function handleUpload($field_name) { try{ $pi = pathinfo($_FILES[$field_name]['name']); $url = '/public/upload/'.nowStr().randomStr(1,1000).'.'.$pi['extension']; $fn = $_SERVER["DOCUMENT_ROOT"].$url; if (move_uploaded_file($_FILES[$field_name]['tmp_name'], $fn)) { return $url; } }catch (Exception $e){ throw $e; return NULL; } return NULL; }
function getFloatCoord($coord) { global $db; $name = randomStr(12, false); if (!QuerySql("CREATE TEMPORARY TABLE `{$name}` (coord FLOAT(12,8))")) { return null; } QuerySql("INSERT INTO `{$name}` (coord) VALUES ({$coord})"); $res = QuerySql("SELECT coord FROM `{$name}`"); $row = $res->fetch_row(); $res->close(); QuerySql("DROP TABLE `{$name}`"); return $row[0]; }
<?php require_once '../includes/fonctions.php'; require_once '../includes/pdo.php'; getSession(); if (isset($_POST['email'])) { $requete = $pdo->prepare("SELECT * FROM users WHERE email = ?;"); $requete->execute([$_POST['email']]); $user = $requete->fetch(); if (!empty($user)) { $token = $user->id . "//" . randomStr(100) . sha1(date("dmYHis")); $requete = $pdo->prepare("UPDATE users SET reset_token = ?, reset_at = NOW() WHERE id = ?;"); $requete->execute([$token, $user->id]); sendForgotMail($user, $token); setFlash('success', "Un e-mail vous a été envoyé à l'adresse " . $user->email); header('location: ../login.php'); exit; } else { setFlash('danger', "E-mail inconnu !"); header('location: ../forgot.php'); exit; } }
function getRandomGCM() { return randomStr(5) . '_' . randomStr(5) . ':' . 'APA91b' . randomStr(64) . '_' . randomStr(5) . '-' . randomStr(12) . '_' . randomStr(9) . '_' . randomStr(11) . '_' . randomStr(1) . '_' . randomStr(26); }
<?php require_once "../common.php"; $db = get_db(); $number = $db->real_escape_string(randomStr(7, "0123456789")); $name = $db->real_escape_string($_POST['name']); $email = $db->real_escape_string($_POST['email']); $phone = $db->real_escape_string($_POST['phone']); $amt = $db->real_escape_string($_POST['guests']); $time = $db->real_escape_string($_POST['time_process']); $token = $db->real_escape_string(randomStr()); $table = $tbls['reservations']; $sql = "INSERT INTO {$table} (number,name,email,phone,guests,time,token) VALUES ('{$number}','{$name}','{$email}','{$phone}','{$amt}','{$time}','{$token}')"; $db->query($sql); $rid = $db->insert_id; $headers = "From: Bready Reservations <*****@*****.**>" . "\r\n" . "Content-type: text/html; charset=UTF-8" . "\r\n"; $url = "http://bready.xyz/reservations/inline.php?rid={$rid}&number={$number}&token={$token}"; $fcontents = curl_get_contents($url); mail($email, "Bready Reservation {$number} Confirmation", $fcontents, $headers); $db->close(); header("Location: https://bready.xyz/reservations/index.php?text=Success! Please check your email to confirm your reservation.");
<?php session_start(); function randomStr($len) { $strlib = "1a2s3d4f5g6hj8@k9qwert!yupzxcvbnm"; mt_srand(); $str = ""; for ($i = 0; $i < $len; $i++) { $str .= $strlib[mt_rand(0, 30)]; } return $str; } //随机生成的字符串 $codestr = randomStr(4); //验证码图片的宽度 $width = 360; //验证码图片的高度 $height = 60; //声明需要创建的图层的图片格式 @header("Content-Type:image/png"); //创建一个图层 $vimg = imagecreate($width, $height); //背景色 $back = imagecolorallocate($vimg, 0xff, 0xff, 0xff); //模糊点颜色 $pix = imagecolorallocate($vimg, 187, 230, 247); //字体色 $fontColor = imagecolorallocate($vimg, 41, 163, 238); //绘模糊作用的点 mt_srand();
