public function user() { $winduser = $this->GetCookie('winduser'); if ($winduser) { list($winduid, $windpwd, ) = explode("\t", $this->StrCode($winduser, 'DECODE')); } if (isset($winduid) && is_numeric($winduid) && strlen($windpwd) >= 16) { Doo::db()->reconnect('pw8'); $query = "SELECT m.uid,m.username,m.password,m.icon,m.gender as sex,md.onlineip FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid WHERE m.uid='{$winduid}'"; $query = str_replace('pw_', $this->tablepre, $query); $user = Lua::get_one($query); $onlineip = $this->clientIP(); if (strpos($user['onlineip'], $onlineip) === false) { $iparray = explode(".", $onlineip); if (strpos($user['onlineip'], $iparray[0] . '.' . $iparray[1]) === false) { return array(); } } else { if (empty($user)) { return array(); } else { if ($this->PwdCode($user['password']) != $windpwd) { unset($user); return array(); } else { unset($user['password']); return $user; } } } Doo::db()->reconnect('dev'); } }
public function user() { $_DCOOKIE = array(); $this->cookiepre = $this->cookiepre . substr(md5($this->cookiepath . '|' . $this->cookiedomain), 0, 4) . '_'; $prelength = strlen($this->cookiepre); foreach ($_COOKIE as $key => $val) { if (substr($key, 0, $prelength) == $this->cookiepre) { $_DCOOKIE[substr($key, $prelength)] = Lua::clean($val); } } unset($prelength); if (isset($_DCOOKIE['auth'])) { $authkey = md5($this->authkey . $_SERVER['HTTP_USER_AGENT']); $auth = Lua::clean(explode("\t", $this->authcode($_DCOOKIE['auth'], 'DECODE', $authkey))); list($discuz_pw, $discuz_uid) = empty($auth) || count($auth) < 2 ? array('', '') : $auth; if ($discuz_uid) { Doo::db()->reconnect('X15'); $query = "select u.uid,u.username,u.password,p.gender from pre_common_member u left join pre_common_member_profile p on p.uid=u.uid where u.uid='{$discuz_uid}'"; $query = str_replace('pre_', $this->tablepre, $query); $user = Lua::get_one($query); Doo::db()->reconnect('dev'); if (!empty($user) && $user['password'] == $discuz_pw) { unset($user['password']); return $user; } } } return array(); }
public function beforeRun($resource, $action) { $this->dir = ADMIN_ROOT . '/moban/'; $this->img = '/' . ADMIN_ROOT . '/static/'; $session = Doo::session('Lua'); $auth = $session->get('auth'); if (empty($auth)) { $sets = Doo::cache('php')->get('loginset'); if ($sets && $sets['cardit'] == 1) { $xxxx = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J'); $nums = range(1, 9); shuffle($xxxx); shuffle($nums); $aaaa = $xxxx[0] . $nums[0]; $bbbb = $xxxx[1] . $nums[1]; $session->cardcode = $aaaa . '@' . $bbbb; } include Lua::display('login', $this->dir); exit; } $auth = empty($auth) ? array(0, '') : Lua::clean(explode("\t", Lua::authcode($auth, 'DECODE')), 1); $user = Lua::get_one("select * from lua_admin where uid='" . intval($auth[0]) . "' and password='******' and gid='1'"); if (empty($user) || $user && $this->clientIP() != $user['loginip']) { $session->auth = ''; Lua::admin_msg('操作提示', '请先登录', '/' . ADMIN_ROOT); } $rs = $this->acl()->process($user['perm'], $resource, $action); if ($rs) { return $rs; } $this->user = $user; $this->page = Lua::get_post('p') ? intval(Lua::get_post('p')) : 1; // 图片识别码, 借鉴自 supesite define('FILE_HASH', substr(md5($user['uid'] . '/' . time() . Lua::random(6)), 8, 16)); }
