function checkChinaIP() { $ip = getClientIP(); $cIP = explode(".", $ip); $ipList = split("\n", file_get_contents(__DIR__ . "/china_ip")); foreach ($ipList as $value) { if (!$value) { continue; } $ips = explode(" ", $value); $minIP = explode(".", $ips[0]); $maxIP = explode(".", $ips[1]); $match = true; foreach ($cIP as $idx => $part) { if ($part < $minIP[$idx] || $part > $maxIP[$idx]) { $match = false; break; } } if ($match) { return true; } } return false; //return true; }
/** * 推广连接 * www.xxx.com/action/Method/站长ID/游戏ID/cpa、cps、。。。/子ID/?ref=url * yy.51yx.com/index/tg/12312312/13/2/11/?ref=url */ public function tg() { $master_id = $_GET[2]; //站长ID $game_id = $_GET[3]; //游戏ID $type = $_GET[4]; //推广类型 cpa/cps $sub_code = $_GET[5]; //子站长ID $ref = $_GET['ref']; setcookie(WEBMASTER, $master_id, 0, '/', DOMAIN); setcookie(AD_GAME_ID, $game_id, 0, '/', DOMAIN); setcookie(SPREAD_TYPE, $type, 0, '/', DOMAIN); //CPS 为2 CPA:1 其它:0 setcookie(SUB_CODE, $sub_code, 0, '/', DOMAIN); $ip = getClientIP(); //记点击日志 //站长ID,游戏ID,子站长ID,访问IP $content = $master_id . ',' . $game_id . ',\'' . $sub_code . '\' ' . $ip; @log_info($content, $file = "tg_click_"); if ($ref) { $this->gotourl($ref); } else { $this->gotourl('/member/register'); } exit; }
function setSessionFile($data) { $dir = getSysDir(); $handle = fopen($dir . '/etc/session/sess' . md5(getClientIP()), 'wt'); $res = fwrite($handle, $data); fclose($handle); return $res; }
function addToLog($userid, $action, $description) { $userid = makeStringSafe($userid); $action = makeStringSafe($action); $description = makeStringSafe($description); $mysqldate = getCurrentMySQLDateTime(); $ip = getClientIP(); $hostname = getClientHostname(); doQuery("INSERT INTO " . getDBPrefix() . "_log SET user_id = '" . $userid . "', action_type = '" . $action . "', action_description = '" . $description . "', date = '" . $mysqldate . "', ip = '" . $ip . "', hostname='" . $hostname . "'"); }
public static function createInstantReport($message, $senderid, $requestid, $route, array $response) { // Request id $dataToInsert['user_id'] = 1; // active user id $dataToInsert['request_id'] = $requestid; $dataToInsert['request_route'] = $route; $dataToInsert['senderid'] = $senderid; $dataToInsert['message'] = $message; $dataToInsert['data'] = $response; //json $dataToInsert['sender_ip'] = getClientIP(); CloudsmsReports::create($dataToInsert); }
public function activation() { $this->loadModel('common_model'); $json = $_GET['jsoncallback']; $user_name = $_REQUEST['user_name']; $game_id = $_REQUEST['game_id']; $card_no = $_REQUEST['card_no']; //判断激活码是否有效 $query = $this->common_model->checkActivationCode($card_no); if ($query) { if (empty($json)) { echo json_encode(array('actionErrors' => 'e1')); } else { echo $json . "(" . json_encode(array('actionErrors' => 'e1')) . ")"; } exit; } //判断账号是否已经被激活过 $query = $this->common_model->checkUserActivation($game_id, $user_name); if ($query) { if (empty($json)) { echo json_encode(array('actionErrors' => 'e3')); } else { echo $json . "(" . json_encode(array('actionErrors' => 'e3')) . ")"; } exit; } //判断用户或激活码是否可用 $query = $this->common_model->checkActivation($game_id, $user_name, $card_no); if ($query) { if (empty($json)) { echo json_encode(array('actionErrors' => 'e2')); } else { echo $json . "(" . json_encode(array('actionErrors' => 'e2')) . ")"; } exit; } $active_ip = getClientIP(); //IP地址 $result = $this->common_model->activation($card_no, $user_name, $active_ip, $game_id); if ($result) { if (empty($json)) { echo json_encode(array('actionErrors' => 'succ')); } else { echo $json . "(" . json_encode(array('actionErrors' => 'succ')) . ")"; } } exit; }
public function check_formlimitation($formID, $dayrange = 1, $limitation = 5) { $WebSiteID = $this->session->userdata('WebSiteID'); $sql = "SELECT COUNT(*) Total FROM tbl_restrictions_form_limitations WHERE WebSiteID='" . $WebSiteID . "' AND FormID='" . $formID . "' AND ClientIP='" . getClientIP() . "' AND CreateTime> DATEADD(day,-" . $dayrange . ",GETDATE())"; $query = $this->db->query($sql); $row = $query->row(); $Total = $row->Total; $sql = "INSERT INTO tbl_restrictions_form_limitations (WebSiteID, FormID, ClientIP) VALUES ('" . $WebSiteID . "','" . $formID . "','" . getClientIP() . "')"; $query = $this->db->query($sql); if ($Total >= $limitation) { return false; } else { return true; } }
