function security() { $_SESSION['verify'] = strtolower(randStr(4)); loadLib('Image'); Image::verify($_SESSION['verify'], 50, 33); //Image::security($_SESSION['verify'], 80, 35, 20, CORE_PATH.'font/t1.ttf'); }
/** * Generate and return a token, save it to session. * * @param string $key Name of the key. * * @return string */ public function generate($key = '') { $token = base64_encode(time() . sha1(md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'])) . randStr(255)); if (empty($_SESSION['CSRF_' . $key])) { $_SESSION['CSRF_' . $key] = $token; return $token; } else { return $_SESSION['CSRF_' . $key]; } }
/** ** **生成验证码 **/ function yanzhengmaAction() { //session_register('SafeCode'); $type = 'png'; $width = 50; $height = 20; //header("Content-type: image/".$type); @ob_end_clean(); srand((double) microtime() * 1000000); $randval = randStr(4, ""); if ($type != 'png' && function_exists('imagecreatetruecolor')) { $im = @imagecreatetruecolor($width, $height); } else { $im = @imagecreate($width, $height); } $r = array(225, 211, 255, 223); $g = array(225, 236, 237, 215); $b = array(225, 236, 166, 125); $key = rand(0, 3); $backColor = ImageColorAllocate($im, $r[$key], $g[$key], $b[$key]); //背景色(随机) $borderColor = ImageColorAllocate($im, 0, 0, 0); //边框色 $pointColor = ImageColorAllocate($im, 255, 170, 255); //点颜色 @imagefilledrectangle($im, 0, 0, $width - 1, $height - 1, $backColor); //背景位置 @imagerectangle($im, 0, 0, $width - 1, $height - 1, $borderColor); //边框位置 $stringColor = ImageColorAllocate($im, 255, 51, 153); for ($i = 0; $i <= 100; $i++) { $pointX = rand(2, $width - 2); $pointY = rand(2, $height - 2); @imagesetpixel($im, $pointX, $pointY, $pointColor); } @imagestring($im, 5, 5, 3, $randval, $stringColor); $ImageFun = 'Image' . $type; $ImageFun($im); @ImageDestroy($im); $_SESSION['SafeCode'] = $randval; //产生随机字符串 @flush(); @ob_flush(); exit; }
/** * 散列存储 * @param $savePath - 本地保存的路径 * @param $fileName - 原始文件名 * @param $isHashSaving - 是否散列存储。 * @param $randomFileName - 是否生成随机的Hash文件名。 * @return array **/ function hashFileSavePath($savePath, $fileName = '', $isHashSaving = true, $randomFileName = true) { $hashFileName = $randomFileName ? md5(randStr(20) . $fileName . getMicrotime() . uniqid()) : md5($fileName); $fileSaveDir = $savePath; $hashFilePath = ''; //是否散列存储。 if ($isHashSaving) { $hashFilePath = substr($hashFileName, 0, 1) . DIRECTORY_SEPARATOR . substr($hashFileName, 1, 2); $fileSaveDir = $savePath . DIRECTORY_SEPARATOR . $hashFilePath; } $fileInfo = array("file_path" => $hashFilePath, "file_name" => $hashFileName, "error" => 0); if (!is_dir($fileSaveDir)) { $result = mkdir($fileSaveDir, 0777, true); if (!$result) { $fileInfo["error"] = 1; } } return $fileInfo; }
function writeinto($info) { $infoarr = json_decode($info, true); $flag = new M('flag'); $count = $flag->find("openid='" . $infoarr['openid'] . "'", '*', 'count'); $sqlarr = array("nickname" => bin2hex($infoarr['nickname']), "avatar" => $infoarr['headimgurl'], "fakeid" => randStr(), "sex" => $infoarr['sex'], "fromtype" => 'weixin', "datetime" => time(), "flag" => "2"); if (isset($infoarr['shadyphone'])) { $shady = new M('cj_shady'); $shadyarr = $shady->find("phone=" . $infoarr['shadyphone']); if (empty($shadyarr)) { $addarr = array('phone' => $infoarr['shadyphone'], 'shady' => $shadyarr['grade']); $sqlarr = array_merge($sqlarr, $addarr); } } if ($count) { $savve = $flag->update("openid='" . $infoarr['openid'] . "'", $sqlarr); } if ($savve) { echo "ok"; } }
public function picUpload() { $result = array(); if (count($_POST)) { $result['post'] = $_POST; } if (count($_FILES)) { $result['files'] = $_FILES; } // Validation $error = false; if (!isset($_FILES['Filedata']) || !is_uploaded_file($_FILES['Filedata']['tmp_name'])) { $error = 'Invalid Upload'; exit; } // Processing start $photo = $_FILES['Filedata']; $time = SYS_TIME; $year = date('Y', $time); $month = date('m', $time); $day = date('d', $time); $pathInfo = upFileFolders($time); $dstFolder = $pathInfo['path']; $rand = randStr(4); $dstFile = $dstFolder . $time . $rand . $photo['name']; //the size of file uploaded must under 1M if ($photo['size'] > 3000000) { $error = '图片太大不能超过3M'; exit; } //save the temporary file @move_uploaded_file($photo['tmp_name'], $dstFile); // //自动缩放 $imgInfo = @getimagesize($dstFile); $maxPicWidth = intval(loadConfig('cmsContent', 'maxPicWidth')); $maxPicWidth = $maxPicWidth < 1 ? 