logging php,logging.php-CSDN博客

This is NOT a freeware, use is subject to license terms

$Id: logging.php 16790 2008-11-20 06:45:21Z zhaoxiongfei $

define('NOROBOT', TRUE);

define('CURSCRIPT', 'logging');

require_once './include/common.inc.php';

require_once DISCUZ_ROOT.'./include/misc.func.php';

require_once DISCUZ_ROOT.'./uc_client/client.php';

if($action == 'logout' && !empty($formhash)) {

if($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') {

$extrahead .= '';

}

$ucsynlogout = $allowsynlogin ? uc_user_synlogout() : '';

if($formhash != FORMHASH) {

showmessage('logout_succeed', dreferer());

}

clearcookies();

$groupid = 7;

$discuz_uid = 0;

$discuz_user = $discuz_pw = '';

$styleid = $_DCACHE['settings']['styleid'];

showmessage('logout_succeed', dreferer());

} elseif($action == 'login') {

if($discuz_uid) {

$ucsynlogin = uc_user_synlogin($discuz_uid);

showmessage('login_succeed', $indexname);

}

$field = $loginfield == 'uid' ? 'uid' : 'username';

if(!($loginperm = logincheck())) {

showmessage('login_strike');

}

$seccodecheck = $seccodestatus & 2;

if($seccodecheck && $seccodedata['loginfailedcount']) {

$seccodecheck = $db->result_first("SELECT count(*) FROM {$tablepre}failedlogins WHERE ip='$onlineip' AND count>='$seccodedata[loginfailedcount]' AND $timestamp-lastupdate<=900");

}

if(!submitcheck('loginsubmit', 1, $seccodecheck)) {

$discuz_action = 6;

$referer = dreferer();

$thetimenow = '(GMT '.($timeoffset > 0 ? '+' : '').$timeoffset.') '.

dgmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600).

$styleselect = '';

$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");

while($styleinfo = $db->fetch_array($query)) {

$styleselect .= "$styleinfo[name]\n";

}

$cookietimecheck = !empty($_DCOOKIE['cookietime']) ? 'checked="checked"' : '';

if($seccodecheck) {

$seccode = random(6, 1) + $seccode{0} * 1000000;

}

$username = !empty($_DCOOKIE['loginuser']) ? htmlspecialchars($_DCOOKIE['loginuser']) : '';

include template('login');

} else {

if(isset($loginauth)) {

list($username, $password) = daddslashes(explode("\t", authcode($loginauth, 'DECODE')), 1);

}

$ucresult = uc_user_login($username, $password, $loginfield == 'uid', 1, $questionid, $answer);

list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1);

$ucresult = $tmp;

if($duplicate && $ucresult['uid'] > 0) {

if($olduid = $db->result_first("SELECT uid FROM {$tablepre}members WHERE username='".addslashes($ucresult['username'])."'")) {

require_once DISCUZ_ROOT.'./include/membermerge.func.php';

membermerge($olduid, $ucresult['uid']);

uc_user_merge_remove($ucresult['username']);

} else {

$ucresult['uid'] = -1;

}

$discuz_uid = 0;

$discuz_user = $discuz_pw = $discuz_secques = '';

$member = array();

if($ucresult['uid'] > 0) {

$member = $db->fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,

m.email, m.adminid, m.groupid, m.styleid AS styleidmem, m.lastvisit, m.lastpost, u.allowinvisible

FROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)

WHERE m.uid='$ucresult[uid]'");

if(!$member) {

$ucresult['username'] = addslashes($ucresult['username']);

$auth = authcode("$ucresult[username]\t".FORMHASH, 'ENCODE');

if($inajax) {

$message = 2;

$location = $regname.'?action=activation&auth='.rawurlencode($auth);

include template('login');

} else {

showmessage('login_activation', $regname.'?action=activation&auth='.rawurlencode($auth));

}

extract($member);

$discuz_userss = $discuz_user;

$discuz_user = addslashes($discuz_user);

if(addslashes($email) != $ucresult['email']) {

$db->query("UPDATE {$tablepre}members SET email='$ucresult[email]' WHERE uid='$ucresult[uid]'");

}

if($questionid > 0 && empty($discuz_secques)) {

$discuz_secques = random(8);

$db->query("UPDATE {$tablepre}members SET secques='$discuz_secques' WHERE uid='$ucresult[uid]'");

}

$styleid = intval(empty($_POST['styleid']) ? ($styleidmem ? $styleidmem :

$_DCACHE['settings']['styleid']) : $_POST['styleid']);

$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0);

dsetcookie('cookietime', $cookietime, 31536000);

dsetcookie('auth', authcode("$discuz_pw\t$discuz_secques\t$discuz_uid", 'ENCODE'), $cookietime, 1, true);

dsetcookie('loginuser');

dsetcookie('activationauth');

dsetcookie('pmnum');

$sessionexists = 0;

if($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') {

$extrahead .= '';

}

$ucsynlogin = $allowsynlogin ? uc_user_synlogin($discuz_uid) : '';

if(!empty($inajax)) {

$msgforward = unserialize($msgforward);

$mrefreshtime = intval($msgforward['refreshtime']) * 1000;

include_once DISCUZ_ROOT.'./forumdata/cache/cache_usergroups.php';

$usergroups = $_DCACHE['usergroups'][$groupid]['grouptitle'];

$message = 1;

include template('login');

} else {

if($groupid == 8) {

showmessage('login_succeed_inactive_member', 'memcp.php');

} else {

showmessage('login_succeed', dreferer());

}

} else {

$password = preg_replace("/^(.{".round(strlen($password) / 4)."})(.+?)(.{".round(strlen($password) / 6)."})$/s", "\\1***\\3", $password);

$errorlog = dhtmlspecialchars(

$timestamp."\t".

($ucresult['username'] ? $ucresult['username'] : stripslashes($username))."\t".

$password."\t".

($secques ? "Ques #".intval($questionid) : '')."\t".

$onlineip);

writelog('illegallog', $errorlog);

loginfailed($loginperm);

$fmsg = $ucresult['uid'] == '-3' ? (empty($questionid) || $answer == '' ? 'login_question_empty' : 'login_question_invalid') : 'login_invalid';

showmessage($fmsg, 'logging.php?action=login');

}

} else {

showmessage('undefined_action');

}

一键复制

编辑

Web IDE

原始数据

按行查看

历史