/** * 判断COOKIE是否超过一个小时,如果没有超过则更新$_M['user']['cookie']中的信息 */ function met_cooike_start() { global $_M; $_M['user']['cookie'] = array(); $met_webkeys = $_M['config']['met_webkeys']; list($username, $password) = explode("\t", authcode($_M['form']['met_auth'], 'DECODE', $met_webkeys . $_COOKIE['met_key'])); $username = sqlinsert($username); $query = "SELECT * from {$_M['table']['admin_table']} WHERE admin_id = '{$username}'"; $user = DB::get_one($query); $usercooike = json_decode($user['cookie']); if (md5($user['admin_pass']) == $password && time() - $usercooike->time < 3600) { foreach ($usercooike as $key => $val) { $_M['user']['cookie'][$key] = $val; } if (defined('IN_ADMIN')) { $_M['user']['admin_name'] = get_met_cookie('metinfo_admin_name'); $_M['user']['admin_id'] = $_M['user']['cookie']['metinfo_admin_id']; $privilege = background_privilege(); $_M['user']['langok'] = $privilege['langok']; } $_M['user']['cookie']['time'] = time(); $json = json_encode($_M['user']['cookie']); $query = "update {$_M['table']['admin_table']} set cookie = '{$json}' WHERE admin_id = '{$username}'"; $user = DB::query($query); } }
/** * 获取当前会员信息; * @return array $user 返回记录当前会员信息的数组 */ function member_information() { global $_M; $metinfo_member_name = get_met_cookie('metinfo_member_name'); $user = load::sys_class('user', 'new')->get_user_by_username($metinfo_member_name); $user['usertype'] = $user['groupid']; $user['admin_id'] = $user['username']; $user['admin_pass'] = $user['password']; $query = "SELECT id,name FROM {$_M['table']['column']} WHERE access <= '{$user['groupid']}' AND lang = '{$_M['lang']}'"; $column = DB::get_all($query); $user['column'] = $column; return $user; }
/** * 获取当前管理员信息 * @return array $user 返回记录当前管理员信息和有权限操作的栏目的数组 */ function admin_information() { global $_M; met_cooike_start(); $met_admin_table = $_M['table']['admin_table']; $met_column = $_M['table']['column']; $metinfo_admin_name = get_met_cookie('metinfo_admin_name'); $query = "SELECT * from {$_M['table']['admin_table']} WHERE admin_id = '{$metinfo_admin_name}'"; $user = DB::get_one($query); $query = "SELECT id,name from {$_M['table']['column']} WHERE access <= '{$user['usertype']}' AND lang = '{$_M['lang']}'"; $column = DB::get_all($query); $user['column'] = $column; return $user; }
/** * * @chech Code * */ function CheckCode($code) { met_cooike_start(); if (empty($code)) { return false; } elseif (get_met_cookie('met_capcha_member1') === $code) { return true; } else { return false; } }
require_once ROOTPATH . 'config/config.inc.php'; met_cooike_start(); $metmemberforce == $met_member_force; if ($metmemberforce == $met_member_force) { change_met_cookie('metinfo_member_name', "force"); change_met_cookie('metinfo_member_pass', "force"); change_met_cookie('metinfo_member_type', "256"); save_met_cookie(); } $_M['user']['cookie'] = $met_cookie; if ($met_member_use != 0) { $metinfo_member_id = get_met_cookie('metinfo_admin_id') == "" ? get_met_cookie('metinfo_member_id') : get_met_cookie('metinfo_admin_id'); $metinfo_member_name = get_met_cookie('metinfo_admin_name') == "" ? get_met_cookie('metinfo_member_name') : get_met_cookie('metinfo_admin_name'); $metinfo_member_pass = get_met_cookie('metinfo_admin_pass') == "" ? get_met_cookie('metinfo_member_pass') : get_met_cookie('metinfo_admin_pass'); $metinfo_member_type = get_met_cookie('metinfo_admin_type') == "" ? get_met_cookie('metinfo_member_type') : '256'; $metinfo_admin_name = get_met_cookie('metinfo_admin_name'); if ($metinfo_member_name == '' or $metinfo_member_pass == '') { $metinfo_member_type = 0; } } else { $metinfo_member_type = "256"; } !MAGIC_QUOTES_GPC && ($_FILES = daddslashes($_FILES)); $REQUEST_URI = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING']; $t_array = explode(' ', microtime()); $P_S_T = $t_array[0] + $t_array[1]; $met_obstart == 1 && function_exists('ob_gzhandler') ? ob_start('ob_gzhandler') : ob_start(); ob_start(); $referer ? $forward = $referer : ($forward = $_SERVER['HTTP_REFERER']); $m_now_time = time(); $m_now_date = date('Y-m-d H:i:s', $m_now_time);