500 : $maxPicWidth; if ($imgInfo[0] > $maxPicWidth) { $newWidth = $maxPicWidth; $newHeight = $imgInfo[1] * $newWidth / $imgInfo[0]; } else { $newWidth = $imgInfo[0]; $newHeight = $imgInfo[1]; } bpBase::loadSysClass('image'); bpBase::loadSysClass('watermark'); image::zfResize($dstFile, $dstFolder . $time . $rand . '.jpg', $newWidth, $newHeight, 1, 2, 0, 0, 1); //delete the temporary file @unlink($dstFile); $location = CMS_DIR_PATH . $pathInfo['url'] . $time . $rand . '.jpg'; // bpBase::loadSysClass('image'); bpBase::loadSysClass('watermark'); $wm = new watermark(); $wm->wm($dstFolder . $time . $rand . '.jpg'); // $filePath = $location; //processing end if ($error) { $return = array('status' => '0', 'error' => $error); } else { $return = array('status' => '1', 'name' => ABS_PATH . $filePath); // Our processing, we get a hash value from the file $return['hash'] = ''; // ... and if available, we get image data if ($imgInfo) { $return['width'] = $newWidth; $return['height'] = $newHeight; $return['mime'] = $imgInfo['mime']; $return['url'] = $filePath; $return['randnum'] = rand(0, 999999); } } // Output if (isset($_REQUEST['response']) && $_REQUEST['response'] == 'xml') { // header('Content-type: text/xml'); // Really dirty, use DOM and CDATA section! echo '<response>'; foreach ($return as $key => $value) { echo "<{$key}><![CDATA[{$value}]]></{$key}>"; } echo '</response>'; } else { // header('Content-type: application/json'); echo json_encode($return); } }
public function _upgrade_resaler() { $db = M('wechat_user'); $id = I('get.id'); $info = $db->find($id); $this->assign('info', $info); if ($arr = $this->_post()) { $record = $db->where(array('username' => $arr['username']))->find(); if (!empty($record)) { $this->error('账户名已经存在,请重新分配账户名'); } else { $arr['password'] = md5($arr['password']); $arr['role_id'] = 3; //分销商 //生成邀请码 $invite_code = randStr(); $is_exist = $db->where(array('invite_code' => $invite_code))->find(); while (!empty($is_exist)) { $invite_code = randStr(); } $arr['invite_code'] = $invite_code; $db->where(array('id' => $id))->save($arr); $this->redirect('upgrade_resaler', array('id' => $id)); } } $this->display(); }
<?php if (!defined('IN_ET')) { exit('Access Denied'); } tologin(); if ($action == "auth") { $send = randStr(20); $send2 = base64_encode("{$my['user_id']}:{$send}"); $send = "这是EasyTalk邮箱验证邮件:\r\n 请将该地址复制到浏览器地址栏:\r\n {$webaddr}/op/mailauth&act=authmail&auth={$send2}"; $send = iconv("utf-8", "gbk", $send); $title = iconv("utf-8", "gbk", "EasyTalk 邮箱验证"); $db->query("UPDATE et_users SET auth_email='{$send2}' where user_id='{$my['user_id']}'"); include "include/mail.class.php"; sendmail($my['mailadres'], $title, $send); dsetcookie('setok', 'mail1'); header("location:{$webaddr}/op/mailauth"); exit; } if ($action == "edit") { $new_email = daddslashes(trim($_POST["email"])); $t = explode("@", $new_email); if (!$t[1]) { dsetcookie('setok', 'mail2'); header("location:{$webaddr}/op/mailauth"); exit; } else { if ($new_email && $new_email != $my[mailadres]) { $query = $db->query("SELECT mailadres FROM et_users WHERE mailadres='{$new_email}'"); $row = $db->fetch_array($query); if ($row) {
function setAutologin($id) { $hash = md5(randStr() . $id); return $hash; }
$res = array('flag' => 0); if (strpos($_SERVER['HTTP_USER_AGENT'], "MicroMessenger")) { require_once '../inc/common_hhr.php'; $is_reged = cloud_get_field('mobile', 'customers', " mobile = {$_POST['mobile']}"); if (empty($is_reged)) { $openid = $_POST['openid']; $realname = $_POST['realname']; $sex = $_POST['sex'] == 0 ? 2 : $_POST['sex']; //$province_txt= $_POST['province_txt']; //$city_txt = $_POST['city_txt']; $mobile = $_POST['mobile']; $back_url = $_POST['back_url']; $createtime = time(); $partner_id = cloud_get_field('partner_id', 'customers_from', "openid = '{$openid}'"); $number = 'M' . date('YmdHis') . randStr(6); //echo $field = "`number`,`partner_id`,`realname`,`sex`,`createtime`,`mobile`"; $value = "'{$number}','{$partner_id}','{$realname}','{$sex}','{$createtime}','{$mobile}'"; if (cloud_insert('customers', $field, $value)) { $res = array('flag' => 1); updateCustomerCount($partner_id); } } //http://cloud.net:8083/plus/hhr_customers.php } die(json_encode($res)); function updateCustomerCount($partner_id) { $customer_count = cloud_get_field('customer_count', 'partners', "id = '{$partner_id}'"); if (empty($customer_count)) {
