Пример #1
0
/**
 * 判断COOKIE是否超过一个小时,如果没有超过则更新$_M['user']['cookie']中的信息
 */
function met_cooike_start()
{
    global $_M;
    $_M['user']['cookie'] = array();
    $met_webkeys = $_M['config']['met_webkeys'];
    list($username, $password) = explode("\t", authcode($_M['form']['met_auth'], 'DECODE', $met_webkeys . $_COOKIE['met_key']));
    $username = sqlinsert($username);
    $query = "SELECT * from {$_M['table']['admin_table']} WHERE admin_id = '{$username}'";
    $user = DB::get_one($query);
    $usercooike = json_decode($user['cookie']);
    if (md5($user['admin_pass']) == $password && time() - $usercooike->time < 3600) {
        foreach ($usercooike as $key => $val) {
            $_M['user']['cookie'][$key] = $val;
        }
        if (defined('IN_ADMIN')) {
            $_M['user']['admin_name'] = get_met_cookie('metinfo_admin_name');
            $_M['user']['admin_id'] = $_M['user']['cookie']['metinfo_admin_id'];
            $privilege = background_privilege();
            $_M['user']['langok'] = $privilege['langok'];
        }
        $_M['user']['cookie']['time'] = time();
        $json = json_encode($_M['user']['cookie']);
        $query = "update {$_M['table']['admin_table']} set cookie = '{$json}' WHERE admin_id = '{$username}'";
        $user = DB::query($query);
    }
}
Пример #2
0
/**
 * 获取当前会员信息;
 * @return array  $user 返回记录当前会员信息的数组
 */
function member_information()
{
    global $_M;
    $metinfo_member_name = get_met_cookie('metinfo_member_name');
    $user = load::sys_class('user', 'new')->get_user_by_username($metinfo_member_name);
    $user['usertype'] = $user['groupid'];
    $user['admin_id'] = $user['username'];
    $user['admin_pass'] = $user['password'];
    $query = "SELECT id,name FROM {$_M['table']['column']} WHERE access <= '{$user['groupid']}' AND lang = '{$_M['lang']}'";
    $column = DB::get_all($query);
    $user['column'] = $column;
    return $user;
}
Пример #3
0
/**
 * 获取当前管理员信息
 * @return array  $user 返回记录当前管理员信息和有权限操作的栏目的数组
 */
function admin_information()
{
    global $_M;
    met_cooike_start();
    $met_admin_table = $_M['table']['admin_table'];
    $met_column = $_M['table']['column'];
    $metinfo_admin_name = get_met_cookie('metinfo_admin_name');
    $query = "SELECT * from {$_M['table']['admin_table']} WHERE admin_id = '{$metinfo_admin_name}'";
    $user = DB::get_one($query);
    $query = "SELECT id,name from {$_M['table']['column']} WHERE access <= '{$user['usertype']}' AND lang = '{$_M['lang']}'";
    $column = DB::get_all($query);
    $user['column'] = $column;
    return $user;
}
Пример #4
0
 /**
  *
  * @chech Code
  *
  */
 function CheckCode($code)
 {
     met_cooike_start();
     if (empty($code)) {
         return false;
     } elseif (get_met_cookie('met_capcha_member1') === $code) {
         return true;
     } else {
         return false;
     }
 }
Пример #5
0
require_once ROOTPATH . 'config/config.inc.php';
met_cooike_start();
$metmemberforce == $met_member_force;
if ($metmemberforce == $met_member_force) {
    change_met_cookie('metinfo_member_name', "force");
    change_met_cookie('metinfo_member_pass', "force");
    change_met_cookie('metinfo_member_type', "256");
    save_met_cookie();
}
$_M['user']['cookie'] = $met_cookie;
if ($met_member_use != 0) {
    $metinfo_member_id = get_met_cookie('metinfo_admin_id') == "" ? get_met_cookie('metinfo_member_id') : get_met_cookie('metinfo_admin_id');
    $metinfo_member_name = get_met_cookie('metinfo_admin_name') == "" ? get_met_cookie('metinfo_member_name') : get_met_cookie('metinfo_admin_name');
    $metinfo_member_pass = get_met_cookie('metinfo_admin_pass') == "" ? get_met_cookie('metinfo_member_pass') : get_met_cookie('metinfo_admin_pass');
    $metinfo_member_type = get_met_cookie('metinfo_admin_type') == "" ? get_met_cookie('metinfo_member_type') : '256';
