function locate($ip = null)
{
global $_SERVER;
if (is_null($ip)) {
$ip = getIP();
}
$host = str_replace('{IP}', $ip, $this->host);
$host = str_replace('{CURRENCY}', $this->currency, $host);
$data = array();
$response = $this->fetch($host);
$data = unserialize($response);
//set the geoPlugin vars
$this->ip = $ip;
$this->city = array_key_exists('geoplugin_city', $data) ? $data['geoplugin_city'] : 'N/A';
$this->region = array_key_exists('geoplugin_region', $data) ? $data['geoplugin_region'] : 'N/A';
$this->regionCode = array_key_exists('geoplugin_regionCode', $data) ? $data['geoplugin_regionCode'] : 'N/A';
$this->areaCode = array_key_exists('geoplugin_areaCode', $data) ? $data['geoplugin_areaCode'] : 'N/A';
$this->dmaCode = array_key_exists('geoplugin_dmaCode', $data) ? $data['geoplugin_dmaCode'] : 'N/A';
$this->countryCode = array_key_exists('geoplugin_countryCode', $data) ? $data['geoplugin_countryCode'] : 'N/A';
$this->countryName = array_key_exists('geoplugin_countryName', $data) ? $data['geoplugin_countryName'] : 'N/A';
$this->continentCode = array_key_exists('geoplugin_continentCode', $data) ? $data['geoplugin_continentCode'] : 'N/A';
$this->latitude = array_key_exists('geoplugin_latitude', $data) ? $data['geoplugin_latitude'] : 'N/A';
$this->longitude = array_key_exists('geoplugin_longitude', $data) ? $data['geoplugin_longitude'] : 'N/A';
$this->currencyCode = array_key_exists('geoplugin_currencyCode', $data) ? $data['geoplugin_currencyCode'] : 'N/A';
$this->currencySymbol = array_key_exists('geoplugin_currencySymbol', $data) ? $data['geoplugin_currencySymbol'] : 'N/A';
$this->currencyConverter = array_key_exists('geoplugin_currencyConverter', $data) ? $data['geoplugin_currencyConverter'] : 'N/A';
}
function isAllowedIP()
{
if (in_array(getIP(), _get("allowIP"))) {
return true;
}
return false;
}
/**
* [login description]
* @return [type] [description]
*/
function login()
{
$name = $_REQUEST["name"];
$password = $_REQUEST["password"];
global $mysql, $prefix;
$password = md5($prefix . $password);
$user = $mysql->DBGetOneRow("`user`", "*", "`name` = '{$name}' and `isDeleted` = 'false' ");
if ($user["name"] == $name && $user["password"] == $password) {
$sessionId = session_id();
$userName = $user["name"];
$_SESSION["name"] = $userName;
$_SESSION["realname"] = $user["realname"];
$_SESSION["password"] = $user["password"];
$_SESSION["level"] = $user["level"];
$_SESSION["phone"] = $user["phone"];
$_SESSION["mail"] = $user["mail"];
$ip = getIP();
$userAgent = $_SERVER['HTTP_USER_AGENT'];
//update
$mysql->DBUpdate('online_user', array('lastUpdateTime' => 'now()', 'offlineTime' => 'now()'), "`userName` = '?' and `offlineTime` is null ", array($userName));
$obj = array('userName' => $name, 'onlineTime' => 'now()', 'sessionId' => $sessionId, 'lastUpdateTime' => 'now()', 'ip' => $ip, 'userAgent' => $userAgent);
$mysql->DBInsertAsArray("`online_user`", $obj);
return array('status' => 'successful', 'errMsg' => '', 'token' => $sessionId);
}
throw new Exception('用户或密码不正确!');
}
function getOnlineUsers()
{
global $Load;
$Db = $Load->core("Db");
$date = time();
$time = 10;
$time = $date - $time * 60;
