 if (!hg_verify_mobile($mobile)) { $this->errorOutput(MOBILE_NUMBER_FORMAT_ERROR); } if (!$mobile_verifycode) { $this->errorOutput(MOBILE_NOT_VERIFY); } //验证码 $verifycode = $this->mSmsServer->get_verifycode_info($mobile, $mobile_verifycode); if (empty($verifycode)) { $this->errorOutput(VERIFY_FAILED); } //删除验证码 $this->mSmsServer->mobile_verifycode_delete($mobile, $mobile_verifycode); if (TIMENOW > $verifycode['create_time'] + VERIFYCODE_EXPIRED_TIME) { $this->errorOutput(VERIFY_EXPIRED); } } //如果是m2o注册类型屏蔽字检测 if ($this->settings['App_banword']) { include ROOT_PATH . 'lib/class/banword.class.php'; $banword = new banword(); $signature_banword = $banword->exists($signature); if ($signature_banword && is_array($signature_banword)) { $this->errorOutput(SIGNATURE_INVALID); } } if ($this->type == 'm2o' && $this->settings['App_banword']) { $member_name_banword = $banword->exists($member_name); if ($member_name_banword && is_array($member_name_banword)) { $this->errorOutput(MEMBER_NAME_INVALID); } } //头像 $avatar = array(); if (isset($this->input['avatar']) && $_FILES['avatar']['tmp_name']) { $avatar = $_FILES['avatar']; } //验证会员名 $ret_verify = $this->mMember->verify_member_name($member_name, 0, $identifier, $type); switch ($ret_verify) { case -1: $this->errorOutput(MEMBER_NAME_ILLEGAL); break; case -2: $this->errorOutput(PROHIBITED_WORDS); break; case -3: $this->errorOutput(UC_MEMBER_NAME_REGISTER); break; case -4: $this->errorOutput(MEMBER_NAME_EXCEEDS_MAX); break; case -5: $this->errorOutput(USERNAME_BELOW_MINIMUM); break; case -6: $this->errorOutput(MEMBER_NAME_ERROR); break; case -7: $this->errorOutput(MEMBER_NAME_REGISTER); break; default: break; } //随机串 $salt = hg_generate_salt(); //密码md5 $md5_password = md5(md5($password) . $salt); $groupInfo = $this->Members->checkgroup_credits(0); $gradeInfo = $this->Members->checkgrade_credits(0); $data = array('member_name' => $member_name, 'password' => $md5_password, 'salt' => $salt, 'type' => $this->type, 'type_name' => $type_name, 'gid' => $groupInfo['gid'], 'gradeid' => $gradeInfo['gradeid'], 'signature' => $signature, 'mobile' => $_mobile, 'email' => $email, 'status' => $this->settings['member_status'], 'identifier' => $identifier, 'appid' => $this->user['appid'], 'appname' => $this->user['display_name'], 'create_time' => TIMENOW, 'update_time' => TIMENOW, 'ip' => $ip, 'guid' => guid(), 'reg_device_token' => $device_token, 'reg_udid' => $udid); //入ucenter $inuc = 0; if ($this->type == 'm2o' && $this->settings['ucenter']['open'] && !$identifier) { //邮箱 m2o类型必须传入email if (!$email) { $this->errorOutput(NO_EMAIL); } $virtual_email = $email; //忽略返回值 $reinfo = $this->uc_register(array('member_name' => $data['member_name'], 'password' => $password, 'email' => $virtual_email)); $inuc = $reinfo['member_id']; } //会员数据入库 $ret = $this->mMember->create($data); if (!$ret['member_id']) { $this->errorOutput(MEMBER_DATA_ADD_FAILED); } $member_id = $ret['member_id']; //编辑扩展信息 #@param platformMark 平台标示 if ($this->input['platformMark'] && $this->input['platformMark'] == 'dingdone' && $this->input['identifier']) { //为叮当注册根据app配置不同的扩展信息 $this->mMemberInfo->extension_editByApp($member_id, $this->input['member_info'], $this->input['identifier'], $_FILES); } else { $this->mMemberInfo->extension_edit($member_id, $this->input['member_info'], $_FILES); } //获取扩展信息 $extension = $this->getExtensionInfo($member_id, $identifier); if (!