DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
Browse Source

验证账号密码不可以中文

pull/41/head
叙述、别离 3 months ago
parent
2747286af7
commit
1e54746774
4 changed files with 17 additions and 9 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +6
    -2
      src/admin/sys_admin_user_add.php
  2. +4
    -4
      src/admin/sys_admin_user_edit.php
  3. +2
    -2
      src/install/install.html
  4. +5
    -1
      src/user/reg_new.php

+ 6
- 2
src/admin/sys_admin_user_add.php View File

@@ -14,8 +14,12 @@ require_once(DEDEINC."/typelink/typelink.class.php");
if (empty($dopost)) $dopost = '';
if ($dopost == 'add') {
CheckCSRF();
if (preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd) || preg_match("#[^0-9a-zA-Z_@!\.-]#", $userid)) {
ShowMsg('密码或账号不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
if (preg_match("#[^0-9a-zA-Z_@!\.-]#", $userid)) {
ShowMsg('账号不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {
ShowMsg('密码不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
$safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);


+ 4
- 4
src/admin/sys_admin_user_edit.php View File

@@ -16,14 +16,14 @@ $id = preg_replace("#[^0-9]#", '', $id);
if ($dopost == 'saveedit') {
CheckCSRF();
$pwd = trim($pwd);
if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {
ShowMsg('密码不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
if (preg_match("#[^0-9a-zA-Z_@!\.-]#", $userid)) {
ShowMsg('账号不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {
ShowMsg('密码不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
$safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);
if ($safecodeok != $safecode) {
ShowMsg("请填写正确的验证安全码", "sys_admin_user_edit.php?id={$id}&dopost=edit");


+ 2
- 2
src/install/install.html View File

@@ -84,12 +84,12 @@
</div>
<div class="form-group">
<label for="adminuser" class="form-label">管理员账号</label>
<input type="text" name="adminuser" id="adminuser" class="form-control" placeholder="admin">
<input type="text" name="adminuser" id="adminuser" class="form-control" placeholder="admin" onkeyup="this.value=this.value.replace(/[^0-9a-zA-Z_@!\.-]/g,'');">
<div class="form-text">请使用数字0-9小写a-z大写A-Z符号_@!.-</div>
</div>
<div class="form-group">
<label for="adminpwd" class="form-label">管理员密码</label>
<input type="text" name="adminpwd" id="adminpwd" class="form-control" placeholder="admin">
<input type="text" name="adminpwd" id="adminpwd" class="form-control" placeholder="admin" onkeyup="this.value=this.value.replace(/[^0-9a-zA-Z_@!\.-]/g,'');">
<div class="form-text">请使用数字0-9小写a-z大写A-Z符号_@!.-</div>
</div>
<div class="text-right"><button type="submit" class="btn btn-success">安装</button></div>


+ 5
- 1
src/user/reg_new.php View File

@@ -51,8 +51,12 @@ if ($step == 1) {
ShowMsg('账号不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
if ($userpwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $userpwd)) {
ShowMsg('密码不合法,请使用数字0-9小写a-z大写A-Z符号_@!.-', '-1');
exit();
}
if ($pwdc != $pwd) {
ShowMsg('您两次输入的密码不一致', '-1');
ShowMsg('您两次输入的密码不一致,请重新输入', '-1');
exit();
}
$uname = HtmlReplace($uname, 1);


Write Preview
Loading…
Cancel
Save