Exemplo n.º 1
0
 public function j_email()
 {
     // 如果
     if (isset($_POST['em'])) {
         $email = $_POST['em'];
         $account_model = D('Account');
         // 证明已经注册过
         if ($account_model->judge_account_id_isset($email)) {
             Response::show('-101', '该邮箱已经被注册!');
         } else {
             // 发送给用户的信息
             $rand_string = strtolower(rand_string());
             $title = '欢迎您注册!么么哒。';
             $content = '您好,您的注册验证码是 : ' . $rand_string . '   !, 如果不是本人操作,请忽略!';
             $Memcached = Memcached::getInstance();
             // 暂时不加密了。
             $Memcached->set($email, $rand_string);
             if (SendMail($email, $title, $content) === true) {
                 Response::show('200', '已经发送验证码,请注意查收!');
             } else {
                 Log::write('发送验证码失败,to [--' . $email . '--]', 'WARN');
                 Response::show('-102', '邮件发送失败,未知原因!');
             }
         }
     }
     Response::show('-103', '数据丢失!');
 }
Exemplo n.º 2
0
 public function register()
 {
     $model = D('Member');
     if (false === $model->create()) {
         //错误提示
         $msg['error_code'] = 8002;
         $msg['notice'] = $model->getError();
         echo json_encode($msg);
         exit;
     }
     $data['tel'] = $_POST['tel'];
     $data['salt'] = $salt = rand_string(6, -1);
     $psw = md5($_POST['password'] . $salt . $salt[1]);
     $data['password'] = $psw;
     $mid = $model->add($data);
     if ($mid) {
         $msg['error_code'] = 0;
         $msg['notice'] = '注册成功';
         //生成token
         $token = create_token($mid, $salt);
         $vo['id'] = $mid;
         $vo['salt'] = $salt;
         //存储token
         set_token($vo, $token);
         $msg['token'] = $token;
         echo json_encode($msg);
         exit;
     } else {
         $msg['error_code'] = 8002;
         $msg['notice'] = '注册失败';
         echo json_encode($msg);
         exit;
     }
 }
Exemplo n.º 3
0
 /**
  * 编辑
  */
 public function set()
 {
     $share_info = $this->_getData();
     //含有sid则为更新,否则为插入
     if (isset($this->in['sid']) && strlen($this->in['sid']) == 8) {
         $info_new = $this->sql->get($this->in['sid']);
         //只更新指定key
         foreach ($share_info as $key => $val) {
             $info_new[$key] = $val;
         }
         if ($this->sql->update($this->in['sid'], $info_new)) {
             show_json($info_new, true);
         }
         show_json($this->L['error'], false);
     } else {
         //插入
         $share_list = $this->sql->get();
         $new_id = rand_string(8);
         while (isset($share_list[$new_id])) {
             $new_id = rand_string(8);
         }
         $share_info['sid'] = $new_id;
         if ($this->sql->add($new_id, $share_info)) {
             show_json($share_info, true);
         }
         show_json($this->L['error'], false);
     }
     show_json($this->L['error'], false);
 }
Exemplo n.º 4
0
/**
 * ユーザのオートログイン
 *
 * @param string $session_id
 *
 * @return array
 */
function service_user_autologin($session_id)
{
    // セッションを取得
    $users = select_sessions(array('select' => 'user_id, keep', 'where' => array('id = :id AND expire > :expire', array('id' => $session_id, 'expire' => localdate('Y-m-d H:i:s')))));
    $session = false;
    $user_id = null;
    if (!empty($users)) {
        // セッションを更新
        $new_session_id = rand_string();
        $resource = update_sessions(array('set' => array('id' => $new_session_id, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $session_id))));
        if ($resource) {
            cookie_set('auth[session]', $new_session_id, time() + $GLOBALS['config']['cookie_expire']);
        } else {
            error('データを編集できません。');
        }
        if ($users[0]['keep']) {
            // ユーザを更新
            $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s')), 'where' => array('id = :id', array('id' => $users[0]['user_id']))));
            if (!$resource) {
                error('データを編集できません。');
            }
            $session = true;
            $user_id = $users[0]['user_id'];
        }
    }
    return array($session, $user_id);
}
Exemplo n.º 5
0
function crypt512($pw)
{
    if (CRYPT_SHA512 != 1) {
        throw new Exception('Hashing mechanism not supported.');
    }
    return crypt($pw, '$6$' . rand_string(16) . '$');
}
Exemplo n.º 6
0
 /**
  * Output form input
  *
  * @param	array
  * @param	array
  * @return	string
  */