$identifier) { $invite_user = new invite(); $id = $this->input['invite_id'] ? $this->input['invite_id'] : 0; //邀请码id $invite_code = $this->input['invite_code'] ? $this->input['invite_code'] : $member_name; //如果未传邀请码则已用户名为邀请码去邀请数据库查询是否存在邀请信息,目前仅支持手机注册类型用户名; $invite = $invite_user->invite_rules($member_id, $invite_code, $id); //邀请用户处理 $this->invite_error($invite); } //uc打开平台id为uc 否则为自身id if ($this->type == 'm2o') { $platform_id = $this->settings['ucenter']['open'] && $reinfo['member_id'] > 0 && !$identifier ? $reinfo['member_id'] : $member_id; } elseif ($this->type == 'email') { $platform_id = $member_name; } $data['member_id'] = $member_id; //绑定表 $bind_data = array('member_id' => $member_id, 'platform_id' => $platform_id, 'nick_name' => $member_name, 'type' => $this->type, 'type_name' => $type_name, 'bind_time' => TIMENOW, 'bind_ip' => $ip, 'inuc' => $inuc, 'is_primary' => 1, 'identifier' => $identifier, 'reg_device_token' => $device_token, 'reg_udid' => $udid); $ret_bind = $this->mMember->bind_create($bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_ADD_FAILED); } $this->registerCreditRules($member_id); //注册相关积分规则 //如果注册时填写邮箱则可以同时入绑定表 if ($data['email']) { if ($this->type != 'email' && $this->isemailverify) { $_bind_data = $bind_data; $_bind_data['platform_id'] = $data['email']; $_bind_data['is_primary'] = 0; $_bind_data['type'] = 'email'; $_bind_data['type_name'] = '邮箱'; $_ret_bind = $this->mMember->bind_create($_bind_data); if (empty($_ret_bind)) { $this->errorOutput(BIND_DATA_ADD_FAILED); } unset($_bind_data, $_ret_bind); } } if ($data['mobile']) { if ($this->type != 'shouji' && $this->ismobileverify) { $_bind_data = $bind_data; $_bind_data['platform_id'] = $data['mobile']; $_bind_data['is_primary'] = 0; $_bind_data['type'] = 'shouji'; $_bind_data['type_name'] = '手机'; $_ret_bind = $this->mMember->bind_create($_bind_data); if (empty($_ret_bind)) { $this->errorOutput(BIND_DATA_ADD_FAILED); } unset($_bind_data, $_ret_bind); } } //头像入库 if (!empty($avatar)) { $avatar = $this->mMember->add_material($avatar, $member_id); if (!empty($avatar)) { $update_data = array('member_id' => $member_id, 'avatar' => daddslashes(serialize($avatar))); $ret_updata = $this->mMember->update($update_data); if (!$ret_updata['member_id']) { $this->errorOutput(AVATAR_ADD_FAILED); } } } else { $avatar_url = $this->input['avatar_url'] ? trim($this->input['avatar_url']) : ''; if ($avatar_url) { $avatar = $this->mMember->local_material($avatar_url, $member_id); if (!empty($avatar)) { $update_data = array('member_id' => $member_id, 'avatar' => daddslashes(serialize($avatar))); $ret_updata = $this->mMember->update($update_data); if (!$ret_updata['member_id']) { $this->errorOutput(AVATAR_ADD_FAILED); } } } } //到auth接口取access_token $callback = 'http://' . $this->settings['App_members']['host'] . '/' . $this->settings['App_members']['dir'] . 'login.php?a=verify_member&appid=' . $appid . '&appkey=' . $appkey; $encryptPassword = urlencode(passport_encrypt($password, CUSTOM_APPKEY)); $auth_data = array('user_name' => $member_name, 'appid' => $appid, 'appkey' => $appkey, 'ip' => $ip, 'verify_user_cb' => $callback, 'extend' => 'platform_id=' . $platform_id . '&password='******'&encrypt=1&type=' . $this->type . '&identifier=' . $identifier); $auth = $this->mMember->get_access_token($auth_data); if (!