function writeLog($msg) { $time = Date('Y-m-d h:i:s'); $ip = getClientIP(); $info = "{$time}--{$ip} ------>{$msg}"; //echo $info; $fp = fopen("/data/web/open.valsun.cn/log.txt", "a+"); //追加写入 if ($fp) { $flag = fwrite($fp, $info . "\r\n"); if (!$flag) { echo "写入文件失败<br>"; } } else { echo "打开文件失败"; } fclose($fp); }
function writeLog($msg) { $time = Date('Y-m-d h:i:s'); $log_path = WEB_PATH . 'log.txt'; $ip = getClientIP(); $info = "{$time}--{$ip} ------>{$msg}"; //echo $info; $fp = fopen($log_path, "a+"); //追加写入 if ($fp) { $flag = fwrite($fp, $info . "\r\n"); if (!$flag) { echo "写入文件失败<br>"; } } else { echo "打开文件失败"; } fclose($fp); }
public static function userInfoCache($token, $userid) { self::initDB(); $data = Auth::getUserInfo($token); //鉴权系统拉取权限 $userinfo = json_decode($data, TRUE); if (json_last_error() != JSON_ERROR_NONE) { //json数据解析出错 $errCode = 1; $errMsg = '解析鉴权系统返回json出错!'; return false; } $sql = "select lastUpdateTime from pc_user where userPowerId = {$userid}"; $row = self::$dbConn->fetch_first($sql); $time = time(); $ip = getClientIP(); //客户端ip //var_dump($userinfo);exit; $username = mysql_real_escape_string($userinfo['userName']); $phone = mysql_real_escape_string($userinfo['phone']); $email = mysql_real_escape_string($userinfo['email']); if (!empty($row)) { if (json_decode(intval($userinfo['lastUpdateTime']), TRUE) > $row['lastUpdateTime']) { //鉴权系统信息已更新 更新本地数据 $up_sql = "update pc_user set userName = '******', userTel='{$phone}', userMail='{$email}', userIp = '{$ip}', userActive = userActive+1, lastUpdateTime={$time} where userPowerId={$userid}"; self::$dbConn->query($up_sql); } else { //信息没有更新 则只更新登陆次数 $up_sql = "update pc_user set userActive=userActive+1 where userPowerId={$userid}"; //echo $up_sql;exit; self::$dbConn->query($up_sql); } } else { //没找到结果集 新增用户数据 $in_sql = "insert into pc_user values (null, {$userid}, '{$username}', '', '' , '' , '' , '', '', '', '{$phone}', '{$email}', '{$ip}', 1, '', {$time}, 0, {$time})"; self::$dbConn->query($up_sql); } //存储用户权限信息到memcache self::cacheUserInfoToMemcache($userid, $userinfo['power']); return $userinfo; }
public function getGlobal() { $m_user = $this->load("User"); //判断cookie是否有-自动登录 $cookie_auth = $this->getCookie('auth'); if ($cookie_auth) { $clean = array(); list($identifier, $token) = explode(':', $cookie_auth); if (ctype_alnum($identifier) && ctype_alnum($token)) { $clean['identifier'] = $identifier; $clean['token'] = $token; } $record = $m_user->Where(array("identifier" => $clean['identifier']))->Field("id,email,identifier,identifier_token,login_time,point,refuse")->SelectOne(); if ($record && $record["refuse"]) { if ($clean['token'] != $record['identifier_token']) { //$this->redirect("Login/index"); } elseif ($clean['identifier'] != md5("SALTISDIFFCULT" . md5($record["email"] . "SALTISDIFFCULT"))) { //$this->redirect("Login/index"); } else { //更新 if ($record["login_time"] < strtotime(date("Y-m-d"))) { $m_user->UpdateByID(array("login_time" => time(), "login_ip" => getClientIP(), "point" => $record["point"] + 2), $record["id"]); } $this->setSession('uid', $record["id"]); $this->setSession('email', $record["email"]); } } } //根据session uid 获取该用户的信息 $session_uid = $this->getSession("uid"); $session_email = $this->getSession("email"); if (isset($session_uid) && !empty($session_uid)) { $current_user_info = $m_user->Where(array("id" => $session_uid))->Field("id,email,username")->SelectOne(); $current_user_info = deep_htmlspecialchars_decode($current_user_info); $this->getView()->assign("current_user_info", $current_user_info); } }
<?php //测试负载均衡的ip地址 echo 'HTTP_HOST'.$_SERVER['HTTP_HOST'].',REMOTE_ADDR '.$_SERVER["REMOTE_ADDR"].',SERVER_NAME'.$_SERVER['SERVER_NAME'].',getClientIP'.getClientIP(); /** * 获取客户端ip */ function getClientIP() { $ip = "unknown"; /* * 访问时用localhost访问的,读出来的是“::1”是正常情况。 * ::1说明开启了ipv6支持,这是ipv6下的本地回环地址的表示。 * 使用ip地址访问或者关闭ipv6支持都可以不显示这个。 * */ if (isset($_SERVER)) { if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } elseif (isset($_SERVER["HTTP_CLIENT_ip"])) { $ip = $_SERVER["HTTP_CLIENT_ip"]; } else { $ip = $_SERVER["REMOTE_ADDR"]; } } else { if (getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } elseif (getenv('HTTP_CLIENT_ip')) { $ip = getenv('HTTP_CLIENT_ip'); } else { $ip = getenv('REMOTE_ADDR');
