Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
huangxuan258
whatsns内容付费问答系统
提交
72c65132
whatsns内容付费问答系统
项目概览
huangxuan258
/
whatsns内容付费问答系统
2021-04-29 05:05:01同步失败
通知
3
Star
2
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
whatsns内容付费问答系统
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
72c65132
编写于
5月 15, 2020
作者:
huangxuan258
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
升级前端登录存储机制,废弃cookie存储以免带来存储漏洞
上级
6f48c94d
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
130 addition
and
97 deletion
+130
-97
application/models/User_model.php
application/models/User_model.php
+75
-59
plugin/qqlogin/callback.php
plugin/qqlogin/callback.php
+17
-7
plugin/sinalogin/callback.php
plugin/sinalogin/callback.php
+21
-14
system/core/Controller.php
system/core/Controller.php
+17
-17
未找到文件。
application/models/User_model.php
浏览文件 @
72c65132
...
...
@@ -354,75 +354,68 @@ class User_model extends CI_Model {
}
function
refresh
(
$uid
,
$islogin
=
1
,
$cookietime
=
0
)
{
$uid
=
intval
(
$uid
);
@
$sid
=
tcookie
(
'sid'
);
global
$user
;
$query
=
$this
->
db
->
select
(
'*'
)
->
from
(
'user'
)
->
join
(
'usergroup'
,
'usergroup.groupid=user.groupid'
)
->
where
(
array
(
'user.uid'
=>
$uid
'user.uid'
=>
$uid
)
)
->
get
();
$user
=
$query
->
row_array
();
$this
->
db
->
set
(
'lastlogin'
,
time
()
)
->
where
(
array
(
'uid'
=>
$uid
'uid'
=>
$uid
)
)
->
update
(
'user'
);
$this
->
db
->
where
(
array
(
'uid'
=>
$uid
,
'time<'
=>
time
()
'time<'
=>
time
()
)
)
->
delete
(
'session'
);
$data
=
array
(
'sid'
=>
$sid
,
'uid'
=>
$uid
,
'islogin'
=>
$islogin
,
'ip'
=>
getip
(),
'time'
=>
time
()
);
$this
->
db
->
replace
(
'session'
,
$data
);
$password
=
$user
[
'password'
];
$auth
=
authcode
(
"
$uid
\t
$password
"
,
'ENCODE'
);
if
(
$cookietime
)
tcookie
(
'auth'
,
$auth
,
$cookietime
);
else
tcookie
(
'auth'
,
$auth
);
if
(
!
$_SESSION
){
session_start
();
}
$_SESSION
[
'loginuid'
]
=
$uid
;
$_SESSION
[
'loginpassword'
]
=
$password
;
$user
[
'newmsg'
]
=
0
;
}
// function refresh($uid, $islogin = 1, $cookietime = 0) {
// $uid=intval($uid);
// @$sid = tcookie ( 'sid' );
// global $user;
tcookie
(
'loginuser'
,
''
);
$user
[
'newmsg'
]
=
0
;
}
// $query = $this->db->select ( '*' )->from ( 'user' )->join ( 'usergroup', 'usergroup.groupid=user.groupid' )->where ( array (
// 'user.uid' => $uid
// ) )->get ();
// $user = $query->row_array ();
// $this->db->set ( 'lastlogin', time () )->where ( array (
// 'uid' => $uid
// ) )->update ( 'user' );
// $this->db->where ( array (
// 'uid' => $uid,
// 'time<' => time ()
// ) )->delete ( 'session' );
// $data = array (
// 'sid' => $sid,
// 'uid' => $uid,
// 'islogin' => $islogin,
// 'ip' => getip (),
// 'time' => time ()
// );
// $this->db->replace ( 'session', $data );
// $password = $user ['password'];
// $auth = authcode ( "$uid\t$password", 'ENCODE' );
// if ($cookietime)
// tcookie ( 'auth', $auth, $cookietime );
// else
// tcookie ( 'auth', $auth );
// tcookie ( 'loginuser', '' );
// $user ['newmsg'] = 0;
// }
function
refresh_session_time
(
$sid
,
$uid
)
{
$lastrefresh
=
intval
(
tcookie
(
"lastrefresh"
)
);
if
(
!
