/** * 通过主键,编辑一条记录 * @param integer $id * @param array $params * @return array */ public function modifyByPk($id, array $params = array()) { if (isset($params['show_code'])) { $params['show_code'] = String::stripslashes($params['show_code']); } return parent::modifyByPk($id, $params); }
/** * 生成验证码,待完善 * @return void */ public static function verify() { $fontFile = Cfg::getApp('fontfile'); $chars = String::randStr(4); $width = 140; $height = 40; ImageManager::verify($fontFile, $chars, $width, $height); }
/** * 通过键名,编辑多条记录,如果键名不存在则新增记录 * @param array $params * @return integer */ public function batchReplace(array $params = array()) { if (isset($params['stat_code'])) { $params['stat_code'] = String::stripslashes($params['stat_code']); } if (isset($params['powerby'])) { $params['powerby'] = String::stripslashes($params['powerby']); } $ret = $this->callModifyMethod($this->getService(), 'batchReplaceById', 0, $params); return $ret; }
/** * 初始化$_GET、$_POST、$_COOKIE值,XSSClean * @return void */ public function _initRGPC() { $rawKeys = array('http_referer'); foreach ($_GET as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_GET[$key] = String::specialchars_decode($value); } foreach ($_POST as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_POST[$key] = String::specialchars_decode($value); } foreach ($_COOKIE as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_COOKIE[$key] = String::specialchars_decode($value); } }
/** * 初始化$_GET、$_POST、$_COOKIE值,XSSClean * @return void */ public function _initRGPC() { $rawKeys = array('http_referer', 'content', 'show_code', 'stat_code', 'powerby', 'jump_url', 'menu_url', 'advert_url', 'html_style', 'html_script', 'html_head', 'html_body'); foreach ($_GET as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_GET[$key] = String::specialchars_decode($value); } foreach ($_POST as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_POST[$key] = String::specialchars_decode($value); } foreach ($_COOKIE as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_COOKIE[$key] = String::specialchars_decode($value); } }
/** * 字符单字节截串,为了优化页面展示,一个汉字按两个字符计算,如果第三个参数小于0,则默认是字符长度 * @param string $input * @param integer $start * @param integer $length * @return string */ public function substr($input, $start = 0, $length = -1) { $input = String::specialchars_encode($input); $iptLen = strlen($input); if ($iptLen <= 0) { return ''; } if ($length < 0) { $length = $iptLen; } $end = $start + $length; if ($start == 0) { $end++; } $pos = $charLen = $noc = 0; $posLessStart = true; while ($pos < $iptLen) { $charLen = $this->charlen($input[$pos]); $pos += $charLen > 0 ? $charLen : 1; $noc += $charLen > 1 ? 2 : ($charLen > 0 ? 1 : 0); if ($posLessStart && $noc >= $start) { if ($noc === $start) { $start = $pos; } else { $start = $pos - $charLen; $end--; } $posLessStart = false; } if ($noc >= $end) { break; } } if ($noc > $end) { $pos -= $charLen; } $output = substr($input, $start, $pos - $start); $output = String::specialchars_decode($output); return $output; }
/** * 通过主键,编辑一条记录 * @param integer $id * @param array $params * @return array */ public function modifyByPk($id, array $params = array()) { $params['last_modifier_id'] = Identity::getUserId(); if (isset($params['content'])) { $params['content'] = String::stripslashes($params['content']); } return parent::modifyByPk($id, $params); }
/** * 获取支付随机附加混淆码 * @return string */ public function getSalt() { return String::randStr(6); }
/** * 通过主键,编辑一条记录 * @param integer $id * @param array $params * @return array */ public function modifyByPk($id, array $params = array()) { if (isset($params['html_style'])) { $params['html_style'] = String::stripslashes($params['html_style']); } if (isset($params['html_script'])) { $params['html_script'] = String::stripslashes($params['html_script']); } if (isset($params['html_head'])) { $params['html_head'] = String::stripslashes($params['html_head']); } if (isset($params['html_body'])) { $params['html_body'] = String::stripslashes($params['html_body']); } return parent::modifyByPk($id, $params); }
