本文整理汇总了PHP中gen_rand_string函数的典型用法代码示例。如果您正苦于以下问题:PHP gen_rand_string函数的具体用法?PHP gen_rand_string怎么用?PHP gen_rand_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了gen_rand_string函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: main
function main($id, $mode)
{
global $db, $user, $auth, $template;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
$user->add_lang('acp/board');
$captcha_vars = array('captcha_gd_x_grid' => 'CAPTCHA_GD_X_GRID', 'captcha_gd_y_grid' => 'CAPTCHA_GD_Y_GRID', 'captcha_gd_foreground_noise' => 'CAPTCHA_GD_FOREGROUND_NOISE', 'captcha_gd' => 'CAPTCHA_GD_PREVIEWED', 'captcha_gd_wave' => 'CAPTCHA_GD_WAVE', 'captcha_gd_3d_noise' => 'CAPTCHA_GD_3D_NOISE', 'captcha_gd_fonts' => 'CAPTCHA_GD_FONTS');
if (isset($_GET['demo'])) {
$captcha_vars = array_keys($captcha_vars);
foreach ($captcha_vars as $captcha_var) {
$config[$captcha_var] = isset($_REQUEST[$captcha_var]) ? request_var($captcha_var, 0) : $config[$captcha_var];
}
if ($config['captcha_gd']) {
include $phpbb_root_path . 'includes/captcha/captcha_gd.' . $phpEx;
} else {
include $phpbb_root_path . 'includes/captcha/captcha_non_gd.' . $phpEx;
}
$captcha = new captcha();
$captcha->execute(gen_rand_string(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)), time());
exit;
}
$config_vars = array('enable_confirm' => 'REG_ENABLE', 'enable_post_confirm' => 'POST_ENABLE', 'confirm_refresh' => 'CONFIRM_REFRESH', 'captcha_gd' => 'CAPTCHA_GD');
$this->tpl_name = 'acp_captcha';
$this->page_title = 'ACP_VC_SETTINGS';
$form_key = 'acp_captcha';
add_form_key($form_key);
$submit = request_var('submit', '');
if ($submit && check_form_key($form_key)) {
$config_vars = array_keys($config_vars);
foreach ($config_vars as $config_var) {
set_config($config_var, request_var($config_var, ''));
}
$captcha_vars = array_keys($captcha_vars);
foreach ($captcha_vars as $captcha_var) {
$value = request_var($captcha_var, 0);
if ($value >= 0) {
set_config($captcha_var, $value);
}
}
add_log('admin', 'LOG_CONFIG_VISUAL');
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
} else {
if ($submit) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action));
} else {
$preview_image_src = append_sid(append_sid("{$phpbb_admin_path}index.{$phpEx}", "i={$id}&demo=demo"));
if (@extension_loaded('gd')) {
$template->assign_var('GD', true);
}
foreach ($config_vars as $config_var => $template_var) {
$template->assign_var($template_var, isset($_REQUEST[$config_var]) ? request_var($config_var, '') : $config[$config_var]);
}
foreach ($captcha_vars as $captcha_var => $template_var) {
$var = isset($_REQUEST[$captcha_var]) ? request_var($captcha_var, 0) : $config[$captcha_var];
$template->assign_var($template_var, $var);
$preview_image_src .= "&{$captcha_var}=" . $var;
}
$template->assign_vars(array('CAPTCHA_PREVIEW' => $preview_image_src, 'PREVIEW' => isset($_POST['preview'])));
}
}
}
示例2: confirm_image
public function confirm_image($max_attempts, &$confirm_id)
{
global $db, $user, $template;
global $phpbb_root_path, $phpEx;
$user->confirm_gc($this->confirm_type);
if ($max_attempts) {
$sql = 'SELECT COUNT(session_id) AS attempts
FROM ' . CONFIRM_TABLE . "\n\t\t\t\tWHERE session_id = '" . $db->sql_escape($user->session_id) . "'\n\t\t\t\t\tAND confirm_type = {$this->confirm_type}";
$result = $db->sql_query($sql);
$attempts = (int) $db->sql_fetchfield('attempts');
$db->sql_freeresult($result);
if ($attempts > $max_attempts) {
return false;
}
}
$code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff
$seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array('confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) $this->confirm_type, 'code' => (string) $code, 'seed' => (int) $seed));
$db->sql_query($sql);
$template->assign_var('S_CONFIRM_CODE', true);
return '<img src="' . append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=confirm&id=' . $confirm_id . '&type=' . $this->confirm_type) . '" alt="" title="" />';
}
示例3: main
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx;
global $db, $user, $auth, $template, $phpbb_container;
if (!$config['allow_password_reset']) {
trigger_error($user->lang('UCP_PASSWORD_RESET_DISABLED', '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'));
}
$username = request_var('username', '', true);
$email = strtolower(request_var('email', ''));
$submit = isset($_POST['submit']) ? true : false;
if ($submit) {
$sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason
FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'\n\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row) {
trigger_error('NO_EMAIL_USER');
}
if ($user_row['user_type'] == USER_IGNORE) {
trigger_error('NO_USER');
}
if ($user_row['user_type'] == USER_INACTIVE) {
if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) {
trigger_error('ACCOUNT_DEACTIVATED');
} else {
trigger_error('ACCOUNT_NOT_ACTIVATED');
}
}
// Check users permissions
$auth2 = new \phpbb\auth\auth();
$auth2->acl($user_row);
if (!$auth2->acl_get('u_chgpasswd')) {
trigger_error('NO_AUTH_PASSWORD_REMINDER');
}
$server_url = generate_board_url();
// Make password at least 8 characters long, make it longer if admin wants to.
