//生成token
function token($specialadd = '') {
global $_W;
if (!defined('IN_MOBILE')) {
$key = complex_authkey();
return substr(md5($key . $specialadd), 8, 8);
} else {
if (!empty($_SESSION['token'])) {
$count = count($_SESSION['token']) - 5;
asort($_SESSION['token']);
foreach ($_SESSION['token'] as $k => $v) {
if (TIMESTAMP - $v > 300 || $count > 0) {
unset($_SESSION['token'][$k]);
--$count;
}
}
}
$key = substr(random(20), 0, 4);
$_SESSION['token'][$key] = TIMESTAMP;
return $key;
}
}
//验证token
function checksubmit($var = 'submit', $allowget = false) {
global $_W, $_GPC;
if (empty($_GPC[$var])) {
return false;
}
if (defined('IN_SYS')) {
if ($allowget || (($_W['ispost'] && !empty($_W['token']) && $_W['token'] == $_GPC['token']) && (empty($_SERVER['HTTP_REFERER']) || preg_replace("/https?:\/\/([^\:\/]+).*/i", '\\1', $_SERVER['HTTP_REFERER']) == preg_replace("/([^\:]+).*/", '\\1', $_SERVER['HTTP_HOST'])))) {
return true;
}
} else {
if (empty($_W['isajax']) && empty($_SESSION['token'][$_GPC['token']])) {
exit('<script type="text/javascript">history.go(-1);</script>');
} else {
unset($_SESSION['token'][$_GPC['token']]);
}
return true;
}
return false;
}
微擎表单令牌token 防重复提交验证
最新推荐文章于 2022-01-29 18:21:59 发布