 public function form_output($data, $entry_id, $field)
 {
     // Get slug stream
     $stream = $this->CI->streams_m->get_stream($data['custom']['choose_stream']);
     if (!$stream) {
         return '<em>' . $this->CI->lang->line('streams:relationship.doesnt_exist') . '</em>';
     }
     $title_column = $stream->title_column;
     // Default to ID for title column
     if (!trim($title_column) or !$this->CI->db->field_exists($title_column, $stream->stream_prefix . $stream->stream_slug)) {
         $title_column = 'id';
     }
     // Get the entries
     $obj = $this->CI->db->get($stream->stream_prefix . $stream->stream_slug);
     $choices = array();
     // If this is not required, then
     // let's allow a null option
     if ($field->is_required == 'no') {
         $choices[null] = $this->CI->config->item('dropdown_choose_null');
     }
     foreach ($obj->result() as $row) {
         // Need to replace with title column
         $choices[$row->id] = $row->{$title_column};
     }
     // Output the form input
     return form_dropdown($data['form_slug'], $choices, $data['value'], 'id="' . rand_string(10) . '"');
 }
Exemplo n.º 7
0
 /**
  * edit
  */
 public function set()
 {
     if ($_SERVER['HTTP_REFERER'] != $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]) {
         if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
             $share_info = $this->_getData();
             //Containing sid was updated, otherwise insert
             if (isset($this->in['sid']) && strlen($this->in['sid']) == 8) {
                 $info_new = $this->sql->get($this->in['sid']);
                 //Only Updates the specified key
                 foreach ($share_info as $key => $val) {
                     $info_new[$key] = $val;
                 }
                 if ($this->sql->update($this->in['sid'], $info_new)) {
                     show_json($info_new, true);
                 }
                 show_json($this->L['error'], false);
             } else {
                 //insert
                 $share_list = $this->sql->get();
                 $new_id = rand_string(8);
                 while (isset($share_list[$new_id])) {
                     $new_id = rand_string(8);
                 }
                 $share_info['sid'] = $new_id;
                 if ($this->sql->add($new_id, $share_info)) {
                     show_json($share_info, true);
                 }
                 show_json($this->L['error'], false);
             }
             show_json($this->L['error'], false);
         }
     } else {
         header('Location: 403.php');
     }
 }
Exemplo n.º 8
0
function finish_auth($username, $auth_key, $url)
{
    // not a good design
    if (mb_strlen($auth_key, 'utf-8') != 32) {
        return json_encode(array('errorno' => 1));
    }
    $result = get_user_information($username);
    if ($result == null) {
        return json_encode(array('errorno' => 2));
    }
    if (process_auth_key($result['auth_key'], $result['last_time'], $url) != $auth_key) {
        return json_encode(array('errorno' => 3));
    }
    // not good design +1
    $new_auth_key = rand_string();
    $sql = "UPDATE `account` SET `auth_key`= ? WHERE username= ? LIMIT 1";
    $params = array($new_auth_key, $username);
    $count = (new MysqlDAO())->execute($sql, $params, 'ss');
    $username = $result['username'];
    $email = $result['email'];
    $verified = $result['verified'];
    $reg_time = $result['reg_time'];
    $res = array('errorno' => 0, 'user' => array('username' => $username, 'email' => $email, 'verified' => $verified, 'reg_time' => $reg_time));
    return json_encode($res);
}
Exemplo n.º 9
0
 public function dopayment()
 {
     if ($this->isPost()) {
         C('TOKEN_ON', false);
         import('@.Com.payment.PaymentFactory');
         //订单号
         $out_trade_no = date('Ymdhis') . rand_string(4, 1);
         $subject = $this->_CFG['site_name'] . '会员充值';
         $body = '';
         $total_fee = floatval($_REQUEST['amount']);
         $show_url = 'http://' . $_SERVER['HTTP_HOST'] . __ROOT__;
         if ($this->_CFG['alipay_type'] == 'direct') {
             $pay_type = 'alipay';
             $status = 103;
         } else {
             if ($this->_CFG['alipay_type'] == 'warrant') {
                 $pay_type = 'AlipayWarrant';
                 $status = 103;
             }
         }