// gen_rand_string() however has a limit of 12 or 13.
$user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));
// For the activation key a random length between 6 and 10 will do.
$user_actkey = gen_rand_string(mt_rand(6, 10));
// Instantiate passwords manager
$passwords_manager = $phpbb_container->get('passwords.manager');
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id'];
$db->sql_query($sql);
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template('user_activate_passwd', $user_row['user_lang']);
$messenger->set_addresses($user_row);
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username']), 'PASSWORD' => htmlspecialchars_decode($user_password), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}"));
$messenger->send($user_row['user_notify_type']);
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
$message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
trigger_error($message);
}
$template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')));
$this->tpl_name = 'ucp_remind';
$this->page_title = 'UCP_REMIND';
}
示例4: gen_rand_guid
function gen_rand_guid($groups, $symbols_per_group, $symbols)
{
$uuid = '';
for ($i = 0; $i < $groups - 1; $i++) {
$uuid .= gen_rand_string($symbols_per_group, $symbols) . "-";
}
$uuid .= gen_rand_string($symbols_per_group, $symbols);
return $uuid;
}
示例5: main
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx;
global $db, $user, $auth, $template;
$username = request_var('username', '', true);
$email = strtolower(request_var('email', ''));
$submit = isset($_POST['submit']) ? true : false;
if ($submit) {
$sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason
FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email = '" . $db->sql_escape($email) . "'\n\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row) {
trigger_error('NO_EMAIL_USER');
}
if ($user_row['user_type'] == USER_IGNORE) {
trigger_error('NO_USER');
}
if ($user_row['user_type'] == USER_INACTIVE) {
if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) {
trigger_error('ACCOUNT_DEACTIVATED');
} else {
trigger_error('ACCOUNT_NOT_ACTIVATED');
}
}
// Check users permissions
$auth2 = new auth();
$auth2->acl($user_row);
if (!$auth2->acl_get('u_chgpasswd')) {
trigger_error('NO_AUTH_PASSWORD_REMINDER');
}
$server_url = generate_board_url();
$key_len = 54 - strlen($server_url);
$key_len = max(6, $key_len);
// we want at least 6
$key_len = $config['max_pass_chars'] ? min($key_len, $config['max_pass_chars']) : $key_len;
// we want at most $config['max_pass_chars']
$user_actkey = substr(gen_rand_string(10), 0, $key_len);
$user_password = gen_rand_string(8);
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id'];
$db->sql_query($sql);
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template('user_activate_passwd', $user_row['user_lang']);
$messenger->to($user_row['user_email'], $user_row['username']);
$messenger->im($user_row['user_jabber'], $user_row['username']);
$messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username']), 'PASSWORD' => htmlspecialchars_decode($user_password), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}"));
$messenger->send($user_row['user_notify_type']);
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
$message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
trigger_error($message);
}
$template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')));
$this->tpl_name = 'ucp_remind';
$this->page_title = 'UCP_REMIND';
}
示例6: quick_reply
/**
* This function will load everything needed for the evil quick reply
*
* @param int $topic_id
* @param int $forum_id
* @param array $topic_data
*/
function quick_reply($topic_id, $forum_id, &$topic_data)
{
global $template, $user, $auth, $db;
global $phpbb_root_path, $phpEx, $config;
// Some little config for the quick reply, allows the admin to change these default values through the database.
