public function j_email() { // 如果 if (isset($_POST['em'])) { $email = $_POST['em']; $account_model = D('Account'); // 证明已经注册过 if ($account_model->judge_account_id_isset($email)) { Response::show('-101', '该邮箱已经被注册!'); } else { // 发送给用户的信息 $rand_string = strtolower(rand_string()); $title = '欢迎您注册!么么哒。'; $content = '您好,您的注册验证码是 : ' . $rand_string . ' !, 如果不是本人操作,请忽略!'; $Memcached = Memcached::getInstance(); // 暂时不加密了。 $Memcached->set($email, $rand_string); if (SendMail($email, $title, $content) === true) { Response::show('200', '已经发送验证码,请注意查收!'); } else { Log::write('发送验证码失败,to [--' . $email . '--]', 'WARN'); Response::show('-102', '邮件发送失败,未知原因!'); } } } Response::show('-103', '数据丢失!'); }
public function register() { $model = D('Member'); if (false === $model->create()) { //错误提示 $msg['error_code'] = 8002; $msg['notice'] = $model->getError(); echo json_encode($msg); exit; } $data['tel'] = $_POST['tel']; $data['salt'] = $salt = rand_string(6, -1); $psw = md5($_POST['password'] . $salt . $salt[1]); $data['password'] = $psw; $mid = $model->add($data); if ($mid) { $msg['error_code'] = 0; $msg['notice'] = '注册成功'; //生成token $token = create_token($mid, $salt); $vo['id'] = $mid; $vo['salt'] = $salt; //存储token set_token($vo, $token); $msg['token'] = $token; echo json_encode($msg); exit; } else { $msg['error_code'] = 8002; $msg['notice'] = '注册失败'; echo json_encode($msg); exit; } }
/** * 编辑 */ public function set() { $share_info = $this->_getData(); //含有sid则为更新,否则为插入 if (isset($this->in['sid']) && strlen($this->in['sid']) == 8) { $info_new = $this->sql->get($this->in['sid']); //只更新指定key foreach ($share_info as $key => $val) { $info_new[$key] = $val; } if ($this->sql->update($this->in['sid'], $info_new)) { show_json($info_new, true); } show_json($this->L['error'], false); } else { //插入 $share_list = $this->sql->get(); $new_id = rand_string(8); while (isset($share_list[$new_id])) { $new_id = rand_string(8); } $share_info['sid'] = $new_id; if ($this->sql->add($new_id, $share_info)) { show_json($share_info, true); } show_json($this->L['error'], false); } show_json($this->L['error'], false); }
/** * ユーザのオートログイン * * @param string $session_id * * @return array */ function service_user_autologin($session_id) { // セッションを取得 $users = select_sessions(array('select' => 'user_id, keep', 'where' => array('id = :id AND expire > :expire', array('id' => $session_id, 'expire' => localdate('Y-m-d H:i:s'))))); $session = false; $user_id = null; if (!empty($users)) { // セッションを更新 $new_session_id = rand_string(); $resource = update_sessions(array('set' => array('id' => $new_session_id, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $session_id)))); if ($resource) { cookie_set('auth[session]', $new_session_id, time() + $GLOBALS['config']['cookie_expire']); } else { error('データを編集できません。'); } if ($users[0]['keep']) { // ユーザを更新 $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s')), 'where' => array('id = :id', array('id' => $users[0]['user_id'])))); if (!$resource) { error('データを編集できません。'); } $session = true; $user_id = $users[0]['user_id']; } } return array($session, $user_id); }
function crypt512($pw) { if (CRYPT_SHA512 != 1) { throw new Exception('Hashing mechanism not supported.'); } return crypt($pw, '$6$' . rand_string(16) . '$'); }
