public static function process($aconfig = '') { global $ARCurrent; $ARCurrent->arDontCache = true; $context = pobject::getContext(); $me = $context["arCurrentObject"]; // ConfigArray $context = $me->getContext(); $template = $me->getvar('arCallFunction'); if (!is_array($aconfig)) { $aconfig = array(); } $temp = $me->store->get_config('files') . 'temp/'; $config = array('template' => $template, 'url' => $me->make_url(), 'tempfolder' => $temp, 'TTF_folder' => CAPTCHA_TTF_FOLDER, 'TTF_RANGE' => array('andalemo.ttf', 'arial.ttf', 'ariblk.ttf', 'comic.ttf', 'cour.ttf', 'georgia.ttf', 'impact.ttf', 'times.ttf', 'trebuc.ttf', 'verdana.ttf'), 'chars' => 5, 'minsize' => 20, 'maxsize' => 30, 'maxrotation' => 25, 'noise' => FALSE, 'websafecolors' => FALSE, 'refreshlink' => TRUE, 'lang' => 'en', 'maxtry' => 3, 'badguys_url' => '/', 'secretstring' => 'A very, very secret string which is used to generate a md5-key!', 'secretposition' => 15, 'debug' => FALSE); foreach ($aconfig as $akey => $aval) { switch ($akey) { case 'maxsize': case 'maxrotation': case 'noise': case 'websafecolors': case 'lang': case 'maxtry': case 'badguys_url': case 'secretstring': case 'secretposition': case 'minsize': case 'chars': case 'debug': $config[$akey] = $aval; break; } } $captcha = new mod_captcha($config); if ($me->getvar('show')) { $captchaCase = 'show'; } else { $case = $captcha->validate_submit(); switch ($case) { case 1: $captchaCase = 'valid'; break; case 2: $captchaCase = 'invalid'; break; case 3: $captchaCase = 'expired'; break; default: $captchaCase = 'normal'; break; } } $context['captcha'] = $captcha; $me->setContext($context); return $captchaCase; }
public function authenticate($data, $type = null) { $timestamp = time(); //当前时间戳 $admin_recordfile = PATH_ADMIN . "/data/log/admin_log.php"; //用户登录log记录文件 $F_count = F_L_count($admin_recordfile, 2000); $L_T = 3600 - ($timestamp - @filemtime($admin_recordfile)); //20分钟内 $L_left = 15 - $F_count; if ($F_count > 1500000000 && $L_T > 0) { // 登录失败次数过多检测 throw new Exception("连续登陆错误超过15次,请20分钟后再试."); } $s = new mod_captcha(PATH_ADMIN . '/data/captcha/'); $s->session_word = 'flpm_login'; $username = trim(array_var($data, "username")); $password = trim(array_var($data, "password")); $captcha = trim(array_var($data, "captcha")); $logintype = trim(array_var($data, "logintype")); $cpuinfo = mod_member::get_oneamdinbyusername($username); if (in_array($cpuinfo['level'], array(8, 9))) { $logintype = 1; } $password = $password; if (VERIFY_CODE == 1 && $type == null) { if ($captcha == '') { self::log_error_login($username, $password); throw new Exception('请输入验证码!'); } else { if ($logintype != 3) { if (!$s->check_word($captcha)) { throw new Exception('请输入正确的验证码!'); } } } } if ($type == 'sso') { $logintype = 2; } if ($logintype == 1) { $username = $username; $password = $password; if (!in_array($cpuinfo['level'], array(8, 9))) { throw new Exception('不允许此方式登录!'); } } elseif ($logintype == 2) { $bossuser = mod_oracle::bossuser($username); $bossuser = $bossuser[0]; if ($type == null) { if (md5($password) != $bossuser['PASSWORD']) { throw new Exception('密码不正确!'); } } else { if ($password != $bossuser['PASSWORD']) { throw new Exception('密码不正确!'); } } $bossname = $bossuser['LOGIN_NAME']; $vid = mod_member::getnamebybossname($bossname); if (!$vid) { $localuserinfo = mod_member::get_oneamdinbyusername($bossname); if (!$localuserinfo) { $addname = $bossname; $addtruename = $bossuser['NAME']; $addpassword = '******'; $addemail = $bossuser['EMAIL']; $addadminlevel = '2'; $user_id = mod_member::member_add($addname, $addtruename, $addpassword, $addemail, $addadminlevel); $adddata['bossname'] = $bossuser['LOGIN_NAME']; mod_member::addbossuser($adddata, $user_id); $addright = mod_member::get_right('1'); mod_member::saverights($addright, $addname); $addsubject = '飞流九天产品后台账户创建通知'; $mailtxt = mailtxt($addname, $addpassword, $addemail); //$addemail && @mod_mail::send($addemail,$addname,$addsubject,$mailtxt,'html'); $username = $addname; $password = md5($addpassword); } else { $data = array(); $data['bossname'] = $bossname; mod_member::addbossuser($data, $localuserinfo['user_id']); $username = $localuserinfo['name']; $password = md5($localuserinfo['password']); } } else { $username = $vid['user_name']; $password = $vid['password']; $user_id = $vid['user_id']; } } elseif ($logintype == 3) { $bossuser = mod_oracle::bossuser($username); $bossuser = $bossuser[0]; if ($username != $bossuser['LOGIN_NAME']) { return false; } if ($password != $bossuser['PASSWORD']) { return false; } } if (self::verify_login_in($username, $password, $logintype)) { $auth_key = self::get_user_agent(); if ($logintype == 1) { $auth_password = md5($password); } elseif ($logintype == 2) { $auth_password = $password; } $auth_username = $username; self::update_login($user_id); $cookie_value = authcode($auth_username . ':' . $auth_key . ':' . $auth_password, $operation = 'ENCODE'); $cookie_expire = time() + 7200; //20分钟 $cook_pre = AUTH_KEY . '_admin_auth'; $_COOKIE[$cook_pre] = $cookie_value; setcookie(AUTH_KEY . '_admin_auth', $cookie_value, $cookie_expire, PATH_COOKIE); return true; } }