DedeBIZ
/
DedeV6
關註 2
收藏 0
複製 0
程式碼 合併請求 0 版本發佈 31 Activity
瀏覽代碼

验证码调整

tags/6.2.0
tianya 3 年之前
父節點
ba652ef7b6
當前提交
848ad8b1b0
共有 23 個文件被更改,包括 50 次插入156 次删除
分割檢視
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      src/admin/login.php
  2. +0
    -7
      src/admin/templets/login.htm
  3. +4
    -3
      src/apps/vdimgck.php
  4. +0
    -1
      src/install/sql-dfdata.txt
  5. +0
    -5
      src/system/common.inc.php
  6. +0
    -9
      src/user/album_add.php
  7. +0
    -8
      src/user/album_edit.php
  8. +3
    -2
      src/user/archives_sg_add.php
  9. +0
    -9
      src/user/archives_sg_edit.php
  10. +9
    -6
      src/user/inc/archives_check.php
  11. +0
    -6
      src/user/inc/archives_check_edit.php
  12. +4
    -6
      src/user/index_do.php
  13. +4
    -6
      src/user/reg_new.php
  14. +4
    -4
      src/user/templets/album_add.htm
  15. +1
    -13
      src/user/templets/album_edit.htm
  16. +4
    -4
      src/user/templets/archives_add.htm
  17. +1
    -13
      src/user/templets/archives_edit.htm
  18. +4
    -4
      src/user/templets/archives_sg_add.htm
  19. +1
    -15
      src/user/templets/archives_sg_edit.htm
  20. +4
    -4
      src/user/templets/article_add.htm
  21. +1
    -13
      src/user/templets/article_edit.htm
  22. +4
    -4
      src/user/templets/soft_add.htm
  23. +1
    -13
      src/user/templets/soft_edit.htm

+ 1
- 1
src/admin/login.php 查看文件

@@ -40,7 +40,7 @@ $admindir = $admindirs[count($admindirs) - 1];
if ($dopost == 'login') {
$validate = empty($validate) ? '' : strtolower(trim($validate));
$svali = strtolower(GetCkVdValue());
if (($validate == '' || $validate != $svali) && preg_match("/6/", $safe_gdopen)) {
if ($validate == '' || $validate != $svali) {
ResetVdValue();
ShowMsg('验证码不正确', 'login.php', 0, 1000);
exit;


+ 0
- 7
src/admin/templets/login.htm 查看文件

@@ -95,10 +95,6 @@
<label for="iptPassword">密码</label>
<input type="password" name="pwd" class="form-control" id="iptPassword">
</div>
<?php
if(preg_match("/6/",$safe_gdopen))
{
?>
<div class="form-group">
<label for="iptValidate">验证码</label>
<div class="input-group">
@@ -106,9 +102,6 @@
<img src="../apps/vdimgck.php" onclick="this.src='../apps/vdimgck.php?'+new Date().getTime()+Math.round(Math.random() * 10000)" title="验证码" id="validateimg" style="cursor:pointer">
</div>
</div>
<?php
}
?>
<button type="submit" class="btn btn-success btnLogin btn-sm">登录</button>
<div class="login-power"><?php echo $cfg_powerby; ?></div>
</form>


+ 4
- 3
src/apps/vdimgck.php 查看文件

@@ -10,11 +10,12 @@
*/
require_once(dirname(__FILE__).'/../system/common.inc.php');
require_once(DEDEDATA.'/config.cache.inc.php');
//安全提示
$config = array(
'font_size' => 20,
'img_height' => $safe_wheight,
'word_type' => (int)$safe_codetype,
'img_width' => $safe_wwidth,
'img_height' => '36',
'word_type' => 3,
'img_width' => '80',
'use_boder' => TRUE,
'font_file' => DEDEINC.'/data/fonts/'.mt_rand(1, 6).'.ttf',
'wordlist_file' => DEDEINC.'/data/words/words.txt',


+ 0
- 1
src/install/sql-dfdata.txt 查看文件

@@ -4020,7 +4020,6 @@ INSERT INTO `#@__sysconfig` VALUES
('77','cfg_mb_spacesta','会员使用权限开通状态(-10邮件验证、-1手工审核、0没限制)','4','number','-10'),
('78','cfg_mb_allowreg','是否允许新会员注册','4','bool','Y'),
('79','cfg_mb_adminlock','是否禁止访问管理员帐号的空间','4','bool','N'),
('80','cfg_vdcode_member','是否会员投稿验证码','5','bool','Y'),
('81','cfg_mb_cktitle','是否检测会员投稿重复标题','5','bool','Y'),
('82','cfg_mb_editday','投稿多少天后不能再修改','5','number','1'),
('83','cfg_sendarc_scores','投稿可获取积分','5','number','10'),