/** * Output form input * * @param array * @param array * @return string */ public function form_output($data, $entry_id, $field) { // Get slug stream $stream = $this->CI->streams_m->get_stream($data['custom']['choose_stream']); if (!$stream) { return '<em>' . $this->CI->lang->line('streams:relationship.doesnt_exist') . '</em>'; } $title_column = $stream->title_column; // Default to ID for title column if (!trim($title_column) or !$this->CI->db->field_exists($title_column, $stream->stream_prefix . $stream->stream_slug)) { $title_column = 'id'; } // Get the entries $obj = $this->CI->db->get($stream->stream_prefix . $stream->stream_slug); $choices = array(); // If this is not required, then // let's allow a null option if ($field->is_required == 'no') { $choices[null] = $this->CI->config->item('dropdown_choose_null'); } foreach ($obj->result() as $row) { // Need to replace with title column $choices[$row->id] = $row->{$title_column}; } // Output the form input return form_dropdown($data['form_slug'], $choices, $data['value'], 'id="' . rand_string(10) . '"'); }
/** * edit */ public function set() { if ($_SERVER['HTTP_REFERER'] != $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]) { if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { $share_info = $this->_getData(); //Containing sid was updated, otherwise insert if (isset($this->in['sid']) && strlen($this->in['sid']) == 8) { $info_new = $this->sql->get($this->in['sid']); //Only Updates the specified key foreach ($share_info as $key => $val) { $info_new[$key] = $val; } if ($this->sql->update($this->in['sid'], $info_new)) { show_json($info_new, true); } show_json($this->L['error'], false); } else { //insert $share_list = $this->sql->get(); $new_id = rand_string(8); while (isset($share_list[$new_id])) { $new_id = rand_string(8); } $share_info['sid'] = $new_id; if ($this->sql->add($new_id, $share_info)) { show_json($share_info, true); } show_json($this->L['error'], false); } show_json($this->L['error'], false); } } else { header('Location: 403.php'); } }
function finish_auth($username, $auth_key, $url) { // not a good design if (mb_strlen($auth_key, 'utf-8') != 32) { return json_encode(array('errorno' => 1)); } $result = get_user_information($username); if ($result == null) { return json_encode(array('errorno' => 2)); } if (process_auth_key($result['auth_key'], $result['last_time'], $url) != $auth_key) { return json_encode(array('errorno' => 3)); } // not good design +1 $new_auth_key = rand_string(); $sql = "UPDATE `account` SET `auth_key`= ? WHERE username= ? LIMIT 1"; $params = array($new_auth_key, $username); $count = (new MysqlDAO())->execute($sql, $params, 'ss'); $username = $result['username']; $email = $result['email']; $verified = $result['verified']; $reg_time = $result['reg_time']; $res = array('errorno' => 0, 'user' => array('username' => $username, 'email' => $email, 'verified' => $verified, 'reg_time' => $reg_time)); return json_encode($res); }
public function dopayment() { if ($this->isPost()) { C('TOKEN_ON', false); import('@.Com.payment.PaymentFactory'); //订单号 $out_trade_no = date('Ymdhis') . rand_string(4, 1); $subject = $this->_CFG['site_name'] . '会员充值'; $body = ''; $total_fee = floatval($_REQUEST['amount']); $show_url = 'http://' . $_SERVER['HTTP_HOST'] . __ROOT__; if ($this->_CFG['alipay_type'] == 'direct') { $pay_type = 'alipay'; $status = 103; } else { if ($this->_CFG['alipay_type'] == 'warrant') { $pay_type = 'AlipayWarrant'; $status = 103; } } $params = array('out_trade_no' => $out_trade_no, 'subject' => $subject, 'body' => $body, 'total_fee' => $total_fee, 'show_url' => $show_url); $data = array('user_id' => $this->_user['user_id'], 'nick' => $this->_user['nick'], 'out_trade_no' => $out_trade_no, 'amount' => $total_fee, 'content' => '在线充值', 'addtime' => LocalTime::getInstance()->gmtime(), 'status' => $status); M('payment')->add($data); $payment = PaymentFactory::getPayment($pay_type); $html_text = $payment->buildForm($params); $this->assign('form_html', $html_text); $this->assign('page_title', '在线充值 - '); $this->display(); } }