$qr_config = array('enabled' => true, 'display_subject' => true, 'hide_box' => false, 'resize' => false);
// do evil_qr_ prefixed of the config values exist in $config
// /me slaps highway of life
foreach (array_keys($qr_config) as $key) {
if (isset($config['evil_qr_' . $key])) {
$qr_config[$key] = $config['evil_qr_' . $key];
}
}
// Check if user has reply permissions for this forum or the topic is locked (thanks damnian)
if (!$auth->acl_get('f_reply', $forum_id) || $topic_data['topic_status'] == ITEM_LOCKED && !$auth->acl_get('m_lock', $forum_id) || !$qr_config['enabled']) {
return;
}
// Hidden fields
$s_hidden_fields = array('t' => $topic_id, 'f' => $forum_id, 'mode' => 'reply', 'lastclick' => time(), 'icon' => 0);
// Set preferences such as allow smilies, bbcode, attachsig
$reply_prefs = array('disable_bbcode' => $config['allow_bbcode'] && $user->optionget('bbcode') ? false : true, 'disable_smilies' => $config['allow_smilies'] && $user->optionget('smilies') ? false : true, 'disable_magic_url' => false, 'attach_sig' => $config['allow_sig'] && $user->optionget('attachsig') ? true : false, 'notify' => $config['allow_topic_notify'] && ($user->data['user_notify'] || isset($topic_data['notify_status'])) ? true : false, 'lock_topic' => $topic_data['topic_status'] == ITEM_LOCKED && $auth->acl_get('m_lock', $forum_id) ? true : false);
foreach ($reply_prefs as $name => $value) {
if ($value) {
$s_hidden_fields[$name] = 1;
}
}
$subject = (strpos($topic_data['topic_title'], 'Re: ') !== 0 ? 'Re: ' : '') . censor_text($topic_data['topic_title']);
if (!$qr_config['display_subject']) {
// /me is a show-off
list($s_hidden_fields['subject'], $subject) = array($subject, '');
}
// Confirmation code handling (stolen from posting.php)
if ($config['enable_post_confirm'] && !$user->data['is_registered']) {
// Show confirm image
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "\r\n\t\t\tWHERE session_id = '" . $db->sql_escape($user->session_id) . "'\r\n\t\t\t\tAND confirm_type = " . CONFIRM_POST;
$db->sql_query($sql);
// Generate code
$code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff
$seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array('confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) CONFIRM_POST, 'code' => (string) $code, 'seed' => (int) $seed));
$db->sql_query($sql);
$template->assign_vars(array('S_CONFIRM_CODE' => true, 'CONFIRM_ID' => $confirm_id, 'CONFIRM_IMAGE' => '<img src="' . append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_POST) . '" alt="" title="" />'));
}
// new RC6/RC7 stuff
add_form_key('posting');
// Page title & action URL, include session_id for security purpose
$s_action = append_sid("{$phpbb_root_path}posting.{$phpEx}", false, true, $user->session_id);
// Assign template variables
$template->assign_vars(array('QR_SUBJECT' => $subject, 'S_QR_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_QR_POST_ACTION' => $s_action, 'S_QR_ENABLED' => $qr_config['enabled'], 'S_QR_SUBJECT' => $qr_config['display_subject'], 'S_QR_HIDE_BOX' => $qr_config['hide_box'], 'S_QR_RESIZE' => $qr_config['resize']));
}
示例7: test_gen_rand_string
public function test_gen_rand_string()
{
for ($tests = 0; $tests <= self::TEST_COUNT; ++$tests) {
for ($num_chars = self::MIN_STRING_LENGTH; $num_chars <= self::MAX_STRING_LENGTH; ++$num_chars) {
$random_string = gen_rand_string($num_chars);
$random_string_length = strlen($random_string);
$this->assertTrue($random_string_length >= self::MIN_STRING_LENGTH);
$this->assertTrue($random_string_length <= $num_chars);
$this->assertRegExp('#^[A-Z0-9]+$#', $random_string);
}
}
}
示例8: main
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx;
global $db, $user, $auth, $template;
$username = request_var('username', '', true);
$email = request_var('email', '');
$submit = isset($_POST['submit']) ? true : false;
if ($submit) {
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang
FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email = '" . $db->sql_escape($email) . "'\n\t\t\t\t\tAND LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row) {