         $params = array('out_trade_no' => $out_trade_no, 'subject' => $subject, 'body' => $body, 'total_fee' => $total_fee, 'show_url' => $show_url);
         $data = array('user_id' => $this->_user['user_id'], 'nick' => $this->_user['nick'], 'out_trade_no' => $out_trade_no, 'amount' => $total_fee, 'content' => '在线充值', 'addtime' => LocalTime::getInstance()->gmtime(), 'status' => $status);
         M('payment')->add($data);
         $payment = PaymentFactory::getPayment($pay_type);
         $html_text = $payment->buildForm($params);
         $this->assign('form_html', $html_text);
         $this->assign('page_title', '在线充值 - ');
         $this->display();
     }
 }
Exemplo n.º 10
0
 public function __construct()
 {
     /* 当没有uid即 用户没有登陆的时候 自动注册一个用户///
      * 当用户退出/或者在注册页面的时候不是继承Common、即UserAction是直接继承Action的
      * 用户可以在Login或者Register注册自己的账号 或者 直接修改随机个人帐号
      * 随即账号密码为123456
      */
     R("Public/session_start_by_user");
     session_start();
     if (session("uid") == "" || session("uid") == null || session("name") == "" || session("name") == null) {
         load("extend");
         //引入扩展函数库
         do {
             //当用外部浏览器登陆的时候就用这个 微信暂时也用这个
             $userName = "******" . rand_string(8, 1);
             $userPassword = sha1(md5("123456"));
             $flag = D("User")->getUserRegister($userName, $userPassword);
         } while (!$flag);
         session_set_cookie_params(3600 * 24 * 365, "/");
         session('[regenerate]');
         session("uid", $flag['uid']);
         session("name", $userName);
         session("password", $userPassword);
     }
     //如果没有选择地点则跳转选择地点
     if (!session("areaId")) {
         $this->redirect("/area");
     }
 }
Exemplo n.º 11
0
 public function _before_add()
 {
     if (!IS_POST) {
         $appid = date('Y') . microtime(true) * 10000;
         $this->assign('appid', $appid);
         $appkey = rand_string(32, -1);
         $this->assign('appkey', $appkey);
     }
 }
Exemplo n.º 12
0
	public function __construct() {
		if(C('KUAIDI_KEY')) $this->key = C('KUAIDI_KEY');
		$this->par = array(
			'type' => '',
			'postid' => '',
			'id' => 1,
			'valicode' => '',
			'temp' => rand_string(10),
		);
	}
Exemplo n.º 13
0
 function execute()
 {
     $result = array();
     if (!isset($_POST['email'])) {
         $result['retCode'] = '10';
         $result['retMsg'] = 'Invalid param.';
         $result['result'] = FALSE;
     } else {
         $date = date('Y-m-d');
         $email = $this->input->post('email');
         $guser = rand_string(6);
         $gp = rand_string(6);
         $gpass_decod = $gp;
         $gpass = $this->ci->passwordhash->HashPassword($gp);
         $name = $this->input->post('name');
         $code = sha1(md5(rand_string(6)));
         $links = "http://bdsinu.no-ip.biz:8888/kaspoint/index.php/auth/active/verify/" . base64_encode($email);
         // change your url
         $pesan = "Calon Pelanggan yang Terhormat,\n\n\t\t\t\t\t\tTerima kasih " . $name . " telah melakukan Pendaftaran pada aplikasi Kaspoint PT.Links.co.id\n\t\t\t\t\t\tSilahkan lakukan aktifasi dengan Mengklik \n\t\t\t\t\t\t" . $links . "\n\t\t\t\t\t\tUsername : "******"\n\t\t\t\t\t\tPassword : "******"\n\t\t\t\t\t\t-----------------------";
         if (isset($_POST['email'])) {
             $email = mysql_real_escape_string($_POST['email']);
             $check_for_email = $this->db->query("select * from t_user where email1 ='" . $_POST['email'] . "'");
             if ($check_for_email->num_rows()) {
                 $result['retCode'] = '20';
                 $result['retMsg'] = 'Email Not Available';
                 $result['result'] = true;
             } else {
                 $data_user = array('ID_' => $code, 'active' => 0, 'nick_name' => $name, 'email1' => $email, 'username' => $guser, 'password' => $gpass, 'reg_date' => $date, 'nick_name' => $name, 'active_login' => 0, 'role' => "cab483821c4eacfc41fee8c0ffe72216");
                 $save = $this->mgeneral->save($data_user, 't_user');
                 /* if(!$save){
                 				$result['retCode'] = '001';
                 				$result['retMsg'] = 'Pendaftaran tidak sukses';
                 			}else{ */
                 $this->email->from('*****@*****.**', 'Sales - Kaspoint');
                 $this->email->to($this->input->post('email'));
                 $this->email->subject('Dealer Register');
                 $this->email->message($pesan);
                 $this->email->send();
                 $result['username'] = $guser;