$lastrefresh
)
{
if
(
$uid
)
{
$data
=
array
(
'time'
=>
time
()
);
$this
->
db
->
where
(
'sid'
,
$sid
);
$this
->
db
->
update
(
'session'
,
$data
);
}
else
{
$query
=
$this
->
db
->
get_where
(
'session'
,
array
(
'sid'
=>
$sid
)
);
$session
=
$query
->
row_array
();
if
(
$session
)
{
$data
=
array
(
'time'
=>
time
()
);
$this
->
db
->
where
(
'sid'
,
$sid
);
$this
->
db
->
update
(
'session'
,
$data
);
}
else
{
// $this->db->where ( 'uid', $uid );
// $this->db->delete ( 'session' );
$data
=
array
(
'sid'
=>
$sid
,
'ip'
=>
$this
->
input
->
ip_address
(),
'time'
=>
time
()
);
$this
->
db
->
insert
(
'session'
,
$data
);
}
}
tcookie
(
"lastrefresh"
,
'1'
,
60
);
}
}
/* 添加用户,本函数需要返回uid */
...
...
@@ -489,6 +482,7 @@ class User_model extends CI_Model {
}
function
adduserapi
(
$username
,
$password
,
$email
=
''
,
$groupid
=
7
,
$uid
=
0
,
$phone
=
0
)
{
$password
=
md5
(
$password
);
if
(
$uid
)
{
$data
=
array
(
'uid'
=>
$uid
,
...
...
@@ -532,6 +526,12 @@ class User_model extends CI_Model {
$uid
=
$this
->
db
->
insert_id
();
}
if
(
FROMUC
){
//更新用户密码
$salt
=
random
(
6
);
//加盐
$newpwd
=
md5
(
$password
.
$salt
);
$this
->
db
->
query
(
"update "
.
$this
->
db
->
dbprefix
.
"user set salt='
$salt
' , password='
$newpwd
' where uid=
$uid
"
);
}
return
$uid
;
}
// 更新注册邀请码
...
...
@@ -721,16 +721,19 @@ class User_model extends CI_Model {
$tables
=
array
(
'question'
,
'topic'
,
'a
sk_a
rticlecomment'
,
'articlecomment'
,
'answer'
);
$this
->
db
->
where_in
(
'authorid'
,
explode
(
','
,
$uids
)
);
$this
->
db
->
delete
(
$tables
);
$this
->
db
->
set
(
'answers'
,
'answers-1'
,
FALSE
)
->
where_in
(
'authorid'
,
explode
(
','
,
$uids
)
)
->
update
(
'question'
);
}
$_uids
=
explode
(
','
,
$uids
);
$this
->
db
->
where_in
(
'uid'
,
$_uids
)
->
delete
(
'tag_item'
);
$this
->
db
->
where_in
(
'authorid'
,
$_uids
)
->
delete
(
'doing'
);
if
(
strstr
(
$uids
,
','
)){
$uids
=
explode
(
','
,
$uids
);
}
$this
->
db
->
where_in
(
'uid'
,
$uids
)
->
delete
(
'tag_item'
);
$this
->
db
->
where_in
(
'authorid'
,
$uids
)
->
delete
(
'doing'
);
}
function
logout
()
{
...
...
@@ -747,6 +750,19 @@ class User_model extends CI_Model {
'uid'
=>
$user
[
'uid'
],
'time<'
=>
$lasttime
[
'time'
]
)
)
->
delete
(
'session'
);
if
(
!
$_SESSION
){
//开启 Session
session_start
();
}
// 删除所有 Session 变量
$_SESSION
=
array
();
//判断 cookie 中是否保存 Session ID
if
(
isset
(
$_COOKIE
[
session_name
()])){
setcookie
(
session_name
(),
''
,
time
()
-
3600
,
'/'
);
}
//彻底销毁 Session
session_destroy
();
}
function
save_code
(
$code
,
$codename
=
"code"
)
{
if
(
!
isset
(
$_SESSION
))
{
...
...
plugin/qqlogin/callback.php
浏览文件 @
72c65132
...
...