{ return substr($s, 0, 20) === sha1(substr($s, 20), TRUE); } define('COUNT_FILES', 3); $storage = new FileStorage(dirname(__FILE__) . '/tmp'); // clear playground for ($i = 0; $i <= COUNT_FILES; $i++) { $storage->write($i, randomStr(), array()); } // test loop echo "Testing...\n"; Debug::timer(); $hits = array('ok' => 0, 'notfound' => 0, 'error' => 0, 'cantwrite' => 0, 'cantdelete' => 0); for ($counter = 0; $counter < 1000; $counter++) { // write $ok = $storage->write(rand(0, COUNT_FILES), randomStr(), array()); if ($ok === FALSE) { $hits['cantwrite']++; } // remove //$ok = $storage->remove(rand(0, COUNT_FILES)); //if (!$ok) $hits['cantdelete']++; // read $res = $storage->read(rand(0, COUNT_FILES)); // compare if ($res === NULL) { $hits['notfound']++; } elseif (checkStr($res)) { $hits['ok']++; } else { $hits['error']++;
public function widget($args, $instance) { extract($args); extract($instance); $randomStr = randomStr(); echo $before_widget; ?> <div class="wrapper"> <?php echo $htmltag; echo $title; ?> </<?php echo $htmltag; ?> > <div class="jcarousel-wrapper" id="<?php echo trim($select_no) . $randomStr; ?> "> <div class="jcarousel"> <ul> <?php global $wpdb; $rw = $wpdb->get_results("SELECT *from " . $wpdb->prefix . "jw_easy_logo_slider JOIN " . $wpdb->prefix . "jw_easy_logo_slider_setting where\n\n\t\t\t\t" . $wpdb->prefix . "jw_easy_logo_slider_setting.name='" . $select_no . "'"); foreach ($rw as $setting) { $res = $setting->setting; $show = unserialize($res); } $rows = $wpdb->get_results("SELECT * from " . $wpdb->prefix . "jw_easy_logo_slider JOIN " . $wpdb->prefix . "jw_easy_logo_slider_setting where " . $wpdb->prefix . "jw_easy_logo_slider_setting.id = " . "" . $wpdb->prefix . "jw_easy_logo_slider.slider_id" . " AND " . $wpdb->prefix . "jw_easy_logo_slider_setting.name='" . $select_no . "'"); foreach ($rows as $row) { ?> <li> <style> .easy-logo_image {height:<?php if ($show['image_ht'] != '') { echo $show['image_ht']; } else { echo "150px"; } ?> !important} </style> <?php if ($row->url != '') { ?> <a href="<?php echo $row->url; ?> " target="<?php if ($show['url_target'] != '') { echo $show['url_target']; } else { echo "_blank"; } ?> " title="<?php echo stripcslashes($row->title); ?> "><img src='<?php $upload_dir = wp_upload_dir(); echo $upload_dir["baseurl"] . "/" . "easy_logo_slider/" . $row->image; ?> ' class="easy-logo_image" alt="" /></a> <?php } else { ?> <img src='<?php $upload_dir = wp_upload_dir(); echo $upload_dir["baseurl"] . "/" . "easy_logo_slider/" . $row->image; ?> ' class="easy-logo_image" alt="" title="<?php echo stripcslashes($row->title); ?> " /> <?php } ?> <?php if ($row->url != '') { ?> <a href="<?php echo $row->url; ?> " target="<?php if ($show['url_target'] != '') { echo $show['url_target']; } else { echo "_blank"; } ?> " title="<?php echo stripcslashes($row->title); ?> "> <h3><?php if ($show['jw_easy_logo_slider_title_sh'] != "hide" and $show['jw_easy_logo_slider_title_sh'] != '') { echo stripcslashes($row->title); } ?> </h3> </a> <?php } else { ?> <h3><?php if ($show['jw_easy_logo_slider_title_sh'] != "hide" and $show['jw_easy_logo_slider_title_sh'] != '') { echo stripcslashes($row->title); } ?