예제 #1
0
if ($method == 'resend') {
    //Captcha Validate
    require_once PHP_BASE_DIR . "/securimage/securimage.php";
    $img = new Securimage();
    if ($img->check($captcha) == false) {
        $res['message'] = '验证码错误!';
        $res['action'] = 'resend';
    } else {
        $db = new MySQL($log);
        if ($mysqli = $db->openDB()) {
            $user = new User($mysqli, $log);
            $invitation = new Invitation($mysqli, $log);
            if ($user->getUserByMail($email)) {
                if ($user->status == 2) {
                    $s_email = $email;
                    $email_code = $invitation->genEmailValidateCode($user->id);
                    $saemail = new SaeMail();
                    if ($saemail) {
                        //sea maill
                        $message = "尊敬的XSSRAT用户 \r\n\t\t\t您好,欢迎您使用XSSRAT。XSSRAT是一个开放性的Web前端漏洞利用平台,您可以使用该平台进行一些Web前端漏洞的测试,并可以贡献自己的模块供其他用户使用。\r\n\t\t\t本平台是一个开放性的平台,可用于渗透测试或漏洞挖掘过程中,以提高Web应用的安全性,本身不具有任何恶意性。请勿将该平台用于非法用途,否则后果自负!\r\n\t\t\t请访问以下链接激活您的账号:\t\t\t\t\t\r\n\t\t\thttp://xssrat.sinaapp.com/activating.php?code=" . $email_code . "&id=" . $user->id . "&method=active\t\r\n\t\t\r\n\t\t\thttp://xssrat.sinaapp.com\r\n\t\t\tMak3 hack m0r3 c00l!";
                        $ret = $saemail->quickSend($email, 'XSSRAT 用户验证', $message, MAIL_ACCOUNT, MAIL_PASS);
                        $reg_info = array('username' => htmlspecialchars($user->username, ENT_QUOTES), 'email' => htmlspecialchars($user->email, ENT_QUOTES));
                        $_SESSION["reg_info"] = $reg_info;
                        if ($ret) {
                            $res['result'] = true;
                            $res['message'] = '邮件已发出,请您及时查收,若您一直未收到,请稍后重新发送!';
                            $res['action'] = 'resend';
                        }
                        if ($ret === false) {
                            $log->error($mail->errmsg());
                            $res['message'] = '邮件发送失败,请稍后重试!';
예제 #2
0
파일: register.php 프로젝트: mitv1c/XssRat
 $inv_id = $invitation->vilidateCode($invitation_code);
 if ($inv_id) {
     $user->username = $username;
     $user->password = hash('sha256', $password_1);
     $user->email = $email;
     $user->type = 3;
     //普通用户
     $user->b_send = 1;
     //发送邮件
     $user->status = 2;
     //未激活状态
     $uid = $user->addUser();
     if ($uid > 0) {
         $invitation->setRegister($inv_id, $uid);
         //生成邮件验证码
         $val_code = $invitation->genEmailValidateCode($uid);
         $reg_info = array('username' => htmlspecialchars($user->username, ENT_QUOTES), 'email' => htmlspecialchars($user->email, ENT_QUOTES), 'message' => '');
         $saemail = new SaeMail();
         if ($email) {
             //sea maill
             $saemail = new SaeMail();
             $message = "尊敬的XSSRAT用户 \r\n\t您好,欢迎您使用XSSRAT。XSSRAT是一个开放性的Web前端漏洞利用平台,您可以使用该平台进行一些Web前端漏洞的测试,并可以贡献自己的模块供其他用户使用。\r\n\t本平台是一个开放性的平台,可用于渗透测试或漏洞挖掘过程中,以提高Web应用的安全性,本身不具有任何恶意性。请勿将该平台用于非法用途,否则后果自负!\r\n\t请访问以下链接激活您的账号:\t\t\t\t\t\r\n\thttp://xssrat.sinaapp.com/activating.php?code=" . $val_code . "&id=" . $uid . "&method=active\r\n\r\n\thttp://xssrat.sinaapp.com\r\n\tMak3 hack m0r3 c00l!";
             $ret = $saemail->quickSend($email, 'XSSRAT 用户验证', $message, MAIL_ACCOUNT, MAIL_PASS);
             if ($ret) {
                 $res['result'] = true;
                 $res['reason'] = '已注册成功,请收取邮件以激活帐号!';
                 $reg_info['message'] = '已注册成功,请收取邮件以激活帐号!';
             }
             if ($ret === false) {
                 $log->error($mail->errmsg());
                 $res['result'] = true;