function read_pass($datei, $pass)
{
if (file_exists($datei)) {
/*! prüfen ob passdatei vorhanden ist */
if ($fh = fopen($datei, 'r')) {
/*! solange datei nicht zu ende ist */
while (!feof($fh)) {
/*! lese zeile */
$line = fgets($fh);
/*! fehler beim lesen von zeile */
if ($line === FALSE) {
/*! wenn debugg dann lese fehler ausgeben */
echo " cant read line <br>";
} else {
set_session(array($pass => $line));
}
}
/*! datei schliessen */
fclose($fh);
} else {
echo "<br>Cant Open {$datei}<br>";
unset_session(array($pass));
return false;
}
} else {
unset_session(array($pass));
return false;
}
return true;
}
function csrf_verify($name, $token)
{
$hash = get_session($name);
$valid = false;
if ($hash === $token) {
$valid = true;
}
unset_session($name);
return $valid;
}
function csrfguard_validate_token($unique_form_name, $token_value)
{
$token = get_from_session($unique_form_name);
if ($token === false) {
return true;
} elseif ($token === $token_value) {
$result = true;
} else {
$result = false;
}
unset_session($unique_form_name);
return $result;
}
function set_new_company($id)
{
set_session('company_id', $id);
set_session('company_name', max_size(get_table_value('Companies', 'name', $id), 40));
// clean up previous [Company] search sessions
unset_session('contact_search');
unset_session('domain_search');
unset_session('playlist_search');
unset_session('user_search');
unset_session('video_search');
// clean up previous [Company] page sessions
unset_session('contact_page');
unset_session('domain_page');
unset_session('playlist_page');
unset_session('user_page');
unset_session('video_page');
}
function admin_login()
{
safe('admin_login');
global $smarty, $lang;
$username = substr(post('username'), 0, 30);
$password = substr(post('password'), 0, 30);
if ($username == '' || $password == '') {
unset_session('admin_username');
unset_session('admin_password');
$info_text = '对不起,用户名和密码不能为空';
$link_text = '返回重新登录';
} else {
$password = md5($password);
$obj = new admin();
$obj->set_field('adm_id,adm_last_login');
$obj->set_where("adm_username = '******'");
$obj->set_where("adm_password = '******'");
$one = $obj->get_one();
if (count($one) !== 0) {
set_session('session_id', session_id());
set_session('admin_username', $username);
set_session('admin_password', $password);
$adm_id = $one['adm_id'];
$adm_prev_login = $one['adm_last_login'];
$adm_last_login = time();
$obj->set_value('adm_prev_login', $adm_prev_login);
$obj->set_value('adm_last_login', $adm_last_login);
$obj->set_where('');
$obj->set_where("adm_id = {$adm_id}");
$obj->edit();
$info_text = '欢迎使用新秀文章管理系统后台';
$link_text = '进入后台';
} else {
unset_session('session_id');
unset_session('admin_username');
unset_session('admin_password');
$info_text = '对不起,用户名不存在或密码不正确';
$link_text = '返回重新登录';
}
}
$smarty->assign('info_text', $info_text);
$smarty->assign('link_text', $link_text);
$smarty->assign('link_href', $_SERVER['PHP_SELF']);
}
public function indexAction()
{
if (!is_request('id') and !is_request('page')) {
unset_claxx('search');
}
$order = $this->set_order();
$where = $this->getWhere();
$Table = new $this->table();
$count = $Table->getCount($where);
$first_row = $this->set_page_control($count, $this->per_page);
$this->view->rows = $Table->getRows($where, $order, $first_row, $this->per_page);
set_session_ids($this->view->rows);
unset_session('id');
$this->posIndex();
}
function pop_session($var)
{
$return = get_session($var);
unset_session($var);
return $return;
}
<?php
unset_session('pelanggan');
redirect(base_url());
/**
* $.ajax({ method: log_out });
*
* status: ok
* message: x...x
*/
private function log_out($data)