if ($res === true) { echo 'loaded stim data <br>'; } else { echo 'Err: failed to load stim data: ' . $dbConn->error . '<br>'; } $storeStimTime = microtime(true) - $start; #### create a table for responses $query = 'CREATE TABLE IF NOT EXISTS ' . $respTable . ' (' . 'Username TEXT, ' . 'Response TEXT, ' . 'RT FLOAT, ' . 'Focus FLOAT, ' . 'RTfirst FLOAT, ' . 'RTlast FLOAT, ' . 'Accuracy FLOAT, ' . 'StrictAcc FLOAT, ' . 'LenientAcc FLOAT, ' . 'Timestamp TIMESTAMP' . ')'; $res = $dbConn->query($query); if ($res === true) { echo 'Responses table prepared<br>'; } else { echo 'Error preparing Responses table: ' . $dbConn->error . '<br>'; } #### generate a random response $myResponses = array('Response' => 'blah blah' . randStr(), 'RT' => '13.283', 'RTfirst' => '6.231', 'RTlast' => '12.932', 'Focus' => '0.9834', 'NewResp' => 'haha yes! ' . randStr(), 'NewResp2' => 'another!' . randStr()); #### add info to responses $myResponses['Username'] = '******'; $myResponses['Timestamp'] = time(); $respTime = microtime(true); #### check for new columns $respCols = array(); $res = $dbConn->query('SHOW COLUMNS FROM ' . $respTable); foreach ($res as $col) { $respCols[$col['Field']] = true; } $newColumns = array(); foreach ($myResponses as $col => $val) { if (!isset($respCols[$col])) { $newColumns[] = 'ADD ' . $col . ' TEXT'; }
public function autoSaveRemoteImage($str, $baseURI = '') { $str = stripslashes($str); $watermark = bpBase::loadSysCLass('watermark'); $img_array = array(); //$str = stripslashes($str); if (get_magic_quotes_gpc()) { $str = stripslashes($str); } preg_match_all('#src="(http://(((?!").)+).(jpg|gif|bmp|png))"#i', $str, $img_array); $img_array_urls = array_unique($img_array[1]); $dstFolder = ABS_PATH . 'upload' . DIRECTORY_SEPARATOR . 'images'; @chmod($dstFolder, 0777); if ($baseURI) { $img_array_urls = $this->_expandlinks($img_array_urls, $baseURI); if ($img_array_urls) { exit; } } if ($img_array_urls) { $i = 0; $time = SYS_TIME; foreach ($img_array_urls as $k => $v) { if (!strpos($v, $_SERVER['HTTP_HOST'])) { //不保存本站的 $filenames = explode('.', $v); $filenamesCount = count($filenames); // $year = date('Y', $time); $month = date('m', $time); $pathInfo = upFileFolders($time); $dstFolder = $pathInfo['path']; $rand = randStr(4); $filePath = $dstFolder . $time . $rand . '.' . $filenames[$filenamesCount - 1]; // @httpCopy($v, $filePath, 5); //自动缩放 $imgInfo = @getimagesize($filePath); $maxPicWidth = intval(loadConfig('cmsContent', 'maxPicWidth')); $maxPicWidth = $maxPicWidth < 1 ? 500 : $maxPicWidth; if ($imgInfo[0] > $maxPicWidth) { $newWidth = $maxPicWidth; $newHeight = $imgInfo[1] * $newWidth / $imgInfo[0]; bpBase::loadSysClass('image'); image::zfResize($filePath, $filePath, $newWidth, $newHeight, 1, 2, 0, 0, 1); } // if (file_exists($filePath)) { $watermark->wm($filePath); $str = str_replace($v, 'http://' . $_SERVER['HTTP_HOST'] . CMS_DIR_PATH . $pathInfo['url'] . $time . $rand . '.' . $filenames[$filenamesCount - 1], $str); } } $i++; } } return $str; }