> </h3> <?php } ?> <?php $str = substr($row->description, 0, $show['limit_description']); ?> <?php if ($show['jw_easy_logo_slider_desc_sh'] != "hide") { echo '<p class="descp">' . stripcslashes($str) . '</p>'; } ?> </li> <?php } ?> </ul> </div> <a href="#" class="jcarousel-control-prev" title="Previous">‹</a> <a href="#" class="jcarousel-control-next" title="Next">›</a> <p class="jcarousel-pagination"></p> </div> <script type='text/javascript'>create_jcarousel('<?php echo trim($select_no) . $randomStr; ?> ');</script> </div> <?php echo $after_widget; }
* @date 2015-08-03 11:51:15 * @version $Id$ */ session_start(); header('Content-Type=image/png;charset=utf-8'); //随机字符生成函数 function randomStr($len) { $oldStr = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $newStr = ''; for ($i = 0; $i < $len; $i++) { $newStr .= $oldStr[mt_rand(0, 61)]; } return $newStr; } $a = randomStr(4); //echo $a; //设置图像宽高 $height = 40; $width = 100; //生成图像 $img = imagecreatetruecolor($width, $height); //设置图像背景颜色 $imgcolor = imagecolorallocate($img, 255, 255, 255); //设置像素点颜色 $pixels = imagecolorallocate($img, 255, 0, 0); //设置字符颜色 $font = imagecolorallocate($img, 41, 163, 238); //绘制像素点 for ($i = 0; $i < 1000; $i++) { imagesetpixel($img, mt_rand(0, $width), mt_rand(0, $height), $pixels);
return substr($s, 0, 20) === sha1(substr($s, 20), TRUE); } define('COUNT_FILES', 3); set_time_limit(0); SafeStream::register(); // clear playground for ($i = 0; $i <= COUNT_FILES; $i++) { file_put_contents('safe://tmp/testfile' . $i, randomStr()); } // test loop echo "Testing (with SafeStream)...\n"; Debug::timer(); $hits = array('ok' => 0, 'notfound' => 0, 'error' => 0, 'cantwrite' => 0, 'cantdelete' => 0); for ($counter = 0; $counter < 1000; $counter++) { // write $ok = @file_put_contents('safe://tmp/testfile' . rand(0, COUNT_FILES), randomStr()); if ($ok === FALSE) { $hits['cantwrite']++; } // delete // $ok = @unlink('safe://testfile'.rand(0, COUNT_FILES)); // if (!$ok) $hits['cantdelete']++; // read $res = @file_get_contents('safe://tmp/testfile' . rand(0, COUNT_FILES)); // compare if ($res === FALSE) { $hits['notfound']++; } elseif (checkStr($res)) { $hits['ok']++; } else { $hits['error']++;
$result_stmt = null; } } if ($result_stmt !== null) { $user = $result_stmt->fetch(PDO::FETCH_ASSOC); /* Check whether user is banned */ if ($user['deactivated']) { redirectTo('index.php', array('showmessage' => '8')); exit; } if ($adminchecked && Settings::Get('panel.allow_preset_admin') == '1' || $adminchecked == false) { if ($user !== false) { // build a activation code $timestamp = time(); $first = substr(md5($user['loginname'] . $timestamp . randomStr(16)), 0, 15); $third = substr(md5($user['email'] . $timestamp . randomStr(16)), -15); $activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10); // Drop all existing activation codes for this user $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`\n\t\t\t\t\t\tWHERE `userid` = :userid\n\t\t\t\t\t\tAND `admin` = :admin"); $params = array("userid" => $adminchecked ? $user['adminid'] : $user['customerid'], "admin" => $adminchecked ? 