yzms/m/login_app.php

<?
require_once("../show/common.php");
$key = "d7107772ca557850a44e127500a661bc";
$act = $_GET['act'];
if($act == 'get_timestamp') {
	echo time();
	exit;
}

$cellphone = trim($_GET['cellphone']);
$code = trim($_GET['code']);
if(!$cellphone || !$code) exit;

$user = $db->get_one("select * from tb_user where cellphone = '{$cellphone}' and enabled not in (0, -99) and type_id != 4");

if(!$user) {
	galert("用户不存在！", "/m");
	exit;
}

$time = time();
$suc = false;
for($i = $time; $i >= $time - 20; $i--) {
	if(md5($cellphone."_".$i."_".$key) == $code) {
		$suc = true;
		break;
	}
}
if(!$suc) {
	galert("登录失败！", "/m");
	exit;
}
//http://36.111.41.116:8081/m/login_app.php?cellphone=18988651520&code=1399b5d54010e78daa56d7068d084dfd
//18988651520_1491383036_d7107772ca557850a44e127500a661bc
//http://36.111.41.116:8081/m/login_app.php?act=get_timestamp

$uid = $user['id'];

if($user['enabled'] == -1) {
	echoRs(0, '账号被锁，请通过忘记密码或联系管理员重置登录密码！');
}

$token = md5(uniqid());


$set = "token='{$token}', ip='".$ip."', login_time='".time()."', data='".addslashes(json_encode($user))."', expire_time='".(time()+86400)."'";
$row = $db->get_one("select * from tb_session where uid=".$uid);
if($row) {
	$db->query("update tb_session set {$set} where uid=".$uid);
} else {
	$db->query("insert into tb_session set {$set}, uid=".$uid);
}
unset($user['password']);
unset($user['weixin_openid']);
unset($user['yixin_openid']);
$user['token'] = $token;
$tourl = "login.php?act=dologin2&data=".urlencode(base64_encode(serialize($user)));
gredirect($tourl);
exit;
提交 2024-04-01 15:54:27 +08:00			`<?`
			`require_once("../show/common.php");`
			`$key = "d7107772ca557850a44e127500a661bc";`
			`$act = $_GET['act'];`
			`if($act == 'get_timestamp') {`
			`echo time();`
			`exit;`
			`}`

			`$cellphone = trim($_GET['cellphone']);`
			`$code = trim($_GET['code']);`
			`if(!$cellphone \|\| !$code) exit;`

			`$user = $db->get_one("select * from tb_user where cellphone = '{$cellphone}' and enabled not in (0, -99) and type_id != 4");`

			`if(!$user) {`
			`galert("用户不存在！", "/m");`
			`exit;`
			`}`

			`$time = time();`
			`$suc = false;`
			`for($i = $time; $i >= $time - 20; $i--) {`
			`if(md5($cellphone."_".$i."_".$key) == $code) {`
			`$suc = true;`
			`break;`
			`}`
			`}`
			`if(!$suc) {`
			`galert("登录失败！", "/m");`
			`exit;`
			`}`
			`//http://36.111.41.116:8081/m/login_app.php?cellphone=18988651520&code=1399b5d54010e78daa56d7068d084dfd`
			`//18988651520_1491383036_d7107772ca557850a44e127500a661bc`
			`//http://36.111.41.116:8081/m/login_app.php?act=get_timestamp`

			`$uid = $user['id'];`

			`if($user['enabled'] == -1) {`
			`echoRs(0, '账号被锁，请通过忘记密码或联系管理员重置登录密码！');`
			`}`

			`$token = md5(uniqid());`



			`$set = "token='{$token}', ip='".$ip."', login_time='".time()."', data='".addslashes(json_encode($user))."', expire_time='".(time()+86400)."'";`
			`$row = $db->get_one("select * from tb_session where uid=".$uid);`
			`if($row) {`
			`$db->query("update tb_session set {$set} where uid=".$uid);`
			`} else {`
			`$db->query("insert into tb_session set {$set}, uid=".$uid);`
			`}`
			`unset($user['password']);`
			`unset($user['weixin_openid']);`
			`unset($user['yixin_openid']);`
			`$user['token'] = $token;`
			`$tourl = "login.php?act=dologin2&data=".urlencode(base64_encode(serialize($user)));`
			`gredirect($tourl);`
			`exit;`