public function user() { $_DCOOKIE = array(); $prelength = strlen($this->cookiepre); foreach ($_COOKIE as $key => $val) { if (substr($key, 0, $prelength) == $this->cookiepre) { $_DCOOKIE[substr($key, $prelength)] = Lua::clean($val); } } unset($prelength); $discuz_auth_key = md5($this->authkey . $_SERVER['HTTP_USER_AGENT']); list($discuz_pw, $discuz_secques, $discuz_uid) = isset($_DCOOKIE['auth']) ? Lua::clean(explode("\t", $this->authcode($_DCOOKIE['auth'], 'DECODE', $discuz_auth_key)), 1) : array('', '', 0); $discuz_uid = intval($discuz_uid); Doo::db()->reconnect('dz7'); $query = "select m.uid,m.username,m.password,m.gender as sex,mf.avatar as icon from cdb_members m left join cdb_memberfields mf on mf.uid=m.uid where m.uid='{$discuz_uid}'"; $query = str_replace('cdb_', $this->tablepre, $query); $user = Lua::get_one($query); Doo::db()->reconnect('dev'); if ($user && $discuz_pw == $user['password']) { unset($user['password']); $user['hash'] = substr(md5(substr(TIMESTAMP, 0, -7) . iconv('utf-8', 'gbk', $user['username']) . $discuz_uid . $discuz_pw . $discuz_auth_key), 8, 8); return $user; } return array(); }
public function logout() { $session = Doo::session('Lua'); $auth = $session->get('auth'); $auth = empty($auth) ? array(0, '') : Lua::clean(explode("\t", Lua::authcode($auth, 'DECODE')), 1); $user = Lua::get_one("select * from lua_admin where uid='" . intval($auth[0]) . "' and password='******' and gid='1'"); if ($user) { Lua::write_log($user, '退出系统', '---', $user['channel']); } $session->auth = ''; Lua::admin_msg('操作提示', '成功退出系统', '/' . ADMIN_ROOT); }
public function user() { $userCookie = $this->getCookie('winduser'); if ($userCookie) { list($uid, $password) = explode("\t", $this->decrypt($userCookie)); if ($uid) { Doo::db()->reconnect('pw9'); $query = "select u.uid,u.username,u.password,i.gender as sex from pw_user u left join pw_user_info i on i.uid=u.uid where u.uid='{$uid}'"; $query = str_replace('pw_', $this->tablepre, $query); $user = Lua::get_one($query); $user['sex'] = $user['sex'] == 1 ? 2 : 1; $user['icon'] = ''; if ($this->getPwdCode($user['password']) != $password) { return array(); } else { unset($user['password']); return $user; } Doo::db()->reconnect('dev'); } } return array(); }
private function edit() { $id = Lua::get('id'); $action = "save_edit&id={$id}"; $db = Lua::get_one("select * from lua_category where id='{$id}' and systemname='" . SYSNAME . "'"); $mods = $this->_models($this->ch); $cate = $this->_tree(); include Lua::display('category_add', $this->dir); }
private function change() { $db = Lua::get_one("select status from lua_model where id='" . Lua::post('id') . "'"); $rt = $db['status'] == 1 ? 0 : 1; Doo::db()->query("update lua_model set status='{$rt}' where id='" . Lua::post('id') . "'"); Lua::println(); }
private function _table_db($id) { return Lua::get_one("select * from lua_model_table where id='{$id}'"); }