public function __construct() { /* 当没有uid即 用户没有登陆的时候 自动注册一个用户/// * 当用户退出/或者在注册页面的时候不是继承Common、即UserAction是直接继承Action的 * 用户可以在Login或者Register注册自己的账号 或者 直接修改随机个人帐号 * 随即账号密码为123456 */ R("Public/session_start_by_user"); session_start(); if (session("uid") == "" || session("uid") == null || session("name") == "" || session("name") == null) { load("extend"); //引入扩展函数库 do { //当用外部浏览器登陆的时候就用这个 微信暂时也用这个 $userName = "******" . rand_string(8, 1); $userPassword = sha1(md5("123456")); $flag = D("User")->getUserRegister($userName, $userPassword); } while (!$flag); session_set_cookie_params(3600 * 24 * 365, "/"); session('[regenerate]'); session("uid", $flag['uid']); session("name", $userName); session("password", $userPassword); } //如果没有选择地点则跳转选择地点 if (!session("areaId")) { $this->redirect("/area"); } }
public function _before_add() { if (!IS_POST) { $appid = date('Y') . microtime(true) * 10000; $this->assign('appid', $appid); $appkey = rand_string(32, -1); $this->assign('appkey', $appkey); } }
public function __construct() { if(C('KUAIDI_KEY')) $this->key = C('KUAIDI_KEY'); $this->par = array( 'type' => '', 'postid' => '', 'id' => 1, 'valicode' => '', 'temp' => rand_string(10), ); }
function execute() { $result = array(); if (!isset($_POST['email'])) { $result['retCode'] = '10'; $result['retMsg'] = 'Invalid param.'; $result['result'] = FALSE; } else { $date = date('Y-m-d'); $email = $this->input->post('email'); $guser = rand_string(6); $gp = rand_string(6); $gpass_decod = $gp; $gpass = $this->ci->passwordhash->HashPassword($gp); $name = $this->input->post('name'); $code = sha1(md5(rand_string(6))); $links = "http://bdsinu.no-ip.biz:8888/kaspoint/index.php/auth/active/verify/" . base64_encode($email); // change your url $pesan = "Calon Pelanggan yang Terhormat,\n\n\t\t\t\t\t\tTerima kasih " . $name . " telah melakukan Pendaftaran pada aplikasi Kaspoint PT.Links.co.id\n\t\t\t\t\t\tSilahkan lakukan aktifasi dengan Mengklik \n\t\t\t\t\t\t" . $links . "\n\t\t\t\t\t\tUsername : "******"\n\t\t\t\t\t\tPassword : "******"\n\t\t\t\t\t\t-----------------------"; if (isset($_POST['email'])) { $email = mysql_real_escape_string($_POST['email']); $check_for_email = $this->db->query("select * from t_user where email1 ='" . $_POST['email'] . "'"); if ($check_for_email->num_rows()) { $result['retCode'] = '20'; $result['retMsg'] = 'Email Not Available'; $result['result'] = true; } else { $data_user = array('ID_' => $code, 'active' => 0, 'nick_name' => $name, 'email1' => $email, 'username' => $guser, 'password' => $gpass, 'reg_date' => $date, 'nick_name' => $name, 'active_login' => 0, 'role' => "cab483821c4eacfc41fee8c0ffe72216"); $save = $this->mgeneral->save($data_user, 't_user'); /* if(!$save){ $result['retCode'] = '001'; $result['retMsg'] = 'Pendaftaran tidak sukses'; }else{ */ $this->email->from('*****@*****.**', 'Sales - Kaspoint'); $this->email->to($this->input->post('email')); $this->email->subject('Dealer Register'); $this->email->message($pesan); $this->email->send(); $result['username'] = $guser; $result['password'] = $gpass_decod; $result['retCode'] = '00'; //$result['url'] = 'localhost/ppob/index.php/auth/login'; //change your url $result['retMsg'] = 'Success To Registrasi but not active your account.'; $result['result'] = TRUE; $result['uri'] = $links; //} } } else { $result['retCode'] = '01'; $result['retMsg'] = 'Error Registration.'; $result['result'] = TRUE; } } $this->output->set_content_type('application/json')->set_output(json_encode($result)); }
