2014-11-04 09:05:21 +00:00
|
|
|
|
<?php
|
|
|
|
|
|
namespace Westdc\Member;
|
|
|
|
|
|
|
|
|
|
|
|
use Westdc\Helpers\Config;
|
2015-01-23 08:19:03 +00:00
|
|
|
|
use Westdc\Db\Pdo as Db;
|
2014-11-04 09:05:21 +00:00
|
|
|
|
|
|
|
|
|
|
class Cookie
|
|
|
|
|
|
{
|
2015-01-19 12:18:46 +00:00
|
|
|
|
var $ck='ff08XearZpUkjl3H';
|
2014-11-04 09:05:21 +00:00
|
|
|
|
var $db; //传入PDO对象
|
|
|
|
|
|
var $mid; //会员ID
|
|
|
|
|
|
|
|
|
|
|
|
public $scr; //cookie 安全码 $_COOKIE['scr']
|
|
|
|
|
|
public $user;//cookie User $_COOKIE['user']
|
|
|
|
|
|
|
|
|
|
|
|
public $srpwd;//执行checkcookie后方可调用
|
|
|
|
|
|
|
|
|
|
|
|
public $memberTable = "users";
|
|
|
|
|
|
public $FieldUsername = "username";
|
|
|
|
|
|
public $FieldPasword = "password";
|
|
|
|
|
|
public $FieldLastlogin = "ts_last_login";
|
|
|
|
|
|
public $FieldEmail = "email";
|
|
|
|
|
|
public $FieldLastloginIp = "last_login_ip";
|
|
|
|
|
|
public $GravatarEmailField = "gravatar_email";
|
|
|
|
|
|
|
|
|
|
|
|
public $RoleMember = "member";
|
|
|
|
|
|
|
|
|
|
|
|
function __construct()
|
|
|
|
|
|
{
|
2015-01-23 08:19:03 +00:00
|
|
|
|
$this->db = Db::getInstance();
|
2014-11-04 09:05:21 +00:00
|
|
|
|
$this->config = Config::get();
|
2015-01-19 12:18:46 +00:00
|
|
|
|
|
|
|
|
|
|
if(isset($_COOKIE['scr']) && !empty($_COOKIE['scr']))
|
2014-11-04 09:05:21 +00:00
|
|
|
|
{
|
|
|
|
|
|
$this->scr = $_COOKIE['scr'];
|
|
|
|
|
|
}
|
2015-01-19 12:18:46 +00:00
|
|
|
|
if(isset($_COOKIE['user']) && !empty($_COOKIE['user']))
|
2014-11-04 09:05:21 +00:00
|
|
|
|
{
|
|
|
|
|
|
$this->user= $_COOKIE['user'];
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 检测cookie
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function checkcookie()
|
|
|
|
|
|
{
|
|
|
|
|
|
$uname = $this->user;
|
|
|
|
|
|
$hash = $this->scr;
|
2015-01-19 12:18:46 +00:00
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
if(!empty($uname) && !empty($hash))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$uname) || preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$hash))
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->mid=0;
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
else{
|
|
|
|
|
|
$sql = "select {$this->FieldUsername} as userid,{$this->FieldPasword} as pwd from {$this->memberTable} where {$this->FieldUsername}='$uname'";
|
|
|
|
|
|
$rs = $this->db->query($sql);
|
|
|
|
|
|
$row = $rs->fetch();
|
|
|
|
|
|
$scr = $this->makescr($row['userid'],$row['pwd']);
|
2015-01-19 12:18:46 +00:00
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
if($hash == $scr)
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->srpwd=$row['pwd'];
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}//cookie安全
|
|
|
|
|
|
}else {
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}//exit
|
|
|
|
|
|
}//function checkcookie
|
2015-01-19 12:18:46 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* putcookie
|
|
|
|
|
|
*
|
|
|
|
|
|
* 登陆成功后放置cookie,包含安全码
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param $uname
|
|
|
|
|
|
* @param $pwd
|
|
|
|
|
|
* @param int $time
|
|
|
|
|
|
* @return bool
|
|
|
|
|
|
*/
|
2014-11-04 09:05:21 +00:00
|
|
|
|
public function putcookie($uname,$pwd,$time = 604800)
|
|
|
|
|
|
{
|
|
|
|
|
|
try {
|
2015-01-19 12:18:46 +00:00
|
|
|
|
$scrString = $this->makescr($uname,md5($pwd));//加密验证串:防止用户密码被盗;防止伪造cookie。
|
|
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
if(!is_numeric($time))
|
|
|
|
|
|
{
|
|
|
|
|
|
$time = 604800;
|
|
|
|
|
|
}
|
2015-01-19 12:18:46 +00:00
|
|
|
|
|
2014-11-04 09:05:21 +00:00
|
|
|
|
setcookie('user',$uname,time()+$time,'/');
|
|
|
|
|
|
setcookie('scr',$scrString,time()+$time,'/');
|
|
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}//function putcookie
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 生成安全码
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param String $u
|
|
|
|
|
|
* @param String $p
|
2015-01-19 12:18:46 +00:00
|
|
|
|
* @return string
|
2014-11-04 09:05:21 +00:00
|
|
|
|
*/
|
|
|
|
|
|
public function makescr($u,$p)
|
|
|
|
|
|
{
|
|
|
|
|
|
return substr(md5($u.$p.$this->ck),3,20);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 清除cookie
|
|
|
|
|
|
*/
|
|
|
|
|
|
static function flushcookie()
|
|
|
|
|
|
{
|
|
|
|
|
|
setcookie('user','',time()-99999,'/');
|
|
|
|
|
|
setcookie('scr','',time()-99999,'/');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
