bob
/
westdc-zf1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

为中文版增加了发布评论时的图片验证码机制

This commit is contained in:
Li Jianxuan 2011-12-29 08:09:58 +00:00
parent 8c3e99dde4
commit 0d608ca06c
6 changed files with 266 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
application/default/controllers/DataController.php
View File

@ -609,9 +609,9 @@ class DataController extends Zend_Controller_Action
$sql="select distinct(md.uuid),md.title from keyword kw left join normalmetadata md on kw.id=md.id where kw.keyword in (select k.keyword from keyword k left join metadata m on k.id=m.id where m.id=? and k.keytype='theme') and kw.id<>? limit 10"; $sql="select distinct(md.uuid),md.title from keyword kw left join normalmetadata md on kw.id=md.id where kw.keyword in (select k.keyword from keyword k left join metadata m on k.id=m.id where m.id=? and k.keytype='theme') and kw.id<>? limit 10";
$this->view->related=$this->db->fetchAll($sql,array($id,$id)); $this->view->related=$this->db->fetchAll($sql,array($id,$id));
//用户下载记录 //用户下载记录
$sql = "select o.ts_created,m.uuid,u.realname,u.unit,oa.project as onlineproject, fa.project as offlineproject $sql = "select o.ts_created,m.uuid,u.realname,u.unit,oa.project as onlineproject, fa.project as offlineproject
from dataorder as o left join metadata as m on o.uuid = m.uuid left join users as u on o.userid=u.id from dataorder as o left join metadata as m on o.uuid = m.uuid left join users as u on o.userid=u.id
left join onlineapp oa on o.onlineappid=oa.id left join offlineapp fa on o.offlineappid=fa.id left join onlineapp oa on o.onlineappid=oa.id left join offlineapp fa on o.offlineappid=fa.id
where m.uuid = '$uuid' and (o.status=0 or o.status=5) and u.realname IS NOT NULL order by o.ts_created desc limit 10"; where m.uuid = '$uuid' and (o.status=0 or o.status=5) and u.realname IS NOT NULL order by o.ts_created desc limit 10";
$this->view->downhistory=$this->db->fetchAll($sql); $this->view->downhistory=$this->db->fetchAll($sql);
//数据附件 //数据附件
@ -655,9 +655,22 @@ class DataController extends Zend_Controller_Action
$email = mb_substr($this->replace(trim($this->_request->getParam('email'))),0,60,'UTF-8'); $email = mb_substr($this->replace(trim($this->_request->getParam('email'))),0,60,'UTF-8');
$url = mb_substr($this->replace(trim($this->_request->getParam('url'))),0,60,'UTF-8'); $url = mb_substr($this->replace(trim($this->_request->getParam('url'))),0,60,'UTF-8');
$content = $this->replace(trim($this->_request->getParam('content'))); $content = $this->replace(trim($this->_request->getParam('content')));
$vdcode = mb_substr($this->replace(trim($this->_request->getParam('vdcode'))),0,4,'UTF-8');
if(empty($author))
{
echo "请输入您的名字";
exit();
}
if(strlen($author)<3) exit("姓名长度不得少于2个汉字 :)"); if(strlen($author)<3) exit("姓名长度不得少于2个汉字 :)");
if(empty($email))
{
echo "请输入您的电子邮箱地址";
exit();
}
if(strlen($email)<4) exit("Email长度太短请填写正确的Email :)"); if(strlen($email)<4) exit("Email长度太短请填写正确的Email :)");
if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email)) if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
@ -665,11 +678,6 @@ class DataController extends Zend_Controller_Action
echo "Email格式不正确"; echo "Email格式不正确";
exit(); exit();
} }
if(preg_match("/script/i",$url))
{
$url = preg_replace("/script/i","",$url);
}
if(strlen($content)<5) exit("评论长度不得少于3个汉字 :)"); if(strlen($content)<5) exit("评论长度不得少于3个汉字 :)");
@ -678,14 +686,54 @@ class DataController extends Zend_Controller_Action
$content = preg_replace("/script/i","",$content); $content = preg_replace("/script/i","",$content);