$auth['token']) { $this->errorOutput(MEMBERS_LOGIN_ERROR); } $return = array('member_id' => $member_id, 'member_name' => $ret['member_name'], 'nick_name' => $auth['nick_name'], 'platform_id' => $auth['platform_id'], 'inuc' => $auth['inuc'] ? $auth['inuc'] : 0, 'type' => $this->type, 'type_name' => $auth['type_name'], 'avatar' => $avatar, 'access_token' => $auth['token'], 'guid' => $auth['guid'], 'gid' => $auth['gid'], 'gradeid' => $auth['gradeid'], 'copywriting_credit' => $auth['copywriting_credit'], 'copywriting' => $auth['copywriting'], 'signature' => $auth['signature'], 'mobile' => $auth['mobile'], 'email' => $auth['email'], 'isVerify' => $auth['isVerify'], 'isComplete' => $auth['isComplete'], 'identifier' => $auth['identifier'], 'last_login_device' => $auth['last_login_device']); if ($extension) { $return['extension'] = $extension; } //会员痕迹 $member_trace_data = array('member_id' => $member_id, 'member_name' => $member_name, 'content_id' => $member_id, 'title' => $member_name, 'type' => 'register', 'op_type' => '注册', 'appid' => $this->user['appid'], 'appname' => $this->user['display_name'], 'create_time' => TIMENOW, 'ip' => hg_getip(), 'device_token' => $device_token, 'udid' => $udid); $this->mMember->member_trace_create($member_trace_data); //记录登陆信息 $loginInfoRecord = array('last_login_device' => $member_trace_data['device_token'], 'final_login_time' => $member_trace_data['create_time'], 'last_login_time' => $member_trace_data['create_time'], 'last_login_udid' => $member_trace_data['udid']); $this->mMember->loginInfoRecord($return['member_id'], $loginInfoRecord); $return = hg_mermber2members_compatible(array('member_name' => 'nick_name', 'access_token' => 'token'), $return, false); $this->addItem($return); $this->output(); } catch (Exception $e) { $this->errorOutput($e->getMessage(), $e->getCode()); } }
<?php !defined('M_COM') && exit('No Permisson'); if (substr($pptout_url, -1, 1) != '/') { $pptout_url .= '/'; } if ($action == 'login') { include_once M_ROOT . "./include/charset.fun.php"; $memberarr = array('time' => $timestamp, 'username' => convert_encoding($mcharset, $pptout_charset, $username), 'password' => md5(md5($password)), 'email' => !empty($email) ? $email : $cmember['email']); $auth = passport_encrypt(passport_encode($memberarr), $pptout_key); $verify = md5($action . $auth . $forward . $pptout_key); $url = $pptout_url . 'api/passport.php?action=login&auth=' . rawurlencode($auth) . '&forward=' . rawurlencode($forward) . '&verify=' . $verify; } elseif ($action == 'logout') { $auth = passport_encrypt(passport_encode(array()), $pptout_key); $verify = md5($action . $auth . $forward . $pptout_key); $url = $pptout_url . 'api/passport.php?action=logout&forward=' . rawurlencode($forward) . '&verify=' . $verify; } /** * Passport 加密函数 * * @param string 等待加密的原字串 * @param string 私有密匙(用于解密和加密) * * @return string 原字串经过私有密匙加密后的结果 */ function passport_encrypt($txt, $key) { // 使用随机数发生器产生 0~32000 的值并 MD5() srand((double) microtime() * 1000000); $encrypt_key = md5(rand(0, 32000)); // 变量初始化
$video['videourl'] = !empty($url) ? $url : null; } $listmode = explode("->", $_config['extractor']['order']); $userkey = $_config['userkey']; foreach ($listmode as $value) { $videos = _LoadOder($value, $url, $type, $key, $hds, $_extractor, $mobile); if (!empty($videos)) { break; } } if (!empty($videos)) { $video = array_merge($video, $videos); } } if (!empty($_config['vodkey'])) { $key = passport_encrypt($key, $_config['vodkey']); } if (empty($videos['data'][0]['src'])) { die; } if (!empty($mobile)) { switch ($player) { case 'ckplayer': echo CreateMobile($video, $_player); break; case 'ckm': echo CreateMobile($video, $_player); break; case 'mp4': echo CreateMp4($video, $_player); break;