function detectCountry($mysqli, $cod_pais = '') { /*$url = "http://ipinfo.io/"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0);*/ //Con esta opcion almaceno el resultado en una variable //curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //session_start(); if (isset($cod_pais) && $cod_pais != '') { $pais = $cod_pais; } else { // Usamos la API de GEO plugin + mas el header TTP_X_FORWARDED_FOR $data = unserialize(file_get_contents('http://www.geoplugin.net/php.gp?ip=' . getClientIP())); $pais = $data['geoplugin_countryCode']; } if ($pais) { //$resp = json_decode(curl_exec($ch)); $cod_pais = $pais; //$resp->country; $query = "SELECT id, pais, flag FROM paises WHERE cod_pais='{$cod_pais}'"; $result = $mysqli->query($query); $tablaPaisdatos = $result->fetch_assoc(); $tablaPais = array('id' => $tablaPaisdatos['id'], 'cod_pais' => $cod_pais, 'pais' => $tablaPaisdatos['pais'], 'flag' => $tablaPaisdatos['flag']); if ($cod_pais != 'US') { $query2 = "SELECT id, idioma, cod_idioma FROM idiomas WHERE idiomas.id = (select id_idioma from pais_idioma where pais_idioma.id_pais = {$tablaPaisdatos['id']})"; $result2 = $mysqli->query($query2); $idioma = $result2->fetch_assoc(); $idioma_sel = $idioma['idioma']; } else { $idioma = array("id" => "2", "idioma" => "Ingles", "cod_idioma" => "IN"); $idioma_sel = "Ingles"; } $_SESSION['pais'] = array('id' => $tablaPais['id'], 'cod_pais' => $tablaPais['cod_pais'], 'pais' => $tablaPais['pais'], 'flag' => $tablaPais['flag'], 'idioma' => $idioma_sel, 'cod_idioma' => $idioma['cod_idioma'], 'id_idioma' => $idioma['id']); } else { $_SESSION['pais'] = array('pais' => 'Argentina', 'cod_pais' => "AR", 'idioma' => 'ES', 'flag' => 'images/flags/ar.png', 'id_idioma' => '1', 'cod_idioma' => 'ES', 'id' => '1'); $_SESSION['ciudad'] = 'Rosario'; } //curl_close($ch); }
$txtAuthorizeLoginId = $row["authorize_loginid"]; $txtAuthorizeTransKey = $row["authorize_transkey"]; $txtCurrency = "USD"; $txtAuthorizeEmail = $row["authorize_email"]; $txtAuthorizeTestMode = $row["authorize_test_mode"]; if ($txtAuthorizeTestMode == "Y") { $txtAuthorizeTestMode = "on"; } else { $txtAuthorizeTestMode = "off"; } $gift_coupon_flag = 0; $message = ""; $paymentsuccessful = false; $paymenterror = ""; $referrer = $_SERVER["HTTP_REFERER"]; $Cust_ip = getClientIP(); $txtAddress = $txtAddress1; if (!$ddlCountry) { $ddlCountry = $bill_country; } if (!$txtState) { $txtState = $bill_state; } $Company = "-NA-"; $Phone = $txtPhone; if ($txtLastName == "") { $txtLastName = "-NA-"; } require "../authorize-product-listing.php"; //process the card and return result. Comment this line and uncomment the two lines below to make payment test mode //$paymentsuccessful = true;
$loginUser = strAddslashes(trim($_POST['login-user'])); $loginPwd = stripslashes(trim($_POST['login-pwd'])); if (strlen($loginUser) < 2 || strlen($loginUser) > 45 || strlen($loginPwd) < 6 || strlen($loginPwd) > 18) { echo "0 用户名或者密码不符合要求"; } else { $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname); if (!emailcheck($loginUser)) { $LoginType = "lower(`name`)"; } else { $LoginType = "`email`"; } $userArr = $TB->getMemberInfo($LoginType, strtolower($loginUser)); if (!empty($userArr['uid'])) { if ($userArr['password'] == md5($loginPwd)) { $loginTime = time(); $loginIp = getClientIP(); loginCookie($userArr['uid'], $userArr['name'], $userArr['groupid'], $loginIp, $loginTime); $loginInfo['securekey'] = createSecureKey(10); $loginInfo['lastdate'] = $loginTime; $loginInfo['lastip'] = $loginIp; if ($userArr['lastdate'] != date("Y.m.d")) { $loginInfo['integral'] = array("`integral`+1"); } $DB->query($DB->update_sql("`" . $table_member . "`", $loginInfo, "`uid`=" . $userArr['uid'])); echo "1 登录成功"; } else { echo "0 您输入的密码不正确"; } } else { echo "0 通行证账号不存在"; }