trigger_error('NO_EMAIL_USER');
}
if ($user_row['user_type'] == USER_INACTIVE) {
trigger_error('ACCOUNT_NOT_ACTIVATED');
}
$server_url = generate_board_url();
$key_len = 54 - strlen($server_url);
$key_len = $key_len < 6 ? 6 : $key_len;
$user_actkey = substr(gen_rand_string(10), 0, $key_len);
$user_password = gen_rand_string(8);
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape(md5($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id'];
$db->sql_query($sql);
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template('user_activate_passwd', $row['user_lang']);
$messenger->replyto($user->data['user_email']);
$messenger->to($user_row['user_email'], $user_row['username']);
$messenger->im($user_row['user_jabber'], $user_row['username']);
$messenger->assign_vars(array('SITENAME' => $config['sitename'], 'USERNAME' => html_entity_decode($user_row['username']), 'PASSWORD' => html_entity_decode($user_password), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}"));
$messenger->send($user_row['user_notify_type']);
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
$message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
trigger_error($message);
}
$template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')));
$this->tpl_name = 'ucp_remind';
$this->page_title = 'UCP_REMIND';
}
示例9: generate_forum_nav
// Build Navigation Links
generate_forum_nav($post_data);
// Build Forum Rules
generate_forum_rules($post_data);
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && $solved_captcha === false && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
{
// Show confirm image
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_POST;
$db->sql_query($sql);
// Generate code
$code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff
$seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $confirm_id,
'session_id' => (string) $user->session_id,
'confirm_type' => (int) CONFIRM_POST,
'code' => (string) $code,
'seed' => (int) $seed)
);
$db->sql_query($sql);
示例10: confirm_box
/**
* Build Confirm box
* @param boolean $check True for checking if confirmed (without any additional parameters) and false for displaying the confirm box
* @param string $title Title/Message used for confirm box.
* message text is _CONFIRM appended to title.
* If title cannot be found in user->lang a default one is displayed
* If title_CONFIRM cannot be found in user->lang the text given is used.
* @param string $hidden Hidden variables
* @param string $html_body Template used for confirm box
* @param string $u_action Custom form action
*/
function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '')
{
global $user, $template, $db, $request;
global $config, $phpbb_path_helper;
if (isset($_POST['cancel'])) {
return false;
}
$confirm = $user->lang['YES'] === $request->variable('confirm', '', true, \phpbb\request\request_interface::POST);
if ($check && $confirm) {
$user_id = request_var('confirm_uid', 0);
$session_id = request_var('sess', '');
$confirm_key = request_var('confirm_key', '');
if ($user_id != $user->data['user_id'] || $session_id != $user->session_id || !$confirm_key || !$user->data['user_last_confirm_key'] || $confirm_key != $user->data['user_last_confirm_key']) {
return false;
}
// Reset user_last_confirm_key
$sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = ''\n\t\t\tWHERE user_id = " . $user->data['user_id'];
$db->sql_query($sql);
return true;
} else {
if ($check) {
return false;
}
}
$s_hidden_fields = build_hidden_fields(array('confirm_uid' => $user->data['user_id'], 'sess' => $user->session_id, 'sid' => $user->session_id));
// generate activation key
$confirm_key = gen_rand_string(10);
if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
adm_page_header(!isset($user->lang[$title]) ? $user->lang['CONFIRM'] : $user->lang[$title]);
} else {
page_header(!isset($user->lang[$title]) ? $user->lang['CONFIRM'] : $user->lang[$title]);
}
$template->set_filenames(array('body' => $html_body));
// If activation key already exist, we better do not re-use the key (something very strange is going on...)