<?php $rand_num = rand(1000, 2000); $_SESSION['rand'] = passport_encrypt($rand_num, KEY_WORD); $smarty->assign("view_state", $_SESSION['rand']); $smarty->display("view_html/login.html");
$j = $nTemp[1]; $szNumber3 = $szCreateArray[$i][$j]; $szNumber4 = $szNumber4 . $szNumber3; $lTestV[1] = $lTestV[1] - $nTemp[1] * $lCountd; $lCountd = $lCountd / 10; } for ($i = 0; $i < 5; $i++) { $nTemp[1] = substr($szNumber4, $i, 1); $jihuoma3 = $jihuoma3 . $nTemp[1]; } for ($i = 5; $i < 11; $i++) { $nTemp[1] = substr($szNumber4, $i, 1); $jihuoma4 = $jihuoma4 . $nTemp[1]; } $jihuoma = $jihuoma1 . $jihuoma2 . $jihuoma3 . $jihuoma4; $enc_text = passport_encrypt($jihuoma, $keyd); $jihuoma = $enc_text; $sql = "UPDATE xuliehao SET jihuoma = '{$jihuoma}' \r\n\t\t WHERE id = '{$id}'"; $result = MYSQL_QUERY($sql); ?> <div class="mB_m6"> <div class="mB_m6_con"> <label class="f14px">激活码: <input name="jhm1" type="text" size="6" value=" <?php echo $jihuoma1; ?> "/> - <input name="jhm2" type="text" size="6" value=" <?php echo $jihuoma2; ?> " /> -
<?php /** * Created by PhpStorm. * User: Liu * Date: 10/6/2015 * Time: 1:23 AM */ $username = $_POST["username"]; $password = $_POST["password"]; if ($username == "admin") { $username = "******"; } $password = passport_encrypt($password, $username); $flag = isValid($username, $password); //echo 1; //echo $username; if ($flag == true) { //echo 1; session_start(); if ($username != "0") { $_SESSION["sid"] = $username; //header header("location:student/view/displayStudentProfile.php"); } else { header("location:admin/view/showCourse.php"); } } else { echo "error"; } function isValid($username, $password)
showformheader('block'); showtableheader(''); showsubtitle(array('<input type="checkbox" onclick="checkall(this.form, \'blockids\')" name="chkall" >', 'blockid', 'blockname', 'block_dateline', 'blcokcode', 'block_operation')); $query = DB::query('SELECT * FROM ' . tname('blocks') . ' ORDER BY blockid ASC'); while ($block = DB::fetch($query)) { foreach (unserialize($block['scorename']) as $scorename) { $block['scorenamestr'] .= '[' . $scorename . ']'; } $blockarr[] = $block; } foreach ($blockarr as $value) { $textarea = ''; preg_match("/parameter\\=\"(.*?)\"/is", $value['blockcode'], $matches); if (!empty($matches[1]) && strpos($matches[1], 'tpl/data') === false) { $value['blocktype'] = 'blocktype'; $value['jscode'] = '<script charset="utf-8" language="JavaScript" src="' . B_URL . '/batch.javascript.php?param=' . rawurlencode(passport_encrypt('blocktype/' . $value['blocktype'] . '/' . $matches[1], $_G['setting']['sitekey'])) . '"></script>'; } $textarea = !empty($value['tplname']) ? lang('showblockcode') . '<br /><textarea cols="55" rows="3">' . $value['blockcode'] . '</textarea><br />' . lang('showjsblockcode') . '<br /><textarea cols="55" rows="3">' . $value['jscode'] . '</textarea>' : '<textarea cols="55" rows="3">' . $value['blockcode'] . '</textarea>'; showtablerow('', array(), array("<input class='checkbox' type='checkbox' name='blockids[]' value='{$value['blockid']}' />", $value['blockid'], $value['blockname'], date('Y-m-d', $value['dateline']), $textarea, '<a href="admin.php?action=block&op=edit&blockid=' . $value['blockid'] . '">' . lang('blockedit') . '</a>')); } showcommentmod(false); showtablefooter(); showformfooter(); bind_ajax_form(); } //加密函數 function passport_encrypt($txt, $key) { srand((double) microtime() * 1000000); $encrypt_key = md5(rand(0, 32000)); $ctr = 0;