// echo "<br>varuploadfiles(3)==".$var_uploaded_files; if ($var_uploaded_files != "") { $vAttacharr = explode("|", $var_uploaded_files); foreach ($vAttacharr as $key => $value) { $split_name_url = explode("*", $value); $mime->fattach("../attachments/" . $split_name_url[0], "Attached here is " . $split_name_url[1]); } } $mime->send_mail(); } //insert into reply table $sql = "insert into sptbl_replies(nReplyId,nTicketId,nStaffId,vStaffLogin,"; $sql .= " dDate,tReply,tPvtMessage,vReplyTime,vMachineIP) values('','" . mysql_real_escape_string($var_tid) . "',"; $sql .= "'" . mysql_real_escape_string($_SESSION["sess_staffid"]) . "',"; $sql .= "'" . mysql_real_escape_string($_SESSION["sess_staffname"]) . "',now(),'" . mysql_real_escape_string($var_replymatter) . "','" . mysql_real_escape_string($var_pvtmessage) . "',"; $sql .= "'" . mysql_real_escape_string($var_timespent) . "','" . mysql_real_escape_string(getClientIP()) . "')"; executeQuery($sql, $conn); $var_insert_id = mysql_insert_id($conn); //Insert the actionlog if (logActivity()) { $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','" . $_SESSION["sess_staffid"] . "','" . TEXT_ADDITION . "','Reply','" . mysql_real_escape_string($var_insert_id) . "',now())"; executeQuery($sql, $conn); } //save attachment $sql_insert_attach = "insert into sptbl_attachments(nReplyId,vAttachReference,vAttachUrl) values"; // echo "<br>varuploadfiles(4)==".$var_uploaded_files; if ($var_uploaded_files != "") { $vAttacharr = explode("|", $var_uploaded_files); foreach ($vAttacharr as $key => $value) { $split_name_url = explode("*", $value); $sql_insert_attach .= "('{$var_insert_id}','" . mysql_real_escape_string($split_name_url[1]) . "','" . mysql_real_escape_string($split_name_url[0]) . "'),";
function login() { if ($this->Session->read('Auth.User')) { $this->User->id = $this->Session->read('Auth.User.id'); $this->User->saveField('last_login_ip', getClientIP()); $this->User->saveField('last_login_time', date('Y-m-d H:i:s')); //$this->Session->setFlash('You are logged in!'); $this->redirect('/users/profile', null, false); } }
function getClientHostnameFromIP() { return gethostbyaddr(getClientIP()); }
die("1 " . $checkname); } $passwd = stripslashes(trim($_POST['userpwd'])); $repasswd = stripslashes(trim($_POST['repwd'])); if (strlen($passwd) < 6 || strlen($passwd) > 18) { die("1 密码长度应控制在6至18个字符之间。"); } if ($passwd != $repasswd) { die("1 两次输入的密码不一致。"); } $email = strtolower(trim($_POST['useremail'])); if (strlen($email) > 45 || !emailcheck($email)) { die("1 电子邮件地址不合法。"); } $actionTime = time(); $actionIp = getClientIP(); $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname); if ($DB->fetch_one("SELECT COUNT(`bid`) FROM `" . $table_black . "` WHERE `uname`='" . $actionIp . "'") != 0) { echo "1 很抱歉,系统拒绝了您的注册!请与管理员联系。"; } else { if ($DB->fetch_one("SELECT COUNT(`uid`) FROM `" . $table_member . "` WHERE lower(`name`)='" . strtolower($uname) . "'") != 0) { echo "1 用户昵称已被占用"; } else { if ($DB->fetch_one("SELECT COUNT(`uid`) FROM `" . $table_member . "` WHERE `email` = '" . $email . "'") != 0) { echo "1 电子邮箱地址已被注册"; } else { $passport_info['name'] = $uname; $passport_info['email'] = $email; $passport_info['password'] = md5($passwd); $passport_info['securekey'] = createSecureKey(8); $passport_info['regdate'] = $actionTime;
<?php //file that has the main logic for the php and the webapp //including the nesesary things for the database connection require_once "../secure/database.php"; //include the helper functions require_once "helperFunctions.php"; //starting the session session_start(); if (isset($_POST['HomeDescription'])) { //create connection with database $conn = pg_connect(HOST . " " . DBNAME . " " . USERNAME . " " . PASSWORD) or die('Could not connect: ' . pg_last_error()); //set up varibles $description = htmlspecialchars($_POST['HomeDescription']); //updateprepare stamtnet $resultForUpdating = pg_prepare($conn, "updating", 'UPDATE lab8.user_info SET description = $1 WHERE username LIKE $2') or die("Updating prepare Fail: " . pg_last_error()); //update execute stamtnet $resultForUpdating = pg_execute($conn, "updating", array($description, $_SESSION['user'])) or die("Updating Execute fail: " . pg_last_error()); //update the log with the action that just occured $resultForlog = pg_prepare($conn, "logUpdate", "INSERT INTO lab8.log\n VALUES(DEFAULT,\$1,\$2,DEFAULT,\$3)") or die("logUpdate prepare fail: " . pg_last_error()); $resultForlog = pg_execute($conn, "logUpdate", array($_SESSION['user'], getClientIP(), "Updated Description")) or die("logupdate execute fail: " . pg_last_error()); //close all the connections pg_free_result($resultForUpdating); pg_free_result($resultForlog); pg_close($conn); }
