static function loginCheck() { $uname = wf_gpc('wf_uname', 'p', 'trim'); $upawd = wf_gpc('wf_upawd', 'p', 'trim'); $uhash = wf_gpc('wf_uhash', 'p', 'trim'); if (empty($uhash) || $uhash != $_SESSION['wf_uhash']) { $_SESSION = array(); $_SESSION['wf_error'] = '校验码码非法,请刷新页面后重试'; wf_redirect('login.php?act=in'); } // 请求API接口 $json_url = WF_API_URL . '?' . http_build_query(array('key' => WF_API_KEY, 'hostid' => WF_API_HOSTID, 'username' => $uname, 'password' => md5(WF_API_KEY . $upawd))); $user_info = file_get_contents($json_url); $user_info = json_decode($user_info); $_SESSION = array(); if (1 === $user_info->code) { $_SESSION['wf_uauth'] = explode(',', $user_info->data->auth); $_SESSION['wf_uroot'] = $user_info->data->root; $_SESSION['wf_upath'] = $user_info->data->path; $_SESSION['wf_uhost'] = $user_info->data->host; $_SESSION['wf_tokey'] = self::getTokey(); $_SESSION['wf_error'] = ''; wf_redirect('./'); } else { $_SESSION['wf_error'] = $user_info->message; wf_redirect('login.php?act=in'); } }
private function on_upload() { $path = $this->path; $name = wf_gpc('name', 'r'); $cover = wf_gpc('fs-cover', 'r', 'intval'); $this->code = $this->FileFS->upload($path, $name, $cover) ? 200 : 300; $this->mess = $this->FileFS->error(); $this->show(); }
static function updateUserPassword() { $uname = wf_gpc('wf_uname', 'S'); $uinfo = self::getUserData($uname); if (!empty($uname) && $uname == $uinfo['uname']) { $uinfo['upawd'] = md5(wf_gpc('newpasswd', 'r')); if (self::addUserData($uinfo['uname'], $uinfo['upawd'], $uinfo['upath'], $uinfo['uauth'])) { show(200, '密码已更新,请谨记新密码:<font color="red">' . wf_gpc('newpasswd', 'r') . '</font>'); } } show(300, '更新失败:<font color="red">你可能无权更改此项设置!</font>'); }
<script src="static/plugins/colorBox/jquery.colorBox.min.js?v=1.3.17.2"></script> <!-- ZeroClipboard 资源文件 --> <script src="static/plugins/ZeroClipboard/ZeroClipboard.min.js?v=1.3.2"></script> <!-- app 资源文件--> <script src="static/js/webftp.core.js"></script> <script src="static/js/webftp.util.js"></script> <script src="static/js/webftp.nfs.js"></script> <script src="static/js/webftp.mui.js"></script> <script type="text/javascript"> $(function () { // 配置参数 // app.debug = true; app.api = { url: 'webftp.php', key: '0123456789', auth:'<?php $auth = wf_gpc('wf_uauth', 's'); echo implode(',', $auth); ?> '.split(',') }; // 执行初始化 app.mui.init(); app.nfs.init(); }); </script> </body> </html>
break; case 'resetpasswd': WF_Auth::updateUserPassword(); break; case 'out': WF_Auth::loginOut(); break; case 'in': break; default: exit(WF_Session::get('login_error')); } } // $uhash = $_SESSION['wf_uhash'] = rand(1000, 9999); $error = wf_gpc('wf_error', 'S'); ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="renderer" content="webkit"> <title>站长附件上传下载管理平台 - Power By AdminSheng.com</title> <style type="text/css"> html { } body { color:#fff; font-size:14px; padding:0; overflow:hidden; margin:0; width:100%; height:100%; min-height:400px; background:#2784bd url(static/images/login/bg_line.gif) repeat-x left top; } #body { background:url(static/images/login/bg.jpg) no-repeat center top; } h1 { font-wieght:bold; font-size:20px; padding:0 28px; margin:0; text-shadow:0 1px 2px rgba(0, 0, 0, 0.4); } #login_form { position:absolute; width:500px; } .input { font-family: Georgia, serif;margin-left:5px;font-size: 22px; padding-left: 12px; padding-right: 0px; width: 234px; height:30px; background:url(static/images/login/spacer.gif); color:#383838; outline:medium none; border:none; }
/** * 文件上传 * */ public function upload($path, $name, $cover = false) { // HTTP headers for no cache etc header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // Look for the content type header if (isset($_SERVER['HTTP_CONTENT_TYPE'])) { $contentType = $_SERVER['HTTP_CONTENT_TYPE']; } if (isset($_SERVER['CONTENT_TYPE'])) { $contentType = $_SERVER['CONTENT_TYPE']; } // Get parameters $chunk = wf_gpc('chunk', 'r', 'intval'); $chunks = wf_gpc('chunks', 'r', 'intval'); // 处理文件名 $file = $this->get_gpath($path . $name); if (!is_writeable($this->get_gpath($path))) { $this->error = '文件系统错误,当前目录没有写入权限'; return false; } else { if (!$cover && file_exists($file)) { $this->error = '文件系统错误,目标文件已存在'; return false; } else { if ($cover && file_exists($file) && !unlink($file)) { $this->error = '文件系统错误,无法删除原始文件'; return false; } } } // 上传写文件步骤,这一部分以下的代码可直接引用 // Handle non multipart uploads older WebKit versions didn't support multipart in HTML5 if (strpos($contentType, 'multipart') !== false) { if (!isset($_FILES['file']['tmp_name']) || !is_uploaded_file($_FILES['file']['tmp_name'])) { $this->error = 'Failed to move uploaded file.'; return false; } // 分块一直接move,减小不分块时服务器负载 if (0 == $chunk) { if (!move_uploaded_file($_FILES['file']['tmp_name'], "{$file}.part")) { $tihs->error = 'Failed to open output stream.'; return false; } } else { // 合并剩余分块数据 $out = fopen("{$file}.part", $chunk == 0 ? 'wb' : 'ab'); if (!$out) { $tihs->error = 'Failed to open output stream.'; return false; } $in = fopen($_FILES['file']['tmp_name'], 'rb'); if (!$in) { $tihs->error = 'Failed to open input stream.'; return false; } while ($buff = fread($in, 4096)) { fwrite($out, $buff); } fclose($in); fclose($out); } file_exists($_FILES['file']['tmp_name']) && unlink($_FILES['file']['tmp_name']); } else { $out = fopen("{$file}.part", $chunk == 0 ? 'wb' : 'ab'); if (!$out) { $tihs->error = 'Failed to open output stream.'; return false; } // Read binary input stream and append it to temp file $in = fopen("php://input", 'rb'); if (!$in) { $tihs->error = 'Failed to open input stream.'; return false; } while ($buff = fread($in, 4096)) { fwrite($out, $buff); } fclose($in); fclose($out); } // Check if file has been uploaded if (!$chunks || $chunk == $chunks - 1) { return rename("{$file}.part", $file); } return true; }