private function export() { set_time_limit(0); $id = Lua::get('id'); $id = intval($id); $db = Lua::get_one("select * from lua_channel where id='{$id}'"); if (empty($db)) { Lua::admin_msg('错误提示', '所要导出的频道不存在'); } Doo::loadHelper('DooFile'); $fileManager = new DooFile(0777); Doo::cache('php')->hashing = false; $old_dir = LUA_ROOT . ADMIN_ROOT . '/cache/'; // 第一步 频道数据 Doo::cache('php')->set('channel', $db); // 第二步 模型数据 $list = Lua::get_more("select * from lua_model where cid='{$id}'"); Doo::cache('php')->set('model', $list); // 第三步 数据表数据 if ($list) { $dumpsql = ''; Doo::db()->query("SET SQL_QUOTE_SHOW_CREATE=1"); foreach ($list as $v) { $table = Lua::get_more("select * from lua_model_table where model_id='" . $v['id'] . "'"); Doo::cache('php')->set('model.' . $v['id'], $table); // 第四步 字段数据 if ($table) { foreach ($table as $k) { $field = Lua::get_more("select * from lua_model_field where model_id='" . $v['id'] . "' and table_id='" . $k['id'] . "'"); Doo::cache('php')->set('field.' . $v['id'] . '.' . $k['id'], $field); // 第五步 创建数据表 $r = Doo::db()->fetchRow("SHOW CREATE TABLE `" . $k['tablename'] . "`;"); $create = str_replace("\"", "\\\"", $r['Create Table']); $dumpsql .= "\r\nDoo::db()->query(\"" . $create . "\");\r\n"; // 第六步 导出数据 $data = Lua::get_more("select * from " . $k['tablename']); Doo::cache('php')->set('data.' . $k['id'], $data); } } } $fileManager->create($old_dir . 'create.php', '<?php' . $dumpsql . '?>'); } // 第七步 栏目数据 $list = Lua::get_more("select * from lua_category where systemname='" . $db['path'] . "'"); Doo::cache('php')->set('cate', $list); $list = Lua::get_more("select * from lua_piece where systemname='" . $db['path'] . "'"); Doo::cache('php')->set('piece', $list); // 第八步 打包数据 $new_dir = LUA_ROOT . $db['path'] . '/cache/update/'; $fileManager->copy($old_dir, $new_dir); // 第九步 删除数据 $fileManager->delete($old_dir, false); Lua::admin_msg('提示信息', '导出成功', './channel.htm'); }
private function del() { $id = intval(Lua::get('id')); $rs = Lua::get_one("select id from lua_category where tpl_id='{$id}'"); if ($rs) { Lua::admin_msg('信息提示', '此模板已关联至某栏目下,不可删除'); } $db = Lua::get_one("select * from lua_tpls where id='{$id}'"); $file = $db['tplfile']; list($tpl, ) = explode('.', $file); if (file_exists($this->tpl_path . $file)) { unlink($this->tpl_path . $file); } if (file_exists($this->tpl_path . 'cache/' . $tpl . '.tpl.php')) { unlink($this->tpl_path . 'cache/' . $tpl . '.tpl.php'); } Lua::delete('lua_tpls', array('id' => $id)); Lua::admin_msg('信息提示', '操作成功', $this->_list($db['kindof'])); }
private function save_edit() { $uid = Lua::get('uid'); $sqlarr['email'] = Lua::post('email'); $password = Lua::post('password'); if ($password) { if ($password != Lua::post('confirm_password')) { Lua::ajaxmessage('error', '二次密码不相同'); } $sqlarr['password'] = md5($password); } Lua::update('lua_member', $sqlarr, array('uid' => $uid)); $udb = Lua::get_one("select username from lua_member where uid='{$uid}'"); Lua::write_log($this->user, '修改注册会员', "uid={$uid}<br />username=" . $udb['username'], SYSNAME); Lua::ajaxmessage('success', '操作成功', './member.htm'); }
private function _table($tableid) { $db = Lua::get_one("select * from lua_model_table where id='{$tableid}'"); if (empty($db)) { Lua::admin_msg('提示信息', '数据表不存在'); } return $db; }
private function ajax_change() { $uid = Lua::post('uid'); if ($uid) { $db = Lua::get_one("select gid from lua_admin where uid='{$uid}'"); $rt = $db['gid'] == 1 ? 0 : 1; Doo::db()->query("update lua_admin set gid='{$rt}' where uid='{$uid}'"); Lua::println(); } }