    $metinfo_admin_name = get_met_cookie('metinfo_admin_name');
    if ($metinfo_member_name == '' or $metinfo_member_pass == '') {
        $metinfo_member_type = 0;
    }
} else {
    $metinfo_member_type = "256";
}
!MAGIC_QUOTES_GPC && ($_FILES = daddslashes($_FILES));
$REQUEST_URI = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
$t_array = explode(' ', microtime());
$P_S_T = $t_array[0] + $t_array[1];
$met_obstart == 1 && function_exists('ob_gzhandler') ? ob_start('ob_gzhandler') : ob_start();
ob_start();
$referer ? $forward = $referer : ($forward = $_SERVER['HTTP_REFERER']);
$m_now_time = time();
$m_now_date = date('Y-m-d H:i:s', $m_now_time);
Пример #6
0
Файл: lang.php Проект: nanfs/lt
            $tmp = trim($listlang['value']);
            $js = $js . "user_msg['{$listlang['name']}']='{$tmp}';\n";
        }
        $name = 'lang_' . $listlang['name'];
        ${$name} = trim($listlang['value']);
        $str .= '$' . "{$name}='" . str_replace(array('\\', "'"), array("\\\\", "\\'"), trim($listlang['value'])) . "';";
        $lang_json[$listlang['name']] = $listlang['value'];
    }
    $js1 = '$' . "js='" . str_replace("'", "\\'", $js) . '\';';
    $str = "<?php\n" . $str . $js1 . "\n?>";
    file_put_contents(ROOTPATH . 'cache/langadmin_' . $langset . '.php', $str);
    file_put_contents(ROOTPATH . 'cache/lang_json_admin_' . $langset . '.php', json_encode($lang_json));
} else {
    require_once ROOTPATH . 'cache/langadmin_' . $langset . '.php';
}
$_M[langset] = get_met_cookie('languser');
$query = "select * from {$met_language} where site='1' and lang='{$_M[langset]}'";
$languages = $db->get_all($query);
foreach ($languages as $key => $val) {
    $_M[word][$val[name]] = $val[value];
}
$query = "SELECT * FROM {$met_config} WHERE lang='{$langset}-metinfo'";
$result = $db->query($query);
while ($list_config = $db->fetch_array($result)) {
    $setagents[$list_config['name']] = $list_config['value'];
}
@extract($setagents);
if ($met_agents_type > 1) {
    $lang_indexthanks = $met_agents_thanks;
    $lang_metinfo = $met_agents_name;
    $lang_copyright = $met_agents_copyright;
Пример #7
0
 /**
  * 检测是否登陆
  * 有权限则程序向后运行,无权限则提示物权限
  */
 protected function check()
 {
     global $_M;
     $current_url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
     if (strstr($current_url, $_M['url']['site_admin'] . "index.php")) {
         $admin_index = 1;
     } else {
         $admin_index = '';
     }
     $met_adminfile = $_M['config']['met_adminfile'];
     $met_admin_table = $_M['table']['admin_table'];
     $metinfo_admin_name = get_met_cookie('metinfo_admin_name');
     $metinfo_admin_pass = get_met_cookie('metinfo_admin_pass');
     if (!$metinfo_admin_name || !$metinfo_admin_pass) {
         if ($admin_index) {
             met_cooike_unset();
             met_setcookie("re_url", $re_url, time() - 3600);
             Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
         } else {
             if (!$re_url) {
                 $re_url = $_SERVER[HTTP_REFERER];
                 $HTTP_REFERERs = explode('?', $_SERVER[HTTP_REFERER]);
                 $admin_file_len1 = strlen("/{$met_adminfile}/");
                 $admin_file_len2 = strlen("/{$met_adminfile}/index.php");
                 if (strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len1)) == "/{$met_adminfile}/" || strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len2)) == "/{$met_adminfile}/index.php" || !$HTTP_REFERERs[0]) {
                     $re_url = "http://{$_SERVER[SERVER_NAME]}{$_SERVER[REQUEST_URI]}";
                 }
             }
             if (!$_COOKIE[re_url] && !strstr($re_url, "return.php")) {
                 met_setcookie("re_url", $re_url, time() + 3600);
             }
             met_cooike_unset();
             Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
         }
         exit;
     } else {
         $query = "SELECT * FROM {$_M['table']['admin_table']} WHERE admin_id = '{$metinfo_admin_name}' AND admin_pass = '******' AND usertype = '3'";
         $admincp_ok = DB::get_one($query);
         if (!$admincp_ok) {
             if ($admin_index) {
                 met_cooike_unset();
                 met_setcookie("re_url", $re_url, time() - 3600);
                 Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
             } else {
                 if (!$re_url) {
                     $re_url = $_SERVER[HTTP_REFERER];
                     $HTTP_REFERERs = explode('?', $_SERVER[HTTP_REFERER]);
                     $admin_file_len1 = strlen("/{$met_adminfile}/");
                     $admin_file_len2 = strlen("/{$met_adminfile}/index.php");
                     if (strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len1)) == "/{$met_adminfile}/" || strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len2)) == "/{$met_adminfile}/index.php" || !$HTTP_REFERERs[0]) {
                         $re_url = "http://{$_SERVER[SERVER_NAME]}{$_SERVER[REQUEST_URI]}";
                     }
                 }
                 if (!strstr($re_url, "return.php")) {
                     if (!$_COOKIE['re_url']) {
                         met_setcookie("re_url", $re_url, time() + 3600);
                     }
                 }
                 met_cooike_unset();
                 Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
             }
             exit;
         }
     }
     $query = "SELECT * FROM {$_M['table']['admin_table']} WHERE admin_id='{$metinfo_admin_name}' AND admin_pass='******'";
     $membercp_ok = DB::get_one($query);
     if (!strstr($membercp_ok['admin_op'], "metinfo")) {
         if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
             $return_url = "";
         } else {
             $return_url = "javascript:window.history.back();";
         }
         if (stristr(M_ACTION, 'add')) {
             if (!strstr($membercp_ok['admin_op'], "add")) {
                 okinfo($return_url, $_M['word']['loginadd']);
             }
         }
         if (stristr(M_ACTION, 'editor')) {
             if (!strstr($membercp_ok['admin_op'], "editor")) {
                 okinfo($return_url, $_M['word']['loginedit']);
             }
         }
         if (stristr(M_ACTION, 'del')) {
             if (!strstr($membercp_ok['admin_op'], "del")) {
                 okinfo($return_url, $_M['word']['logindelete']);
             }
         }
         if (stristr(M_ACTION, 'all')) {
             if (!strstr($membercp_ok['admin_op'], "metinfo")) {
                 okinfo($return_url, $_M['word']['loginall']);
             }
         }
         if (stristr(M_ACTION, 'table')) {
             if (stristr($_M['form']['submit_type'], 'save')) {
                 if ($_M['form']['allid']) {
                     $power_ids = explode(',', $_M['form']['allid']);
                     $e = 0;
                     $a = 0;
                     foreach ($power_ids as $val) {
                         if ($val) {
                             if (is_numeric($val)) {
                                 $e++;
                             } else {
                                 $a++;
                             }
                         }
                         if ($e > 0) {
                             if (!strstr($membercp_ok['admin_op'], "editor")) {
                                 okinfo($return_url, $_M['word']['loginedit']);
                             }
                         }
                         if ($a > 0) {
                             if (!strstr($membercp_ok['admin_op'], "add")) {