$IP = getIP();
$user = SESSION("ZanUser");
$Db->deleteBySQL("Start_Date < {$time}", "users_online_anonymous");
$Db->deleteBySQL("Start_Date < {$time}", "users_online");
if ($user) {
$users = $Db->findBy("User", $user, "users_online");
if (!$users) {
$Db->insert("users_online", array("User" => $user, "Start_Date" => $date));
} else {
$Db->updateBySQL("users_online", "Start_Date = '{$date}' WHERE User = '******'");
}
} else {
$users = $Db->findBy("IP", $IP, "users_online_anonymous");
if (!$users) {
$Db->insert("users_online_anonymous", array("IP" => $IP, "Start_Date" => $date));
} else {
$Db->updateBySQL("users_online", "Start_Date = '{$date}' WHERE IP = '{$IP}'");
}
}
}
function checkLogin()
{
global $db;
$m_name = be("post", "m_name");
$m_name = chkSql($m_name, true);
$m_password = be("post", "m_password");
$m_password = chkSql($m_password, true);
$m_password = md5($m_password);
$m_check = be("post", "m_check");
if (isN($m_name) || isN($m_password) || isN($m_check)) {
alertUrl("请输入您的用户名或密码!", "?action=login");
}
$row = $db->getRow("SELECT * FROM {pre}manager WHERE m_name='" . $m_name . "' AND m_password = '******' AND m_status=1");
if ($row && $m_check == app_safecode) {
sCookie("adminid", $row["m_id"]);
sCookie("adminname", $row["m_name"]);
sCookie("adminlevels", $row["m_levels"]);
$randnum = md5(rand(1, 99999999));
sCookie("admincheck", md5($randnum . $row["m_name"] . $row["m_id"]));
$db->Update("{pre}manager", array("m_logintime", "m_loginip", "m_random"), array(date("Y-m-d H:i:s"), getIP(), $randnum), " m_id=" . $row["m_id"]);
echo "<script>top.location.href='index.php';</script>";
} else {
alertUrl("您输入的用户名和密码不正确或者您不是系统管理员!", "?action=login");
}
}
public static function load()
{
global $app;
//IP判断=====================================
$onlineip = getIP();
$ipCity = new IpLocation(INCLUDE_DIR . 'ipdata/QQWry.Dat');
$uCity = $ipCity->getlocation($onlineip);
try {
if (strcmp(trim($uCity['country']), '北京市') != 0) {
throw new Exception('对不起您的IP不符合要求');
}
} catch (Exception $e) {
$app->error($e->getMessage(), SITE_URL);
}
//===========================================
if (isset($_SESSION[self::SESSION_KEY]) && isset($_SESSION[self::SESSION_KEY]['username'])) {
if (isset($_SESSION[self::SESSION_KEY]['record'])) {
$user = $_SESSION[self::SESSION_KEY]['record'];
} else {
$user = new User('username', $_SESSION[self::SESSION_KEY]['username']);
}
} else {
if (isset($_COOKIE[self::COOKIE_KEY])) {
$user = self::checkCookie($_COOKIE[self::COOKIE_KEY]);
} else {
return false;
}
}
if (!$user) {
return self::logout();
}
self::setInfos($user);
return true;
}
function logUserAction()
{
$command = "--";
if (isset($_POST['command'])) {
$command = strtolower($_POST['command']);
}
if ($command == 'user_login' || $command == 'user_logout' || $command == 'new_comment' || $command == 'rate_comment' || $command == 'register_new_user' || $command == 'update_page_rating' || $command == 'add_tag' || $command == 'rate_tag' || $command == 'delete_tag' || $command == 'get_pages_with_tag' || $command == 'follow_contact' || $command == 'unfollow_contact' || $command == 'add_link' || $command == 'rate_link') {
