示例#1
0
 static function set_encrypt_info($encrypt, $ttl)
 {
     $token = SafeUtil::token();
     self::set_data('encrypt_' . $token, $encrypt, $ttl);
     setcookie(self::ENCRYPT_FIELD_NAME, $token, time() + $ttl, '/');
     return $token;
 }
示例#2
0
 function access($ctx)
 {
     $this->layout = false;
     require_once APP_PATH . '/classes/captcha/SimpleCaptcha.php';
     $captcha = new SimpleCaptcha();
     $code = $captcha->getText();
     $token = SafeUtil::set_captcha($code, 300);
     $ret = array('img_url' => _action('', array('token' => $token)), 'field_name' => SafeUtil::CAPTCHA_FIELD_NAME, 'field_value' => $token);
     return $ret;
 }
示例#3
0
 function index($ctx)
 {
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         if (!SafeUtil::verify_captcha($_POST['verify_code'])) {
             $ctx->errmsg = '验证码错误!';
             return;
         }
         $name = htmlspecialchars(trim($_POST['name']));
         $password = htmlspecialchars(trim($_POST['password']));
         if ($name === 'admin' && $password === 'yuhun666') {
             $_SESSION['admin_user'] = 1;
             $url = _url('admin');
             _redirect($url);
             return;
         } else {
             $ctx->errmsg = "用户名或密码错误!";
         }
     }
 }
示例#4
0
 private function on_submit($ctx)
 {
     $conf = App::$config['login'];
     $req = array('name' => $_POST['name'], 'password' => $_POST['password']);
     $req = SafeUtil::safe_decrypt($req);
     if (!$req) {
         _throw("decrypt failed");
     }
     $name = htmlspecialchars(trim($req['name']));
     $password = htmlspecialchars(trim($req['password']));
     $ctx->name = $name;
     $vcode = strtolower(htmlspecialchars($_POST['verify_code']));
     if (!$vcode || $vcode !== strtolower($_SESSION['verify_code'])) {
         $ctx->errmsg = 'Wrong captcha code';
         return;
     }
     if ($name === $conf['name'] && $password === $conf['password']) {
         $_SESSION['login_user'] = 1;
         _redirect('/');
         return;
     } else {
         $ctx->errmsg = "Wrong username or password!";
     }
 }