{
// setcookie('remember_me' , '', time() - 86400, '/');
// setcookie('authorization', '', time() - 86400, '/');
$error = '';
$session = new Zend_Session_Namespace();
foreach ($session as $name => $value) {
// if ($name != 'control_company') {
unset_session($name);
// }
}
// $this->_redirect( INDEX . 'index' ); // in linux, it generates = http://xxx/jky_index.php/jky_index.php/index
// $this->_redirect( INDEX . 'jky_index.php/index' );
$return = array();
$return['status'] = $error == '' ? 'ok' : 'error';
$return['message'] = $error;
echo json_encode($return);
}
<?php
include 'smarty/Smarty.class.php';
include 'admin/common.func.php';
set_smarty();
load_lang_pack(array($global['channel']), 'admin');
initial('admin');
unset_session('admin_username');
unset_session('admin_password');
$smarty->assign('info_text', '您已经退出系统');
$smarty->assign('link_text', '重新登录');
$smarty->assign('link_href', $_SERVER['PHP_SELF']);
$smarty->display('info.php');
//新秀
function set_claxx($name, $value)
{
$session = new Zend_Session_Namespace();
$class_name = $session->class . '_' . $name;
if (isset($value) && $value != '') {
set_session($class_name, $value);
set_memory($class_name);
} else {
unset_session($class_name);
}
}
function outlogin()
{
unset_session('authed');
unset_session('id');
$this->success('注销成功', '/admin/index/login');
}
if (isset($_SESSION["user"]) and isset($_SESSION["master"])) {
if (isset($_POST["upload"])) {
$masterpasshtml = "";
if (isset($_SESSION["admin"])) {
if (isset($_POST["master"]) and $_POST["master"] != "") {
/*! wenn geoeffnet dann schreibe neue db */
$masterpasscrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $_SESSION["user"], $_POST["master"], MCRYPT_MODE_ECB, $iv);
$wmpass = write_pass($SERVER_MPASS, $masterpasscrypt, "master");
$masterpasshtml = post_master_html($_POST["master"]);
}
}
if (isset($_SESSION["admin"])) {
if (is_uploaded_file($_FILES["file"]["tmp_name"])) {
move_uploaded_file($_FILES["file"]["tmp_name"], $TOTMANNDATEIENCRYPT);
$PAGE = tresor_master_datei_html($masterpasshtml);
unset_session(array("upass", "mpass", "apass", "user", "admin", "master"));
} else {
header("Location: {$SERVER}");
}
} else {
header("Location: {$SERVER}");
}
} else {
$uploadhtml = upload_html();
if (file_exists($TOTMANNDATEIENCRYPT)) {
$timedatei = time() - fileatime($TOTMANNDATEIENCRYPT);
$amonth = 60 * 60 * 24 * $DELAYDAYS;
// download nach $DELAYDAYS Tage
if ($amonth < $timedatei) {
$timedatei = floor($timedatei / (60 * 60 * 24));
$_SESSION["mpasswort"] = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $_SESSION["user"], $_SESSION["master"], MCRYPT_MODE_ECB, $iv);
<?php
unset_session('user');
redirect('login');
function logout()
{
unset_session('login');
header("Location:/admin");
}
if (has_session('login_timer')) {
$elapsed = microtime(true) - get_session('login_timer');
$remains = round(30 - $elapsed);
if ($elapsed >= 30) {
unset_session('login_timer');
$login_attempt = 1;
}
}
if ($login_attempt == 3) {
$result['message'] = 'Too many failed login attempts. Please try again in ' . $remains . ' seconds';
if (!has_session('login_timer')) {
set_session('login_timer', microtime(true));
}
} else {
$user = db_fetch_one('SELECT * FROM users WHERE email = ?', array($post['email']));
if ($user && md5($post['password']) == $user['passwd']) {
csrf_protect();
$result['success'] = true;
$result['message'] = '';
unset($user['passwd']);
set_session('user', $user);
unset_session('login_attempt');
unset_session('login_timer');
} else {
$login_attempt++;
set_session('login_attempt', $login_attempt);
}
}
sleep(1);
// test doank
print json_encode($result);