if (request_var('confirm_key', '')) {
// This should not occur, therefore we cancel the operation to safe the user
return false;
}
// re-add sid / transform & to & for user->page (user->page is always using &)
$use_page = $u_action ? $u_action : str_replace('&', '&', $user->page['page']);
$u_action = reapply_sid($phpbb_path_helper->get_valid_page($use_page, $config['enable_mod_rewrite']));
$u_action .= (strpos($u_action, '?') === false ? '?' : '&') . 'confirm_key=' . $confirm_key;
$template->assign_vars(array('MESSAGE_TITLE' => !isset($user->lang[$title]) ? $user->lang['CONFIRM'] : $user->lang[$title], 'MESSAGE_TEXT' => !isset($user->lang[$title . '_CONFIRM']) ? $title : $user->lang[$title . '_CONFIRM'], 'YES_VALUE' => $user->lang['YES'], 'S_CONFIRM_ACTION' => $u_action, 'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields, 'S_AJAX_REQUEST' => $request->is_ajax()));
$sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '" . $db->sql_escape($confirm_key) . "'\n\t\tWHERE user_id = " . $user->data['user_id'];
$db->sql_query($sql);
if ($request->is_ajax()) {
$u_action .= '&confirm_uid=' . $user->data['user_id'] . '&sess=' . $user->session_id . '&sid=' . $user->session_id;
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_BODY' => $template->assign_display('body'), 'MESSAGE_TITLE' => !isset($user->lang[$title]) ? $user->lang['CONFIRM'] : $user->lang[$title], 'MESSAGE_TEXT' => !isset($user->lang[$title . '_CONFIRM']) ? $title : $user->lang[$title . '_CONFIRM'], 'YES_VALUE' => $user->lang['YES'], 'S_CONFIRM_ACTION' => str_replace('&', '&', $u_action), 'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields));
}
if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
adm_page_footer();
} else {
page_footer();
}
}
示例11: handle
/**
* Smartfeed controller for route /smartfeed/{name}
*
* @return \phpbb\controller\helper
*/
public function handle()
{
$display_name = $this->user->lang('SMARTFEED_TITLE');
// Smartfeed cannot be used with Apache authentication unless the .htaccess file is modified to allow smartfeed.php to bypass
// Apache authentication. If you have made these changes then set the constant SMARTFEED_APACHE_HTACCESS_ENABLED to true in the ACP interface.
if ($this->config['auth_method'] == 'apache' && $this->config['phpbbservices_smartfeed_apache_htaccess_enabled'] != 1) {
$msg_text = $this->user->data['user_type'] == USER_FOUNDER ? $this->user->lang('SMARTFEED_APACHE_AUTHENTICATION_WARNING_ADMIN') : $this->user->lang('SMARTFEED_APACHE_AUTHENTICATION_WARNING_REG');
trigger_error($msg_text, E_USER_NOTICE);
}
// Create a list of required and excluded forum_ids
$required_forum_ids = isset($this->config['phpbbservices_smartfeed_include_forums']) && strlen(trim($this->config['phpbbservices_smartfeed_include_forums'])) > 0 ? explode(',', $this->config['phpbbservices_smartfeed_include_forums']) : array();
$excluded_forum_ids = isset($this->config['phpbbservices_smartfeed_exclude_forums']) && strlen(trim($this->config['phpbbservices_smartfeed_exclude_forums'])) > 0 ? explode(',', $this->config['phpbbservices_smartfeed_exclude_forums']) : array();
// Pass encryption tokens to the user interface for generating URLs, unless of the user is not registered, mcrypt is not supported or OAuth authentication is used
$is_guest = !$this->user->data['is_registered'] || !extension_loaded('mcrypt') || $this->config['auth_method'] == 'oauth';
if (!$is_guest) {
// If the user is registered then great, they can authenticate and see private forums
$smartfeed_user_id = $this->user->data['user_id'];
$user_password = $this->user->data['user_password'];
if ($this->user->data['user_smartfeed_key']) {
$user_smartfeed_key = $this->user->data['user_smartfeed_key'];
$encrypted_password = $this->encrypt($user_password, $user_smartfeed_key);
$encrypted_password_with_ip = $this->encrypt($user_password . '~' . $this->user->ip, $user_smartfeed_key);
} else {
// Generate a smartfeed encryption key. This is a one time action. It is used to authenticate the user when they call smartfeed.php.
$user_smartfeed_key = gen_rand_string(32);
$encrypted_password = $this->encrypt($user_password, $user_smartfeed_key);
$encrypted_password_with_ip = $this->encrypt($user_password . '~' . $this->user->ip, $user_smartfeed_key);
// Store the key
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\t\t\tSET user_smartfeed_key = '" . $this->db->sql_escape($user_smartfeed_key) . "'\n\t\t\t\t\t\tWHERE user_id = " . (int) $this->user->data['user_id'];
$this->db->sql_query($sql);
}
$this->template->assign_vars(array('S_SMARTFEED_IS_GUEST' => false, 'S_SMARTFEED_DAY_DEFAULT' => ''));
} else {
// Public (anonymous) users do not need to authenticate so no encrypted passwords are needed
$smartfeed_user_id = ANONYMOUS;
$encrypted_password = 'NONE';
$encrypted_password_with_ip = 'NONE';
$this->template->assign_vars(array('S_SMARTFEED_IS_GUEST' => true, 'S_SMARTFEED_DAY_DEFAULT' => 'selected="selected"'));
}
$allowed_forum_ids = array();
$forum_read_ary = array();
// Get forum read permissions for this user. They are also usually stored in the user_permissions column, but sometimes the field is empty. This always works.