} }
if(preg_match("/<|>/",$content))
{
$data=array(
'<'=>'&lt;',
'>'=>'&gt;',
);
$patterns = array();
$replacements = array();
foreach($data as $k=>$v)
{
$patterns[]='/'.$k.'/i';
$replacements[]=$v;
}
ksort($patterns);
ksort($replacements);
$content=preg_replace($patterns, $replacements, $content);
if(!empty($url))
{
$url=preg_replace($patterns, $replacements, $url);
}
}
if(preg_match("/script/i",$url))
{
$url = preg_replace("/script/i","",$url);
}
if(!preg_match("/http:\/\//",$url))
{
$url = "http://".$url;
}
$uuid = trim($this->_request->getParam('uuid')); $uuid = trim($this->_request->getParam('uuid'));
if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid)) if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
{ {
echo "参数错误"; echo "参数错误";
exit(); exit();
} }
if(strtolower($vdcode) != $_SESSION['vdcodes'])
{
echo "验证码错误,请重新输入";
exit();
}
$data = array( $data = array(
'uuid' => $uuid, 'uuid' => $uuid,
'uid' => $userid, 'uid' => $userid,
@ -707,7 +755,7 @@ class DataController extends Zend_Controller_Action
$msg = "用户".$user->username."对元数据《".$this->replace(trim($this->_request->getParam('mdtitle')))."》进行了评论,<a href=\"/admin/data/comment\">点击查看</a>"; $msg = "用户".$user->username."对元数据《".$this->replace(trim($this->_request->getParam('mdtitle')))."》进行了评论,<a href=\"/admin/data/comment\">点击查看</a>";
include_once("message.php"); include_once("message.php");
message::post($this->db,0,-1,"收到新数据评论",$msg); message::post($this->db,0,-1,"收到新数据评论",$msg);
echo "评论成功<script>$('#reset').click();</script>"; echo "评论成功<script>$('#reset').click();ajaxpage(0);$('#imgcode').click();</script>";
exit(); exit();
}else }else
{ {
@ -1082,9 +1130,9 @@ class DataController extends Zend_Controller_Action
$r=$this->db->fetchRow($this->db->quoteInto($sql,$userid)); $r=$this->db->fetchRow($this->db->quoteInto($sql,$userid));
//保证添加的离线数据申请未申请 //保证添加的离线数据申请未申请
$sql="select count(*) as datacount from dataorder where (ts_approved is null) and userid='$userid' and uuid=? and status in (1,2,3,4)"; $sql="select count(*) as datacount from dataorder where (ts_approved is null) and userid='$userid' and uuid=? and status in (1,2,3,4)";
$r1=$this->db->fetchRow($this->db->quoteInto($sql,$uuid)); $r1=$this->db->fetchRow($this->db->quoteInto($sql,$uuid));
//保证添加的离线数据是正式发布的数据 //保证添加的离线数据是正式发布的数据
$sql="select count(*) as mdcount from normalmetadata where uuid=?"; $sql="select count(*) as mdcount from normalmetadata where uuid=?";
$r2=$this->db->fetchRow($this->db->quoteInto($sql,$uuid)); $r2=$this->db->fetchRow($this->db->quoteInto($sql,$uuid));
if ($r['datacount']<$this->view->config->download->max && $r1['datacount']<1 && $r2['mdcount']>0) { if ($r['datacount']<$this->view->config->download->max && $r1['datacount']<1 && $r2['mdcount']>0) {
$sql="insert into dataorder (uuid,ts_created,userid,status) values(?,now(),?,?)"; $sql="insert into dataorder (uuid,ts_created,userid,status) values(?,now(),?,?)";
@ -1094,8 +1142,8 @@ class DataController extends Zend_Controller_Action
$this->view->md=$this->db->fetchRow($sql); $this->view->md=$this->db->fetchRow($sql);
} else { } else {
if ($r1['datacount']>=1) if ($r1['datacount']>=1)
$this->view->msg="错误:您申请的数据已经在数据蓝中!"; $this->view->msg="错误:您申请的数据已经在数据蓝中!";
elseif ($r2['mdcount']==0) elseif ($r2['mdcount']==0)
$this->view->msg="错误:您申请的数据不存在。"; $this->view->msg="错误:您申请的数据不存在。";
else else
$this->view->msg="错误:您正在进行的离线申请的数据数已经超过系统允许的最大值,请在完成本次离线申请后再进行操作!"; $this->view->msg="错误:您正在进行的离线申请的数据数已经超过系统允许的最大值,请在完成本次离线申请后再进行操作!";