+ 0
- 5
src/system/common.inc.php 查看文件

@@ -226,11 +226,6 @@ if (!isset($cfg_NotPrintHead)) {
header("Content-Type: text/html; charset={$cfg_soft_lang}");
}
}
//安全提示
$safe_gdopen = '1,2,3,4,5,6,7';
$safe_codetype = '3';
$safe_wwidth = '80';
$safe_wheight = '36';
//自动加载类库处理
if (version_compare(PHP_VERSION, '7.2.0', '>=')) {
require_once(DEDEINC.'/autoload7.inc.php');


+ 0
- 9
src/user/album_add.php 查看文件

@@ -56,15 +56,6 @@ function _SaveArticle(){ }
------------------------------*/
else if ($dopost == 'save') {
include(DEDEMEMBER.'/inc/archives_check.php');
$svali = GetCkVdValue();
if (preg_match("/1/", $safe_gdopen)) {
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
}
$cInfos = $dsql->GetOne("Select * From `#@__channeltype` where id='$channelid'; ");
$maxwidth = isset($maxwidth) && is_numeric($maxwidth) ? $maxwidth : 800;
$pagepicnum = isset($pagepicnum) && is_numeric($pagepicnum) ? $pagepicnum : 12;


+ 0
- 8
src/user/album_edit.php 查看文件

@@ -59,14 +59,6 @@ if (empty($dopost)) {
function _Save(){ }
------------------------------*/
else if ($dopost == 'save') {
$svali = GetCkVdValue();
if (preg_match("/1/", $safe_gdopen)) {
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
}
$cInfos = $dsql->GetOne("Select * From `#@__channeltype` where id='$channelid'; ");
$maxwidth = isset($maxwidth) && is_numeric($maxwidth) ? $maxwidth : 800;
$pagepicnum = isset($pagepicnum) && is_numeric($pagepicnum) ? $pagepicnum : 12;


+ 3
- 2
src/user/archives_sg_add.php 查看文件

@@ -50,8 +50,9 @@ function _SaveArticle(){ }
else if ($dopost == 'save') {
include_once(DEDEINC."/image.func.php");
include_once(DEDEINC."/libraries/oxwindow.class.php");
$svali = GetCkVdValue();
if (preg_match("/3/", $safe_gdopen)) {
// 游客需要校验验证码
if ($cfg_ml->M_ID === 0) {
$svali = GetCkVdValue();
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');


+ 0
- 9
src/user/archives_sg_edit.php 查看文件

@@ -48,15 +48,6 @@ else if ($dopost == 'save') {
$flag = '';
$typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0;
$userip = GetIP();
$svali = GetCkVdValue();
if (preg_match("/3/", $safe_gdopen)) {
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
}
if ($typeid == 0) {
ShowMsg('请指定文档隶属的栏目', '-1');
exit();


+ 9
- 6
src/user/inc/archives_check.php 查看文件

@@ -11,18 +11,21 @@
if (!defined('DEDEMEMBER')) exit('dedebiz');
include_once(DEDEINC.'/image.func.php');
include_once(DEDEINC.'/libraries/oxwindow.class.php');
$svali = GetCkVdValue();
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
// 游客需要校验验证码
if ($cfg_ml->M_ID === 0) {
$svali = GetCkVdValue();
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
}
//校验CSRF
CheckCSRF();
$flag = '';
$autokey = $remote = $dellink = $autolitpic = 0;
$userip = GetIP();
if ($typeid == 0) {
ShowMsg('请指定文档隶属的栏目', '-1');
exit();


+ 0
- 6
src/user/inc/archives_check_edit.php 查看文件

@@ -14,12 +14,6 @@ require_once(DEDEINC."/libraries/oxwindow.class.php");
$flag = '';
$typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0;
$userip = GetIP();
$svali = GetCkVdValue();
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
if ($typeid == 0) {
ShowMsg('请指定文档隶属的栏目', '-1');
exit();


+ 4
- 6
src/user/index_do.php 查看文件

@@ -173,12 +173,10 @@ else if ($fmdo == 'login') {
$vdcode = '';
}
$svali = GetCkVdValue();
if (preg_match("/2/", $safe_gdopen)) {
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', 'index.php');
exit();
}
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', 'index.php');
exit();
}
if (CheckUserID($userid, '', false) != 'ok') {
ResetVdValue();


+ 4
- 6
src/user/reg_new.php 查看文件

@@ -20,12 +20,10 @@ if ($step == 1) {
}
if ($dopost == 'regbase') {
$svali = GetCkVdValue();
if (preg_match("/1/", $safe_gdopen)) {
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', '-1');
exit();
}
$userid = $uname = trim($userid);
$pwd = trim($userpwd);


