return $user; } // 支持 Token 接口(token 与 session 双重登入机制,方便 REST 接口设计,也方便 $_SESSION 使用) // Support Token interface (token and session dual match, to facilitate the design of the REST interface, but also to facilitate the use of $_SESSION) function user_rest() { $uid = intval(_SESSION('uid')); empty($uid) and $uid = user_token_get() and $_SESSION['uid'] = $uid; $user = user_read($uid); return $user; } function user_token_get() { global $conf, $time; $_uid = user_token_get_do(); empty($_uid) and user_token_clear(); // 退出登录 return $_uid; } // 用户 function user_token_get_do() { global $conf, $time, $ip, $useragent; $token = param($conf['cookie_pre'] . 'token'); if (empty($token)) return FALSE; $tokenkey = md5(xn_key()); $s = xn_decrypt($token, $tokenkey); if (empty($s)) return FALSE; $arr = explode("\t", $s); if (count($arr) != 5) return FALSE; list($_ip, $_time, $_uid, $_pwd, $ua_md5) = $arr; if (array_value($conf, 'login_ip') && $ip != $_ip) return FALSE; if (array_value($conf, 'login_ua') && md5($useragent) != $ua_md5) return FALSE; $_user = user_read($_uid); if (empty($_user)) return FALSE; if (array_value($conf, 'login_only') && $_user['login_date'] != $_time) return FALSE; // 密码是否被修改 if (md5($_user['password']) != $_pwd) return FALSE; return $_uid; } // 设置 token,防止 sid 过期后被删除 function user_token_set($uid) { global $conf, $time; if (empty($uid)) return ''; $token = user_token_gen($uid); setcookie($conf['cookie_pre'] . 'token', $token, $time + 86400000, $conf['cookie_path'], $conf['cookie_domain'], '', TRUE); return $token; } function user_token_clear() { global $conf, $time; setcookie($conf['cookie_pre'] . 'token', '', $time - 8640000, $conf['cookie_path'], $conf['cookie_domain'], '', TRUE); } function user_token_gen($uid) { global $conf, $time, $ip, $useragent; $key = 'user_token' . $uid; static $cache = array(); if (isset($cache[$key])) return $cache[$key]; $user = user_read($uid); $pwd = md5($user['password']); $ua_md5 = md5($useragent); $tokenkey = md5(xn_key()); $cache[$key] = xn_encrypt("$ip $time $uid $pwd $ua_md5", $tokenkey); return $cache[$key]; } // 前台登录验证 function user_login_check() { global $user; empty($user) and http_location(url('user-login')); } // 获取用户来路 function user_http_referer() { global $conf; $referer = param('referer'); // 优先从参数获取 | GET is priority empty($referer) and $referer = array_value($_SERVER, 'HTTP_REFERER', ''); $referer = str_replace(array('\"', '"', '<', '>', ' ', '*', "\t", "\r", "\n"), '', $referer); // 干掉特殊字符 strip special chars if ( !preg_match('#^(http|https)://[\w\-=/\.]+/[\w\-=.%\#?]*$#is', $referer) || FALSE !== strpos($referer, url('user-login')) || FALSE !== strpos($referer, url('user-logout')) || FALSE !== strpos($referer, url('user-create')) || FALSE !== strpos($referer, url('user-setpw')) || FALSE !== strpos($referer, url('user-resetpw_complete')) ) { $referer = $conf['path']; } return $referer; } function user_auth_check($token) { global $time, $ip; $auth = param(2); $s = xn_decrypt($auth); empty($s) and message(-1, lang('decrypt_failed')); $arr = explode('-', $s); count($arr) != 4 and message(-1, lang('encrypt_failed')); list($_ip, $_time, $_uid, $_pwd) = $arr; $_user = user_read($_uid); empty($_user) and message(-1, lang('user_not_exists')); $time - $_time > 3600 and message(-1, lang('link_has_expired')); return $_user; } ?>
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 307
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 307, ini_set(session.name , well_sid)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 308
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 308, ini_set(session.use_cookies , 1)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 309
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 309, ini_set(session.use_only_cookies , 1)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 310
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 310, ini_set(session.cookie_domain , )
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 312
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 312, ini_set(session.cookie_path , /)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 314
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 314, ini_set(session.cookie_secure , )
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 315
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 315, ini_set(session.cookie_lifetime , 8640000)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 317
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 317, ini_set(session.cookie_httponly , 1)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 319
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 319, ini_set(session.gc_maxlifetime , 3600)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 321
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 321, ini_set(session.gc_probability , 1)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 323
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 323, ini_set(session.gc_divisor , 1000)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: session_set_save_handler(): Cannot change save handler when headers already sent, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 325
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 325, session_set_save_handler(sess_open , sess_close , sess_read , sess_write , sess_destroy , sess_gc)
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error[2]: session_start(): Cannot start session when headers already sent, File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 332
File: /www/wwwroot/roclinux.cn/tmp/model_session.func.php, Line: 332, session_start()
File: /www/wwwroot/roclinux.cn/tmp/index.inc.php, Line: 20, sess_start()
File: /www/wwwroot/roclinux.cn/index.php, Line: 29, include(/www/wwwroot/roclinux.cn/tmp/index.inc.php)
Error: Call to undefined function user_rest() in /www/wwwroot/roclinux.cn/tmp/index.inc.php:32 Stack trace: #0 /www/wwwroot/roclinux.cn/index.php(29): include() #1 {main}