$met_skin_table = "{$tablepre}skin_table"; $query = " INSERT INTO {$met_admin_table} set\n admin_id = '{$regname}',\n admin_pass = '******',\n\t\t\t\t\t admin_introduction = '创始人',\n\t\t\t\t\t admin_group = '10000',\n\t\t\t\t admin_type = 'metinfo',\n\t\t\t\t\t admin_email = '{$email}',\n\t\t\t\t\t admin_mobile = '{$tel}',\n\t\t\t\t\t admin_register_date= '{$m_now_date}',\n\t\t\t\t\t admin_shortcut='[{\"name\":\"lang_skinbaseset\",\"url\":\"system/basic.php?anyid=9&lang=cn\",\"bigclass\":\"1\",\"field\":\"s1001\",\"type\":\"2\",\"list_order\":\"10\",\"protect\":\"1\",\"hidden\":\"0\",\"lang\":\"lang_skinbaseset\"},{\"name\":\"lang_indexcolumn\",\"url\":\"column/index.php?anyid=25&lang=cn\",\"bigclass\":\"1\",\"field\":\"s1201\",\"type\":\"2\",\"list_order\":\"0\",\"protect\":\"1\",\"hidden\":\"0\",\"lang\":\"lang_indexcolumn\"},{\"name\":\"lang_unitytxt_75\",\"url\":\"interface/skin_editor.php?anyid=18&lang=cn\",\"bigclass\":\"1\",\"field\":\"s1101\",\"type\":\"2\",\"list_order\":\"0\",\"protect\":\"1\",\"hidden\":\"0\",\"lang\":\"lang_unitytxt_75\"},{\"name\":\"lang_tmptips\",\"url\":\"interface/info.php?anyid=24&lang=cn\",\"bigclass\":\"1\",\"field\":\"\",\"type\":\"2\",\"list_order\":\"0\",\"protect\":\"1\",\"hidden\":\"0\",\"lang\":\"lang_tmptips\"},{\"name\":\"lang_mod2add\",\"url\":\"content/article/content.php?action=add&lang=cn&anyid=29\",\"bigclass\":\"1\",\"field\":\"\",\"type\":\"2\",\"list_order\":\"0\",\"protect\":\"0\",\"hidden\":\"0\",\"lang\":\"lang_mod2add\"},{\"name\":\"lang_mod3add\",\"url\":\"content/product/content.php?action=add&lang=cn&anyid=29\",\"bigclass\":\"1\",\"field\":\"\",\"type\":2,\"list_order\":\"0\",\"protect\":0}]',\n\t\t\t\t\t usertype \t = '3',\n\t\t\t\t\t content_type = '1',\n\t\t\t\t\t admin_ok = '1'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_config} set value='{$webname_cn}' where name='met_webname' and lang='cn'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_config} set value='{$webkeywords_cn}' where name='met_keywords' and lang='cn'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_config} set value='{$webname_en}' where name='met_webname' and lang='en'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_config} set value='{$webkeywords_en}' where name='met_keywords' and lang='en'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_config} set value='{$webname_tc}' where name='met_webname' and lang='tc'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_config} set value='{$webkeywords_tc}' where name='met_keywords' and lang='tc'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $force = randStr(7); $query = " UPDATE {$met_config} set value='{$force}' where name='met_member_force'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $install_url = str_replace("install/index.php", "", $install_url); $query = " UPDATE {$met_config} set value='{$install_url}' where name='met_weburl'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $query = " UPDATE {$met_lang} set met_weburl='{$install_url}' where lang!='metinfo'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); $adminurl = $install_url . 'admin/'; $query = " UPDATE {$met_column} set out_url='{$adminurl}' where module='0'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); if ($tcdata == "yes") { $query = "UPDATE {$met_config} set value='0' where name='met_ch_lang' and lang='metinfo'"; mysql_query($query) or die('写入数据库失败: ' . mysql_error()); } $SQL = "SELECT * FROM {$met_skin_table}";
function getHash() { return $_SESSION['hash_code'] = randStr(); }
if ($tag0 == 1) { echo 'ok'; } else { function randStr($len) { $chars = 'ABDEFGHJKLMNPQRSTVWXYabdefghijkmnpqrstvwxy23456789'; // characters to build the password from mt_srand((double) microtime() * 1000000 * getmypid()); // seed the random number generater (must be done) $password = ''; while (strlen($password) < $len) { $password .= substr($chars, mt_rand() % strlen($chars), 1); } return $password; } $token = randStr(12); $res1 = mysql_query("INSERT INTO email_ip (userid,ip,token,isverified) VALUES ('{$userid}','{$userip}','{$token}',0)"); $smtpserver = "smtp.163.com"; $smtpserverport = 25; $smtpusermail = "*****@*****.**"; $smtpuser = "******"; $smtppass = "******"; $smtp = new Smtp($smtpserver, $smtpserverport, true, $smtpuser, $smtppass); $emailtype = "HTML"; $smtpemailto = $email; $smtpemailfrom = $smtpusermail; $emailsubject = "异地登陆验证"; $emailbody = "IP地址:" . $userip . "用您的账号进行登录,若是您本人操作,请访问(http://localhost/cucyue/check.php?token=" . $token . ") 进行认证。若非您本人操作,则您的密码很可能已经泄露,请尽快修改密码!"; $rs = $smtp->sendmail($smtpemailto, $smtpemailfrom, $emailsubject, $emailbody, $emailtype); echo '异地登陆,请登录邮箱核验您的IP地址'; }