$IP = getIP();
$user_id = -1;
if (isset($_SESSION['user_id'])) {
$user_id = $_SESSION['user_id'];
} else {
if (isset($_POST['user_name'])) {
$user_name = $_POST['user_name'];
$query = "SELECT id FROM User WHERE name = '" . $user_name . "'";
$result = mysql_query($query);
if (mysql_num_rows($result) != 0) {
$result_row = mysql_fetch_assoc($result);
$user_id = $result_row['id'];
}
}
}
$country = IPtoCountry($IP);
$query = "INSERT INTO ActivityLog (user_id, command, ip, country_code2) VALUE ('{$user_id}', '{$command}', '{$IP}', '{$country}')";
$result = mysql_query($query);
}
}
public function __construct()
{
global $canonical;
$this->pageNum = $canonical->currentPage;
$this->comList = array();
$this->aID = $this->listBlocked = false;
$this->totalCom = 0;
$this->myIP = getIP();
}
public function isBlockedIp($zoneID)
{
$ip = getIP();
$cacheKey = "BlockIP_{$zoneID}_{$ip}";
if (RedisHelper::hExist($cacheKey, 1)) {
return true;
}
return false;
}
function get_user($where)
{
$sql = $this->table($this->table)->where($where)->limit(1)->create_query();
$row = $this->query($sql)->fetchrow();
if (count($row) > 0) {
$id = $row[0]['user_id'];
$dt = array('user_lastlogin' => date("Y-m-d H:i:d"), 'user_lastloginip' => getIP());
$update = $this->update($this->table, $dt, 'user_id = ' . $id);
}
return $row;
}
public function tools($param)
{
$tid = $param['tid'];
$ttype = $param['ttype'];
$title = $param['title'];
$contents = $param['contents'];
$old_data = $param['old_data'];
$nickname = $_SESSION[$this->config->item('rbac_auth_key')]["INFO"]["nickname"];
$sql = "INSERT INTO system_tools_log (tid,ttype,title,contents,auser,aip,old_data)\n\t\t\t\tVALUES('{$tid}','{$ttype}','{$title}','{$contents}','{$nickname}','" . getIP() . "','{$old_data}')\n\t\t\t\t";
$this->db->query($sql);
}
function ExceedGuests()
{
// ENTER MYSQL AND INSERT IP AND RANDOM ID IN TABLE
// THEN SEND TO QUEUE LIST
$IP = getIP();
$insert = "INSERT INTO QueueList({$IP}), VALUES (?)";
if ($connection->query($insert) === TRUE) {
// successful
} else {
echo "Error";
}
}
public function actionInstall()
{
$languages = get_all_langs();
$language = isset($_GET['l']) && in_array($_GET['l'], $languages) ? $_GET['l'] : 'en';
$installed = FALSE;
$tips = array();
if (!file_exists(CONFIGFILE)) {
// Check the configuration file permissions
$tips[] = t('CONFIG_FILE_NOTEXISTS', array('{config_file}' => CONFIGFILE), $language);
} elseif (!is_writable(CONFIGFILE)) {
$tips[] = t('CONFIG_FILE_NOTWRITABLE', array('{config_file}' => CONFIGFILE), $language);
}
if (!is_writable(APPROOT . '/data/')) {
$tips[] = t('DATADIR_NOT_WRITABLE', array(), $language);
}
if (isset($_POST['dbtype'])) {
if (!empty($_POST['adminname']) && !empty($_POST['adminpass']) && !empty($_POST['dbtype']) && !empty($_POST['dbusername']) && !empty($_POST['dbname']) && !empty($_POST['dbhost']) && strlen(trim($_POST['adminname'])) > 2) {
$adminname = maple_quotes($_POST['adminname']);
$adminpass = maple_quotes($_POST['adminpass']);
$dbname = maple_quotes($_POST['dbname']);
$tbprefix = $_POST['tbprefix'];
$url = $_POST['dbtype'] . '://' . $_POST['dbusername'] . ':' . $_POST['dbpwd'] . '@' . $_POST['dbhost'] . '/' . $_POST['dbname'];
