📄 ipb.php
字号:
<?php//////////////////////////// COPYRIGHT NOTICE //////////////////////////////// This script is part of BosDates, a software application by BosDev, Inc //// Use of any kind of part or all of this script or modification of this //// script requires a license from BosDev, Inc. Use or modification of //// this script without a license constitutes Software Piracy and will //// result in legal action from BosDev, Inc. All rights reserved. //// http://www.bosdev.com sales@bosdev.com //// //// BosDates Copyright 2003, BosDev, Inc. ////////////////////////////////////////////////////////////////////////////////Setup variables for the database information$intUserTable = "members";$intUserID = "id";$intUserName = "name";$intUserEmail = "email";//See if the user is logged infunction authenticateUser() { global $integration_prefix,$int_link,$cookie_prefix,$cookie_path,$cookie_domain; if($_COOKIE[$cookie_prefix."member_id"] != "" && $_COOKIE[$cookie_prefix."member_id"] != 0) { $uid = $_COOKIE[$cookie_prefix."member_id"]; $result = query("SELECT member_login_key FROM {$integration_prefix}members WHERE id='$uid'",$int_link); list($password) = mysql_fetch_row($result); if(md5(clean_value($password)) == $_COOKIE[$cookie_prefix."pass_hash"]) { return true; } else { return true; } } else { return false; } }//Check the username/passwordfunction validateLogin($user,$pass) { global $integration_prefix,$int_link; $user = protect($user); $pass = protect($pass); $user = preg_replace("/&#([0-9]+);/", '-', $user); $user = makesafe($user); $pass = preg_replace("/&#([0-9]+);/", '-', $pass); $pass = makesafe($pass); $pass = md5($pass); $result = query("SELECT m.id, c.converge_pass_salt, c.converge_pass_hash FROM {$integration_prefix}members m LEFT JOIN {$integration_prefix}members_converge c ON (c.converge_id=m.id) WHERE LOWER(name)='$user'",$int_link); list($userID,$salt,$passHash) = mysql_fetch_row($result); $salt = str_replace( "\\\\" , '\\', $salt); if($passHash == md5(md5($salt).$pass)) { return $userID; } }//Set the cookiefunction setLogin($chkLogin,$username,$password) { global $int_link,$integration_prefix,$cookie_prefix,$cookie_path,$cookie_domain; $ipaddr = getEnv("REMOTE_ADDR"); $agent = getEnv("HTTP_USER_AGENT"); $browser = addslashes( substr($agent, 0, 50) ) ; $sesstime = time(); $session_id = md5( uniqid(microtime()) ); $result = query("SELECT member_login_key FROM {$integration_prefix}members WHERE id=$chkLogin",$int_link); list($loginKey) = mysql_fetch_row($result); $result = query("DELETE FROM {$integration_prefix}sessions WHERE ip_address='$ipaddr'",$int_link); $result = query("INSERT INTO {$integration_prefix}sessions (id, member_name, member_id, running_time, member_group, ip_address, browser, login_type) VALUES ('$session_id','$username',$chkLogin,$sesstime,'$mgroup','$ipaddr','$browser',0)",$int_link); setcookie($cookie_prefix."member_id",$chkLogin,time() + 86400,$cookie_path,$cookie_domain); setcookie($cookie_prefix."pass_hash",$loginKey,time() + 86400,$cookie_path,$cookie_domain); setcookie($cookie_prefix."session_id","$session_id",0,$cookie_path,$cookie_domain ); }//Clear out the users cookies so they can logoutfunction clearLogin() { Global $integration_prefix,$int_link,$cookie_prefix,$cookie_path,$cookie_domain; $ipaddr = getEnv("REMOTE_ADDR"); $result = query("DELETE FROM {$integration_prefix}sessions WHERE ip_address='$ipaddr'",$int_link); setcookie($cookie_prefix."member_id","",time() - 3600,$cookie_path,$cookie_domain); setcookie($cookie_prefix."pass_hash","",time() - 3600,$cookie_path,$cookie_domain); setcookie($cookie_prefix."session_id","",time() - 3600,$cookie_path,$cookie_domain ); }//Get the user idfunction getUserID() { global $cookie_prefix; $userID = $_COOKIE[$cookie_prefix."member_id"]; return $userID; }//Get the users infofunction getUserInfo($userID=0) { Global $integration_prefix,$int_link,$cookie_prefix,$uus_link; if($userID == 0) { if($_COOKIE[$cookie_prefix."member_id"] == "") { return false; } $userID = $_COOKIE[$cookie_prefix."member_id"]; } $result = query("SELECT bc1,bc2,bc3 FROM bosdevUUS WHERE id=$userID",$uus_link); list($isAdmin,$rules,$fees) = mysql_fetch_row($result); $result = query("SELECT name,email FROM {$integration_prefix}members WHERE id=$userID",$int_link); list($username,$email) = mysql_fetch_row($result); $userInfo['name'] = $username; $userInfo['email'] = $email; $userInfo['admin'] = $isAdmin; $userInfo['rules'] = $rules; $userInfo['fees'] = $fees; return $userInfo; }//IPB specific routinefunction clean_value($val) { $val = str_replace( " " , " " , $val ); $val = str_replace( "&" , "&" , $val ); $val = str_replace( "<!--" , "<!--" , $val ); $val = str_replace( "-->" , "-->" , $val ); $val = preg_replace( "/<script/i" , "<script" , $val ); $val = str_replace( ">" , ">" , $val ); $val = str_replace( "<" , "<" , $val ); $val = str_replace( "\"" , """ , $val ); $val = preg_replace( "/\|/" , "|" , $val ); $val = preg_replace( "/\n/" , "<br>" , $val ); // Convert literal newlines $val = preg_replace( "/\\\$/" , "$" , $val ); $val = preg_replace( "/\r/" , "" , $val ); // Remove literal carriage returns $val = str_replace( "!" , "!" , $val ); $val = str_replace( "'" , "'" , $val ); // IMPORTANT: It helps to increase sql query safety. $val = stripslashes($val); // Swop PHP added backslashes $val = preg_replace( "/\\\/" , "\" , $val ); // Swop user inputted backslashes return $val; }function makesafe($html) { $html = stripslashes($html); $html = str_replace ('<!--', '<!--', $html); $html = str_replace ('-->', '-->', $html); $html = str_replace ('<', '<', $html); $html = str_replace ('>', '>', $html); $html = str_replace (' ', ' ', $html); $html = str_replace ("\n", '<br />', $html); $html = str_replace ("'", ''', $html); $html = str_replace ('\'', '"', $html); $html = preg_replace( "/\\\$/", "$", $html ); return $html; }?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -