function decrypt($eid, $prefix = "JHC") { // 默认ID都加密了,不允许ID直接访问 if ($_GET['id'] && is_numeric($_GET['id'])) { return 0; } if (strpos($eid, $prefix) === 0) { $eid = substr($eid, 3); return intval(Crypt::de($eid)); } return $eid; }
function __construct() { global $login_user; global $partner; // login as customer if ($this->_get('token')) { $cmd_user_id_viapm = intval(Crypt::de($this->_get('token'))); $login_user = D('CmsUsers')->getById($cmd_user_id_viapm); Session::Set("login_user", $login_user); Session::Set("via_pm", 1); } else { $login_user = Session::Get("login_user"); } if (!empty($login_user)) { $this->assign("login_user", $login_user); $user_info = D(PM_NAME . "://UserInfo")->getUserInfo($login_user['id']); if ($user_info && !$user_info['birthday']) { $user_info['birthday'] = '1990-01-01'; // if(!$user_info['submit_time']) { // $user_info['submit_time'] = date('Y-m-d'); // } } $this->user_info = $this->userinfo = $user_info; define(USER_ID, $login_user['id']); } else { redirect("/"); } $options = M("Options")->where("autoload = 'Y'")->select(); $INI = array(); foreach ($options as $index => $option) { $INI[$option['option_name']] = $option['option_value']; } $this->assign("INI", $INI); // 安全过滤 foreach ($_POST as $k => $v) { if (!is_array($v)) { $v = preg_replace('/script.*?\\/script/is', '', $v); $v = preg_replace('/alert\\(.*?\\)/is', '', $v); $v = str_replace(array('eval', 'function', 'onerror', 'alert'), '', $v); // $_POST[$k] = htmlspecialchars($v); } } // $this->user_info_items = $this->get_user_info(); }
static function decrypt_id($eid, $prefix = "CYD") { if (strpos($eid, $prefix) === 0) { $eid = substr($eid, 3); return intval(Crypt::de($eid)); } return $eid; }
function decrypt_id($eid, $prefix = "XSZZ") { if (strpos($eid, $prefix) === 0) { $eid = substr($eid, 4); return Crypt::de($eid); } return $eid; }
public function verify_repass() { $id = Crypt::de($this->_param("id")); $repasscode = $this->_param("repasscode"); $user = D("CmsUsers")->where(array("id" => $id, "repasscode" => $repasscode))->find(); if ($user) { //为保证安全,用户信息保存在session中,确认修改后再删除 Session::set("repass_user", $user); $this->display(); } else { $this->display("repass_fail"); } }
function decrypt_id($eid) { if (strpos($eid, 'JXD') === 0) { $eid = substr($eid, 3); return Crypt::de($eid); } return $eid; }