#$db=YDB::factory($url);
$formError = '';
try {
$db = YDB::factory($url);
} catch (Exception $e) {
$formError = $e->getMessage();
}
} else {
$formError = t('FILL_NOT_COMPLETE', array(), $language);
}
if (!$formError) {
$url_string = "<?php\n\$db_url = '{$url}';\n\$db_prefix = '{$tbprefix}';\n?>";
file_put_contents(CONFIGFILE, $url_string);
$sql_file = APPROOT . DIRECTORY_SEPARATOR . 'data' . DIRECTORY_SEPARATOR . $_POST['dbtype'] . '.sql';
$sql_array = file($sql_file);
$translate = array('{time}' => time(), '{ip}' => getIP(), '{admin}' => $adminname, '{adminpass}' => $adminpass, '{lang}' => $language, '<' => $tbprefix, '>' => '');
foreach ($sql_array as $sql) {
$_sql = html_entity_decode(strtr(trim($sql), $translate), ENT_COMPAT, 'UTF-8');
$db->query($_sql);
}
$installed = TRUE;
$_SESSION['admin'] = $_POST['adminname'];
}
}
if (file_exists(dirname(dirname(__FILE__)) . '/install.php')) {
include dirname(dirname(__FILE__)) . '/install.php';
} else {
die('Access denied!');
}
}
/**
* Checks whether the requesting ip is a known dilps system and is allowed access to this system
*
* @return boolean
*/
function interdilpsRequestorAllowed()
{
global $config;
require_once "{$config['includepath']}db.inc.php";
global $db, $db_prefix;
$ip = getIP();
$allowed = false;
$sql = "select access from {$db_prefix}interdilps_hosts where ip = " . $db->qstr($ip) . " and access > 0";
if ($access = $db->GetOne($sql)) {
$allowed = true;
}
return $allowed;
}
/**
* 文件日志
* Enter description here ...
* @param unknown_type $content
* @param unknown_type $file
* @param unknown_type $rank
*/
public static function FileLog($content, $file = NULL, $rank = 0)
{
$filename = date("Y-m-d");
$file ? $file = AppDir . "/Runtime/Log/" . $file . ".log" : ($file = AppDir . "/Runtime/Log/" . $filename . ".log");
try {
if ($f = fopen($file, "a+")) {
$content = "服务器时间:[" . date("Y-m-d H:i:s") . "] 等级:" . $rank . " 日志内容如下:\r\n" . $content . " \r\n网址来源:http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . " 来源IP:" . getIP() . "\r\n----------------------------------------------------------------------------------\r\n";
return fwrite($f, $content);
} else {
return false;
}
} catch (Exception $es) {
throw $es->getMessage();
}
}
/**
* 表单提交
*/
public function post()
{
//$this->load->helper('curl');
$_SESSION['token'] = session_id();
$ret = 0;
$msg = '';
$this->db->trans_start();
try {
$name = isset($_REQUEST['name']) ? trim(strip_tags($_REQUEST['name'])) : null;
$tel = isset($_REQUEST['tel']) ? trim(strip_tags($_REQUEST['tel'])) : null;
$address = isset($_REQUEST['address']) ? trim(strip_tags($_REQUEST['address'])) : null;
$type = isset($_REQUEST['type']) ? trim(strip_tags($_REQUEST['type'])) : null;
if (empty($name)) {
$ret = 1001;
$msg = 'name 不能为空~';
} elseif (empty($tel)) {
$ret = 1002;
$msg = 'tel 不能为空~';
} elseif (empty($address)) {
$ret = 1003;
$msg = 'address 不能为空~';
} elseif (empty($type)) {
$ret = 1004;
$msg = 'type 不能为空~';
} else {
$data = array('name' => $name, 'tel' => $tel, 'address' => $address, 'type' => $type, 'create_ip' => getIP(), 'create_time' => date('Y-m-d H:i:s'));