function registerFormSubmitted() { require 'include/configGlobals.php'; connectDatabase(); slashAllInputs(); //This makes sure they did not leave any fields blank if (!$_POST['username'] | !$_POST['email'] | !$_POST['firstName'] | !$_POST['lastName']) { die('You did not complete all of the required fields'); } if (!isUsernameValid($_POST['username'])) { die('Sorry, that username is invalid. Please go back and try again.'); } // checks if the username is in use $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM users WHERE username = '******'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { die('Sorry, the username ' . $_POST['username'] . ' is already in use. Please go back and try again.'); } $emailcheck = $_POST['email']; $check = mysql_query("SELECT email FROM users WHERE email = '{$emailcheck}'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the email exists it gives an error if ($check2 != 0) { die('Sorry, the email ' . $_POST['email'] . ' has already been registered. Please go back and try again.'); } $tempPassword = rand_string(16); // here we encrypt the password and add slashes if needed $hashPassword = md5($tempPassword); $hashUsername = md5($_POST['username']); $hash256Password = bin2hex(mhash(MHASH_SHA256, $tempPassword)); $hash256Username = bin2hex(mhash(MHASH_SHA256, $_POST['username'])); $creationDate = date('Y-m-d'); // now we insert it into the database $insert = "INSERT INTO users (username, pass, sha256_user, sha256_pass, fname, lname, addr1, addr2, city, state, zip, hphone, cphone, email, econtact, econtact_phone, econtact_rel, creation) VALUES (\n '" . $_POST['username'] . "',\n '" . $hashPassword . "',\n\t\t '" . $hash256Username . "',\n\t\t '" . $hash256Password . "',\n '" . $_POST['firstName'] . "',\n '" . $_POST['lastName'] . "',\n '" . $_POST['address1'] . "',\n '" . $_POST['address2'] . "',\n '" . $_POST['city'] . "',\n '" . $_POST['state'] . "',\n '" . $_POST['zipCode'] . "',\n '" . $_POST['homePhone'] . "',\n '" . $_POST['cellPhone'] . "',\n '" . $_POST['email'] . "',\n '" . $_POST['econtact'] . "',\n '" . $_POST['econtactPhone'] . "',\n '" . $_POST['econtactRel'] . "',\n '" . $creationDate . "'\n )"; $add_member = mysql_query($insert); $to = $_POST['email']; $from = $email_Administrator; $subject = 'Registered on ' . $club_Abbr . ' Online Registration Site'; $message = "--{$mime_boundary}\n"; $message .= "Content-Type: text/plain; charset=UTF-8\r\n"; $message .= "Content-Transfer-Encoding: 8bit\r\n"; $message .= 'Thank you for registering on the ' . $club_Abbr . ' Online Registration site.' . "\n" . "\n" . 'Your username is: [ ' . $usercheck . " ]\n" . 'Your temporary password is: [ ' . $tempPassword . " ]\n" . "\n" . 'Login at ' . $http_Logout . ' to change your password and register for events.' . "\n" . "\n" . 'Thank you!' . "\n" . '- ' . $club_Abbr . ' Administration' . "\n"; $message .= "--{$mime_boundary}--\n\n"; if (sendEmail($to, $from, $subject, $message) != false) { echo "<h1>Registered</h1>\n"; echo "Thank you, you have registered. An email has been sent to " . $to . " \n"; echo "with your username and temporary password. Depending on internal server traffic, this may take some time.<br><br>\n"; echo "When you receive your temporary password you may <a href=\"index.php\">login</a> to continue.\n"; } else { echo "<h1>Internal Email Error. Please contact administrator at " . $email_Administrator . "</h1>\n"; } }
public function changePassword($intEditorID, $strOldPassword, $strNewPassword) { if ($strOldPassword == $strNewPassword) { return new returnData(0, NULL); } $query = "UPDATE editors \n SET password = MD5('{$strNewPassword}'), read_write_token = '" . rand_string(64) . "'\n WHERE password = MD5('{$strOldPassword}')\n AND editor_id = {$intEditorID}"; Module::query($query); if (mysql_affected_rows() < 1) { return new returnData(4, NULL, 'No editors exist with matching ID and password'); } return new returnData(0, NULL); }