private function setCookied($name, $value) { setcookie($name, passport_encrypt($value), time() + 3600, "/"); }
function _md5($str) { return passport_encrypt($str, KEY_WORD); }
/** * 会员登录 * $member_name * $password * $type * $type_name * $appid * $appkey * * 返回 * member_id * member_name * type * avatar * access_token * * 绑定表 * member_id 会员id platform_id 第三方平台会员id char nick_name 昵称 type 会员类型 type_name 会员类型名称 avatar_url 头像地址 bind_time 绑定时间 bind_ip 绑定ip */ public function login() { try { $member_name = $this->checkUserName(trimall($this->input['member_name'])); $password = trim($this->input['password']); $ip = hg_getip(); $type = $this->input['type']; $this->checkLoginTypeSwitch(); $this->checkLoginTypeError($member_name, $type); $this->checkLoginPassword($password, $type); $this->check_verifycode($type); //验证码 $_type = ''; //防止本地M2O同步至UC后,再次验证本地密码BUG。 $platform_id = trim($this->input['platform_id']); $identifierUserSystem = new identifierUserSystem(); $identifier = $identifierUserSystem->setIdentifier((int) $this->input['identifier'])->checkIdentifier(); //多用户系统 $appid = intval($this->input['appid']); $appkey = trim($this->input['appkey']); $device_token = $this->Members->check_device_token(trim($this->input['device_token'])); $udid = $this->Members->check_udid(trim($this->input['uuid'])); //唯一设备号 if ($device_token === 0) { $this->errorOutput(ERROR_DEVICE_TOKEN); } if ($udid === 0) { $this->errorOutput(ERROR_UDID); } //验证设备号和ip是否在黑名单 if ($udid) { $device_res = $this->Blacklist->detailDeviceBlacklist(array('device_token' => $udid, 'identifier' => $identifier)); if ($device_res[0]['deadline'] == -1 && $device_res[0]['type'] == 2) { $this->errorOutput(DEVICE_BLACKLIST_FOREVER); } elseif ($device_res[0]['deadline'] == -1) { $this->errorOutput(DEVICE_BLACKLIST); } } if ($ip) { $ip_res = $this->Blacklist->detailIpBlacklist(array('ip' => ip2long($ip), 'identifier' => $identifier)); if ($ip_res[0]['deadline'] == -1 && $ip_res[0]['type'] == 2) { $this->errorOutput(IP_BLACKLIST_FOREVER); } elseif ($ip_res[0]['deadline'] == -1) { $this->errorOutput(IP_BLACKLIST); } } //登陆类型 shouji、sina、txweibo、qq、renren、douban if (!$type) { $this->errorOutput(NO_EXTERNAL_TYPE); } if ($type == 'uc' && $identifier) { $this->input['type'] = ''; $this->checkUserName($member_name, 1); $this->input['type'] && ($type = $this->input['type']); } if ($type == 'm2o' && $this->settings['ucenter']['open'] && !$identifier) { $check_login = $this->oAuthUc(true, true); //修复手机端传m2o类型,但是帐号属于UC类型,登陆失败问题 if ($check_login > 0) { $type = 'uc'; } } if ($type == 'uc' && $this->settings['ucenter']['open'] && !$identifier) { $uc_user = $this->oAuthUc(true); if ($uc_user['user_id'] == -1) { $type = 'm2o'; } } elseif ($type == 'uc' && !$this->settings['ucenter']['open'] && !$identifier) { $this->errorOutput(UC_LOGIN_ERROR); } $check_Bind = new check_Bind(); //所有类型的邮箱登陆 if ($member_name && $type == 'email') { $platform_id = $platform_id ? $platform_id : $member_name; if (!