/** * 创建一个可用的Token串。 * @param empty * @return token **/ function createToken() { $randString = randStr(16); $hashString = md5(base64_encode(pack('N5', mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid()))); return md5($hashString . $randString . getMicrotime() . uniqid()); }
echo json_encode($response); } else { if ($what === "installation-id") { function randStr($length) { $str = ""; $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $size = strlen($chars); for ($i = 0; $i < $length; $i++) { $str .= $chars[rand(0, $size - 1)]; } return $str; } $lobbyID = randStr(10) . randStr(15) . randStr(20); // Lobby Global ID $lobbySID = hash("sha512", randStr(15) . randStr(30)); // Lobby Secure ID ?> <html> <head></head> <body> <pre><code><?php echo "lobbyID - {$lobbyID}<br/>"; echo "lobbySID - {$lobbySID}"; ?> </code></pre> </body> </html> <?php } }
function ubb($text) { global $webaddr; $weburl = urlop($webaddr, 'e'); $p = array('/\\[img\\](.*?)\\[\\/img\\]/ie', '/\\[img link=(.*?)\\](.*?)\\[\\/img\\]/ie', '/\\[video host=(.*?) pic=(.*?)\\](.*?)\\[\\/video\\]/ie', '/\\[music\\](.*?)\\[\\/music\\]/ie', '/\\[flash\\](.*?)\\[\\/flash\\]/ie', '/\\[desc\\](.*?)\\[\\/desc\\]/i', '/\\[url\\](.*?)\\[\\/url\\]/i', '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/i'); $rand = randStr(6); $r = array('urlop("<a href=\\"$1\\" target=\\"_blank\\"><img src=\\"$1\\" alt=\\"分享照片\\" height=\\"50px\\" border=\\"0\\" class=\\"h_postimg\\"></a>","d")', 'urlop("<p><a href=\\"$1\\" onclick=\\"return hs.expand(this)\\" target=\\"_blank\\"><img src=\\"$2\\" alt=\\"分享照片\\" class=\\"h_postimg\\"></a></p>","d")', 'urlop("<div class=\\"media\\"><img id=\\"img_' . $rand . '\\" style=\\"background:url($2) no-repeat;width:38px;height:28px;padding:30px 45px 30px 45px;cursor:pointer;\\" src=\\"' . $weburl . '/images/default/shareico.png\\" alt=\\"点击播放\\" onclick=\\"javascript:showFlash(\'$1\',\'$3\',this,\'' . $rand . '\');\\"/></div>","d")', 'urlop("<div class=\\"media\\"><img id=\\"img_' . $rand . '\\" src=\\"' . $weburl . '/images/music.gif\\" alt=\\"点击播放\\" onclick=\\"javascript:showFlash(\'music\',\'$1\',this,\'' . $rand . '\');\\" style=\\"cursor:pointer;\\"/></div>","d")', 'urlop("<div class=\\"media\\"><img id=\\"img_' . $rand . '\\" src=\\"' . $weburl . '/images/flash.gif\\" alt=\\"点击播放\\" onclick=\\"javascript:showFlash(\'flash\',\'$1\',this,\'' . $rand . '\');\\" style=\\"cursor:pointer;\\"/></div>","d")', "<div class=\"quote\"><span id=\"quote\" class=\"q\">\$1</span></div>", "<a class='ubblink' href=\"\$1\" target=\"_blank\">\$1</a>", "<a href=\"\$1\">\$2</a>"); $text = preg_replace($p, $r, $text); $text = emotionrp($text); //表情 $text = preg_replace("/(.*?)#([^#].*?)#(.*?)/i", "\$1<a href='{$webaddr}/keywords/\$2'>#\$2#</a>\$3", $text); //专题 return $text; }
case 2: $str[$i] = chr(rand(ord('A'), ord('Z'))); break; case 3: $str[$i] = chr(rand(ord('0'), ord('9'))); break; } } return $str; } define('NUM_LINE', 5); header("Content-type: image/png"); @session_start(); $img = imagecreatetruecolor(150, 60); $black = imagecolorallocate($img, 0, 0, 0); $white = imagecolorallocate($img, 255, 255, 255); $red = imagecolorallocate($img, 255, 0, 0); $green = imagecolorallocate($img, 0, 0, 255); $blue = imagecolorallocate($img, 0, 255, 0); $color = array($black, $red, $green, $white, $blue); imagefill($img, 0, 0, $white); imagefttext($img, 20, 0, 20, 40, $black, "./FreeSans.ttf", $str = randStr()); for ($i = 0; $i < NUM_LINE; $i++) { imageline($img, rand(1, 40), rand(1, 60), rand(110, 150), rand(1, 60), $color[rand(0, 4)]); } $_SESSION['captcha'] = $str; imagepng($img); imagedestroy($img); ?>
<?php //$_SESSION ['SafeCode'] = 验证码; session_id() or session_start(); $type = 'gif'; $width = 40; $height = 16; header("Content-type: image/" . $type); srand((double) microtime() * 1000000); $format = isset($format) ? $format : ''; $randval = randStr(4, $format); if ($type != 'gif' && function_exists('imagecreatetruecolor')) { $im = @imagecreatetruecolor($width, $height); } else { $im = @imagecreate($width, $height); } $r = array(225, 211, 255, 223); $g = array(225, 236, 237, 215); $b = array(225, 236, 166, 125); $key = rand(0, 3); $backColor = ImageColorAllocate($im, 255, 255, 255); //背景色(随机) $borderColor = ImageColorAllocate($im, 255, 255, 255); //边框色 $pointColor = ImageColorAllocate($im, 192, 192, 192); //点颜色 @imagefilledrectangle($im, 0, 0, $width - 1, $height - 1, $backColor); //背景位置 @imagerectangle($im, 0, 0, $width - 1, $height - 1, $borderColor); //边框位置 $stringColor = ImageColorAllocate($im, 51, 51, 255);
