function usepin() { global $PIN_EXPIRE_TIME; if (!isset($_COOKIE["username"]) || !isset($_COOKIE["device"])) { return False; } $user = $_COOKIE["username"]; $device = $_COOKIE["device"]; if ($user == "" || $device == "") { return False; } $link = sqllink(); if (!$link) { return False; } $sql = "SELECT id FROM `pwdusrrecord` WHERE `username`= ?"; $res = sqlexec($sql, array($user), $link); $record = $res->fetch(PDO::FETCH_ASSOC); if ($record == FALSE) { return False; } $id = $record['id']; $sql = "DELETE FROM `pin` WHERE `errortimes` >= 3 OR UNIX_TIMESTAMP( NOW( ) ) - UNIX_TIMESTAMP(`createtime`) > ?"; $res = sqlexec($sql, array($PIN_EXPIRE_TIME), $link); $sql = "SELECT * FROM `pin` WHERE `userid`= ? AND `device`= ?"; $res = sqlexec($sql, array($id, $device), $link); $record = $res->fetch(PDO::FETCH_ASSOC); if ($record == FALSE) { return False; } return True; }
<?php session_start(); require_once "function/sqllink.php"; require_once "function/deleteexpire.php"; if (!isset($_POST['m']) || $_POST['m'] == '' || !isset($_POST['p']) || $_POST['p'] == '' || !isset($_POST['ph'])) { die('0'); } else { $expire = date('Y-m-d', strtotime('+6 day')); $link = sqllink(); $m = $_POST['m']; $p = $_POST['p']; $phint = $_POST['ph']; deleteexpire($link); $link->beginTransaction(); while (true) { $code = ''; for ($i = 1; $i <= 6; $i++) { $c = rand(0, 35); if ($c < 10) { $code = $code . $c; } else { $code = $code . chr($c - 10 + ord("a")); } } $sql = "SELECT COUNT(*) FROM `talkrecord` WHERE `code`=?"; $res = sqlexec($sql, array($code), $link); $num = $res->fetch(PDO::FETCH_NUM); $num = $num[0]; if ($num == 0) { break;