                                 okinfo($return_url, $_M['word']['loginadd']);
                             }
                         }
                     }
                 }
             }
             if (stristr($_M['form']['submit_type'], 'del')) {
                 if (!strstr($membercp_ok['admin_op'], "del")) {
                     okinfo($return_url, $_M['word']['logindelete']);
                 }
             }
         }
     }
     if (stristr($_M['url']['own'], 'admin/appstore')) {
         if (!stristr($membercp_ok['admin_type'], '1507') && $membercp_ok['admin_type'] != 'metinfo') {
             echo "<script type='text/javascript'> alert('{$_M['word']['appmarket_jurisdiction']}');window.history.back();</script>";
             exit;
         }
     }
     if (stristr($_M['url']['own'], 'admin/theme')) {
         if ($_M['form']['mobile']) {
             if (!stristr($membercp_ok['admin_type'], '1102') && $membercp_ok['admin_type'] != 'metinfo') {
                 echo "<script type='text/javascript'> alert('{$_M['word']['setup_permissions']}');window.history.back();</script>";
                 exit;
             }
         } else {
             if (!stristr($membercp_ok['admin_type'], '1101') && $membercp_ok['admin_type'] != 'metinfo') {
                 echo "<script type='text/javascript'> alert('{$_M['word']['setup_permissions']}');window.history.back();</script>";
                 exit;
             }
         }
     }
 }
Пример #8
0
 *     1. Check the $baseUrl and $baseDir variables;
 *     2. If available, paste your license key in the "LicenseKey" setting;
 *     3. Create the CheckAuthentication() function that enables CKFinder for authenticated users;
 *
 * Other settings may be left with their default values, or used to control
 * advanced features of CKFinder.
 */
/**
 * This function must check the user session to be sure that he/she is
 * authorized to upload and access files in the File Browser.
 *
 * @return boolean
 */
met_cooike_start();
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
$metinfo_admin_pass = get_met_cookie('metinfo_admin_pass');
$admincp_ok = $db->get_one("SELECT * FROM {$met_admin_table} WHERE admin_id='{$metinfo_admin_name}' and admin_pass='******' and usertype='3'");
function CheckAuthentication()
{
    global $admincp_ok;
    if (!$admincp_ok) {
        session_unset();
        return false;
    } else {
        return true;
    }
    return false;
}
// LicenseKey : Paste your license key here. If left blank, CKFinder will be
// fully functional, in demo mode.
$config['LicenseName'] = '';
Пример #9
0
    change_met_cookie('languser', $_GET[langset]);
    save_met_cookie();
}
met_cooike_start();
$query = "select * from {$tablepre}lang where mark='{$_GET[langset]}' and lang='metinfo'";
$isadminlang = $db->get_one($query);
if (!$isadminlang && $_GET[langset] != '') {
    die('not have this language');
}
$_M['user']['cookie'] = $met_cookie;
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
$metinfo_admin_pass = get_met_cookie('metinfo_admin_pass');
$metinfo_admin_pop = get_met_cookie('metinfo_admin_pop');
$metinfo_admin_shortcut = get_met_cookie('metinfo_admin_shortcut');
$languser = get_met_cookie('languser');
$langadminok = get_met_cookie('metinfo_admin_lang');
$langusenow = $languser;
if ($langadminok != "" and $langadminok != 'metinfo') {
    $adminlang = explode('-', $langadminok);
}
require_once ROOTPATH_ADMIN . 'include/lang.php';
isset($_REQUEST['GLOBALS']) && exit('Access Error');
unset($_POST['met_webkeys']);
unset($_GET['met_webkeys']);
unset($_POST['metinfo_admin_name']);
unset($_GET['metinfo_admin_name']);
unset($_GET['met_cookie']);
unset($_COOKIE['met_cookie']);
unset($_POST['met_cookie']);
foreach (array('_COOKIE', '_POST', '_GET') as $_request) {
    foreach (${$_request} as $_key => $_value) {