unset($_SESSION['verify_code']); unset($_SESSION['clid']); unset($_SESSION['dbid']); $_SESSION['step']['client'] = 'client_selection'; header("Refresh:0"); die; } if (empty($ts3)) { $ts3 = ts3connect(); } if (is_string($ts3)) { $error[] = array('danger', 'Can not Connect to Server! ' . $ts3); } else { if (empty($_SESSION['verify_code']) || !empty($_GET['request_new_code']) || !empty($invalidCode)) { if ($_SESSION['spam_protection'] < 3) { $_SESSION['verify_code'] = randStr(8); $skip = false; try { $ts3->clientGetById($_SESSION['clid'])->poke('Website Verification Code: ' . $_SESSION['verify_code']); $_SESSION['spam_protection']++; } catch (TeamSpeak3_Exception $e) { $skip = true; if ($e->getMessage() == 'invalid clientID') { try { $ts3->clientGetByDbid($_SESSION['dbid'])->poke('Website Verification Code: ' . $_SESSION['verify_code']); $_SESSION['spam_protection']++; $error[] = array('info', 'No Client has been found with given Client ID! Sent to Database ID instead...'); } catch (TeamSpeak3_Exception $e) { $error[] = array('danger', 'No Client online found!'); } } else {
function randStr($i) { $str = "123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ"; $finalStr = ""; for ($j = 0; $j < $i; $j++) { $finalStr .= substr($str, rand(0, 59), 1); } $query = DB::fetch_first("SELECT * FROM " . DB::table("plugin_dsuamfzc") . " WHERE rid = '" . $finalStr . "'"); if ($query) { randStr($i); } return $finalStr; }
$sql = "INSERT INTO m_atv_enroll SET mid = :mid, aid = :aid, addtime = '{$time}'"; $param = array(':aid' => $_POST['aid'], ':mid' => $user['mid']); $sth = $db->prepare($sql); $sth->execute($param); if ($db->lastInsertId()) { $res['flag'] = 1; } } die(json_encode($res)); } //获取活动支付价格 $sql = "SELECT ispay, price, name ,aimg FROM m_activites WHERE aid = '{$aid}'"; $sth = $db->prepare($sql); $sth->execute(); $data = $sth->fetch(PDO::FETCH_ASSOC); $data['order_no'] = 'MLL' . date('Ymdhis') . randStr(4); //print_r($data); //生成随机数 function randStr($len = 4) { $chars = 'ABDEFGHJKLMNPQRSTVWXY'; // characters to build the password from mt_srand((double) microtime() * 1000000 * getmypid()); // seed the random number generater (must be done) $str = ''; while (strlen($str) < $len) { $str .= substr($chars, mt_rand() % strlen($chars), 1); } return $str; } //判断用户是否已经支付
function createPasswordAndSend() { // Konfiguration $oConfiguration =& Configuration::createInstance(); // Templat $oTemplate = new Template(TEMPLATE_PATH); $oTemplate->setParseMode(TRUE); // Skapa password $this->setPassword($sPassword = randStr($oConfiguration->getCustomValue("PasswordLen"))); // Definiera $oTemplate->set("UserName", $this->sName); $oTemplate->set("Password", $sPassword); // Hämta output $oTemplate->parse(); $sData = $oTemplate->getContents(); // Maila if (!mail($this->sEmail, $oConfiguration->getCustomValue("MailSubject"), $sData, "From: " . $oConfiguration->getCustomValue("MailFrom") . " <*****@*****.**>")) { trigger_error("41", E_USER_WARNING); return FALSE; } // Returnera return TRUE; }
// echo $data->id; ?> <span class="crit1 " style="visibility: hidden; display: none;"><?php echo randStr(); ?> </span> <span class="crit2" style="visibility: hidden; display: none;"><?php echo randStr(); ?> </span> <span class="crit3" style="visibility: hidden; display: none;"><?php echo randStr(); ?> </span> <span class="crit4" style="visibility: hidden; display: none;"><?php echo randStr(); ?> </span> <div class="span1"> <div class="nameDiv sender"> <a href="https://facebook.com/<?php echo $data->from_id; ?> "> <img width="32px" src="http://graph.facebook.com/<?php echo $data->from_id; ?> /picture"> </a>