12
application/default/controllers/ServiceController.php
View File

@ -1212,4 +1212,16 @@ class ServiceController extends Zend_Controller_Action
echo '</ul>'; echo '</ul>';
echo $pagnation; echo $pagnation;
}//文档页面相关数据 }//文档页面相关数据
/*
输出验证码
*/
public function imgcodeAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
include_once('ImgCode.php');
$imagecode=new Custom_Controller_Plugin_ImgCode();
$imagecode->image2();
}
} }

6
application/default/views/scripts/data/view.phtml
View File

@ -304,6 +304,10 @@ if($auth->hasIdentity())
<textarea name="content" class="medium half"></textarea> <textarea name="content" class="medium half"></textarea>
</p> </p>
<p> <p>
<label class="required">验证码</label>
<img id="imgcode" style="margin-bottom:-10px;cursor:pointer;border:0px;" src="/service/imgcode/" onClick="this.src=this.src+'?'"><input type="text" name="vdcode" id="vdcode" maxlength="4" value="" />
</p>
<p>
<label> </label> <label> </label>
<input type="hidden" name="mdtitle" value="<?php echo $md->title;?>" /> <input type="hidden" name="mdtitle" value="<?php echo $md->title;?>" />
<input type="hidden" name="uuid" value="<?php echo $md->uuid;?>" /> <input type="hidden" name="uuid" value="<?php echo $md->uuid;?>" />
@ -369,7 +373,7 @@ function todownload(ft)
function ajaxpage(page){$.ajax({type:"GET",url:"/data/comment/uuid/<?= $md->uuid; ?>",data:'page='+page,success:function(html){$('#allcomments').html(html);}, function ajaxpage(page){$.ajax({type:"GET",url:"/data/comment/uuid/<?= $md->uuid; ?>",data:'page='+page,success:function(html){$('#allcomments').html(html);},
beforeSend:function(){$('#allcomments').html('<img src="/images/loading.gif" />加载中');}});};ajaxpage(0); beforeSend:function(){$('#allcomments').html('<img src="/images/loading.gif" />加载中');}});};ajaxpage(0);
function postcomment(){ $.ajax({'type':"POST",'url':"/data/postcomment",'data':$('#postcommentform').serialize(), function postcomment(){ $.ajax({'type':"POST",'url':"/data/postcomment",'data':$('#postcommentform').serialize(),
'success':function(html){$('#postcomment').html('提交');setTimeout("$('#postcomment').removeAttr('disabled');",3000); $('#returninfo').html(html);ajaxpage(0);}, 'success':function(html){$('#postcomment').html('提交');setTimeout("$('#postcomment').removeAttr('disabled');",3000);$('#returninfo').html(html);},
'beforeSend':function(){$('#postcomment').attr('disabled','disabled');$('#postcomment').html('<img src="/images/11887177066.gif" />正在提交...'); }});} 'beforeSend':function(){$('#postcomment').attr('disabled','disabled');$('#postcomment').html('<img src="/images/11887177066.gif" />正在提交...'); }});}
$('#literature_t').click(function(){literature(1);}); $('#literature_t').click(function(){literature(1);});