$this->db->insert('love2015_user', $data);
}
/*
$this->db->where('phone', $phone);
$count = $this->db->count_all_results('t_user');
if($count < 0){
$ret = 1001;
$msg = '该手机号码已经被申领';
}
else{
}
*/
} catch (Exception $e) {
$ret = 2000;
$msg = $e->getMessage();
}
$this->db->trans_complete();
$result = array('ret' => $ret, 'msg' => $msg);
$this->output->set_content_type('application/json')->set_output(json_encode($result));
}
function add_writing($id, &$writing, $user_id)
{
try {
$ip = getIP();
if (!isset($user_id)) {
$user_id = "NULL";
}
date_default_timezone_set('PRC');
$sql = "INSERT INTO\r\n `tomoe_writing`\t(\r\n `char_id`,\r\n `writing`,\r\n `user_id`,\r\n `ip`,\r\n `add_date`)\r\n VALUES(\r\n '" . $id . "',\r\n \t'" . json_encode($writing) . "',\r\n \t" . $user_id . ",\r\n '" . $ip . "',\r\n \t'" . date("Y-m-d H:i:s") . "');";
$result = $this->db->insert($sql);
if ($result == 0) {
throw new Exception("无法添加数据");
}
} catch (Exception $e) {
throw $e;
}
}
function guardarAccion($email, $accion)
{
if (isset($_SESSION["codSesion"])) {
$cod = $_SESSION["codSesion"];
usuarioEstaOnline();
} else {
$cod = NULL;
$email = NULL;
}
date_default_timezone_set("Europe/Madrid");
$date = date('Y-m-d H:i:s');
$ip = getIP();
$sql = "INSERT INTO Acciones (cod_conexion,email,accion,time,ip) VALUES ('{$cod}','{$email}','{$accion}','{$date}','{$ip}')";
$link = Conectar();
$link->query($sql);
$link->close();
}
function verifyLogin()
{
global $configArray;
if (isset($_GET['logout'])) {
unset($_SESSION['userId']);
unset($_SESSION['username']);
unset($_SESSION['userPassword']);
unset($_SESSION['userEmail']);
unset($_SESSION['userType']);
}
if (isset($_POST['login'])) {
$email = $_POST['email'];
$pass = $_POST['pass'];
$loginSql = "SELECT *\n\t\t\t\tFROM conturi_admin c \n\t\t\t\tWHERE c.email = '" . $email . "' AND c.parola = '" . $pass . "' AND c.activ = '1' LIMIT 1";
$_USER = getQueryInArray($loginSql, $configArray['dbcnx']);
//print_r('<!-- qwerty '.$loginSql.' -->');
$isUser = false;
if (!count($_USER)) {
$isUser = false;
} else {
$isUser = true;
}
if ($isUser) {
$insertIntoLog = "INSERT INTO log SET ip = '" . mySqlEscape(getIP()) . "', " . " data = '" . mySqlEscape(date("Y-m-d H:i:s")) . "', " . " query = '" . mySqlEscape($loginSql) . "', " . " id_conturi = '" . mySqlEscape($_USER[0]['id']) . "', " . " obs ='AUTENTIFICARE ADMINISTRATOR' ";
@mysql_query($insertIntoLog);
$_SESSION['userId'] = intval($_USER[0]['id']);
//cont_admin ID
//$_SESSION['userId'] = intval($_USER[0]['user_id']); //conturi ID
$_SESSION['username'] = ucwords(strtolower($_USER[0]['nume'])) . ' ' . ucwords(strtolower($_USER[0]['prenume']));
$_SESSION['userEmail'] = $_USER[0]['email'];
$_SESSION['userType'] = $_USER[0]['cont_tip'];
$_SESSION['userPassword'] = $pass;
}
//endif isUser
if (isset($_POST['backurl'])) {
redirect($_POST['backurl']);
}
}
//endif $_POST['login']
if (!isset($_SESSION['userId']) && (!stristr($_SERVER['SCRIPT_NAME'], 'index.php') && !stristr($_SERVER['SCRIPT_NAME'], 'forgot_pass.php'))) {
redirect('index.php?msg=1&url=' . $_SERVER['REQUEST_URI']);
}
}
public static function login($login, $pw)
{
global $mysql;