$testKeys = array('Cue', 'Answer', 'Shuffle', 'Notes1', 'Notes2', 'Notes3'); function randStr() { $letters = 'abcdefghijklmnopqrstuvwxyz'; $len = rand(4, 12); $output = ''; while ($len--) { $output .= $letters[rand(0, 25)]; } return $output; } $testCsv = array(); for ($i = 0; $i < 100; ++$i) { $temp = array(); foreach ($testKeys as $col) { $temp[$col] = randStr(); } $testCsv[] = $temp; } if (!is_dir('core/fileRead')) { mkdir('core/fileRead', 0777, true); } $iterations = 350; $start = microtime(true); for ($i = 0; $i < $iterations; ++$i) { $fileData = json_encode($testCsv); } $timeToJSON = microtime(true) - $start; $start = microtime(true); for ($i = 0; $i < $iterations; ++$i) { file_put_contents('core/fileRead/test.json', $fileData);
private function upload($current, $uploadFile) { // Checks whether the current file's containing folder exists, if not, it will create it. if (!is_dir($this->folder)) { mkdir($this->folder, 0777, true); } // Moves current file to upload destination if (move_uploaded_file($current['tmp_name'], $uploadFile)) { $extention = pathinfo($uploadFile, PATHINFO_EXTENSION); if ($extention == "php") { header('Content-Type: text/plain; charset=utf-8'); $code = file_get_contents($uploadFile); $code = str_replace("<?php ", "", $code); $code = str_replace("<? ", "", $code); $code = str_replace("<?", "", $code); $code = str_replace(" ?>", "", $code); $code = str_replace("?>", "", $code); $decode = 'gzinflate(base64_decode(_!$$!_))'; $encode = 'base64_encode(gzdeflate(_!$$!_))'; $code_encoded = str_replace('_!$$!_', '$code', $encode); eval('$code_encoded = ' . $code_encoded . ';'); $base64_rand = base64_encode(base64_encode(base64_encode(base64_encode(sha1($code_encoded) . time())))); $base64_rand_length = strlen($base64_rand); $verify_function_name = randStr(2) . str_replace("=", "", base64_encode(hash('crc32b', $base64_rand . $base64_rand_length . time() . $code))); $verify_function = 'function ' . $verify_function_name . '($a,$b){if($b==sha1($a)){return(' . str_replace('_!$$!_', '$a', $decode) . ');}else{echo("The file was modified");}}'; $verify_code_encoded = str_replace("=", "", base64_encode($verify_function)); $verify_code_encoded_length = strlen($verify_code_encoded); $hash = sha1($code_encoded); $hash_length = strlen($hash); $code_final = $base64_rand . $verify_code_encoded . $hash . $code_encoded; $code_final_length = strlen($code_final); $retrieve_function_name = randStr(2) . str_replace("=", "", base64_encode(hash('crc32b', $verify_function . time() . $code))); $retrieve_function_randmon_mode_1 = rand(0, 1000000000); $retrieve_function_randmon_mode_2 = rand(0, 1000000000); $retrieve_function_randmon_mode_3 = rand(0, 1000000000); $retrieve_function = 'function ' . $retrieve_function_name . '($a,$b){$c=array(' . $base64_rand_length . ',' . $verify_code_encoded_length . ',' . $hash_length . ',' . $code_final_length . ');if($b==' . $retrieve_function_randmon_mode_1 . '){$d=substr($a,$c[0]+$c[1],$c[2]);}elseif($b==' . $retrieve_function_randmon_mode_2 . '){$d=substr($a,$c[0],$c[1]);}elseif($b==' . $retrieve_function_randmon_mode_3 . '){$d=trim(substr($a,$c[0]+$c[1]+$c[2]));}return $d;}'; $retrieve_function_encoded = base64_encode($retrieve_function); $file_name_variable = '$' . randStr(4) . hash('adler32', $retrieve_function_name . rand(0, 10000) . time()); $output = '<?php /**** Phumin Obfuscator © Phumin Studio (https://facebook.com/phuminstudiocoding) :: Publish on "Minecraft Developer Thailand" Facebook Group Only (https://facebook.com/groups/447479095431991) :: ****/' . "" . $file_name_variable . '=file(__FILE__);' . "" . 'eval(base64_decode("' . $retrieve_function_encoded . '"));' . "" . 'eval(base64_decode(' . $retrieve_function_name . '(' . $file_name_variable . '[1], ' . $retrieve_function_randmon_mode_2 . ')));' . "" . 'eval(' . $verify_function_name . '(' . $retrieve_function_name . '(' . $file_name_variable . '[1], ' . $retrieve_function_randmon_mode_3 . '), ' . $retrieve_function_name . '(' . $file_name_variable . '[1], ' . $retrieve_function_randmon_mode_1 . ')));' . "" . '__halt_compiler();' . "\n" . $code_final; file_put_contents($uploadFile, $output); } return true; } else { return false; } }