6
application/default/views/scripts/heihe/view.phtml
View File

@ -310,6 +310,10 @@ if($auth->hasIdentity())
<textarea name="content" class="medium half"></textarea> <textarea name="content" class="medium half"></textarea>
</p> </p>
<p> <p>
<label class="required">验证码</label>
<img id="imgcode" style="margin-bottom:-10px;cursor:pointer;border:0px;" src="/service/imgcode/" onClick="this.src=this.src+'?'"><input type="text" name="vdcode" id="vdcode" maxlength="4" value="" />
</p>
<p>
<label> </label> <label> </label>
<input type="hidden" name="mdtitle" value="<?php echo $md->title;?>" /> <input type="hidden" name="mdtitle" value="<?php echo $md->title;?>" />
<input type="hidden" name="uuid" value="<?php echo $md->uuid;?>" /> <input type="hidden" name="uuid" value="<?php echo $md->uuid;?>" />
@ -371,7 +375,7 @@ function todownload(ft)
function ajaxpage(page){$.ajax({type:"GET",url:"/data/comment/uuid/<?= $md->uuid; ?>",data:'page='+page,success:function(html){$('#allcomments').html(html);}, function ajaxpage(page){$.ajax({type:"GET",url:"/data/comment/uuid/<?= $md->uuid; ?>",data:'page='+page,success:function(html){$('#allcomments').html(html);},
beforeSend:function(){$('#allcomments').html('<img src="/images/loading.gif" />加载中');}});};ajaxpage(0); beforeSend:function(){$('#allcomments').html('<img src="/images/loading.gif" />加载中');}});};ajaxpage(0);
function postcomment(){ $.ajax({'type':"POST",'url':"/data/postcomment",'data':$('#postcommentform').serialize(), function postcomment(){ $.ajax({'type':"POST",'url':"/data/postcomment",'data':$('#postcommentform').serialize(),
'success':function(html){$('#postcomment').html('提交');setTimeout("$('#postcomment').removeAttr('disabled');",3000); $('#returninfo').html(html);ajaxpage(0);}, 'success':function(html){$('#postcomment').html('提交');setTimeout("$('#postcomment').removeAttr('disabled');",3000);$('#returninfo').html(html);},
'beforeSend':function(){$('#postcomment').attr('disabled','disabled');$('#postcomment').html('<img src="/images/11887177066.gif" />正在提交...'); }});} 'beforeSend':function(){$('#postcomment').attr('disabled','disabled');$('#postcomment').html('<img src="/images/11887177066.gif" />正在提交...'); }});}
$('#literature_t').click(function(){literature(1);}); $('#literature_t').click(function(){literature(1);});