public function Login() { $chk_user = "******"; $chk_pass = "******"; //d4068d373bcc50fc83fd5bb6fe35ee7d $userName = text($_POST["userName"]); $password = text($_POST["password"]); if ($userName == $chk_user && ($password = md5($chk_pass))) { $vcode = rand_string($this->wdzjUid, 32, null, 14); echo $vcode; } else { echo "User name or password is incorrect!"; } }
function generate_captcha($extra = '1234567890') { global $config; $text = rand_string($config['captcha']['length'], $extra); $captcha = new SimpleCaptcha(); $cookie = rand_string(20, "abcdefghijklmnopqrstuvwxyz"); ob_start(); $captcha->CreateImage($text); $image = ob_get_contents(); ob_end_clean(); $html = '<image src="data:image/png;base64,' . base64_encode($image) . '">'; $query = prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)"); $query->execute([$cookie, $extra, $text, time()]); return array("cookie" => $cookie, "html" => $html); }
function forgotFormSubmitted() { require 'include/configGlobals.php'; // Connects to your Database connectDatabase(); slashAllInputs(); //This makes sure they did not leave any fields blank if (!$_POST['email']) { die('You did not complete all of the required fields'); } // checks if the email is in use $emailcheck = $_POST['email']; $check = mysql_query("SELECT username FROM users WHERE email = '{$emailcheck}'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the email doesn't exists it gives an error if ($check2 == 0) { die('Sorry, no user with email ' . $emailcheck . ' is registered in the database. Please try again.'); } while ($info = mysql_fetch_array($check)) { $usercheck = $info['username']; } $tempPassword = rand_string(16); // here we encrypt the password $sha256_pass = bin2hex(mhash(MHASH_SHA256, $tempPassword)); // now we insert it into the database $update_member = mysql_query("UPDATE users SET sha256_pass='******' WHERE username='******'"); $sha256_pass = rand_string(128); // clear md5 hash $update_member = mysql_query("UPDATE users SET pass='' WHERE username='******'"); $to = $emailcheck; $from = $email_Administrator; $subject = 'Reset Info for ' . $club_Abbr . ' Online Registration Site'; $message = "--{$mime_boundary}\n"; $message .= "Content-Type: text/plain; charset=UTF-8\r\n"; $message .= "Content-Transfer-Encoding: 8bit\r\n"; $message .= 'Your password has been reset on the ' . $club_Abbr . ' Online Registration site at your request.' . "\n" . "\n" . 'Your username is: [ ' . $usercheck . " ]\n" . 'Your temporary password is: [ ' . $tempPassword . " ]\n" . "\n" . 'Login at ' . $http_Logout . ' to change your password and register for events.' . "\n" . "\n" . 'Thank you!' . "\n" . '- ' . $club_Abbr . ' Administration' . "\n"; $message .= "--{$mime_boundary}--\n\n"; sendEmail($to, $from, $subject, $message); $tempPassword = rand_string(16); // clear variable data echoMainHeader(); echo "<h1>Email Sent.</h1>\n"; echo "Thank you, you have registered. An email has been sent to " . $_POST['email'] . " \n"; echo "with your username and temporary password. Depending on internal server traffic, this may take some time.<br><br>\n"; echo "When you receive your temporary password you may <a href=\"" . $http_Logout . "\">login</a> to continue.\n"; echoMainFooter(); }