@@ -50,8 +50,10 @@ $openid = $qc->get_openid ();
$qc
=
new
QC
(
$token
,
$openid
);
if
(
isset
(
$_SESSION
)){
if
(
$_SESSION
[
'uid'
]){
$uid
=
$_SESSION
[
'uid'
];
if
(
$_SESSION
[
'loginuid'
]){
$uid
=
$_SESSION
[
'loginuid'
];
add_auth
(
$token
,
$openid
,
$uid
);
header
(
"Location:"
.
url
(
'user/mycategory'
)
);
...
...
@@ -62,20 +64,26 @@ if(isset($_SESSION)){
$user
=
get_by_openid
(
$openid
,
$token
);
$uid
=
$user
[
'uid'
];
if
(
$user
)
{
add_auth
(
$token
,
$openid
,
$uid
);
refresh
(
$user
);
if
(
!
isset
(
$_SESSION
))
{
session_start
();
}
if
(
isset
(
$_SESSION
[
'forward'
])){
header
(
"Location:"
.
$_SESSION
[
'forward'
]);
}
else
{
$forward
=
isset
(
$_SERVER
[
'HTTP_REFERER'
]
)
?
$_SERVER
[
'HTTP_REFERER'
]
:
SITE_URL
;
if
(
strstr
(
$forward
,
'graph.qq.com'
)){
$forward
=
SITE_URL
;
}
header
(
"Location:"
.
$forward
);
}
exit
();
}
else
{
if
(
!
$setting
[
'allow_register'
])
{
header
(
"Content-Type: text/html;charset=utf-8"
);
exit
(
"系统注册功能暂时处于关闭状态!"
);
...
...
@@ -392,12 +400,14 @@ function refresh($user) {
$uid
=
$user
[
'uid'
];
$password
=
$user
[
'password'
];
$time
=
time
();
$sid
=
tcookie
(
'sid'
);
$db
->
query
(
"UPDATE "
.
DB_TABLEPRE
.
"user SET `lastlogin`=
$time
WHERE `uid`=
$uid
"
);
//更新最后登录时间
$db
->
query
(
"REPLACE INTO "
.
DB_TABLEPRE
.
"session (sid,uid,islogin,ip,`time`) VALUES ('
$sid
',
$uid
,1,'"
.
getip
()
.
"',
$time
)"
);
$auth
=
authcode
(
"
$uid
\t
$password
"
,
'ENCODE'
);
tcookie
(
'auth'
,
$auth
);
tcookie
(
'loginuser'
,
''
);
if
(
!
$_SESSION
){
session_start
();
}
$_SESSION
[
'loginuid'
]
=
$uid
;
$_SESSION
[
'loginpassword'
]
=
$password
;
}
?>
plugin/sinalogin/callback.php
浏览文件 @
72c65132
...
...
@@ -57,15 +57,19 @@ if ($token_arr) {
$c
=
new
SaeTClientV2
(
WB_AKEY
,
WB_SKEY
,
$token
);
$sid
=
tcookie
(
'sid'
);
$auth
=
tcookie
(
'auth'
);
$user
=
array
();
if
(
!
isset
(
$_SESSION
)){
session_start
();
list
(
$uid
,
$password
)
=
empty
(
$auth
)
?
array
(
0
,
0
)
:
taddslashes
(
explode
(
"
\t
"
,
authcode
(
$auth
,
'DECODE'
)
),
1
);
}
$uid
=
0
;
$password
=
''
;
if
(
$_SESSION
[
'loginuid'
]){
$uid
=
intval
(
$_SESSION
[
'loginuid'
]);
}
if
(
$_SESSION
[
'loginpassword'
]){
$password
=
$_SESSION
[
'loginpassword'
];
}
if
(
$uid
&&
$password
)
{
$user
=
get_user
(
$uid
);
if
(
$password
!=
$user
[
'password'
])
{
...
...
@@ -93,6 +97,9 @@ if ($token_arr) {
header
(
"Location:"
.
$_SESSION
[
'forward'
]);
}
else
{
$forward
=
isset
(
$_SERVER
[
'HTTP_REFERER'
]
)
?
$_SERVER
[
'HTTP_REFERER'
]
:
SITE_URL
;
if
(
strstr
(
$forward
,
'graph.qq.com'
)){
$forward
=
SITE_URL
;
}
header
(
"Location:"
.
$forward
);
}
exit
();
...
...