/** * 通过接口注册通用的方法 * * @param $user_name 用户名 * @param $pwd 密码,做过base64编码 * @param $poster 海报码 * @param $realname 真实姓名 * @param $identity 身份证 * @param $email 邮箱 */ private function regCommon($user_name, $pwd, $poster = '', $realname = '', $identity = '', $email = '', $reg_from_id = 0) { // $user_name = strtolower($user_name); $ip = getClientIP(); //取站长信息 $from_id = $_COOKIE[WEBMASTER]; $game_id = $_COOKIE[AD_GAME_ID]; $type = $_COOKIE[SPREAD_TYPE]; $sub_code = $_COOKIE[SUB_CODE]; $invite = $_COOKIE[INVITE]; //调用Java接口 验证,取account_id. $regSign = md5($user_name . $pwd . REG_USER_KEY); $data = array('passport' => $user_name, 'password' => $pwd, 'ip' => $ip, 'realname' => $realname, 'idcard' => $identity, 'sign' => $regSign); $rereg = $this->get_request_file(REG_USER_URL, $data); $re_array = json_decode($rereg); if (empty($re_array) || $re_array[0]->result == 'fail') { return false; //注册失败 } $account_id = $re_array[0]->account_id; //取站长推广有效期 $period = 0; $cps_end_time = date('Y-m-d H:i:s'); $this->loadModel('member_model'); if ($type == 2) { //cps $union = $this->member_model->from('union_webmaster')->getOne('*', array('webmaster_id' => $from_id), UNION_ . $from_id, 3600 * 12); if ($union['status'] == 1) { $period = empty($union['share_month']) ? 0 : $union['share_month']; } // $period = empty($union['share_month'])?0:$union['share_month']; $cps_end_time = date('Y-m-d', strtotime("+{$period}\tmonth")); if ($game_id == 14) { //炼狱世界发卡 $this->getAndUseCard($game_id, $account_id, $user_name, $pwd, $ip); } } $week = date('N'); $hour = date('H'); $user = array('account_id' => $account_id, 'account' => $user_name, 'email' => $email, 'reg_ip' => $ip, 'reg_time' => date('Y-m-d H:i:s'), 'from_id' => empty($from_id) ? $reg_from_id : $from_id, 'game_id' => empty($game_id) ? 0 : $game_id, 'poster' => empty($poster) ? 0 : $poster, 'type' => empty($type) ? 0 : $type, 'period' => $period, 'cooper_id' => 0, 'sub_code' => empty($sub_code) ? 0 : $sub_code, 'cps_end_time' => $cps_end_time, 'week' => $week, 'hour' => $hour, 'invite' => empty($invite) ? 0 : $invite); $a = $this->member_model->from('account')->insert($user); $_SESSION['validn'] = ''; $_SESSION[SESS_USER] = $user; $crypt_key = md5($user_name . time() . ENCRYPT_KEY); $inter_pwd = md5(strtoupper(md5(base64_decode($pwd)))); $cookie_pwd = crypt_encode($inter_pwd, $crypt_key); // log_info("member :".getClientIP()."\t".var_export($_SESSION[SESS_USER],true)); setcookie(SDK, $crypt_key, time() + 3600 * 5, '/', DOMAIN); setcookie(SDU, crypt_encode($user_name, $crypt_key), time() + 3600 * 5, '/', DOMAIN); setcookie(SDP, $cookie_pwd, time() + 3600 * 5, '/', DOMAIN); //记录用户登陆 分流页用 $other = json_encode(array('msg' => 'loginSucceed', 'result' => '', 'account_id' => $account_id, 'account' => $user_name)); setcookie('servers', $other, time() + 1800, '/', '.51yx.com'); //TODO 调用广告注册 // md5 = Constants.getMD5(Constants.JAVA_TO_PHP_KEY+svalue+registerIP+userName).substring(0,16).toLowerCase(); // url = new URL(" http://c.51yx.com/client/regdata.php?cid="+svalue+"&pp="+userName+"&ip="+registerIP+"&key="+md5); // JAVA_TO_PHP_KEY = "!@#Condor)(*"; $condor_adsys_id = $_COOKIE['condor_adsys_id']; if (!empty($condor_adsys_id)) { $adsys_pub_key = "!@#Condor)(*"; $adsys_key = strtolower(substr(md5($adsys_pub_key . $condor_adsys_id . $ip . $user_name), 0, 16)); $adsys_url = "http://c.51yx.com/client/regdata.php?cid={$condor_adsys_id}&pp={$user_name}&ip={$ip}&key={$adsys_key}"; @$this->curl_request($adsys_url); } return true; }
} } if (!isset($userGroup[$loginArr['group']]['verify']) || $userGroup[$loginArr['group']]['verify'] != 0) { if (isset($_POST['verifyNum'])) { $vfNum = strtolower(trim($_POST['verifyNum'])); $vfMD5 = md5(base64_encode(md5($vfNum))); if (strlen($vfNum) != 4 || !isset($_COOKIE['replyVerify']) || $_COOKIE['replyVerify'] != $vfMD5) { $DB->close(); die("0 reply"); } } else { $DB->close(); die("0 请重新加载页面后再发布帖子"); } } $userIP = getClientIP(); if (isset($_POST['anony']) && $post_anonymous == 1 || $loginArr['state'] == 0) { $authorid = 0; if ($loginArr['state'] == 1 || empty($loginArr['name'])) { $expIP = explode(".", $userIP); $author = $expIP[0] . "." . $expIP[1] . "." . $expIP[2] . ".*"; } else { $author = $loginArr['name']; } $loginArr['group'] = 0; } $guestname = 0; if ($loginArr['state'] == 0 && $loginArr['name'] != "") { $guestname = 1; } $banSql = "SELECT COUNT(`bid`) FROM `" . $table_black . "` WHERE ";