/** * 第三方账号登录 * @param string $partner * @param string $openid * @return array */ public function loginByPartner($partner, $openid) { if (($partner = trim($partner)) === '') { $errNo = DataAccount::ERROR_PARTNER_EMPTY; return array('err_no' => $errNo, 'err_msg' => DataAccount::getErrMsgByErrNo($errNo), 'data' => array()); } if (($openid = trim($openid)) === '') { $errNo = DataAccount::ERROR_OPENID_EMPTY; return array('err_no' => $errNo, 'err_msg' => DataAccount::getErrMsgByErrNo($errNo), 'data' => array()); } if (!in_array($partner, DataAccount::$partners)) { $errNo = DataAccount::ERROR_PARTNER_WRONG; return array('err_no' => $errNo, 'err_msg' => DataAccount::getErrMsgByErrNo($errNo), 'data' => array()); } $loginName = $partner . '_' . $openid; $row = $this->_portal->findByLoginName($loginName); if (!$row || !is_array($row) || !isset($row['member_id'])) { $salt = $this->_portal->getSalt(); $password = $this->_portal->encrypt(String::randStr(12), $salt); $params = array('login_name' => $loginName, 'login_type' => DataPortal::LOGIN_TYPE_PARTNER, 'password' => $password, 'salt' => $salt, 'member_name' => mt_rand(100000000, 999999999), 'ip_registered' => Clean::ip2long(Ap::getRequest()->getClientIp())); if (!$this->_portal->getDb()->create($params)) { Log::warning(sprintf('Account db create failed, login_name "%s", login_type "%s"', $loginName, DataPortal::LOGIN_TYPE_PARTNER), 0, __METHOD__); } } $ret = $this->checkName($loginName); $ret['err_msg'] = DataAccount::getErrMsgByErrNo($ret['err_no']); if ($ret['err_no'] !== DataAccount::SUCCESS_LOGIN_NUM) { return $ret; } $ret = $this->checkLogin($ret['data'], true); $ret['err_msg'] = DataAccount::getErrMsgByErrNo($ret['err_no']); if ($ret['err_no'] !== DataAccount::SUCCESS_LOGIN_NUM) { return $ret; } $ret = $this->setIdentity($ret['data'], false); $ret['err_msg'] = DataAccount::getErrMsgByErrNo($ret['err_no']); return $ret; }
/** * 清理字段,除去左右空格,并且escapeXss * @param string $value * @return string */ public static function cleanXss($value) { return String::escapeXss($value); }
/** * 在URL后拼接QueryString参数,QueryString:&k1=v1&k2=v2&k3=v3 * @param string $url * @param array $params * @return string */ public function applySimpleParams($url, array $params = array()) { if ($params !== null) { if (strpos($url, '?') === false) { $url .= '?'; } foreach ($params as $key => $value) { $url .= '&' . $key . '=' . String::urlencode($value); } } return $url; }
function spl_autoload($className) { $className = str_replace('\\', DS, $className) . '.php'; require $className; } /** * 注册__autoload方法 */ spl_autoload_register('\\tfc\\saf\\spl_autoload') || exit('Request Error, unable to register autoload as an autoloading method'); /** * 初始化$_GET、$_POST、$_COOKIE值,在指定的预定义字符前添加反斜杠 */ if (!MAGIC_QUOTES_GPC) { $_GET = \tfc\util\String::addslashes($_GET); $_POST = \tfc\util\String::addslashes($_POST); $_COOKIE = \tfc\util\String::addslashes($_COOKIE); } if (!function_exists('debug_dump')) { /** * 测试打印数据,只有DEBUG或者强制的时候才输出 * @param mixed $expression * @param boolean $coercion * @return void */ function debug_dump($expression, $coercion = false) { if (DEBUG || $coercion) { $response = \tfc\ap\Ap::getResponse(); if (!$response->headersSent()) { $response->contentType('text/html', \tfc\ap\Ap::getEncoding()); }
/** * 展示页面,输出数据 * @param array $data * @param string $tplName * @return void */ public function render(array $data = array(), $tplName = null) { $this->assignSystem(); $this->assignUrl(); $this->assignLanguage(); $viw = Mvc::getView(); $viw->addLayoutName('layouts' . DS . $this->layoutName); if ($tplName === null) { $tplName = $this->getDefaultTplName(); } if (!isset($data['err_no']) || $data['err_no'] === ErrorNo::SUCCESS_NUM) { $data['err_no'] = Ap::getRequest()->getInteger('err_no', ErrorNo::SUCCESS_NUM); $errMsg = String::escapeXss(Ap::getRequest()->getString('err_msg')); if ($errMsg !== '') { $data['err_msg'] = $errMsg; } } $viw->render($tplName, $data); }
/** * 获取加密后的邮箱 * @param string $mail * @return string */ public function encryptMail($mail) { if (($mail = trim($mail)) === '') { $errNo = DataRepwd::ERROR_MEMBER_MAIL_EMPTY; Log::warning('Repwd member_mail empty', $errNo, __METHOD__); return array('err_no' => $errNo, 'ciphertext' => ''); } if (!preg_match(MailValidator::REGEX_MAIL, $mail)) { $errNo = DataRepwd::ERROR_MEMBER_MAIL_WRONG; Log::warning(sprintf('Repwd member_mail wrong, member_mail "%s"', $mail), $errNo, __METHOD__); return array('err_no' => $errNo, 'ciphertext' => ''); } $row = $this->_portal->findByLoginName($mail); if (!$row) { $errNo = DataRepwd::ERROR_MEMBER_MAIL_NOT_EXISTS; Log::warning(sprintf('Repwd member_mail not exists, member_mail "%s"', $mail), $errNo, __METHOD__); return array('err_no' => $errNo, 'ciphertext' => ''); } $password = $this->encryptPwd($row['password']); $plaintext = $row['login_name'] . '|' . $password . '|' . $row['dt_last_login'] . '|' . time(); $plaintext .= '|' . String::ascii($plaintext); $ciphertext = $this->_mef->encode($plaintext); $errNo = DataRepwd::SUCCESS_REPWD_NUM; return array('err_no' => $errNo, 'ciphertext' => $ciphertext); }