$check_Bind->bind_to_memberid($member_name, $type, true, $identifier)) { $this->errorOutput(LOGIN_NOMEMBER_ERROR); } } else { if ($type == 'shouji') { //会员名 if (!$member_name) { $this->errorOutput(NO_MEMBER_NAME); } $platform_id = $platform_id ? $platform_id : $member_name; if (!$check_Bind->bind_to_memberid($member_name, $type, true, $identifier)) { $this->errorOutput(LOGIN_NOMEMBER_ERROR); } } else { if ($type == 'm2o') { $is_mobile_login = false; $where = ' AND member_name="' . $member_name . '" AND type="m2o" AND identifier = \'' . $identifier . '\''; $sql = 'SELECT member_id FROM ' . DB_PREFIX . 'member WHERE 1'; $memberinfo = $this->db->query_first($sql . $where); if (!$memberinfo) { if (hg_verify_mobile($member_name)) { $where = ' AND member_name=\'' . $member_name . '\' AND type=\'shouji\' AND identifier = \'' . $identifier . '\''; $memberinfo = $this->db->query_first($sql . $where); if ($memberinfo) { $type = 'shouji'; $platform_id = $check_Bind->check_uc($memberinfo['member_id'], $type); //修复同步UC后,登陆密码错误的bug $platform_id = $platform_id ? $platform_id : $member_name; } if (empty($memberinfo)) { $type = 'shouji'; $member_id = $check_Bind->bind_to_memberid($member_name, $type, true, $identifier); if ($member_id) { $memberinfo = array('member_id' => $member_id); $platform_id = $member_name; } } } $memberinfo ? $memberinfo : $this->errorOutput(LOGIN_NOMEMBER_ERROR); } if ($type != 'shouji') { $bindinfo = $this->db->query_first('SELECT inuc FROM ' . DB_PREFIX . 'member_bind WHERE member_id=' . $memberinfo['member_id'] . ' AND type="m2o"'); $platform_id = $bindinfo['inuc'] ? $bindinfo['inuc'] : $memberinfo['member_id']; } } else { //新浪微博、腾讯微博、QQ、人人网、豆瓣 uc等 $nick_name = trimall($this->input['nick_name']); $type_name = trim($this->input['type_name']); $avatar_url = trim($this->input['avatar_url']); if ($type == 'uc' && $uc_user) { //$platform_id = $uc_user['user_id']; //手机 m2o注册至uc之后登陆类型使用“uc”导致的bug $sql = 'SELECT * FROM ' . DB_PREFIX . 'member_bind WHERE type=\'m2o\' AND inuc=' . $uc_user['user_id']; $bind_uc = $this->db->query_first($sql); if ($bind_uc) { $platform_id = $bind_uc['platform_id']; $nick_name = $bind_uc['nick_name']; $type_name = $bind_uc['type_name']; $avatar_url = $bind_uc['avatar_url']; $_type = $type; $type = $bind_uc['type']; } else { $platform_id = $uc_user['user_id']; $nick_name = $uc_user['user_name']; $type_name = 'UC会员'; $avatar_url = $uc_user['avatar']; $email = $uc_user['email']; } } if (!$platform_id) { $this->errorOutput(NO_MEMBER_ID); } if (!$nick_name) { $this->errorOutput(NO_NICKNAME); } $member_name = $nick_name; $condition = " AND mb.platform_id = '" . $platform_id . "' AND mb.type = '" . $type . "' AND mb.identifier = '" . $identifier . '\''; $bind = $this->mMember->get_bind_info($condition); $bind = $bind[0]; if (empty($type_name)) { $platformInfo = $this->Members->get_platform_name($type); if (empty($platformInfo)) { $this->errorOutput(LOGIN_MEMBER_TYPE_ERROR); } else { if (!$platformInfo['status']) { $this->errorOutput(LOGIN_MEMBER_TYPE_CLOSE); } } $type_name = $platformInfo['name']; } $avatar_array = array(); $avatar_array = $this->mMember->update_avatar($avatar_url, $bind); //会员表 $data = array('member_name' => $nick_name, 'email' => $email, 'type' => $type, 'type_name' => $type_name, 'update_time' => TIMENOW, 'avatar' => daddslashes(serialize($avatar_array)), 'guid' => guid()); //绑定表 $bind_data = array('platform_id' => $platform_id, 'type' => $type, 'avatar_url' => $avatar_url, 'reg_device_token' => $device_token, 'reg_udid' => $udid); if (empty($bind)) { if ($type == 'uc') { $isBindUc = 0; if ($memberId = $this->mMember->verifyPassword($member_name, $password, 'm2o')) { $isBindUc = $this->mMember->bind_uc($memberId, $uc_user['user_id']); } if (!