                 $result['password'] = $gpass_decod;
                 $result['retCode'] = '00';
                 //$result['url']		= 'localhost/ppob/index.php/auth/login'; //change your url
                 $result['retMsg'] = 'Success To Registrasi but not active your account.';
                 $result['result'] = TRUE;
                 $result['uri'] = $links;
                 //}
             }
         } else {
             $result['retCode'] = '01';
             $result['retMsg'] = 'Error Registration.';
             $result['result'] = TRUE;
         }
     }
     $this->output->set_content_type('application/json')->set_output(json_encode($result));
 }
Exemplo n.º 14
0
function registerFormSubmitted()
{
    require 'include/configGlobals.php';
    connectDatabase();
    slashAllInputs();
    //This makes sure they did not leave any fields blank
    if (!$_POST['username'] | !$_POST['email'] | !$_POST['firstName'] | !$_POST['lastName']) {
        die('You did not complete all of the required fields');
    }
    if (!isUsernameValid($_POST['username'])) {
        die('Sorry, that username is invalid. Please go back and try again.');
    }
    // checks if the username is in use
    $usercheck = $_POST['username'];
    $check = mysql_query("SELECT username FROM users WHERE username = '******'") or die(mysql_error());
    $check2 = mysql_num_rows($check);
    //if the name exists it gives an error
    if ($check2 != 0) {
        die('Sorry, the username ' . $_POST['username'] . ' is already in use. Please go back and try again.');
    }
    $emailcheck = $_POST['email'];
    $check = mysql_query("SELECT email FROM users WHERE email = '{$emailcheck}'") or die(mysql_error());
    $check2 = mysql_num_rows($check);
    //if the email exists it gives an error
    if ($check2 != 0) {
        die('Sorry, the email ' . $_POST['email'] . ' has already been registered. Please go back and try again.');
    }
    $tempPassword = rand_string(16);
    // here we encrypt the password and add slashes if needed
    $hashPassword = md5($tempPassword);
    $hashUsername = md5($_POST['username']);
    $hash256Password = bin2hex(mhash(MHASH_SHA256, $tempPassword));
    $hash256Username = bin2hex(mhash(MHASH_SHA256, $_POST['username']));
    $creationDate = date('Y-m-d');
    // now we insert it into the database
    $insert = "INSERT INTO users (username, pass, sha256_user, sha256_pass, fname, lname, addr1, addr2, city, state, zip, hphone, cphone, email, econtact, econtact_phone, econtact_rel, creation) VALUES (\n           '" . $_POST['username'] . "',\n           '" . $hashPassword . "',\n\t\t   '" . $hash256Username . "',\n\t\t   '" . $hash256Password . "',\n           '" . $_POST['firstName'] . "',\n           '" . $_POST['lastName'] . "',\n           '" . $_POST['address1'] . "',\n           '" . $_POST['address2'] . "',\n           '" . $_POST['city'] . "',\n           '" . $_POST['state'] . "',\n           '" . $_POST['zipCode'] . "',\n           '" . $_POST['homePhone'] . "',\n           '" . $_POST['cellPhone'] . "',\n           '" . $_POST['email'] . "',\n           '" . $_POST['econtact'] . "',\n           '" . $_POST['econtactPhone'] . "',\n           '" . $_POST['econtactRel'] . "',\n           '" . $creationDate . "'\n           )";
    $add_member = mysql_query($insert);
    $to = $_POST['email'];
    $from = $email_Administrator;
    $subject = 'Registered on ' . $club_Abbr . ' Online Registration Site';
    $message = "--{$mime_boundary}\n";
    $message .= "Content-Type: text/plain; charset=UTF-8\r\n";
    $message .= "Content-Transfer-Encoding: 8bit\r\n";
    $message .= 'Thank you for registering on the ' . $club_Abbr . ' Online Registration site.' . "\n" . "\n" . 'Your username is: [ ' . $usercheck . " ]\n" . 'Your temporary password is: [ ' . $tempPassword . " ]\n" . "\n" . 'Login at ' . $http_Logout . ' to change your password and register for events.' . "\n" . "\n" . 'Thank you!' . "\n" . '- ' . $club_Abbr . ' Administration' . "\n";
    $message .= "--{$mime_boundary}--\n\n";
    if (sendEmail($to, $from, $subject, $message) != false) {
        echo "<h1>Registered</h1>\n";
        echo "Thank you, you have registered. An email has been sent to " . $to . " \n";
        echo "with your username and temporary password. Depending on internal server traffic, this may take some time.<br><br>\n";