$forum_array = $this->auth->acl_raw_data_single_user($smartfeed_user_id);
foreach ($forum_array as $key => $value) {
foreach ($value as $auth_option_id => $auth_setting) {
if ($this->auth->acl_get('f_read', $key)) {
$forum_read_ary[$key]['f_read'] = 1;
}
if ($this->auth->acl_get('f_list', $key)) {
$forum_read_ary[$key]['f_list'] = 1;
}
}
}
// Get a list of parent_ids for each forum and put them in an array.
$parent_array = array();
$sql = 'SELECT forum_id, parent_id
FROM ' . FORUMS_TABLE . '
ORDER BY forum_id ASC';
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$parent_array[$row['forum_id']] = $row['parent_id'];
}
$this->db->sql_freeresult($result);
if (sizeof($forum_read_ary) > 0) {
foreach ($forum_read_ary as $forum_id => $allowed) {
if ($this->auth->acl_get('f_read', $forum_id) && $this->auth->acl_get('f_list', $forum_id) && $this->common->check_all_parents($this->auth, $parent_array, $forum_id)) {
// Since this user has read access to this forum, add it to the $allowed_forum_ids array
$allowed_forum_ids[] = (int) $forum_id;
// Also add to $allowed_forum_ids the parents, if any, of this forum. Actually we have to find the parent's parents, etc., going up as far as necessary because
// $this->auth->act_getf does not return the parents for which the user has access, yet parents must be shown are in the user interface
$there_are_parents = true;
$this_forum_id = (int) $forum_id;
while ($there_are_parents) {
if ($parent_array[$this_forum_id] == 0) {
$there_are_parents = false;
} else {
// Do not add this parent to the list of allowed forums if it is already in the array
if (!in_array((int) $parent_array[$this_forum_id], $allowed_forum_ids)) {
$allowed_forum_ids[] = (int) $parent_array[$this_forum_id];
}
$this_forum_id = (int) $parent_array[$this_forum_id];
// Keep looping...
}
}
}
}
}
// Get a list of forums as they appear on the main index for this user. For presentation purposes indent them so they show the natural phpBB3 hierarchy.
// Indenting is cleverly handled by nesting <div> tags inside of other <div> tags, and the template defines the relative offset (20 pixels).
$no_forums = false;
if (sizeof($allowed_forum_ids) > 0) {
$sql = 'SELECT forum_name, forum_id, parent_id, forum_type
FROM ' . FORUMS_TABLE . '
WHERE ' . $this->db->sql_in_set('forum_id', $allowed_forum_ids) . ' AND forum_type <> ' . FORUM_LINK . '
ORDER BY left_id ASC';
//.........这里部分代码省略.........
示例12: main
//.........这里部分代码省略.........
trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&u=' . $user_id));
break;
case 'reactivate':
if ($user_id == $user->data['user_id'])
{
trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
if (!check_form_key($form_name))
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
if ($user_row['user_type'] == USER_FOUNDER)
{
trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
if ($user_row['user_type'] == USER_IGNORE)
{
trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
if ($config['email_enable'])
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
$server_url = generate_board_url();
$user_actkey = gen_rand_string(10);
$key_len = 54 - (strlen($server_url));
$key_len = ($key_len > 6) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
if ($user_row['user_type'] == USER_NORMAL)
{
user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
WHERE user_id = $user_id";
$db->sql_query($sql);
}
else
{
// Grabbing the last confirm key - we only send a reminder
$sql = 'SELECT user_actkey
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$user_actkey = (string) $db->sql_fetchfield('user_actkey');
$db->sql_freeresult($result);
}
$messenger = new messenger(false);
$messenger->template($email_template, $user_row['user_lang']);
$messenger->to($user_row['user_email'], $user_row['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
示例13: main
public function main($id, $mode)
{
global $config, $db, $request, $template, $user, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_admin_path;
$this->config = $config;
$this->db = $db;
$this->request = $request;
$this->template = $template;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $phpEx;
$this->log = $phpbb_container->get('log');
$this->phpbb_admin_path = $phpbb_admin_path;
$admin_activate = $this->request->variable('activate', 0) ? $this->config['require_activation'] == USER_ACTIVATION_ADMIN ? true : false : false;
$group_default = $this->request->variable('group_default', 0);
$group_selected = $this->request->variable('group', 0);
$this->page_title = $user->lang['ACP_ADD_USER'];
$this->tpl_name = 'acp_adduser';
//include files we need to add a user
if (!function_exists('user_add')) {
include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
// include lang files we need
$user->add_lang(array('posting', 'ucp', 'acp/users', 'acp/groups'));
// add custom profile fields
$cp = $phpbb_container->get('profilefields.manager');
//set empty error strings
$error = $cp_data = $cp_error = array();
// Load a template from adm/style for our ACP page
$this->tpl_name = 'acp_adduser';
// Define the name of the form for use as a form key
add_form_key('acp_adduser');
// Try to automatically determine the timezone and daylight savings time settings
$timezone = $this->config['board_timezone'];
$data = array('username' => $this->request->variable('username', '', true), 'new_password' => $this->request->variable('new_password', '', true), 'password_confirm' => $this->request->variable('password_confirm', '', true), 'email' => strtolower($this->request->variable('email', '')), 'lang' => basename($this->request->variable('lang', $this->user->lang_name)), 'tz' => $this->request->variable('tz', $timezone), 'group' => $this->request->variable('group', 0));
// build an array of all lang directories for the extension and check to make sure we have the lang available that is being chosen
// if the lang isn't present then errors will present themselves due to no email template found
$dir_array = $this->dir_to_array($this->phpbb_root_path . 'ext/phpbbmodders/adduser/language');
if (!in_array($data['lang'], $dir_array)) {
trigger_error(sprintf($this->user->lang['DIR_NOT_EXIST'], $data['lang'], $data['lang']), E_USER_WARNING);
}
if ($this->config['allow_birthdays']) {
$data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0;
$data['bday_day'] = $this->request->variable('bday_day', $data['bday_day']);
$data['bday_month'] = $this->request->variable('bday_month', $data['bday_month']);
$data['bday_year'] = $this->request->variable('bday_year', $data['bday_year']);
$data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
}
// if form is submitted
if ($this->request->is_set_post('submit')) {
// Test if form key is valid
if (!check_form_key('acp_adduser')) {
trigger_error('FORM_INVALID');
}
// lets create a wacky new password for our user...but only if there is nothing for a password already
if (empty($data['new_password']) && empty($data['password_confirm'])) {
if ($this->config['pass_complex'] == 'PASS_TYPE_ANY' || $this->config['pass_complex'] == 'PASS_TYPE_CASE') {
$new_password = str_split(base64_encode(md5(time() . $data['username'])), $this->config['min_pass_chars'] + rand(3, 5));
$data['new_password'] = $data['password_confirm'] = $new_password[0];
} else {
if ($this->config['pass_complex'] == 'PASS_TYPE_ALPHA') {
$new_password = $this->generate_password($this->config['min_pass_chars'] + rand(3, 5), 'PASS_TYPE_ALPHA');
$data['new_password'] = $data['password_confirm'] = $new_password;
} else {
$new_password = $this->generate_password($this->config['min_pass_chars'] + rand(3, 5), 'PASS_TYPE_SYMBOL');
$data['new_password'] = $data['password_confirm'] = $new_password;
}
}
}
// validate entries
$validate_array = array('username' => array(array('string', false, $this->config['min_name_chars'], $this->config['max_name_chars']), array('username', '')), 'email' => array(array('string', false, 6, 60), array('user_email')), 'new_password' => array(array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), 'tz' => array('timezone'), 'lang' => array('language_iso_name'));
if ($this->config['allow_birthdays']) {
$validate_array = array_merge($validate_array, array('bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), 'user_birthday' => array('date', true)));
}
$error = validate_data($data, $validate_array);
// validate custom profile fields
$cp->submit_cp_field('register', $this->user->get_iso_lang_id(), $cp_data, $error);
if (sizeof($cp_error)) {
$error = array_merge($error, $cp_error);
}
if ($data['new_password'] != $data['password_confirm']) {
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
// Replace "error" strings with their real, localised form
$error = array_map(array($user, 'lang'), $error);
if (!sizeof($error)) {
$server_url = generate_board_url();
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_name = 'REGISTERED'\n\t\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$group_id = $db->sql_fetchfield('group_id');
$db->sql_freeresult($result);
// use group_id here
if (!$group_id) {
trigger_error('NO_GROUP');
}
if (($this->config['require_activation'] == USER_ACTIVATION_SELF || $this->config['require_activation'] == USER_ACTIVATION_ADMIN) && $this->config['email_enable'] && !$admin_activate) {
$user_actkey = gen_rand_string(mt_rand(6, 10));
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
//.........这里部分代码省略.........