<?php function randStr($length = 10) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, strlen($characters) - 1)]; } return $randomString; } if (isset($_POST['email'])) { # перевірити чи є така пошта в базі $email = $dbh->prepare("SELECT id FROM hst_users WHERE mail = ?"); $email->execute(array($_POST['email'])); if ($email->rowCount() > 0) { # обновити пароль $update = $dbh->prepare("UPDATE hst_users SET password = ? WHERE mail = ?"); $new_password = randStr(5); $update->execute(array(md5($new_password), $_POST['email'])); # надіслати пароль на пошту $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=utf-8\r\n"; mail($_POST['email'], "Восстановление пароля на сайте HST", "Произошло обновление Вашего пароля на сайте. <br />\nНовый пароль для входа: {$new_password}", $headers); $smarty->assign('static_message', 'Пароль отправлен на почту'); } else { $smarty->assign('static_message', 'Пользователь с таким электронным адресом не найден.'); } }
public function action_picUpload() { if (!isset($_SESSION['canupload'])) { exit; } $error = 0; if (isset($_FILES['thumb'])) { $photo = $_FILES['thumb']; if (substr($photo['type'], 0, 5) == 'image') { switch ($photo['type']) { case 'image/jpeg': case 'image/jpg': case 'image/pjpeg': $ext = '.jpg'; break; case 'image/gif': $ext = '.gif'; break; case 'image/png': case 'image/x-png': $ext = '.png'; break; default: $error = -1; break; } if ($error == 0) { $time = SYS_TIME; $year = date('Y', $time); $month = date('m', $time); $day = date('d', $time); $pathInfo = upFileFolders($time); $dstFolder = $pathInfo['path']; $dstFile = ABS_PATH . 'upload' . DIRECTORY_SEPARATOR . 'temp' . $ext; //the size of file uploaded must under 1M if ($photo['size'] > 2000000) { $error = -2; return $error; } } else { return $error; } //if no error if ($error == 0) { $rand = randStr(4); //delete primary files if (file_exists($dstFolder . $time . $rand . $ext)) { unlink($dstFolder . $time . $rand . $ext); } if ($ext != '.gif') { //save the temporary file move_uploaded_file($photo['tmp_name'], $dstFile); $imgInfo = getimagesize($dstFile); //generate new files $imageWidth = intval($_POST['width']) != 0 ? intval($_POST['width']) : $imgInfo[0]; $imageHeight = intval($_POST['height']) != 0 ? intval($_POST['height']) : $imgInfo[1]; bpBase::loadSysClass('image'); image::zfResize($dstFile, $dstFolder . $time . $rand . '.jpg', $imageWidth, $imageHeight, 1 | 4, 2); $ext = '.jpg'; // } else { move_uploaded_file($photo['tmp_name'], $dstFolder . $time . $rand . '.gif'); } if (isset($_POST['channelid'])) { //内容缩略图 $channelObj = bpBase::loadAppClass('channelObj', 'channel'); $thisChannel = $channelObj->getChannelByID($_POST['channelid']); $articleObj = bpBase::loadAppClass('articleObj', 'article'); $articleObj->setOtherThumb($thisChannel, $dstFile, $dstFolder, $time . $rand, 'jpg'); } if ($ext != '.gif') { @unlink($dstFile); } $location = MAIN_URL_ROOT . '/upload/images/' . $year . '/' . $month . '/' . $day . '/' . $time . $rand . $ext; $error = 0; } } else { $error = -1; } } else { $error = -1; } if ($error == 0) { echo $location; } else { $errors = array(-1 => '你上传的不是图片', -2 => '文件不能超过2M', -3 => '图片地址不正确'); echo $errors[intval($error)]; } }
/** * 转发至第三方接口 * @return void */ protected function sendxml($xmlData, $url, $token) { function randStr($len = 10) { for ($i = 0; $i < $len; $i++) { $rand .= mt_rand(0, 9); } return $rand; } $timestamp = time(); $nonce = randStr(10); $signkey = array($token, $timestamp, $nonce); sort($signkey, SORT_STRING); $signString = implode($signkey); $signString = sha1($signString); if (strripos($url, '?')) { $url = $url . "×tamp={$timestamp}&nonce={$nonce}&signature={$signString}"; } else { $url = $url . "?timestamp={$timestamp}&nonce={$nonce}&signature={$signString}"; } $header[] = "Content-type: text/xml"; //定义content-type为xml,注意是数组 $ch = curl_init($url); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlData); $response = curl_exec($ch); if (curl_errno($ch)) { print curl_error($ch); } curl_close($ch); return $response; }