6
application/default/views/scripts/water/view.phtml
View File

@ -300,6 +300,10 @@ if($auth->hasIdentity())
<textarea name="content" class="medium half"></textarea> <textarea name="content" class="medium half"></textarea>
</p> </p>
<p> <p>
<label class="required">验证码</label>
<img id="imgcode" style="margin-bottom:-10px;cursor:pointer;border:0px;" src="/service/imgcode/" onClick="this.src=this.src+'?'"><input type="text" name="vdcode" id="vdcode" maxlength="4" value="" />
</p>
<p>
<label> </label> <label> </label>
<input type="hidden" name="mdtitle" value="<?php echo $md->title;?>" /> <input type="hidden" name="mdtitle" value="<?php echo $md->title;?>" />
<input type="hidden" name="uuid" value="<?php echo $md->uuid;?>" /> <input type="hidden" name="uuid" value="<?php echo $md->uuid;?>" />
@ -335,7 +339,7 @@ $(document).ready(function(){$(".colorbox").colorbox({photo:"true"});});
function ajaxpage(page){$.ajax({type:"GET",url:"/data/comment/uuid/<?= $md->uuid; ?>",data:'page='+page,success:function(html){$('#allcomments').html(html);}, function ajaxpage(page){$.ajax({type:"GET",url:"/data/comment/uuid/<?= $md->uuid; ?>",data:'page='+page,success:function(html){$('#allcomments').html(html);},
beforeSend:function(){$('#allcomments').html('<img src="/images/loading.gif" />加载中');}});};ajaxpage(0); beforeSend:function(){$('#allcomments').html('<img src="/images/loading.gif" />加载中');}});};ajaxpage(0);
function postcomment(){ $.ajax({'type':"POST",'url':"/data/postcomment",'data':$('#postcommentform').serialize(), function postcomment(){ $.ajax({'type':"POST",'url':"/data/postcomment",'data':$('#postcommentform').serialize(),
'success':function(html){$('#postcomment').html('提交');setTimeout("$('#postcomment').removeAttr('disabled');",3000); $('#returninfo').html(html);ajaxpage(0);}, 'success':function(html){$('#postcomment').html('提交');setTimeout("$('#postcomment').removeAttr('disabled');",3000);$('#returninfo').html(html);},
'beforeSend':function(){$('#postcomment').attr('disabled','disabled');$('#postcomment').html('<img src="/images/11887177066.gif" />正在提交...'); }});} 'beforeSend':function(){$('#postcomment').attr('disabled','disabled');$('#postcomment').html('<img src="/images/11887177066.gif" />正在提交...'); }});}
$('#literature_t').click(function(){literature(1);}); $('#literature_t').click(function(){literature(1);});

