Exemplo n.º 1
0
function viewAuth($action = 'auth', $pass = '')
{
    global $FavPasswd, $ViewPassword;
    switch ($action) {
        case 'auth':
            if (isset($_COOKIE['favsess'])) {
                @(list($hash, $exptime, $type) = @explode('.', $_COOKIE['favsess']));
                if ($type == 2 && md5('favsess' . $FavPasswd . $exptime) == $hash && time() <= $exptime) {
                    return true;
                }
                if ($type == 1 && md5('favsess' . $ViewPassword . $exptime) == $hash && time() <= $exptime) {
                    return true;
                }
                viewAuth('logout');
            }
            return false;
        case 'login':
            $exptime = time() + 3600;
            setcookie("favsess", md5('favsess' . $pass . $exptime) . '.' . $exptime . '.' . ($pass == $FavPasswd ? 2 : 1), time() + 3600);
            break;
        case 'logout':
            setcookie("favsess", '', time() - 3600);
    }
}
Exemplo n.º 2
0
        } else {
            if (!isset($_POST['pwd'])) {
                echo $MyFav_PasswdPrompt . '<form action="' . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'] . '" method="post">
	    <input type="password" name="pwd">
	    <input type="submit" name="Submit" value="登入">
	    ' . $MyFav_BackHTML . '
	</form>';
            } else {
                if (!logInOut(val($_POST, 'pwd'))) {
                    echo $MyFav_AccessDeny . '<br><center>' . $MyFav_BackHTML . '</center>';
                }
            }
        }
    }
}
if (isset($_SESSION['isLogined']) || viewAuth()) {
    switch ($iAction) {
        case "add":
            $_GET['url'] = urlencode($_GET['url']);
            // encodes url again
            $_GET['name'] = urlencode(jsUCEsc2utf8($_GET['name']));
            // encodes name again
            header("Location: " . $BaseURL . "fav_add.php?" . toQueryString("catid", 'name', 'url') . $SidebarSuffix2);
            break;
        case "edit":
            header("Location: " . $BaseURL . "fav_edit.php?" . toQueryString('id') . $SidebarSuffix2);
            break;
        case "delete":
            header("Location: " . $BaseURL . "fav_del.php?" . toQueryString('id') . $SidebarSuffix2);
            break;
        case "order":