        echo "When you receive your temporary password you may <a href=\"index.php\">login</a> to continue.\n";
    } else {
        echo "<h1>Internal Email Error. Please contact administrator at " . $email_Administrator . "</h1>\n";
    }
}
Exemplo n.º 15
0
 public function changePassword($intEditorID, $strOldPassword, $strNewPassword)
 {
     if ($strOldPassword == $strNewPassword) {
         return new returnData(0, NULL);
     }
     $query = "UPDATE editors \n            SET password = MD5('{$strNewPassword}'), read_write_token = '" . rand_string(64) . "'\n            WHERE password = MD5('{$strOldPassword}')\n            AND editor_id = {$intEditorID}";
     Module::query($query);
     if (mysql_affected_rows() < 1) {
         return new returnData(4, NULL, 'No editors exist with matching ID and password');
     }
     return new returnData(0, NULL);
 }
Exemplo n.º 16
0
 public function Login()
 {
     $chk_user = "******";
     $chk_pass = "******";
     //d4068d373bcc50fc83fd5bb6fe35ee7d
     $userName = text($_POST["userName"]);
     $password = text($_POST["password"]);
     if ($userName == $chk_user && ($password = md5($chk_pass))) {
         $vcode = rand_string($this->wdzjUid, 32, null, 14);
         echo $vcode;
     } else {
         echo "User name or password is incorrect!";
     }
 }
Exemplo n.º 17
0
function generate_captcha($extra = '1234567890')
{
    global $config;
    $text = rand_string($config['captcha']['length'], $extra);
    $captcha = new SimpleCaptcha();
    $cookie = rand_string(20, "abcdefghijklmnopqrstuvwxyz");
    ob_start();
    $captcha->CreateImage($text);
    $image = ob_get_contents();
    ob_end_clean();
    $html = '<image src="data:image/png;base64,' . base64_encode($image) . '">';
    $query = prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)");
    $query->execute([$cookie, $extra, $text, time()]);
    return array("cookie" => $cookie, "html" => $html);
}
Exemplo n.º 18
0
function forgotFormSubmitted()
{
    require 'include/configGlobals.php';
    // Connects to your Database
    connectDatabase();
    slashAllInputs();
    //This makes sure they did not leave any fields blank
    if (!$_POST['email']) {
        die('You did not complete all of the required fields');
    }
    // checks if the email is in use
    $emailcheck = $_POST['email'];
    $check = mysql_query("SELECT username FROM users WHERE email = '{$emailcheck}'") or die(mysql_error());
    $check2 = mysql_num_rows($check);
    //if the email doesn't exists it gives an error
    if ($check2 == 0) {
        die('Sorry, no user with email ' . $emailcheck . ' is registered in the database. Please try again.');
    }
    while ($info = mysql_fetch_array($check)) {
        $usercheck = $info['username'];
    }
    $tempPassword = rand_string(16);
    // here we encrypt the password
    $sha256_pass = bin2hex(mhash(MHASH_SHA256, $tempPassword));
    // now we insert it into the database
    $update_member = mysql_query("UPDATE users SET sha256_pass='******' WHERE username='******'");
    $sha256_pass = rand_string(128);
    // clear md5 hash
    $update_member = mysql_query("UPDATE users SET pass='' WHERE username='******'");
    $to = $emailcheck;
    $from = $email_Administrator;
    $subject = 'Reset Info for ' . $club_Abbr . ' Online Registration Site';
    $message = "--{$mime_boundary}\n";
    $message .= "Content-Type: text/plain; charset=UTF-8\r\n";
    $message .= "Content-Transfer-Encoding: 8bit\r\n";
    $message .= 'Your password has been reset on the ' . $club_Abbr . ' Online Registration site at your request.' . "\n" . "\n" . 'Your username is: [ ' . $usercheck . " ]\n" . 'Your temporary password is: [ ' . $tempPassword . " ]\n" . "\n" . 'Login at ' . $http_Logout . ' to change your password and register for events.' . "\n" . "\n" . 'Thank you!' . "\n" . '- ' . $club_Abbr . ' Administration' . "\n";
    $message .= "--{$mime_boundary}--\n\n";
    sendEmail($to, $from, $subject, $message);
    $tempPassword = rand_string(16);
    // clear variable data
    echoMainHeader();
    echo "<h1>Email Sent.</h1>\n";
    echo "Thank you, you have registered. An email has been sent to " . $_POST['email'] . " \n";
    echo "with your username and temporary password. Depending on internal server traffic, this may take some time.<br><br>\n";
    echo "When you receive your temporary password you may <a href=\"" . $http_Logout . "\">login</a> to continue.\n";
    echoMainFooter();
