function checkpass($CK)
{
Add_S($CK);
global $db, $manager, $db_ifsafecv, $db_gdcheck;
if ($_POST['Login_f'] == 1 && $db_gdcheck & 32) {
GdConfirm($_POST['lg_num']);
}
if (CkInArray($CK[1], $manager)) {
global $manager_pwd;
$v_key = array_search($CK[1], $manager);
if (!SafeCheck($CK, PwdCode($manager_pwd[$v_key]))) {
$rt = $db->get_one("SELECT uid,username,groupid,groups,password,safecv FROM pw_members WHERE username="******"SELECT m.uid,m.username,m.groupid,m.groups,m.password,m.safecv,m.groupid,u.gptype,p.rvalue as allowadmincp FROM pw_members m LEFT JOIN pw_usergroups u ON u.gid=m.groupid LEFT JOIN pw_permission p ON p.uid='0' AND p.fid='0' AND p.gid=m.groupid AND p.rkey='allowadmincp' WHERE m.username=" . pwEscape($CK[1]));
if (!$rt['allowadmincp'] || $rt['gptype'] != 'system' && $rt['gptype'] != 'special' || $db_ifsafecv && $rt['safecv'] != $CK['3']) {
return false;
}
if (!SafeCheck($CK, PwdCode($rt['password'])) || !admincheck($rt['uid'], $CK[1], $rt['groupid'], $rt['groups'], 'check')) {
return false;
}
$rightset = $db->get_value('SELECT value FROM pw_adminset WHERE gid=' . pwEscape($rt['groupid']));
if ($rightset) {
if (!is_array($rightset = unserialize($rightset))) {
$rightset = array();
}
} else {
$rightset = array();
}
require GetLang('purview');
foreach ($rightset as $key => $value) {
$rightset[$key] = isset($purview[$key]) && $rightset[$key] == 1 ? 1 : 0;
}
$rightset['gid'] = $rt['groupid'];
}
return $rightset;
}
case 'request_app':
$msg = getLangInfo('message', 'app_add_ignore');
break;
default:
$msg = getLangInfo('message', 'request_ignore');
break;
}
$messageServer->overlookRequests($winduid, $rids);
ajaxExport($msg);
} elseif ($action == 'post') {
S::gp(array('_usernames', 'atc_title', 'atc_content', 'flashatt', 'gdcode'));
$usernames = $_usernames;
/*specia;*/
$atc_title = trim($atc_title);
$atc_content = trim($atc_content);
if ($db_gdcheck & 8 && false === GdConfirm($gdcode, true)) {
ajaxExport(array('bool' => false, 'message' => '你的验证码不正确或过期'));
}
if (!$_G['allowmessege']) {
ajaxExport(array('bool' => false, 'message' => '你所在的用户组不能发送消息'));
}
if ("" == $usernames) {
ajaxExport(array('bool' => false, 'message' => '收件人不能为空'));
}
if (in_array($windid, $usernames)) {
ajaxExport(array('bool' => false, 'message' => '你不能给自己发消息'));
}
if (count($usernames) > 1 && intval($_G['multiopen']) < 1) {
ajaxExport(array('bool' => false, 'message' => '你不能发送多人消息'));
}
if ($_FILES['attachment']) {
function PostCheck($verify = 1, $gdcheck = 0, $qcheck = 0, $refer = 1)
{
global $pwServer;
$verify && checkVerify();
if ($refer && $pwServer['REQUEST_METHOD'] == 'POST') {
$referer_a = @parse_url($pwServer['HTTP_REFERER']);
if ($referer_a['host']) {
list($http_host) = explode(':', $pwServer['HTTP_HOST']);
if ($referer_a['host'] != $http_host) {
Showmsg('undefined_action');
}
}
}
$gdcheck && GdConfirm($_POST['gdcode']);
$qcheck && Qcheck($_POST['qanswer'], $_POST['qkey']);
}
$db_adminrecord = 0;
Cookie('AdminUser', '', 0);
adminmsg('login_fail');
}
if (empty($manager)) {
if (file_exists(D_P . 'data/sql_config.php')) {
adminmsg('managerinfo_error');
} else {
adminmsg('sql_config');
}
}
$CK = array();
$admin_name = '';
if ($_POST['admin_pwd'] && $_POST['admin_name']) {
if ($db_gdcheck & 32) {
GdConfirm($_POST['lg_num']);
}
$admin_name = stripcslashes($_POST['admin_name']);
$safecv = $db_ifsafecv ? questcode($_POST['question'], $_POST['customquest'], $_POST['answer']) : '';
$CK = array($timestamp, $_POST['admin_name'], md5(PwdCode(md5($_POST['admin_pwd'])) . $timestamp . getHashSegment()), $safecv);
Cookie('AdminUser', StrCode(implode("\t", $CK)));
} else {
$AdminUser = GetCookie('AdminUser');
if ($AdminUser) {
$CK = explode("\t", StrCode($AdminUser, 'DECODE'));
$admin_name = stripcslashes($CK[1]);
}
}
if (!empty($CK)) {
PwNewDB();
$rightset = checkpass($CK);
$md5Pwd = md5($pwpwd);
$loginInfo = checkpass($pwuser, $md5Pwd, '', $lgt, false);
if (!S::isArray($loginInfo)) {
CloudWind::yunUserDefend('login', CloudWind::getNotLoginUid(), $pwuser, $timestamp, 0, 102, $logininfo, '', '', '');
showLoginAjaxMessage($loginInfo);
}
list(, $_LoginInfo) = pwNavBar();
list(, , , , $hasSafeCv) = $loginInfo;
if ($db_ifsafecv && $hasSafeCv || $db_gdcheck & 2 || $_LoginInfo['qcheck']) {
require_once PrintEot('header_login_pop');
ajax_footer();
}
}
if ($ajax && $ajaxstep == 2) {
if ($db_gdcheck & 2) {
$checkCode = GdConfirm(S::getGp('gdcode', 'P'), true);
!$checkCode && showLoginAjaxMessage('gdcodeerror');
}
if ($db_ckquestion & 2) {
list($qanswer, $questionKey) = array(S::getGp('qanswer', 'P'), S::getGp('qkey', 'P'));
$checkAnswer = Qcheck($qanswer, $questionKey, true);
!$checkAnswer && showLoginAjaxMessage('ckquestionerror');
}
} else {
PostCheck(0, $db_gdcheck & 2, $db_ckquestion & 2 && $db_question, 0);
}
$jumpurl = str_replace(array('=', '&'), array('=', '&'), $jumpurl);
if (!$pwuser || !$pwpwd) {
Showmsg('login_empty');
}
$md5_pwpwd = md5($pwpwd);
/**
* POST请求检查
*
* @global array $pwServer
* @param int $checkHash 是否检查请求hash
* @param int $checkGd 是否检查验证码
* @param int $checkQuestion 是否检查安全问题
* @param int $checkReferer 是否检查refer
*/
function PostCheck($checkHash = 1, $checkGd = 0, $checkQuestion = 0, $checkReferer = 1)
{
global $pwServer;
$checkHash && checkVerify();
if ($checkReferer && $pwServer['REQUEST_METHOD'] == 'POST') {
$refererParsed = @parse_url($pwServer['HTTP_REFERER']);
if ($refererParsed['host']) {
list($httpHost) = explode(':', $pwServer['HTTP_HOST']);
if ($refererParsed['host'] != $httpHost) {
Showmsg('undefined_action');
}
}
}
$checkGd && GdConfirm($_POST['gdcode']);
$checkQuestion && Qcheck($_POST['qanswer'], $_POST['qkey']);
}