@@ -447,15 +454,15 @@ function refresh($user) {
global
$db
,
$setting
;
$uid
=
$user
[
'uid'
];
$password
=
$user
[
'password'
];
$time
=
time
();
$sid
=
tcookie
(
'sid'
);
$db
->
query
(
"UPDATE "
.
DB_TABLEPRE
.
"user SET `lastlogin`=
$time
WHERE `uid`=
$uid
"
);
// 更新最后登录时间
$db
->
query
(
"REPLACE INTO "
.
DB_TABLEPRE
.
"session (sid,uid,islogin,ip,`time`) VALUES ('
$sid
',
$uid
,1,'"
.
getip
()
.
"',
$time
)"
);
$auth
=
authcode
(
"
$uid
\t
$password
"
,
'ENCODE'
);
tcookie
(
'auth'
,
$auth
);
tcookie
(
'loginuser'
,
''
);
$db
->
query
(
"UPDATE "
.
DB_TABLEPRE
.
"user SET `lastlogin`=
$time
WHERE `uid`=
$uid
"
);
//更新最后登录时间
if
(
!
$_SESSION
){
session_start
();
}
$_SESSION
[
'loginuid'
]
=
$uid
;
$_SESSION
[
'loginpassword'
]
=
$password
;
}
?>
system/core/Controller.php
浏览文件 @
72c65132
...
...
@@ -190,18 +190,21 @@ class CI_Controller {
$usergroup
=
$this
->
usergroup
=
$this
->
cache
->
load
(
'usergroup'
,
'groupid'
);
}
function
init_user
()
{
@
$sid
=
tcookie
(
'sid'
);
@
$auth
=
tcookie
(
'auth'
);
global
$user
;
$user
=
array
();
@
list
(
$uid
,
$password
)
=
empty
(
$auth
)
?
array
(
0
,
0
)
:
taddslashes
(
explode
(
"
\t
"
,
authcode
(
$auth
,
'DECODE'
)
),
1
);
if
(
!
$sid
)
{
$sid
=
substr
(
md5
(
time
()
.
$this
->
input
->
ip_address
()
.
random
(
6
)
),
16
,
16
);
tcookie
(
'sid'
,
$sid
,
1800
);
if
(
!
$_SESSION
){
session_start
();
}
$uid
=
0
;
$password
=
''
;
if
(
$_SESSION
[
'loginuid'
]){
$uid
=
intval
(
$_SESSION
[
'loginuid'
]);
}
if
(
$_SESSION
[
'loginpassword'
]){
$password
=
$_SESSION
[
'loginpassword'
];
}
$this
->
load
->
model
(
'user_model'
);
if
(
$uid
&&
$password
)
{
$user
=
$this
->
user_model
->
get_by_uid
(
$uid
,
0
);
...
...
@@ -225,13 +228,11 @@ class CI_Controller {
exit
(
"您已被网站管理员拉黑"
);
}
if
(
$user
[
'uid'
]
&&
$user
[
'invatecode'
]
==
null
)
{
$this
->
user_model
->
sendinvatecodetouid
(
$user
[
'uid'
]
);
}
$this
->
user_model
->
refresh_session_time
(
$sid
,
$user
[
'uid'
]
);
$user
[
'sid'
]
=
$sid
;
$user
[
'ip'
]
=
$this
->
input
->
ip_address
();
$user
[
'ip'
]
=
getip
();
$user
[
'uid'
]
&&
$user
[
'loginuser'
]
=
$user
[
'username'
];
$user
[
'avatar'
]
=
get_avatar_dir
(
$user
[
'uid'
]
);
...
...
@@ -240,16 +241,15 @@ class CI_Controller {
// 如果用户登录,且携带邀请被邀请注册的邀请码,则自动成为被邀请人
// frominvatecode
if
(
!
isset
(
$user
[
'frominvatecode'
]
))
{
// 如果不存在则绑定
if
(
!
isset
(
$_SESSION
))
{
session_start
();
}
if
(
isset
(
$_SESSION
[
'invatecode'
]
)
&&
$user
[
'invatecode'
]
!=
$_SESSION
[
'invatecode'
])
{
$this
->
user_model
->
updateinvatecode
(
$user
[
'uid'
],
$_SESSION
[
'invatecode'
]
);
unset
(
$_SESSION
[
'invatecode'
]
);
}
}
}
else
{
session_destroy
();
}
}
/**
*
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录