function logoutUser() { header("Content-Type: text/html; charset=utf-8"); logLogout(getCookie('ID')); if (getCookie('ID')) { connectDatabase(); slashArray($_COOKIE); // reset session id $sessionId = rand_string(32); $update = "UPDATE users SET session_id='{$sessionId}' WHERE sha256_user='******'ID') . "'"; $result = mysql_query($update); $sessionId = rand_string(32); } //this deletes the cookies clearCookies(); header("Location: index.php"); }
function execute() { $result = array(); if (!isset($_POST['email'])) { $result['retCode'] = '10'; $result['retMsg'] = 'Invalid param.'; $result['result'] = FALSE; } else { $date = date('Y-m-d'); $email = $this->input->post('email'); $gp = rand_string(6); $gpass_decod = $gp; $gpass = $this->ci->passwordhash->HashPassword($gp); if (isset($email)) { $mail = mysql_real_escape_string($email); $check_for_email = $this->db->query("select * from t_user where email1 ='" . $mail . "'"); if ($check_for_email->num_rows() <= 0) { //$result['r'] = $check_for_email->num_rows(); $result['retCode'] = '20'; $result['retMsg'] = 'Email Not Available'; $result['result'] = true; } else { $u = $check_for_email->row(); $pesan = "Pelanggan yang Terhormat,\n\n\t\t\t\t\t\tBerikut password Baru anda\n\t\t\t\t\t\tUsername : "******"\n\t\t\t\t\t\tPassword : "******"\n\t\t\t\t\t\t-----------------------"; $data_user = array('password' => $gpass); $save = $this->mgeneral->update(array('email1' => $mail), $data_user, 't_user'); $this->email->from('*****@*****.**', 'admin - PPOB'); $this->email->to($email); $this->email->subject('Dealer Register'); $this->email->message($pesan); $this->email->send(); $result['retCode'] = '00'; //$result['url'] = 'localhost/ppob/index.php/auth/login'; //change your url $result['retMsg'] = 'Change Password Sukses.'; $result['result'] = TRUE; //$result['uri'] =$links; } } else { $result['retCode'] = '01'; $result['retMsg'] = 'Error Registration.'; $result['result'] = TRUE; } } $this->output->set_content_type('application/json')->set_output(json_encode($result)); }
/** * 产生随机字符串 * * @param ing $len 长度,默认4 * @param int $mode 模式,默认5,去掉了容易混淆的字符oOLl和数字01 * @param string $add_chars 额外字符,默认'' * * @return string 随机字符串 */ private function _rand_string($len = 4, $mode = 5, $add_chars = '') { if (function_exists('rand_string')) { return rand_string($len, $mode, $add_chars); } $str = ''; switch ($mode) { case 0: //大小写字母a-zA-Z $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' . $add_chars; break; case 1: //大写字母A-Z $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . $add_chars; break; case 2: //小写字母a-z $chars = 'abcdefghijklmnopqrstuvwxyz' . $add_chars; break; case 3: //数字0-9 $chars = str_repeat('0123456789', 3); break; case 4: //字母与数字a-zA-z0-9 $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; break; default: //默认去掉了容易混淆的字符oOLl和数字01,要添加请使用add_chars参数 $chars = 'ABCDEFGHIJKMNPQRSTUVWXYZabcdefghijkmnpqrstuvwxyz23456789' . $add_chars; break; } if ($len > 10) { //位数过长重复字符串一定次数 $chars = 2 == $mode ? str_repeat($chars, $len) : str_repeat($chars, 5); } $chars = str_shuffle($chars); $str = substr($chars, 0, $len); return $str; }
function loginUser() { $username = $_POST['username']; // checks it against the database $query = "SELECT * FROM users WHERE username = '******'"; $check = mysql_query($query) or die(mysql_error()); if ($info = mysql_fetch_array($check)) { $sessionId = rand_string(32); // update lastLogon & session id $now = date('c'); $update = "UPDATE users SET lastLogon='{$now}', session_id='{$sessionId}' WHERE username='******'"; $result = mysql_query($update) or die(mysql_error()); $hashUsername = $info['sha256_user']; // if login is ok then we add a cookie setCookies($hashUsername, $sessionId); $sessionId = rand_string(32); logLogin($hashUsername); //then redirect them to the members area header('Location: main.php'); } else { dieError("ERROR: Cannot find user record in database. Please contact the administrator"); } }