$tmp = trim($listlang['value']); $js = $js . "user_msg['{$listlang['name']}']='{$tmp}';\n"; } $name = 'lang_' . $listlang['name']; ${$name} = trim($listlang['value']); $str .= '$' . "{$name}='" . str_replace(array('\\', "'"), array("\\\\", "\\'"), trim($listlang['value'])) . "';"; $lang_json[$listlang['name']] = $listlang['value']; } $js1 = '$' . "js='" . str_replace("'", "\\'", $js) . '\';'; $str = "<?php\n" . $str . $js1 . "\n?>"; file_put_contents(ROOTPATH . 'cache/langadmin_' . $langset . '.php', $str); file_put_contents(ROOTPATH . 'cache/lang_json_admin_' . $langset . '.php', json_encode($lang_json)); } else { require_once ROOTPATH . 'cache/langadmin_' . $langset . '.php'; } $_M[langset] = get_met_cookie('languser'); $query = "select * from {$met_language} where site='1' and lang='{$_M[langset]}'"; $languages = $db->get_all($query); foreach ($languages as $key => $val) { $_M[word][$val[name]] = $val[value]; } $query = "SELECT * FROM {$met_config} WHERE lang='{$langset}-metinfo'"; $result = $db->query($query); while ($list_config = $db->fetch_array($result)) { $setagents[$list_config['name']] = $list_config['value']; } @extract($setagents); if ($met_agents_type > 1) { $lang_indexthanks = $met_agents_thanks; $lang_metinfo = $met_agents_name; $lang_copyright = $met_agents_copyright;
/** * 检测是否登陆 * 有权限则程序向后运行,无权限则提示物权限 */ protected function check() { global $_M; $current_url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; if (strstr($current_url, $_M['url']['site_admin'] . "index.php")) { $admin_index = 1; } else { $admin_index = ''; } $met_adminfile = $_M['config']['met_adminfile']; $met_admin_table = $_M['table']['admin_table']; $metinfo_admin_name = get_met_cookie('metinfo_admin_name'); $metinfo_admin_pass = get_met_cookie('metinfo_admin_pass'); if (!$metinfo_admin_name || !$metinfo_admin_pass) { if ($admin_index) { met_cooike_unset(); met_setcookie("re_url", $re_url, time() - 3600); Header("Location: " . $_M['url']['site_admin'] . "login/login.php"); } else { if (!$re_url) { $re_url = $_SERVER[HTTP_REFERER]; $HTTP_REFERERs = explode('?', $_SERVER[HTTP_REFERER]); $admin_file_len1 = strlen("/{$met_adminfile}/"); $admin_file_len2 = strlen("/{$met_adminfile}/index.php"); if (strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len1)) == "/{$met_adminfile}/" || strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len2)) == "/{$met_adminfile}/index.php" || !$HTTP_REFERERs[0]) { $re_url = "http://{$_SERVER[SERVER_NAME]}{$_SERVER[REQUEST_URI]}"; } } if (!$_COOKIE[re_url] && !strstr($re_url, "return.php")) { met_setcookie("re_url", $re_url, time() + 3600); } met_cooike_unset(); Header("Location: " . $_M['url']['site_admin'] . "login/login.php"); } exit; } else { $query = "SELECT * FROM {$_M['table']['admin_table']} WHERE admin_id = '{$metinfo_admin_name}' AND admin_pass = '******' AND usertype = '3'"; $admincp_ok = DB::get_one($query); if (!$admincp_ok) { if ($admin_index) { met_cooike_unset(); met_setcookie("re_url", $re_url, time() - 3600); Header("Location: " . $_M['url']['site_admin'] . "login/login.php"); } else { if (!$re_url) { $re_url = $_SERVER[HTTP_REFERER]; $HTTP_REFERERs = explode('?', $_SERVER[HTTP_REFERER]); $admin_file_len1 = strlen("/{$met_adminfile}/"); $admin_file_len2 = strlen("/{$met_adminfile}/index.php"); if (strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len1)) == "/{$met_adminfile}/" || strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len2)) == "/{$met_adminfile}/index.php" || !$HTTP_REFERERs[0]) { $re_url = "http://{$_SERVER[SERVER_NAME]}{$_SERVER[REQUEST_URI]}"; } } if (!strstr($re_url, "return.php")) { if (!$_COOKIE['re_url']) { met_setcookie("re_url", $re_url, time() + 3600); } } met_cooike_unset(); Header("Location: " . $_M['url']['site_admin'] . "login/login.php"); } exit; } } $query = "SELECT * FROM {$_M['table']['admin_table']} WHERE admin_id='{$metinfo_admin_name}' AND admin_pass='******'"; $membercp_ok = DB::get_one($query); if (!strstr($membercp_ok['admin_op'], "metinfo")) { if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { $return_url = ""; } else { $return_url = "javascript:window.history.back();"; } if (stristr(M_ACTION, 'add')) { if (!strstr($membercp_ok['admin_op'], "add")) { okinfo($return_url, $_M['word']['loginadd']); } } if (stristr(M_ACTION, 'editor')) { if (!strstr($membercp_ok['admin_op'], "editor")) { okinfo($return_url, $_M['word']['loginedit']); } } if (stristr(M_ACTION, 'del')) { if (!strstr($membercp_ok['admin_op'], "del")) { okinfo($return_url, $_M['word']['logindelete']); } } if (stristr(M_ACTION, 'all')) { if (!strstr($membercp_ok['admin_op'], "metinfo")) { okinfo($return_url, $_M['word']['loginall']); } } if (stristr(M_ACTION, 'table')) { if (stristr($_M['form']['submit_type'], 'save')) { if ($_M['form']['allid']) { $power_ids = explode(',', $_M['form']['allid']); $e = 0; $a = 0; foreach ($power_ids as $val) { if ($val) { if (is_numeric($val)) { $e++; } else { $a++; } } if ($e > 0) { if (!strstr($membercp_ok['admin_op'], "editor")) { okinfo($return_url, $_M['word']['loginedit']); } } if ($a > 0) { if (!strstr($membercp_ok['admin_op'], "add")) { okinfo($return_url, $_M['word']['loginadd']); } } } } } if (stristr($_M['form']['submit_type'], 'del')) { if (!strstr($membercp_ok['admin_op'], "del")) { okinfo($return_url, $_M['word']['logindelete']); } } } } if (stristr($_M['url']['own'], 'admin/appstore')) { if (!stristr($membercp_ok['admin_type'], '1507') && $membercp_ok['admin_type'] != 'metinfo') { echo "<script type='text/javascript'> alert('{$_M['word']['appmarket_jurisdiction']}');window.history.back();</script>"; exit; } } if (stristr($_M['url']['own'], 'admin/theme')) { if ($_M['form']['mobile']) { if (!stristr($membercp_ok['admin_type'], '1102') && $membercp_ok['admin_type'] != 'metinfo') { echo "<script type='text/javascript'> alert('{$_M['word']['setup_permissions']}');window.history.back();</script>"; exit; } } else { if (!stristr($membercp_ok['admin_type'], '1101') && $membercp_ok['admin_type'] != 'metinfo') { echo "<script type='text/javascript'> alert('{$_M['word']['setup_permissions']}');window.history.back();</script>"; exit; } } } }
* 1. Check the $baseUrl and $baseDir variables; * 2. If available, paste your license key in the "LicenseKey" setting; * 3. Create the CheckAuthentication() function that enables CKFinder for authenticated users; * * Other settings may be left with their default values, or used to control * advanced features of CKFinder. */ /** * This function must check the user session to be sure that he/she is * authorized to upload and access files in the File Browser. * * @return boolean */ met_cooike_start(); $metinfo_admin_name = get_met_cookie('metinfo_admin_name'); $metinfo_admin_pass = get_met_cookie('metinfo_admin_pass'); $admincp_ok = $db->get_one("SELECT * FROM {$met_admin_table} WHERE admin_id='{$metinfo_admin_name}' and admin_pass='******' and usertype='3'"); function CheckAuthentication() { global $admincp_ok; if (!$admincp_ok) { session_unset(); return false; } else { return true; } return false; } // LicenseKey : Paste your license key here. If left blank, CKFinder will be // fully functional, in demo mode. $config['LicenseName'] = '';
change_met_cookie('languser', $_GET[langset]); save_met_cookie(); } met_cooike_start(); $query = "select * from {$tablepre}lang where mark='{$_GET[langset]}' and lang='metinfo'"; $isadminlang = $db->get_one($query); if (!$isadminlang && $_GET[langset] != '') { die('not have this language'); } $_M['user']['cookie'] = $met_cookie; $metinfo_admin_name = get_met_cookie('metinfo_admin_name'); $metinfo_admin_pass = get_met_cookie('metinfo_admin_pass'); $metinfo_admin_pop = get_met_cookie('metinfo_admin_pop'); $metinfo_admin_shortcut = get_met_cookie('metinfo_admin_shortcut'); $languser = get_met_cookie('languser'); $langadminok = get_met_cookie('metinfo_admin_lang'); $langusenow = $languser; if ($langadminok != "" and $langadminok != 'metinfo') { $adminlang = explode('-', $langadminok); } require_once ROOTPATH_ADMIN . 'include/lang.php'; isset($_REQUEST['GLOBALS']) && exit('Access Error'); unset($_POST['met_webkeys']); unset($_GET['met_webkeys']); unset($_POST['metinfo_admin_name']); unset($_GET['metinfo_admin_name']); unset($_GET['met_cookie']); unset($_COOKIE['met_cookie']); unset($_POST['met_cookie']); foreach (array('_COOKIE', '_POST', '_GET') as $_request) { foreach (${$_request} as $_key => $_value) {