logging.php

来自「速度很快的PHP论坛源程序」· PHP 代码 · 共 177 行

PHP
177
字号 
<?php

/*
	[DISCUZ!] logging.php - login and logout
	This is NOT a freeware, use is subject to license terms

	Version: 4.0.0
	Web: http://www.comsenz.com
	Copyright: 2001-2005 Comsenz Technology Ltd.
	Last Modified: 2004/10/3 03:00
*/

require_once './include/common.inc.php';

if($action == 'logout') {

	clearcookies();
	$groupid = 7;
	$discuz_uid = 0;
	$discuz_user = $discuz_pw = '';
	$styleid = $_DCACHE['settings']['styleid'];

	showmessage('logout_succeed', dreferer());

} elseif($action == 'login') {

	if(!submitcheck('loginsubmit', 1)) {

		$discuz_action = 6;

		$referer = dreferer();

		$thetimenow = '(GMT '.($timeoffset >0 ? '+' : '').$timeoffset.') '.
			gmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600).

		$styleselect = '';
		$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");
		while($styleinfo = $db->fetch_array($query)) {
			$styleselect .= "<option value=\"$styleinfo[styleid]\">$styleinfo[name]</option>\n";
		}

		switch($_DCOOKIE['cookietime']) {
			case '31536000': $year_checked = 'checked'; break;
			case '86400': $day_checked = 'checked'; break;
			case '3600': $hour_checked = 'checked'; break;
			case '0': $task_checked = 'checked'; break;
			default: $month_checked = 'checked';
		}

		include template('login');

	} else {

		$discuz_uid = 0;
		$discuz_user = $discuz_pw = $discuz_secques = '';
		$member = array();

		$loginperm = logincheck();
		if(!$loginperm) {
			showmessage('login_strike');
		}

		$secques = quescrypt($questionid, $answer);
		$errorlog = $timestamp."\t";

		if(isset($loginauth)) {
			list($username, $password) = explode("\t", authcode($loginauth, 'DECODE'));
			$errorlog .= dhtmlspecialchars($username)."\t";
		} else {
			$errorlog .= dhtmlspecialchars($username)."\t".preg_replace("/^(.{".round(strlen($password) / 4)."})(.+?)(.{".round(strlen($password) / 6)."})$/s", "\\1***\\3", $password);
			$password = md5($password);
		}

		$errorlog .= "\t".($secques ? "Ques #".dhtmlspecialchars($questionid) : '')."\t$onlineip\n";

		$query = $db->query("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
					m.adminid, m.groupid, m.styleid AS styleidmem, m.lastvisit, m.lastpost, u.allowinvisible
					FROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)
					WHERE username='$username' AND password='$password'");
		$member = $db->fetch_array($query);

		if($bbclosed && $member['adminid'] != 1) {
			showmessage($closedreason ? $closedreason : 'board_closed');
		}

		if($member['discuz_uid']) {

			if($member['discuz_secques'] == $secques) {

				extract($member);

				$discuz_userss = $discuz_user;
				$discuz_user = addslashes($discuz_user);

				if(($allowinvisible && $loginmode == 'invisible') || $loginmode == 'normal') {
					$db->query("UPDATE {$tablepre}members SET invisible='".($loginmode == 'invisible' ? 1 : 0)."' WHERE uid='$member[discuz_uid]'", 'UNBUFFERED');
				}

				$styleid = empty($HTTP_POST_VARS['styleid']) ? ($styleidmem ? $styleidmem :
						$_DCACHE['settings']['styleid']) : $HTTP_POST_VARS['styleid'];
			
				$cookietime = isset($HTTP_POST_VARS['cookietime']) ? $HTTP_POST_VARS['cookietime'] :
						($_DCOOKIE['cookietime'] ? $_DCOOKIE['cookietime'] : 0);

				dsetcookie('cookietime', $cookietime, 31536000);
				dsetcookie('auth', authcode("$discuz_pw\t$discuz_secques\t$discuz_uid", 'ENCODE'), $cookietime);

				$sessionexists = 0;

				if($groupid == 8) {
					showmessage('login_succeed_inactive_member', 'memcp.php');
				} else {
					showmessage('login_succeed', dreferer());
				}

			} elseif(empty($secques)) {

				$username = htmlspecialchars($member['discuz_user']);
				$loginauth = authcode(addslashes($member['discuz_user'])."\t".addslashes($member['discuz_pw']), 'ENCODE');

				include template('login_secques');
				dexit();

			}
				
		}

		loginfailed($loginperm);

		@$fp = fopen(DISCUZ_ROOT.'./forumdata/illegallog.php', 'a');
		@flock($fp, 2);
		@fwrite($fp, $errorlog);
		@fclose($fp);

		showmessage('login_invalid', NULL, 'HALTED');

	}

}

function logincheck() {
	/* returned value
		1=nonexistence;
		2=within limitation;
		3=record expired
	*/

	global $db, $tablepre, $onlineip, $timestamp;
	$query = $db->query("SELECT count, lastupdate FROM {$tablepre}failedlogins WHERE ip='$onlineip'");
	if($login = $db->fetch_array($query)) {
		if($timestamp - $login['lastupdate'] > 900) {
			return 3;
		} elseif($login['count'] < 5) {
			return 2;
		} else {
			return 0;
		}
	} else {
		return 1;
	}
}

function loginfailed($permission) {
	global $db, $tablepre, $onlineip, $timestamp;
	switch($permission) {
		case 1:	$db->query("INSERT INTO {$tablepre}failedlogins (ip, count, lastupdate)
				VALUES ('$onlineip', '1', '$timestamp')");
			break;
		case 2: $db->query("UPDATE {$tablepre}failedlogins SET count=count+1, lastupdate='$timestamp' WHERE ip='$onlineip'");
			break;
		case 3: $db->query("UPDATE {$tablepre}failedlogins SET count='1', lastupdate='$timestamp' WHERE ip='$onlineip'");
			$db->query("DELETE FROM {$tablepre}failedlogins WHERE lastupdate<$timestamp-901", 'UNBUFFERED');
			break;
	}
}

?>

logging.php - 源码说明

本页面展示了「速度很快的PHP论坛源程序」中的 logging.php 源码文件,采用 PHP 编程语言编写,共 177 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与PHP相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?