$query = "SELECT password FROM peq_admin WHERE login=\"{$login}\"";
$result = $mysql->query_assoc($query);
if ($result == '') {
$_SESSION['error'] = 1;
logSQL("Invalid login attempt. Bad username from IP: '" . getIP() . "'. Username: '******' Password: '******'.");
return;
}
extract($result);
if ($password == md5($pw)) {
$_SESSION['login'] = $login;
$_SESSION['password'] = md5($pw);
} else {
$_SESSION['error'] = 1;
logSQL("Invalid login attempt. Bad password from IP: '" . getIP() . "'. Username: '******' Password: '******'.");
}
}
function log_mail($sender, $recipient, $subject, $body, $header = "")
{
// build header
$header = "From: " . $sender . "\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . '\\r\\n';
$status = date("l F j, Y h:i:s a") . "\r\n";
$status .= "IP: " . getIP() . "\r\n";
$status .= "From: {$sender}\r\n";
$status .= "To: {$recipient}\r\n";
$status .= "Subject: {$subject}\r\n";
$result = mail($recipient, $subject, $body, $header);
if ($result == true) {
$status .= "Message sent successfully\r\n\r\n";
} else {
$status .= "Error sending message\r\n\r\n";
}
$fp = fopen("sendmail.log", "a");
$write = fputs($fp, $status);
fclose($fp);
return $result;
}
function createBox($serviceName, $serverName, $customName)
{
include './functions/dbconnect.php';
$sql = 'select * from servers';
$result = mysqli_query($con, $sql);
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
echo " Name: " . $row["server_custom_name"] . " | " . getIP($row["server_name"]) . "";
echo "Response time (ms): " . pingServer($row["server_name"]);
}
} else {
echo 'There are not data to display for this query.';
}
echo "<div class='box'>\n<h2>{$customName} | ";
getIP($serverName);
echo "</h2>\n\t<hr>\n\t<span class='pingbox'>\n\t<h3>Ping</h3>";
pingServer($serverName);
echo "</span>\n\t<span class='servicebox'>\n\t<h3>Service Status</h3>\n\t";
serviceStatus($serviceName, $serverName);
echo "</span>\n</div>";
}
function make_log_file()
{
// log文件名
$filename = 'mylogs.txt';
// 去除rc-ajax评论以及cron机制访问记录
if (strstr($_SERVER["REQUEST_URI"], "rc-ajax") == false && strstr($_SERVER["REQUEST_URI"], "wp-cron.php") == false) {
$word .= date('mdHis', $_SERVER['REQUEST_TIME'] + 3600 * 8) . " ";
//访问页面
$word .= $_SERVER["REQUEST_URI"] . " ";
//协议
$word .= $_SERVER['SERVER_PROTOCOL'] . " ";
//方法,POST OR GET
$word .= $_SERVER['REQUEST_METHOD'] . " ";
//$word .= $_SERVER['HTTP_ACCEPT'] . " ";
//获得浏览器信息
$word .= getbrowser() . " ";
//传递参数
$word .= "[" . $_SERVER['QUERY_STRING'] . "] ";
//跳转地址
$word .= $_SERVER['HTTP_REFERER'] . " ";
//获取IP
$word .= getIP() . " ";
$word .= "\n";
$day = date('md', $_SERVER['REQUEST_TIME'] + 3600 * 8);
if (getIP() != "211.97.6.123") {
if (file_exists($filename)) {
$fh = fopen($filename, "r");
$data = fread($fh, 10);
if (substr($data, 0, 4) == $day) {
$fh = fopen($filename, "a");
} else {
$fh = fopen($filename, "w");
}
//w
fwrite($fh, $word);
fclose($fh);
}
}
}
}
private function write_log()
{
$this->load->model('log_model');
$this->load->helper('ip');
$first_segment = $this->uri->segment(1);
$second_segment = $this->uri->segment(2);
$third_segment = $this->uri->segment(3);
$arr = array();