$isBindUc && $password) { //随机串 $salt = hg_generate_salt(); $data['salt'] = $salt; //密码md5 $data['password'] = md5(md5($password) . $salt); } } if ($type != 'uc' || !$isBindUc) { //新增会员 $groupInfo = $this->Members->checkgroup_credits(0); $gradeInfo = $this->Members->checkgrade_credits(0); $data['gid'] = $groupInfo['gid']; $data['gradeid'] = $gradeInfo['gradeid']; $data['status'] = $this->settings['member_status']; $data['identifier'] = $identifier; $data['appid'] = intval($this->user['appid']); $data['appname'] = trim($this->user['display_name']); $data['create_time'] = TIMENOW; $data['ip'] = $ip; $data['reg_device_token'] = $device_token; $data['reg_udid'] = $udid; //会员数据入库 $ret = $this->mMember->create($data); if (!$ret['member_id']) { $this->errorOutput(MEMBER_DATA_ADD_FAILED); } $member_id = $ret['member_id']; //绑定表 $bind_data['nick_name'] = $nick_name; $bind_data['member_id'] = $member_id; $bind_data['type_name'] = $type_name; $bind_data['bind_time'] = TIMENOW; $bind_data['bind_ip'] = $ip; $bind_data['is_primary'] = 1; $bind_data['identifier'] = $identifier; if ($bind_data['type'] == 'uc') { $bind_data['inuc'] = $bind_data['platform_id']; } $ret_bind = $this->mMember->bind_create($bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_ADD_FAILED); } $this->registerCreditRules($member_id, $type); //新注册会员积分规则 } else { if ($type == 'uc' && $isBindUc) { $type = 'm2o'; } } } else { //更新会员 $member_id = $bind['member_id']; //验证会员是否存在 $condition = " AND m.member_id = " . $member_id; $ret_member = $this->mMember->get_member_info($condition); $ret_member = $ret_member[0]; if (empty($ret_member)) { $this->errorOutput(LOGIN_NOMEMBER_ERROR); } $update_bind_data = array('member_id' => $member_id, 'platform_id' => $platform_id, 'type' => $type, 'avatar_url' => $avatar_url); $ret_bind = $this->mMember->bind_update($update_bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_UPDATE_FAILED); } } } } } //到auth接口取access_token $encryptPassword = urlencode(passport_encrypt($password, CUSTOM_APPKEY)); $callback = 'http://' . $this->settings['App_members']['host'] . '/' . $this->settings['App_members']['dir'] . 'login.php?'; $func = 'a=verify_member&appid=' . $appid . '&appkey=' . $appkey; $callback .= urlencode($func); $extend = 'platform_id=' . $platform_id . '&password='******'&encrypt=1&type=' . $type . '&_type=' . $_type . '&identifier=' . $identifier; $auth_data = array('user_name' => $member_name, 'appid' => $appid, 'appkey' => $appkey, 'ip' => $ip, 'verify_user_cb' => $callback, 'extend' => urlencode($extend)); $auth = $this->mMember->get_access_token($auth_data); if (!