1 : 0); Database::pexecute($stmt, $params); // Add new activation code to database $stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_ACTIVATION . "`\n\t\t\t\t\t\t(userid, admin, creation, activationcode)\n\t\t\t\t\t\tVALUES (:userid, :admin, :creation, :activationcode)"); $params = array("userid" => $adminchecked ? $user['adminid'] : $user['customerid'], "admin" => $adminchecked ? 1 : 0, "creation" => $timestamp, "activationcode" => $activationcode); Database::pexecute($stmt, $params); $rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset')); $rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password."); // Set together our activation link $protocol = empty($_SERVER['HTTPS']) ? 'http' : 'https'; // this can be a fixed value to avoid potential exploiting by modifying headers $host = Settings::Get('system.hostname');
<?php session_start(); require_once '../diy/config.php'; if (isset($_GET['get_started'])) { $crud = CRUD::getInstance(); $stored = true; while ($stored) { $code = randomStr(6); $check_code = $crud->select(TABLE_NAME, "app_id", "where activation_code={$code}"); if ($crud->getNumRows() == 0) { $stored = false; } } $query = "INSERT INTO " . TABLE_NAME . "(`client_id`,`app_key`,`name`,`category_id`,`theme_json`,`features_json`,`activation_code`,`added_date`) VALUES('{$_SESSION['client']['client_id']}',UUID(),'{$_GET['name']}','{$_GET['category']}','{}','{}','{$code}','" . date('Y-m-d H:i:s') . "')"; $insert = $crud->custom("insert", $query); if ($insert) { $app = $crud->select(TABLE_NAME, "`app_key`", "where app_id='{$crud->getInsertId()}'"); if ($app) { $app = $crud->getFirst(); } $app_key = $app['app_key']; if (!file_exists(DOC_ROOT_DIY . 'diy-data/' . $app_key)) { mkdir(DOC_ROOT_DIY . 'diy-data/' . $app_key); if (!file_exists(DOC_ROOT_DIY . 'diy-data/' . $app_key . '/gallery')) { mkdir(DOC_ROOT_DIY . 'diy-data/' . $app_key . '/gallery'); } } header('Location:' . RESOURCE_PATH_DIY . $app_key . '/create'); } else { header('Location:' . $_SERVER['HTTP_REFERER']);
if ($_FILES['file']['error'] > 0) { echo json_encode(array("status" => 601, "message" => $_FILES['file']['error'])); exit(1); } //check if the file is an image if (strrpos($_FILES['file']['type'], "image") !== false) { $safename = $_FILES['file']['name']; $safename = str_replace("#", "No.", $safename); $safename = str_replace("\$", "Dollar.", $safename); $safename = str_replace("%", "percent", $safename); $safename = str_replace("^", "", $safename); $safename = str_replace("&", "and", $safename); $safename = str_replace("*", "", $safename); $safename = str_replace("?", "", $safename); $safenameArr = explode(".", $safename); $safename = $safenameArr[count($safenameArr) - 2] . "__" . randomStr() . ".jpg"; //just to make sure there are no overriddens if (file_exists($safename)) { echo json_encode(array("status" => 601, "message" => "File Already Exists")); exit(1); } //upload process if ($_FILES['file']['type'] == 'image/jpeg' || $_FILES['file']['type'] == 'image/pjpeg') { $new_img = imagecreatefromjpeg($_FILES['file']['tmp_name']); } elseif ($_FILES['file']['type'] == 'image/gif') { $new_img = imagecreatefromgif($_FILES['file']['tmp_name']); } elseif ($_FILES['file']['type'] == 'image/png' || $_FILES['file']['type'] == 'image/x-png') { $new_img = imagecreatefrompng($_FILES['file']['tmp_name']); } list($width, $height) = getimagesize($_FILES['file']['tmp_name']); $imgratio = $width / $height;