$arr['cm'] = '';
if ($first_segment == 'Backend') {
$arr['cm'] = $second_segment . '@' . $third_segment;
} else {
$arr['cm'] = $first_segment . '@' . $second_segment;
}
$arr['ip'] = ip2long(getIP());
$arr['opera_time'] = time();
$admin = $this->session->userdata('admin');
$arr['user'] = $admin['username'];
if (!empty($arr['user'])) {
$this->log_model->insert($arr);
}
}
function saveData($sType)
{
if (@$_SESSION['yzm'] == '') {
Eerr('提示', '验证码失效');
}
//if instr("|"& getFormFieldList() &"|","|yzm|") then
if (@$_SESSION['yzm'] != @$_POST['yzm']) {
Eerr('提示', '验证码错误');
}
@($_SESSION['yzm'] = '');
//清空验证码
//保存文章评论
if ($sType == 'articlecomment') {
autoSavePostData('', 'tablecomment', 'tablename||ArticleDetail,adddatetime|now,itemid||' . @$_REQUEST['itemid'] . ',adddatetime,ip||' . getIP());
aspEcho('提示', '评论提交成功,等待管理员审核');
} else {
if ($sType == 'feedback') {
if (@$_POST['guestname'] == '') {
Eerr('提示', '姓名为空');
}
autoSavePostData('', 'feedback', 'isthrough|numb|0,adddatetime|now,ip||' . getIP() . ',columnid||' . @$_GET['columnid']);
aspEcho('提示', '反馈提交成功,等待管理员审核');
} else {
if ($sType == 'guestbook') {
if (@$_POST['guestname'] == '') {
Eerr('提示', '姓名为空');
}
autoSavePostData('', 'guestbook', 'isthrough|numb|0,adddatetime|now,ip||' . getIP() . ',columnid||' . @$_GET['columnid']);
aspEcho('提示', '留言提交成功,等待管理员审核');
} else {
if ($sType == 'articledetail') {
autoSavePostData('', 'articledetail', 'title|bodycontent,adddatetime|now,ip||' . getIP());
aspEcho('提示', '文章提交成功');
}
}
}
}
die;
}
function regExplore($email, $name, $password)
{
//已写入动态
if (!$this->emailIsExist($email)) {
if (!$this->nameIsExist($name)) {
date_default_timezone_set("Etc/GMT+8");
$this->pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
//禁用prepared statements的仿真效果
$userFolder = "user/default/";
$nowTime = date('Y-m-d H:i:s', time());
$userIp = getIP();
$sql = "INSERT INTO `basicprofile`(`email`, `name`, `password`, `location`, `sex`, `intro`, `detailIntro`, `face`, `background`,`backgroundBlur`, `emailVerified`, `place`, `nowPlace`,`sharingNum`, `ip`, `regTime`, `lastLoginTime`) \n\t\t\t\tVALUES (?,?,SHA1(?),'China','futa','explore','explore',?,?,?,0,'China','China',0,?,?,?)";
$stmt = $this->pdo->prepare($sql);
if ($stmt != false) {
$exeres = $stmt->execute(array($email, $name, $password, $userFolder . "photo.jpg", $userFolder . "background.jpg", $userFolder . "backgroundBlur.jpg", $userIp, $nowTime, $nowTime));
if ($exeres) {
$sql_dynamic = "INSERT INTO `dynamic`(`uid`, `dynamic`) VALUES (" . $this->pdo->lastInsertId() . ",'注册了Explore')";
$rowAffectedNum = $this->pdo->exec($sql_dynamic);
if ($rowAffectedNum != 0) {
return true;
} else {
return false;
}
} else {
print_r($stmt->errorInfo());
return false;
}
} else {
return false;
}
} else {
return -1;
//名字重复
}
} else {
return -2;
/*邮箱重复*/
}
}
function CheckSessions()
{
global $lang, $game_config, $ugamela_root_path, $phpEx;
includeLang('cookies');
include $ugamela_root_path . 'config.' . $phpEx;
$UserRow = array();
if ($_SESSION[USER_SESSION]) {
$UserRow = doquery("SELECT * FROM {{table}} WHERE `id` = " . $_SESSION[USER_SESSION][id], 'users', true);
// USER FOUND?