}
Exemplo n.º 19
0
function logoutUser()
{
    header("Content-Type: text/html; charset=utf-8");
    logLogout(getCookie('ID'));
    if (getCookie('ID')) {
        connectDatabase();
        slashArray($_COOKIE);
        // reset session id
        $sessionId = rand_string(32);
        $update = "UPDATE users SET session_id='{$sessionId}' WHERE sha256_user='******'ID') . "'";
        $result = mysql_query($update);
        $sessionId = rand_string(32);
    }
    //this deletes the cookies
    clearCookies();
    header("Location: index.php");
}
Exemplo n.º 20
0
 function execute()
 {
     $result = array();
     if (!isset($_POST['email'])) {
         $result['retCode'] = '10';
         $result['retMsg'] = 'Invalid param.';
         $result['result'] = FALSE;
     } else {
         $date = date('Y-m-d');
         $email = $this->input->post('email');
         $gp = rand_string(6);
         $gpass_decod = $gp;
         $gpass = $this->ci->passwordhash->HashPassword($gp);
         if (isset($email)) {
             $mail = mysql_real_escape_string($email);
             $check_for_email = $this->db->query("select * from t_user where email1 ='" . $mail . "'");
             if ($check_for_email->num_rows() <= 0) {
                 //$result['r'] = $check_for_email->num_rows();
                 $result['retCode'] = '20';
                 $result['retMsg'] = 'Email Not Available';
                 $result['result'] = true;
             } else {
                 $u = $check_for_email->row();
                 $pesan = "Pelanggan yang Terhormat,\n\n\t\t\t\t\t\tBerikut password Baru anda\n\t\t\t\t\t\tUsername : "******"\n\t\t\t\t\t\tPassword : "******"\n\t\t\t\t\t\t-----------------------";
                 $data_user = array('password' => $gpass);
                 $save = $this->mgeneral->update(array('email1' => $mail), $data_user, 't_user');
                 $this->email->from('*****@*****.**', 'admin - PPOB');
                 $this->email->to($email);
                 $this->email->subject('Dealer Register');
                 $this->email->message($pesan);
                 $this->email->send();
                 $result['retCode'] = '00';
                 //$result['url']		= 'localhost/ppob/index.php/auth/login'; //change your url
                 $result['retMsg'] = 'Change Password Sukses.';
                 $result['result'] = TRUE;
                 //$result['uri']		=$links;
             }
         } else {
             $result['retCode'] = '01';
             $result['retMsg'] = 'Error Registration.';
             $result['result'] = TRUE;
         }
     }
     $this->output->set_content_type('application/json')->set_output(json_encode($result));
 }
Exemplo n.º 21
0
 /**
  * 产生随机字符串
  *
  * @param ing    $len        长度,默认4
  * @param int    $mode       模式,默认5,去掉了容易混淆的字符oOLl和数字01
  * @param string $add_chars  额外字符,默认''
  *
  * @return string 随机字符串
  */
 private function _rand_string($len = 4, $mode = 5, $add_chars = '')
 {
     if (function_exists('rand_string')) {
         return rand_string($len, $mode, $add_chars);
     }
     $str = '';
     switch ($mode) {
         case 0:
             //大小写字母a-zA-Z
             $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' . $add_chars;
             break;
         case 1:
             //大写字母A-Z
             $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . $add_chars;
             break;
         case 2:
             //小写字母a-z
             $chars = 'abcdefghijklmnopqrstuvwxyz' . $add_chars;
             break;
         case 3:
             //数字0-9
             $chars = str_repeat('0123456789', 3);
             break;
         case 4:
             //字母与数字a-zA-z0-9
             $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
             break;
         default:
             //默认去掉了容易混淆的字符oOLl和数字01,要添加请使用add_chars参数
             $chars = 'ABCDEFGHIJKMNPQRSTUVWXYZabcdefghijkmnpqrstuvwxyz23456789' . $add_chars;
             break;
     }
     if ($len > 10) {
         //位数过长重复字符串一定次数
         $chars = 2 == $mode ? str_repeat($chars, $len) : str_repeat($chars, 5);
     }
     $chars = str_shuffle($chars);
     $str = substr($chars, 0, $len);
     return $str;
 }
Exemplo n.º 22
0
function loginUser()
{
    $username = $_POST['username'];
    // checks it against the database
    $query = "SELECT * FROM users WHERE username = '******'";
    $check = mysql_query($query) or die(mysql_error());