/** * 从官网登陆游戏 */ public function index() { if (!isset($_GET[2]) || !isset($_GET[3])) { $this->report("登录参数错误!"); } $gameid = intval($_GET[2]); $serverid = intval($_GET[3]); if (!$this->is_login()) { $this->loadModel('game_manager'); // $game = $this->game_manager->get_game($gameid); $this->gotourl("http://www.263wan.com/login.html?reurl=" . urlencode("http://go.263wan.com/playgame/index/{$gameid}/{$serverid}/")); } $visitor_ip = getClientIP(); //判断用户登陆,未登陆跳转到登陆页 TODO:未完成 $user = $_SESSION[SESS_USER]; if (empty($user['account_id'])) { $this->loadModel('game_manager'); // $game = $this->game_manager->get_game($gameid); // $this->report("您还未登录,或已登陆超时!请您从官网登陆游戏!",$game['url']); $this->gotourl("http://www.263wan.com/login.html?reurl=" . urlencode("http://go.263wan.com/playgame/index/{$gameid}/{$serverid}/")); } $login_info = $this->check_game($user, $gameid, $serverid, $visitor_ip); switch ($login_info['flag']) { case 1: //无此游戏 $this->report("参数错误!"); die; break; case 2: //服务器与游戏不匹配 $this->report("参数错误!", $login_info['game_url']); die; break; case 3: //游戏维护 $this->gotourl($login_info['tip_url']); //维护时跳转到维护页 // if($login_info['game_id'] == 19){ //19:热血武林激活页! // $this->gotourl('http://hd.51yx.com/20111201/'); // }else { // $this->report("游戏正在维护,请您稍后重新登录!",$login_info['game_url']); // } die; break; case 4: //账号需要激活 if ($login_info['game_id'] == 19) { //19:热血武林激活页! $this->report("游戏测试阶段,激活账号后方可进入游戏!", "http://hd.51yx.com/20111117/"); } else { $this->report("游戏测试阶段,激活账号后方可进入游戏!", $login_info['game_url']); } die; break; case 5: //游戏未开服 $this->gotourl($login_info['noopen_url']); //维护时跳转到维护页 die; break; } $location_url = $this->play($login_info, $visitor_ip, $gameid, $serverid); $this->view->assign('login_info', $login_info); $this->view->assign('url', $location_url); $this->view->assign('skip_header', true); $this->view->assign('skip_left', true); $this->view->assign('skip_links', true); $this->view->assign('skip_footer', true); $this->view->display('game.tpl'); exit; }
/** * TrackInquiryAct::act_trackInfoEn() * 查询目的地跟踪信息 * @param string $carrier 运输方式名称 * @param string $tracknum 跟踪号 * @param string $tracklan 语言 * @return json string */ public function act_trackInfoEn() { $carrier = isset($_REQUEST['carrier']) ? post_check($_REQUEST['carrier']) : ''; $tracknum = isset($_REQUEST['tracknum']) ? post_check($_REQUEST['tracknum']) : ''; $tracklan = isset($_REQUEST['tracklan']) ? abs(intval($_REQUEST['tracklan'])) : 10000; $ip = getClientIP(); $ipNum = sprintf('%u', ip2long($ip)); if (in_array($carrier, array('美国邮政'))) { $tracklan = 10000; } if (empty($carrier)) { self::$errCode = 10000; self::$errMsg = "运输方式参数非法!"; @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:" . self::$errMsg . "\n"); return false; } if (empty($tracknum)) { self::$errCode = 10001; self::$errMsg = "跟踪号参数非法!"; @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:" . self::$errMsg . "\n"); return false; } //访问统计逻辑 $data = array(); $times = time(); $maxcount = C("USER_MAX_COUNT"); $exptime = C("USER_EXPIRES_TIME"); $res = TrackInquiryModel::showIpStat($ipNum); $stats = isset($res['count']) ? $res['count'] : 0; $exptimes = isset($res['expires']) ? $res['expires'] : 0; $data['trackInfoEn'] = array(); if ($stats > $maxcount && $exptimes > $times && !in_array($ip, array('183.233.230.2'), true)) { array_push($data['trackInfoEn'], array("postion" => "server", "event" => "{$ip}:Visits over", "trackTime" => date('Y-m-d H:i:s', time()), "stat" => 0)); @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:Visits over\n"); return $data; exit; } if (!$stats) { $res = TrackInquiryModel::updateStatInfo($ipNum, array("ip" => $ip, "count" => 1, "expires" => $times + $exptime, "ipNum" => $ipNum)); } else { if ($exptimes < $times) { $res = TrackInquiryModel::updateStatInfo($ipNum, array("ip" => $ip, "count" => 1, "expires" => $times + $exptime, "ipNum" => $ipNum)); } else { $res = TrackInquiryModel::updateStatInfo($ipNum, array("ip" => $ip, "count" => $stats + 1, "ipNum" => $ipNum)); } } //查询跟踪信息并memcache $cacheName = md5("track_number_info" . $carrier . "_" . $tracknum . "_" . $tracklan); $memc_obj = new Cache(C('CACHEGROUP')); $trackInfo = $memc_obj->get_extral($cacheName); $trackInfo = @unserialize($trackInfo); if (!empty($trackInfo['trackInfo'])) { @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:memcache success\n"); return $trackInfo; } else { $trackInfo = TrackInquiryModel::trackInfoEn($carrier, $tracknum, $tracklan); if (!in_array($trackInfo['trackInfoEn'][0]['event'], array('Time out', 'time out', 'No data', 'System Interface exceptions,Please try again!'))) { $isok = $memc_obj->set_extral($cacheName, serialize($trackInfo), 7200); if (!