if (!$UserRow) {
message($lang['cookies']['Error2']);
}
// CHECK PASS
$Hash = md5($UserRow["password"] . "--" . $dbsettings["secretword"]);
if ($Hash !== $_SESSION[USER_SESSION][password]) {
message($lang['cookies']['Error3']);
}
// ONLY 1 IP :D
if ($UserRow['user_lastip'] != $_SESSION[USER_SESSION][ip]) {
message($lang['cookies']['Error1']);
}
$Qry = "UPDATE {{table}} SET ";
$Qry .= "`onlinetime` = UNIX_TIMESTAMP(), ";
$Qry .= "`user_lastip` = '" . getIP() . "', ";
$Qry .= "`user_agent` = '" . $_SERVER['HTTP_USER_AGENT'] . "'";
$Qry .= " WHERE `id` = " . $_SESSION[USER_SESSION][id] . " LIMIT 1;";
doquery($Qry, 'users');
if ($IsUserChecked == false) {
$IsUserChecked = true;
} else {
$IsUserChecked = true;
}
}
unset($dbsettings);
$Return['state'] = $IsUserChecked;
$Return['record'] = $UserRow;
return $Return;
}
/**
* db 处理统一接口
*/
public function execute($sql = '', $type = 's')
{
$res['status'] = 1;
$dbRes = false;
switch ($type) {
//select
case 's':
$dbRes = mysqli_query($this->conn, $sql);
$data = $this->fetch_all_result($dbRes, 1);
$res['data'] = $data[0];
break;
//insert
//insert
case 'i':
$dbRes = mysqli_query($this->conn, $sql);
$res['id'] = mysqli_insert_id($this->conn);
break;
//update
//update
case 'u':
$dbRes = mysqli_query($this->conn, $sql);
break;
//delete
//delete
case 'd':
$dbRes = mysqli_query($this->conn, $sql);
break;
default:
# code...
break;
}
if ($dbRes == true) {
$res['status'] = 0;
}
Doo::logger()->info('time:' . date("Y-m-d H:i:s", time()) . "\tip:" . getIP() . "\tsql:" . $sql . "\t" . var_export($res['status'], true), 'DB');
return $res;
}
{
$ip = $_SERVER['SERVER_ADDR'];
if (PHP_OS == 'WINNT') {
$ip = getHostByName(getHostName());
}
if (PHP_OS == 'Linux') {
$command = "/sbin/ifconfig";
exec($command, $output);
// var_dump($output);
$pattern = '/inet addr:?([^ ]+)/';
$ip = array();
foreach ($output as $key => $subject) {
$result = preg_match_all($pattern, $subject, $subpattern);
if ($result == 1) {
if ($subpattern[1][0] != "127.0.0.1") {
$ip = $subpattern[1][0];
}
}
//var_dump($subpattern);
}
}
return $ip;
}
echo getIP();
echo get_client_ip();
?>
</body>
</html>
foreach ($banned as $key => $val) {
if (preg_match("^{$val}", $ip_adr)) {
$bool = true;
break;
}
}
if (empty($ip_adr) or $bool or !cek_ip($ip_adr)) {
$ip_adr = @$_SERVER['REMOTE_ADDR'];
}
return $ip_adr;
}