176
application/models/ImgCode.php Normal file
View File

@ -0,0 +1,176 @@
<?php
/**
* 生成图像验证码
*
* 代码来自 ThinkPHP Lib/ORG/Util/Image.class.php 文件,特此对 ThinkPHP 团队表示感谢 :)
*
* Custom
*
* LICENSE:
*
* @category Custom
* @package Custom
* @subpackage Controller
* @copyright Copyright (c) KenJi
* @license
* @version
*/
/**
* Zend_Controller_Plugin_Abstract
*/
//require_once 'Zend/Controller/Plugin/Abstract.php';
//require_once 'Zend/Session/Namespace.php';
class Custom_Controller_Plugin_ImgCode extends Zend_Controller_Plugin_Abstract
{
/**
+----------------------------------------------------------
* 生成图像验证码
+----------------------------------------------------------
* @static
* @access public
+----------------------------------------------------------
* @param string $length 位数
* @param string $mode 类型 0 字母 1:数字2大写字母 3:小写字母 4:以上混合形式
* @param string $type 图像格式
* @param string $width 宽度
* @param string $height 高度
+----------------------------------------------------------
* @return string
+----------------------------------------------------------
* @throws ThinkExecption
+----------------------------------------------------------
*/
function image2($length=4,$mode=4,$type='png',$width=50,$height=25)
{
$randval = $this->rand_string($length,$mode);//生成随机数
//$authCode = new Zend_Session_Namespace('Auth_Code');
//$authCode->imagecode = $randval;//生成session
$_SESSION['vdcodes'] = strtolower($randval);
$width = ($length*9+10)>$width?$length*9+10:$width;
if ( $type!='gif' && function_exists('imagecreatetruecolor')) {
$im = @imagecreatetruecolor($width,$height);
}else {
$im = @imagecreate($width,$height);
}
$r = Array(225,255,255,223);
$g = Array(225,236,237,255);
$b = Array(225,236,166,125);
$key = mt_rand(0,3);
$backColor = imagecolorallocate($im, $r[$key],$g[$key],$b[$key]); //背景色(随机)
$borderColor = imagecolorallocate($im, 100, 100, 100); //边框色
$pointColor = imagecolorallocate($im,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255)); //点颜色
@imagefilledrectangle($im, 0, 0, $width - 1, $height - 1, $backColor);
@imagerectangle($im, 0, 0, $width-1, $height-1, $borderColor);
$stringColor = imagecolorallocate($im,mt_rand(0,200),mt_rand(0,120),mt_rand(0,120));
// 干扰
for($i=0;$i<10;$i++){
$fontcolor=imagecolorallocate($im,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255));
imagearc($im,mt_rand(-10,$width),mt_rand(-10,$height),mt_rand(30,300),mt_rand(20,200),55,44,$fontcolor);
}
for($i=0;$i<25;$i++){
$fontcolor=imagecolorallocate($im,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255));
imagesetpixel($im,mt_rand(0,$width),mt_rand(0,$height),$pointColor);
}
@imagestring($im, 5, 5, 3, $randval, $stringColor);
$this->output($im,$type);
}
// 更复杂的验证码
function image3($length=4,$type='png',$width=50,$height=60,$fontface='fpnf.ttf',$verifyName='verify') {
$code = $this->rand_string($length,4);
$width = ($length*25)>$width?$length*25:$width;
$authCode = new Zend_Session_Namespace('Auth_Code');
$authCode->imagecode = $randval;
$im=imagecreatetruecolor($width,$height);
$borderColor = imagecolorallocate($im, 100, 100, 100); //边框色
$bkcolor=imagecolorallocate($im,250,250,250);
imagefill($im,0,0,$bkcolor);
@imagerectangle($im, 0, 0, $width-1, $height-1, $borderColor);
// 干扰
for($i=0;$i<15;$i++){
$fontcolor=imagecolorallocate($im,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255));
imagearc($im,mt_rand(-10,$width),mt_rand(-10,$height),mt_rand(30,300),mt_rand(20,200),55,44,$fontcolor);
}
for($i=0;$i<255;$i++){
$fontcolor=imagecolorallocate($im,mt_rand(0,255),mt_rand(0,255),mt_rand(0,255));
imagesetpixel($im,mt_rand(0,$width),mt_rand(0,$height),$fontcolor);
}
if(!is_file($fontface)) {
$fontface = dirname(__FILE__)."/".$fontface;
}
for($i=0;$i<$length;$i++){
$fontcolor=imagecolorallocate($im,mt_rand(0,120),mt_rand(0,120),mt_rand(0,120)); //这样保证随机出来的颜色较深。
$codex= substr($code,$i,1);
imagettftext($im,mt_rand(16,20),mt_rand(-60,60),40*$i+20,mt_rand(30,35),$fontcolor,$fontface,$codex);
}
$this->output($im,$type);
}
function output($im,$type='png')
{
header("Content-type: image/".$type);
$ImageFun='Image'.$type;
$ImageFun($im);
imagedestroy($im);
}
/**
+----------------------------------------------------------
* 产生随机字串,可用来自动生成密码 默认长度6位 字母和数字混合
+----------------------------------------------------------
* @param string $len 长度
* @param string $type 字串类型
* 0 字母 1 数字 其它 混合
* @param string $addChars 额外字符
+----------------------------------------------------------
* @return string
+----------------------------------------------------------
*/
function rand_string($len=6,$type='',$addChars='') {
$str ='';
switch($type) {
case 0:
$chars='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'.$addChars;
break;
case 1:
$chars= str_repeat('0123456789',3);
break;
case 2:
$chars='ABCDEFGHIJKLMNOPQRSTUVWXYZ'.$addChars;
break;
case 3:
$chars='abcdefghijklmnopqrstuvwxyz'.$addChars;
break;
default :
// 默认去掉了容易混淆的字符oOLl和数字01要添加请使用addChars参数
$chars='ABCDEFGHIJKMNPQRSTUVWXYZabcdefghijkmnpqrstuvwxyz23456789'.$addChars;
break;
}
if($len>10 ) {//位数过长重复字符串一定次数
$chars= $type==1? str_repeat($chars,$len) : str_repeat($chars,5);
}
if($type!=4) {
$chars = str_shuffle($chars);
$str = substr($chars,0,$len);
}else{
// 中文随机字
for($i=0;$i<$len;$i++){
$str.= substr($chars, floor(mt_rand(0,mb_strlen($chars,'utf-8')-1)),1);
}
}
return $str;
}
}