$isok) { self::$errCode = 0; self::$errMsg = 'memcache缓存出错!'; @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:" . self::$errMsg . "\n"); //return false; } } if (in_array($trackInfo['trackInfoEn'][0]['event'], array('Time out', 'time out'))) { @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:" . $trackInfo['trackInfo'][0]['event'] . "\n"); } if ($trackInfo['trackInfoEn'][0]['postion'] == 'No data') { @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:" . $trackInfo['trackInfo'][0]['event'] . "\n"); } if (empty($trackInfo['trackInfoEn'])) { @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:接口获取数据异常\n"); } @write_a_file(self::$logFile, date('Y-m-d H:i:s') . "=====" . $ip . "=====" . $carrier . "=====" . $tracknum . "=====" . $tracklan . "=====event:api interface success\n"); return $trackInfo; } }
$productid = $_GET["productid"]; } else { if (isset($_POST["productid"]) and $_POST["productid"] != "") { $productid = $_POST["productid"]; } } if ($productid == '') { header("Location:index.php"); exit; } /* * Impression counter by Binu Chandran.E */ $impressionFound = false; //Client IP Address $ip = getClientIP(); //Check last visit for this product from same Ip address //With in 24 hrs $imQuery = "SELECT product_impression_id\n FROM " . $tableprefix . "product_impression\n WHERE product_id = '" . mysql_real_escape_string($productid) . "'\n AND ip = '" . mysql_real_escape_string($ip) . "'\n AND ADDDATE(visited_on, INTERVAL 24 HOUR) > NOW()"; $result = mysql_query($imQuery) or die(mysql_error()); if (mysql_num_rows($result) > 0) { $imRow = mysql_fetch_object($result); if ($imRow->product_impression_id > 0) { $impressionFound = true; } } if ($impressionFound === false) { //Add new visit $imQuery = "INSERT INTO " . $tableprefix . "product_impression\n SET product_id = '" . mysql_real_escape_string($productid) . "',\n ip = '" . mysql_real_escape_string($ip) . "'"; mysql_query($imQuery) or die(mysql_error()); }
} elseif (!Sql_Table_exists($GLOBALS['tables']['config'])) { $GLOBALS['require_login'] = 0; } if (!empty($_GET['pi']) && isset($GLOBALS['plugins'][$_GET['pi']])) { $page_title = $GLOBALS['plugins'][$_GET['pi']]->pageTitle($page); } else { $page_title = $GLOBALS['I18N']->pageTitle($page); } print '<title>' . NAME . ' :: '; if (isset($GLOBALS['installation_name'])) { print $GLOBALS['installation_name'] . ' :: '; } print "{$page_title}</title>"; if (!empty($GLOBALS['require_login'])) { #bth 7.1.2015 to support x-forwarded-for $remoteAddr = getClientIP(); if ($GLOBALS['admin_auth_module'] && is_file('auth/' . $GLOBALS['admin_auth_module'])) { require_once 'auth/' . $GLOBALS['admin_auth_module']; } elseif ($GLOBALS['admin_auth_module'] && is_file($GLOBALS['admin_auth_module'])) { require_once $GLOBALS['admin_auth_module']; } else { if ($GLOBALS['admin_auth_module']) { logEvent('Warning: unable to use ' . $GLOBALS['admin_auth_module'] . ' for admin authentication, reverting back to phplist authentication'); $GLOBALS['admin_auth_module'] = 'phplist_auth.inc'; } require_once 'auth/phplist_auth.inc'; } if (class_exists('admin_auth')) { $GLOBALS['admin_auth'] = new admin_auth(); } else { print Fatal_Error($GLOBALS['I18N']->get('Admin Authentication initialisation failure'));