$auth['token']) { $this->errorOutput(MEMBERS_LOGIN_ERROR); } //黑名单用户判断 $blacklist = $this->Members->blacklist($auth['user_id']); if ($blacklist[$auth['user_id']]['isblack']) { $this->errorOutput(MEMBER_BLACKLIST); } //判断结束 //权限判断 //判断结束 //编辑扩展信息 $this->mMemberInfo->extension_edit($auth['user_id'], $this->input['member_info'], $_FILES); //获取扩展信息 $extension = $this->getExtensionInfo($auth['user_id'], $identifier); //会员痕迹 $member_trace_data = array('member_id' => $auth['user_id'], 'member_name' => $member_name, 'content_id' => $auth['user_id'], 'title' => $member_name, 'type' => 'login', 'op_type' => '登陆', 'appid' => $this->user['appid'], 'appname' => $this->user['display_name'], 'create_time' => TIMENOW, 'ip' => hg_getip(), 'device_token' => $device_token, 'udid' => $udid); $memberTrace = $this->mMember->getMemberTrace(array('member_id' => $auth['user_id'], 'type' => 'login'), 'create_time'); $this->mMember->member_trace_create($member_trace_data); $return = array('member_id' => $auth['user_id'], 'platform_id' => $auth['platform_id'], 'inuc' => $auth['inuc'] ? $auth['inuc'] : 0, 'member_name' => $auth['user_name'], 'nick_name' => $auth['nick_name'], 'type' => $auth['type'], 'type_name' => $auth['type_name'], 'avatar' => $auth['avatar'] ? $auth['avatar'] : '', 'access_token' => $auth['token'], 'guid' => $auth['guid'], 'gid' => $auth['gid'], 'gradeid' => $auth['gradeid'], 'copywriting_credit' => $auth['copywriting_credit'], 'copywriting' => $auth['copywriting'], 'signature' => $auth['signature'], 'mobile' => $auth['mobile'], 'email' => $auth['email'], 'extension' => $extension ? $extension : array(), 'isVerify' => $auth['isVerify'], 'isComplete' => $auth['isComplete'], 'identifier' => $auth['identifier'], 'last_login_device' => $auth['last_login_device'], 'last_login_time' => date('Y-m-d H:i:s', $memberTrace['create_time'])); //记录登陆信息 $loginInfoRecord = array('last_login_device' => $member_trace_data['device_token'], 'final_login_time' => $member_trace_data['create_time'], 'last_login_time' => $memberTrace['create_time'], 'last_login_udid' => $member_trace_data['udid']); $this->mMember->loginInfoRecord($return['member_id'], $loginInfoRecord); $return = hg_mermber2members_compatible(array('member_name' => 'nick_name', 'access_token' => 'token'), $return, false); $this->addItem($return); $this->output(); } catch (Exception $e) { $this->errorOutput($e->getMessage(), $e->getCode()); } }
chdir('../'); require_once './include/common.inc.php'; if ($passport_status == 'shopex' && ($action == 'login' || $action == 'logout') && $verify == md5($action . $forward . $passport_key) && $passport_shopex) { $forward = preg_match("/^http:\\/\\//i", $forward) ? $forward : $boardurl . $forward; if ($action == 'login' && $discuz_uid) { $creditsadd = $passport_extcredits ? 'm.extcredits' . $passport_extcredits . ' as credits,' : ''; $query = $db->query("SELECT m.adminid, m.username, m.password, m.email, {$creditsadd} m.gender, m.bday, m.regip, m.regdate, mf.site, mf.qq, mf.msn, mf.yahoo\r\n\t\t\tFROM {$tablepre}members m JOIN {$tablepre}memberfields mf USING(uid) WHERE m.uid='{$discuz_uid}'"); $member = $db->fetch_array($query); if ($member['adminid'] == 1) { dheader('Location:' . $forward); } $auth = ''; foreach ($member as $key => $value) { $auth .= $key . '=' . $value . '&'; } $auth = passport_encrypt($auth, $passport_key); } else { $auth = ''; } $verify = md5($action . $auth . $forward . $passport_key); dheader('location:' . $passport_url . 'index.php?gOo=discuz_reply.do&action=' . $action . ($action == 'login' ? '&auth=' . rawurlencode($auth) : '') . '&forward=' . rawurlencode($forward) . '&verify=' . $verify); } else { dheader('location:' . $boardurl . 'index.php'); } function passport_encrypt($txt, $key) { srand((double) microtime() * 1000000); $encrypt_key = md5(rand(0, 32000)); $ctr = 0; $tmp = ''; for ($i = 0; $i < strlen($txt); $i++) {