function checkAuthority($level) { require_once 'site.class.php'; require_once 'user.class.php'; $uid = Site::getSessionUid(); if ($uid == 0) { return false; } $currentUser = new User(); $currentUser->uid = $uid; $response = json_decode($currentUser->getData(), true); return $response['level'] >= $level; }
public function listData($user = -1, $public = -1, $status = -1) { $conditionStr = ''; if ($user == 0) { require_once 'site.class.php'; $uid = (int) Site::getSessionUid(); $conditionStr .= 'AND(`uid` = "' . $uid . '")'; } if ($public == 0) { $conditionStr .= 'AND(`public` = 1 AND `password` = "")'; } if ($public == 1) { $conditionStr .= 'AND(`public` = 1 AND `password` != "")'; } if ($public == 2) { $conditionStr .= 'AND(`public` = 0)'; } if ($status != -1) { $conditionStr .= 'AND(`status` = "' . $status . '")'; } if (strlen($conditionStr) > 3) { $conditionStr = substr($conditionStr, 3); $conditionStr = 'WHERE ' . $conditionStr; } if (($sqlCalculation = @mysql_query('SELECT `cid`, `pid`, `uid`, `priority`, `public`, `password`, `status`, `input`, `result` FROM `calculation`' . $conditionStr . ' ORDER BY `cid` DESC;')) === false) { return false; } $response = []; while (($item = @mysql_fetch_assoc($sqlCalculation)) !== false) { $item['cid'] = (int) $item['cid']; $item['pid'] = (int) $item['pid']; $item['uid'] = (int) $item['uid']; $item['priority'] = (int) $item['priority']; $item['public'] = (bool) $item['public']; $item['status'] = (int) $item['status']; $item['input'] = urldecode($item['input']); $item['result'] = urldecode($item['result']); if (strlen($item['password']) > 0) { $item['password'] = '******'; } $item['pluginname'] = self::getPluginName($item['pid']); $item['username'] = self::getUserName($item['uid']); $item['statusStr'] = self::getStatusStr($item['status']); array_push($response, $item); } return json_encode($response); }
$currentCalculation->init(getRequest('pid'), $uid, $priority, 0, '', 0, getRequest('input')); if (!$currentCalculation->checkVariables()) { handle(ERROR_INPUT . '01'); } $response = $currentCalculation->create(); if ($response === false) { handle(ERROR_SYSTEM . '00'); } handle('0000{"cid":' . $response . '}'); break; case 'renew': $currentCalculation = new Calculation(); $currentCalculation->cid = getRequest('cid'); $response = json_decode($currentCalculation->getData(), true); require_once 'site.class.php'; $uid = Site::getSessionUid(); if ($uid == 0) { handle(ERROR_PERMISSION . '00' . '请先登陆!'); } if ($response['uid'] !== $uid && !checkAuthority(9)) { handle(ERROR_PERMISSION . '00'); } $priority = $response['priority']; if (checkAuthority(9) && getRequest('priority') !== '') { $priority = getRequest('priority'); } $currentCalculation->init($response['pid'], $response['uid'], $priority, (int) getRequest('public'), getRequest('password'), $response['status'], $response['input']); if (!$currentCalculation->checkVariables()) { handle(ERROR_INPUT . '01'); } $response = $currentCalculation->modify();
if ($existUid != 0) { handle(ERROR_PERMISSION . '02' . '用户名已存在!'); } $password = password_hash(md5($username . getRequest('password') . '.cc'), PASSWORD_BCRYPT); $currentUser->init(getRequest('username'), $password, getRequest('email')); if (!$currentUser->checkVariables()) { handle(ERROR_INPUT . '02'); } $response = $currentUser->create(); if ($response === false) { handle(ERROR_SYSTEM . '00'); } handle('0000{"uid":' . $response . '}'); break; case 'renew': if (Site::getSessionUid() !== getRequest('uid') && !checkAuthority(9)) { handle(ERROR_PERMISSION . '01'); } $currentUser = new User(); $currentUser->uid = getRequest('uid'); $response = json_decode($currentUser->getData(), true); if (!password_verify(md5($response['username'] . getRequest('password_old') . '.cc'), $response['password'])) { handle(ERROR_PERMISSION . '02' . '密码错误!'); } $password_new = getRequest('password_new'); if ($password_new === '') { $password_new = getRequest('password_old'); } $password_new = password_hash(md5($response['username'] . $password_new . '.cc'), PASSWORD_BCRYPT); $currentUser->init($response['username'], $password_new, $response['email'], $response['level']); if (!$currentUser->checkVariables()) {
/** * get current logged user's uid * 0 represents no user logged in * @return int uid */ function hasLogin() { require_once 'site.class.php'; return Site::getSessionUid(); }