$qstion = $var_desc; $vAttachmentfiles = $var_uploadfiles; //$tempticketid=$row['nTpTicketId']; $priority = $var_prty; if (isValidCredentials($var_userid, $deptid, $priority)) { $var_final_flag = true; //Modification on October 3, 2005 $sql = "Select nDeptId from sptbl_depts where nDeptParent='{$deptid}'"; $rs = executeSelect($sql, $conn); if (mysql_num_rows($rs) > 0) { $var_continue_exec = false; } //End Modification if ($var_continue_exec == true) { //get ip address $varclip = getClientIP(); //insert into ticket $sql_insert_ticket = "insert into sptbl_tickets(nTicketId,nDeptId,vRefNo,nUserId,vUserName,vTitle,tQuestion,vPriority,dPostDate,vMachineIP,dLastAttempted)"; $sql_insert_ticket .= "values('','{$deptid}','1','{$var_userid}','" . mysql_real_escape_string($var_username) . "','" . mysql_real_escape_string($title) . "','"; $sql_insert_ticket .= mysql_real_escape_string($qstion) . "','{$priority}',now(),'{$varclip}',now())"; executeQuery($sql_insert_ticket, $conn); $var_insert_id = mysql_insert_id($conn); $var_ticketid = $var_insert_id; //update reference number // modified on 15-11-06 by roshith for constatnt length ref.no. // 'zero' added for 2 digit companyid if ($var_compid < 10) { $var_compid = "0" . $var_compid; } $dept_id = $deptid; // to send mail
// echo "<br>varuploadfiles(3)==".$var_uploaded_files; if ($var_uploaded_files != "") { $vAttacharr = explode("|", $var_uploaded_files); foreach ($vAttacharr as $key => $value) { $split_name_url = explode("*", $value); $mime->fattach("../attachments/" . $split_name_url[0], "Attached here is " . $split_name_url[1]); } } $mime->send_mail(); } //insert into reply table $sql = "insert into sptbl_replies(nReplyId,nTicketId,nStaffId,vStaffLogin,"; $sql .= " dDate,tReply,tPvtMessage,vReplyTime,vMachineIP) values('','" . addslashes($var_tid) . "',"; $sql .= "'" . addslashes($_SESSION["sess_staffid"]) . "',"; $sql .= "'" . addslashes($_SESSION["sess_staffname"]) . "',now(),'" . addslashes($var_replymatter) . "','" . addslashes($var_pvtmessage) . "',"; $sql .= "'" . addslashes($var_timespent) . "','" . addslashes(getClientIP()) . "')"; executeQuery($sql, $conn); $var_insert_id = mysql_insert_id($conn); //Insert the actionlog if (logActivity()) { $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','" . $_SESSION["sess_staffid"] . "','" . TEXT_ADDITION . "','Reply','" . addslashes($var_insert_id) . "',now())"; executeQuery($sql, $conn); } //save attachment $sql_insert_attach = "insert into sptbl_attachments(nReplyId,vAttachReference,vAttachUrl) values"; // echo "<br>varuploadfiles(4)==".$var_uploaded_files; if ($var_uploaded_files != "") { $vAttacharr = explode("|", $var_uploaded_files); foreach ($vAttacharr as $key => $value) { $split_name_url = explode("*", $value); $sql_insert_attach .= "('{$var_insert_id}','" . addslashes($split_name_url[1]) . "','" . addslashes($split_name_url[0]) . "'),";
/** * Check result for the last execution * * @param NULL * @return NULL */ private final function checkResult() { $this->_reset(); if (self::$conn->errorCode() != $this->successCode) { $this->success = FALSE; $error = self::$conn->errorInfo(); $traceInfo = debug_backtrace(); if (ENV == 'DEV') { Helper::raiseError($traceInfo, $error[2], $this->sql); } else { // Log error SQL and reason for debug $errorMsg = getClientIP() . ' | ' . date('Y-m-d H:i:s') . PHP_EOL; $errorMsg .= 'SQL: ' . $this->sql . PHP_EOL; $errorMsg .= 'Error: ' . $error[2] . PHP_EOL; $title = 'LINE__________FUNCTION__________FILE______________________________________' . PHP_EOL; $errorMsg .= $title; foreach ($traceInfo as $v) { $errorMsg .= $v['line']; $errorMsg .= $this->getUnderscore(10, strlen($v['line'])); $errorMsg .= $v['function']; $errorMsg .= $this->getUnderscore(20, strlen($v['function'])); $errorMsg .= $v['file'] . PHP_EOL; } file_put_contents($this->logFile, PHP_EOL . $errorMsg, FILE_APPEND); return FALSE; } } else { $this->success = TRUE; } }
print " </div>\n"; $show_upload = true; $show_success = false; // Check for upload error } else { if ($_FILES["file"]["error"] == 7) { print " <div id=\"notice\">\n"; print " <span>An error occured saving the file. Please try again.</span>\n"; print " </div>\n"; $show_upload = true; $show_success = false; // Everything is fine } else { // Generate random file ID $file_id = generate_access_id(6); $client_ip = getClientIP(); // Calculate file name $file_name = $_FILES["file"]["name"]; $name_text = $file_name; // Calculate file type $file_type = $_FILES["file"]["type"]; // Calculate file size $file_size = $_FILES["file"]["size"]; $file_size_class = new getFileSize(); $file_size_text = $file_size_class->fileSizeConversion($file_size, 'B'); // Calculate file expiry time switch ($_POST["expire_time"]) { case 1800: // 30 minutes $file_expiry = time() + 1800; $expiry_text = "in 30 minutes";