    if ($info = mysql_fetch_array($check)) {
        $sessionId = rand_string(32);
        // update lastLogon & session id
        $now = date('c');
        $update = "UPDATE users SET lastLogon='{$now}', session_id='{$sessionId}' WHERE username='******'";
        $result = mysql_query($update) or die(mysql_error());
        $hashUsername = $info['sha256_user'];
        // if login is ok then we add a cookie
        setCookies($hashUsername, $sessionId);
        $sessionId = rand_string(32);
        logLogin($hashUsername);
        //then redirect them to the members area
        header('Location: main.php');
    } else {
        dieError("ERROR: Cannot find user record in database. Please contact the administrator");
    }
}
 public function change_award($user_id, $money, $types, $in_type)
 {
     if ($money > 0) {
         $user = M("user");
         $line_order = M('line_order');
         if ($in_type == 0) {
             $user->where("id={$user_id}")->setDec("award", $money);
         } else {
             $user->where("id={$user_id}")->setInc("award", $money);
         }
         do {
             $code = "A" . date("ymdHi") . rand_string(5, 0);
         } while ($line_order->where("code='{$code}'")->find());
         $now_money = $user->where("id={$user_id}")->getField("award");
         $data['user_id'] = $user_id;
         $data['code'] = $code;
         $data["money"] = $money;
         $data["now_money"] = $now_money;
         $data["types"] = $types;
         $data["in_types"] = $in_type;
         $data["create_time"] = time();
         $this->add($data);
     }
 }
Exemplo n.º 24
0
?>
<script src="<?php 
echo STATIC_PATH;
?>
js/lib/seajs/sea.js?ver=<?php 
echo KOD_VERSION;
?>
"></script>
<script src="./index.php?share/common_js&user=<?php 
echo $_GET['user'];
?>
&sid=<?php 
echo $_GET['sid'];
?>
&#=<?php 
echo rand_string(8);
?>
"></script>
<script src="<?php 
echo STATIC_PATH;
?>
js/lib/ace/src-min-noconflict/ace.js?ver=<?php 
echo KOD_VERSION;
?>
"></script>
<script src="<?php 
echo STATIC_PATH;
?>
js/lib/ace/src-min-noconflict/ext-static_highlight.js?ver=<?php 
echo KOD_VERSION;
?>
Exemplo n.º 25
0
function verify($username, $auth_key)
{
    if (mb_strlen($username, 'utf-8') < 1 || mb_strlen($username, 'utf-8') > 12) {
        return 'User not exist';
    }
    if (strlen($auth_key) != 32) {
        return 'Invalid auth key';
    }
    $result = get_user_information($username);
    if ($result == null) {
        return 'User not exist';
    }
    if (process_auth_key($result['auth_key'], $result['last_time']) != $auth_key) {
        return 'Link is out of data';
    }
    $new_auth_key = rand_string();
    $sql = "UPDATE `account` SET `auth_key`= ?, verified='t' WHERE username= ? LIMIT 1";
    $params = array($new_auth_key, $username);
    $count = (new MysqlDAO())->execute($sql, $params, 'ss');
    if ($count == 1) {
        return '1';
    } else {
        return 'Sth is wrong with server';
    }
}
				<!-- <li class="">
					<a  href="<?php 
echo U('message/index');
?>
" onclick="del_current_node()"><i class="icon-inbox"></i> <span class="badge "><?php 
echo $new_message_count;
?>
</span> </a>
				</li> -->
				<li class="light-blue">
					<a data-toggle="dropdown" href="#" class="dropdown-toggle"> <img class="nav-user-photo" src="<?php 
echo get_save_url();
echo session('user_pic');
?>
?<?php 
echo rand_string();
?>
"> <span class="user-info"> <?php 
echo session('user_name');
?>
 </span> <i class="icon-caret-down"></i> </a>
					<ul class="user-menu pull-right dropdown-menu dropdown-yellow dropdown-caret dropdown-close">
						<li>
							<a href="<?php 
echo U('Profile/index');
?>
"> <i class="icon-user"></i> 用户资料 </a>
						</li>
						<li>
							<a href="<?php 
echo U('Profile/password');
Exemplo n.º 27
0
/**
+----------------------------------------------------------
* 获取登录验证码 默认为4位数字
+----------------------------------------------------------
* @param string $fmode 文件名
+----------------------------------------------------------
* @return string
+----------------------------------------------------------
*/
function build_verify($length = 4, $mode = 1)
{
    return rand_string($length, $mode);
}
Exemplo n.º 28
0
 /**
  *  找回密码页
  */
 public function retrieve_password()
 {
     $User = D("User");
     $email = D("email");
     if (empty($_POST)) {
         $this->display();
         exit;
     }
     $username = trim($_POST['username']);