public function change_award($user_id, $money, $types, $in_type) { if ($money > 0) { $user = M("user"); $line_order = M('line_order'); if ($in_type == 0) { $user->where("id={$user_id}")->setDec("award", $money); } else { $user->where("id={$user_id}")->setInc("award", $money); } do { $code = "A" . date("ymdHi") . rand_string(5, 0); } while ($line_order->where("code='{$code}'")->find()); $now_money = $user->where("id={$user_id}")->getField("award"); $data['user_id'] = $user_id; $data['code'] = $code; $data["money"] = $money; $data["now_money"] = $now_money; $data["types"] = $types; $data["in_types"] = $in_type; $data["create_time"] = time(); $this->add($data); } }
?> <script src="<?php echo STATIC_PATH; ?> js/lib/seajs/sea.js?ver=<?php echo KOD_VERSION; ?> "></script> <script src="./index.php?share/common_js&user=<?php echo $_GET['user']; ?> &sid=<?php echo $_GET['sid']; ?> &#=<?php echo rand_string(8); ?> "></script> <script src="<?php echo STATIC_PATH; ?> js/lib/ace/src-min-noconflict/ace.js?ver=<?php echo KOD_VERSION; ?> "></script> <script src="<?php echo STATIC_PATH; ?> js/lib/ace/src-min-noconflict/ext-static_highlight.js?ver=<?php echo KOD_VERSION; ?>
function verify($username, $auth_key) { if (mb_strlen($username, 'utf-8') < 1 || mb_strlen($username, 'utf-8') > 12) { return 'User not exist'; } if (strlen($auth_key) != 32) { return 'Invalid auth key'; } $result = get_user_information($username); if ($result == null) { return 'User not exist'; } if (process_auth_key($result['auth_key'], $result['last_time']) != $auth_key) { return 'Link is out of data'; } $new_auth_key = rand_string(); $sql = "UPDATE `account` SET `auth_key`= ?, verified='t' WHERE username= ? LIMIT 1"; $params = array($new_auth_key, $username); $count = (new MysqlDAO())->execute($sql, $params, 'ss'); if ($count == 1) { return '1'; } else { return 'Sth is wrong with server'; } }
<!-- <li class=""> <a href="<?php echo U('message/index'); ?> " onclick="del_current_node()"><i class="icon-inbox"></i> <span class="badge "><?php echo $new_message_count; ?> </span> </a> </li> --> <li class="light-blue"> <a data-toggle="dropdown" href="#" class="dropdown-toggle"> <img class="nav-user-photo" src="<?php echo get_save_url(); echo session('user_pic'); ?> ?<?php echo rand_string(); ?> "> <span class="user-info"> <?php echo session('user_name'); ?> </span> <i class="icon-caret-down"></i> </a> <ul class="user-menu pull-right dropdown-menu dropdown-yellow dropdown-caret dropdown-close"> <li> <a href="<?php echo U('Profile/index'); ?> "> <i class="icon-user"></i> 用户资料 </a> </li> <li> <a href="<?php echo U('Profile/password');
/** +---------------------------------------------------------- * 获取登录验证码 默认为4位数字 +---------------------------------------------------------- * @param string $fmode 文件名 +---------------------------------------------------------- * @return string +---------------------------------------------------------- */ function build_verify($length = 4, $mode = 1) { return rand_string($length, $mode); }