+ 4
- 4
src/user/templets/album_add.htm 查看文件

@@ -99,10 +99,10 @@
</script>
</p>
<?php
//游客强制加验证码,会员则判断后台开关
if (preg_match("/3/",$safe_gdopen)){
//游客强制加验证码
if($cfg_ml->M_ID === 0){
?>
<div class="form-group row">
<div class="form-group row mt-3">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
@@ -112,7 +112,7 @@
<?php
}
?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 1
- 13
src/user/templets/album_edit.htm 查看文件

@@ -136,19 +136,7 @@
<script>
startNum = "<? php echo $j; ?>";
</script>
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
?>
<div class="form-group row">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
<img src="../apps/vdimgck.php" alt="验证码" title="验证码" onclick="this.src=this.src+'?'" style="cursor:pointer">
</div>
</div>
<?php } ?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 4
- 4
src/user/templets/archives_add.htm 查看文件

@@ -74,10 +74,10 @@
?>
<div class="contentShow postForm">
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
//游客强制加验证码
if($cfg_ml->M_ID === 0){
?>
<div class="form-group row">
<div class="form-group row mt-3">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
@@ -87,7 +87,7 @@
<?php
}
?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 1
- 13
src/user/templets/archives_edit.htm 查看文件

@@ -72,19 +72,7 @@
PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']), $addRow, 'autofield');
?>
<div class="contentShow postForm">
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
?>
<div class="form-group row">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
<img src="../apps/vdimgck.php" alt="验证码" title="验证码" onclick="this.src=this.src+'?'" style="cursor:pointer">
</div>
</div>
<?php } ?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 4
- 4
src/user/templets/archives_sg_add.htm 查看文件

@@ -74,10 +74,10 @@
?>
<div class="contentShow postForm">
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
//游客强制加验证码
if($cfg_ml->M_ID === 0){
?>
<div class="form-group row">
<div class="form-group row mt-3">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
@@ -87,7 +87,7 @@
<?php
}
?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 1
- 15
src/user/templets/archives_sg_edit.htm 查看文件

@@ -66,21 +66,7 @@
PrintAutoFieldsEdit(stripslashes($cInfos['fieldset']), $addRow, 'autofield');
?>
<div class="contentShow postForm">
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
?>
<div class="form-group row">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
<img src="../apps/vdimgck.php" alt="验证码" title="验证码" onclick="this.src=this.src+'?'" style="cursor:pointer">
</div>
</div>
<?php
}
?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 4
- 4
src/user/templets/article_add.htm 查看文件

@@ -77,10 +77,10 @@
<div class="contentShow postForm">
<div><?php GetEditor("body","",360,"Member"); ?></div>
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
//游客强制加验证码
if($cfg_ml->M_ID === 0){
?>
<div class="form-group row">
<div class="form-group row mt-3">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
@@ -88,7 +88,7 @@
</div>
</div>
<?php } ?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 1
- 13
src/user/templets/article_edit.htm 查看文件

@@ -78,19 +78,7 @@
<label>正文</label>
<div class="contentShow postForm">
<div><?php GetEditor("body",$addRow['body'],360,"Member"); ?></div>
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
?>
<div class="form-group row">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
<img src="../apps/vdimgck.php" alt="验证码" title="验证码" onclick="this.src=this.src+'?'" style="cursor:pointer">
</div>
</div>
<?php } ?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 4
- 4
src/user/templets/soft_add.htm 查看文件

@@ -197,10 +197,10 @@
</p>
</div>
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
//游客强制加验证码
if($cfg_ml->M_ID === 0){
?>
<div class="form-group row">
<div class="form-group row mt-3">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
@@ -208,7 +208,7 @@
</div>
</div>
<?php } ?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


+ 1
- 13
src/user/templets/soft_edit.htm 查看文件

@@ -213,19 +213,7 @@
echo "<span id='uploadfield'></span>";
?>
</div>
<?php
//游客强制加验证码,会员则判断后台开关
if(preg_match("/3/",$safe_gdopen)){
?>
<div class="form-group row">
<label class="col-sm-2 col-form-label">验证码</label>
<div class="col-sm-10">
<input name="vdcode" type="text" id="vdcode" class="form-control" style="display:inline-block;width:260px;text-transform:uppercase">
<img src="../apps/vdimgck.php" alt="验证码" title="验证码" onclick="this.src=this.src+'?'" style="cursor:pointer">
</div>
</div>
<?php } ?>
<p>
<p class="mt-3">
<button type="submit" class="btn btn-success btn-sm">提交</button>
<button type="reset" class="btn btn-secondary btn-sm" onclick="location.reload();">重置</button>
</p>


Write Preview
Loading…
取消
儲存