示例14: main
//.........这里部分代码省略.........
$error[] = $user->lang['TOO_MANY_REGISTERS'];
}
}
// DNSBL check
if ($config['check_dnsbl']) {
if (($dnsbl = $user->check_dnsbl('register')) !== false) {
$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
}
}
// validate custom profile fields
$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
if (!sizeof($error)) {
if ($data['new_password'] != $data['password_confirm']) {
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
if ($data['email'] != $data['email_confirm']) {
$error[] = $user->lang['NEW_EMAIL_ERROR'];
}
}
if (!sizeof($error)) {
$server_url = generate_board_url();
// Which group by default?
$group_name = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED';
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error('NO_GROUP');
}
$group_id = $row['group_id'];
if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) {
$user_actkey = gen_rand_string(mt_rand(6, 10));
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
} else {
$user_type = USER_NORMAL;
$user_actkey = '';
$user_inactive_reason = 0;
$user_inactive_time = 0;
}
$user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time);
if ($config['new_member_post_limit']) {
$user_row['user_new'] = 1;
}
// Register user...
$user_id = user_add($user_row, $cp_data);
// This should not happen, because the required variables are listed above...
if ($user_id === false) {
trigger_error('NO_USER', E_USER_ERROR);
}
// Okay, captcha, your job is done.
if ($config['enable_confirm'] && isset($captcha)) {
$captcha->reset();
}
if ($coppa && $config['email_enable']) {
$message = $user->lang['ACCOUNT_COPPA'];
$email_template = 'coppa_welcome_inactive';
} else {
if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) {
$message = $user->lang['ACCOUNT_INACTIVE'];
$email_template = 'user_welcome_inactive';
} else {
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) {
示例15: _add_user_and_update_data
/**
* Add a user with the name $user to phpBB and update all entries in the database to reflect this
* @param string $oldname The name that was used when making the guest posts
* @param string $newname The name that will be used for the new user
* @return void
* @access private
*/
function _add_user_and_update_data($oldname, $newname)
{
global $db, $config, $user;
if (!function_exists('user_add')) {
include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT;
}
// Registered users group?
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "\n\t\t\tWHERE group_name = 'REGISTERED'";
$result = $db->sql_query_limit($sql, 1);
$gid = $db->sql_fetchfield('group_id', false, $result);
$gcl = $db->sql_fetchfield('group_colour', 0, $result);
$db->sql_freeresult($result);
// Setup the user
$user_ary = array('username' => $newname, 'group_id' => $gid, 'user_email' => $config['board_email'], 'user_type' => USER_NORMAL, 'user_password' => gen_rand_string(12));
// Add the user
$user_id = user_add($user_ary);
// Update forums table
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET forum_last_poster_id = ' . (int) $user_id . " , forum_last_poster_name = '" . $db->sql_escape($newname) . "', forum_last_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE forum_last_poster_name = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update posts table
$sql = 'UPDATE ' . POSTS_TABLE . '
SET poster_id = ' . (int) $user_id . ", post_username = ''\n\t\t\tWHERE post_username = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update topics table (first post)
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_poster = ' . (int) $user_id . ", topic_first_poster_name = '" . $db->sql_escape($newname) . "', topic_first_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE topic_first_poster_name = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update topics table (last post)
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_last_poster_id = ' . (int) $user_id . ", topic_last_poster_name = '" . $db->sql_escape($newname) . "', topic_last_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE topic_last_poster_name = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update user post count
$sql = 'SELECT COUNT(post_id) as post_cnt
FROM ' . POSTS_TABLE . '
WHERE poster_id = ' . (int) $user_id;
$result = $db->sql_query($sql);
$post_cnt = $db->sql_fetchfield('post_cnt', false, $result);
$db->sql_freeresult($result);
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = ' . $post_cnt . ' WHERE user_id = ' . (int) $user_id;
$db->sql_query($sql);
}