     $email_address = trim($_POST['email']);
     //校验用户名与邮箱是否匹配
     $user_id = $User->where("username='******' AND email = '{$email_address}'")->getField('id');
     if ($user_id) {
         $new_password = randpw();
         $data['password'] = md5($new_password);
         $User->where("id={$user_id}")->save($data);
         $email->setting["timeout"] = 30;
         $email->setting["type"] = "retrieve_password";
         $email->setting["user_id"] = $user_id;
         $email->setting["title"] = "TripEC找回密码";
         $email->setting["code"] = rand_string(6, 5);
         $link = __HOST__ . U('register/retrieve_password', array("code" => $email->setting["code"], "username" => $username));
         $email->setting["link"] = md5($link);
         $email->setting["content"] = "您已经选择通过邮箱修改了您的密码,新的密码是:" . $new_password . "。请妥善保管好您的新密码。" . "如果此操作并非处于您本人的意愿,请及时与本站工作人员联系,谢谢!";
         if ($email->send($email_address, $email_address, "", "", $return)) {
             $this->display("retrieved_password");
         } else {
             $this->error("邮件发送失败!");
         }
     } else {
         $this->error('用户名和邮箱不匹配,请重新输入!');
     }
 }
Exemplo n.º 29
0
function build_count_rand($number, $length = 4, $mode = 1)
{
    if ($mode == 1 && $length < strlen($number)) {
        //不足以生成一定数量的不重复数字
        return false;
    }
    $rand = array();
    for ($i = 0; $i < $number; $i++) {
        $rand[] = rand_string($length, $mode);
    }
    $unqiue = array_unique($rand);
    if (count($unqiue) == count($rand)) {
        return $rand;
    }
    $count = count($rand) - count($unqiue);
    for ($i = 0; $i < $count * 3; $i++) {
        $rand[] = rand_string($length, $mode);
    }
    $rand = array_slice(array_unique($rand), 0, $number);
    return $rand;
}
Exemplo n.º 30
0
  /**
   *  取得授权信息
   */
  public function get_code(){
	include C('INTERFACE_PATH')."wxwappay/lib/WxPay.Api.php";
	include C('INTERFACE_PATH')."wxwappay/unit/WxPay.JsApiPay.php";

	//获取openid
	$url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.WxPayConfig::APPID.'&secret='.WxPayConfig::APPSECRET.'&code='.$_GET['code'].'&grant_type=authorization_code';
	$json = httpGet($url);
	$array  = json_decode($json,1);
	$openid = $array['openid'];

	//获取用户信息
	$url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$array['access_token'].'&openid='.$openid.'&lang=zh_CN';
	$msg = json_decode(httpGet($url),1);
	$model = M('Member');
	$time = time();
	if($msg){
		//记录微信注册过
		cookie('wx_has',1,60*60*24*365);
		//查询用户是否存在
		$data['openid'] = $openid;
		$member = $model->field('id,logo,email,username,nickname,realname,province,city,district,create_time,salt')->where($data)->find();
		//用户存在则登录
		if($member){
			$sdata['last_login_time'] = time();
			$sdata['last_login_ip'] = $_SERVER['REMOTE_ADDR'];
			$model->where($data)->save($sdata);
			$member_msg = serialize($member);
			$member_msg = authcode($member_msg,'ENCODE');
			session('member_msg',$member_msg);
		}else{
			$parent = $this->parent();
			$region = $this->getcityid($msg['province'],$msg['city']);
			$data['openid'] = $openid;
			$data['nickname'] = $msg['nickname'];
			$data['from'] = 'wap';
			$salt = rand_string(6,-1);
			$data['salt'] = $salt;
			$data['pid'] = $parent ? $parent['id'] : 0;
			$data['pv_id'] = $region['pv_id'];
			$data['ct_id'] = $region['ct_id'];
			$data['province'] = $msg['province'];
			$data['city'] = $msg['city'];
			$data['logo'] = $msg['headimgurl'];
			$data['last_login_time'] = $time;
			$ip = _get_ip();
			$data['last_login_ip'] = $ip;
			$data['create_time'] = $time;
			$member_id = $model->add($data);
			//用户其他信息
			$model = M('Member_msg');
			$data2['member_id'] = $member_id;
			$data2['sex'] = $msg['sex'];
			$model->add($data2);
			//微信登录
			$member['id'] = $member_id;
			$member['logo'] = $msg['headimgurl'];
			$member['salt'] = $salt;
			$member['ip'] = $ip;
			$member['province'] = $msg['province'];
			$member['city'] = $msg['city'];
			$member['district'] = '';
			$member['create_time'] = $time;
			$member_msg = serialize($member);
			$member_msg = authcode($member_msg,'ENCODE');
			session('member_msg',$member_msg);
		}
		login_log($member);

	}

	//跳转回访问页
	//$origin_action = $_GET['origin_action'] ? $_GET['origin_action'] : 'index';
	//$go_url = __APP__.'?wx_login=1';
	$redirectURL = Cookie( '_redirectURL_');
	$go_url = $redirectURL ? $redirectURL : __APP__.'?wx_login=1';
	header("Location: ".$go_url);
	exit;
  }