/** * 找回密码页 */ public function retrieve_password() { $User = D("User"); $email = D("email"); if (empty($_POST)) { $this->display(); exit; } $username = trim($_POST['username']); $email_address = trim($_POST['email']); //校验用户名与邮箱是否匹配 $user_id = $User->where("username='******' AND email = '{$email_address}'")->getField('id'); if ($user_id) { $new_password = randpw(); $data['password'] = md5($new_password); $User->where("id={$user_id}")->save($data); $email->setting["timeout"] = 30; $email->setting["type"] = "retrieve_password"; $email->setting["user_id"] = $user_id; $email->setting["title"] = "TripEC找回密码"; $email->setting["code"] = rand_string(6, 5); $link = __HOST__ . U('register/retrieve_password', array("code" => $email->setting["code"], "username" => $username)); $email->setting["link"] = md5($link); $email->setting["content"] = "您已经选择通过邮箱修改了您的密码,新的密码是:" . $new_password . "。请妥善保管好您的新密码。" . "如果此操作并非处于您本人的意愿,请及时与本站工作人员联系,谢谢!"; if ($email->send($email_address, $email_address, "", "", $return)) { $this->display("retrieved_password"); } else { $this->error("邮件发送失败!"); } } else { $this->error('用户名和邮箱不匹配,请重新输入!'); } }
function build_count_rand($number, $length = 4, $mode = 1) { if ($mode == 1 && $length < strlen($number)) { //不足以生成一定数量的不重复数字 return false; } $rand = array(); for ($i = 0; $i < $number; $i++) { $rand[] = rand_string($length, $mode); } $unqiue = array_unique($rand); if (count($unqiue) == count($rand)) { return $rand; } $count = count($rand) - count($unqiue); for ($i = 0; $i < $count * 3; $i++) { $rand[] = rand_string($length, $mode); } $rand = array_slice(array_unique($rand), 0, $number); return $rand; }
/** * 取得授权信息 */ public function get_code(){ include C('INTERFACE_PATH')."wxwappay/lib/WxPay.Api.php"; include C('INTERFACE_PATH')."wxwappay/unit/WxPay.JsApiPay.php"; //获取openid $url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.WxPayConfig::APPID.'&secret='.WxPayConfig::APPSECRET.'&code='.$_GET['code'].'&grant_type=authorization_code'; $json = httpGet($url); $array = json_decode($json,1); $openid = $array['openid']; //获取用户信息 $url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$array['access_token'].'&openid='.$openid.'&lang=zh_CN'; $msg = json_decode(httpGet($url),1); $model = M('Member'); $time = time(); if($msg){ //记录微信注册过 cookie('wx_has',1,60*60*24*365); //查询用户是否存在 $data['openid'] = $openid; $member = $model->field('id,logo,email,username,nickname,realname,province,city,district,create_time,salt')->where($data)->find(); //用户存在则登录 if($member){ $sdata['last_login_time'] = time(); $sdata['last_login_ip'] = $_SERVER['REMOTE_ADDR']; $model->where($data)->save($sdata); $member_msg = serialize($member); $member_msg = authcode($member_msg,'ENCODE'); session('member_msg',$member_msg); }else{ $parent = $this->parent(); $region = $this->getcityid($msg['province'],$msg['city']); $data['openid'] = $openid; $data['nickname'] = $msg['nickname']; $data['from'] = 'wap'; $salt = rand_string(6,-1); $data['salt'] = $salt; $data['pid'] = $parent ? $parent['id'] : 0; $data['pv_id'] = $region['pv_id']; $data['ct_id'] = $region['ct_id']; $data['province'] = $msg['province']; $data['city'] = $msg['city']; $data['logo'] = $msg['headimgurl']; $data['last_login_time'] = $time; $ip = _get_ip(); $data['last_login_ip'] = $ip; $data['create_time'] = $time; $member_id = $model->add($data); //用户其他信息 $model = M('Member_msg'); $data2['member_id'] = $member_id; $data2['sex'] = $msg['sex']; $model->add($data2); //微信登录 $member['id'] = $member_id; $member['logo'] = $msg['headimgurl']; $member['salt'] = $salt; $member['ip'] = $ip; $member['province'] = $msg['province']; $member['city'] = $msg['city']; $member['district'] = ''; $member['create_time'] = $time; $member_msg = serialize($member); $member_msg = authcode($member_msg,'ENCODE'); session('member_msg',$member_msg); } login_log($member); } //跳转回访问页 //$origin_action = $_GET['origin_action'] ? $_GET['origin_action'] : 'index'; //$go_url = __APP__.'?wx_login=1'; $redirectURL = Cookie( '_redirectURL_'); $go_url = $redirectURL ? $redirectURL : __APP__.'?wx_login=1'; header("Location: ".$go_url); exit; }