www.gusucode.com > PHP展示型企业网站模板米拓整站源码 1.0PHP源码程序 > PHP展示型企业网站模板米拓整站源码 1.0/MetInfozs_v1.0/MetInfozs_v1.0/admin/login/login_check.php
<?php # MetInfo Enterprise Content Management System # Copyright (C) MetInfo Co.,Ltd (http://www.metinfo.cn). All rights reserved. error_reporting(E_ERROR | E_WARNING | E_PARSE); if($depth!=''&&$depth!='../'&&$depth!='../../'){die();} if(!isset($depth))$depth=''; $commonpath=$depth.'include/common.inc.php'; $commonpath=$admin_index?$commonpath:'../'.$commonpath; define('SQL_DETECT',1); require_once $commonpath; $turefile=$url_array[count($url_array)-2]; if($met_adminfile!=$turefile&&$adminmodify!=1){ $met_adminfile=$turefile; $turefile=authcode($turefile,'ENCODE',$met_webkeys); $query="update $met_config set value='$turefile' where name='met_adminfile' and lang='metinfo'"; $db->query($query); } $login_name=daddslashes($login_name,0,1); $metinfo_admin_name=daddslashes($metinfo_admin_name,0,1); if($action=="login"){ $metinfo_admin_name = $login_name; $metinfo_admin_pass = $login_pass; $metinfo_admin_pass=md5($metinfo_admin_pass); /*code*/ if($met_login_code==1){ require_once $depth.'../include/captcha.class.php'; $Captcha= new Captcha(); if(!$Captcha->CheckCode($code)){ echo("<script type='text/javascript'>alert('$lang_logincodeerror');location.href='login.php?langset=$langset';</script>"); exit; } } $admincp_list = $db->get_one("SELECT * FROM $met_admin_table WHERE admin_id='$metinfo_admin_name' and usertype='3' "); if (!$admincp_list){ echo("<script type='text/javascript'> alert('{$lang_loginname}');location.href='login.php';</script>"); exit; }else if($admincp_list['admin_pass']!=$metinfo_admin_pass){ echo("<script type='text/javascript'> alert('$lang_loginpass');location.href='login.php';</script>"); exit; }else{ login_met_cookie($metinfo_admin_name); met_cooike_start(); change_met_cookie('metinfo_admin_name',$metinfo_admin_name); change_met_cookie('metinfo_admin_pass',$metinfo_admin_pass); change_met_cookie('metinfo_admin_id',$admincp_list['id']); change_met_cookie('metinfo_admin_type',$admincp_list['usertype']); change_met_cookie('metinfo_admin_pop',$admincp_list['admin_type']); change_met_cookie('metinfo_admin_time',$m_now_time); change_met_cookie('metinfo_admin_lang',$admincp_list['langok']); change_met_cookie('metinfo_admin_shortcut',json_decode($admincp_list['admin_shortcut'])); if($_GET[langset]!=''){ $_GET[langset]=daddslashes($_GET[langset],0,1); change_met_cookie('languser',$_GET[langset]); met_setcookie("langset", $_GET[langset], 0, '/', false); save_met_cookie(); } save_met_cookie(); $query="update $met_admin_table set admin_modify_date='$m_now_date', admin_login=admin_login+1, admin_modify_ip='$m_user_ip' WHERE admin_id = '$metinfo_admin_name'"; $db->query($query); } $adminlang=explode('-',$admincp_list[langok]); if($admincp_list[langok]<>'metinfo' and (!strstr($admincp_list[langok],"-".$met_index_type."-")))$lang=$adminlang[1]; $filejs = ROOTPATH_ADMIN.'include/metvar.js'; $strlen = file_put_contents($filejs, $js); $metinfo_mobile=false; if($metinfo_mobile){ Header("Location: ../index.php"); }else{ $flag=0; $re_urls=explode('?',$re_url); $re_urlss=explode('/',$re_urls[0]); foreach($re_urlss as $key=>$val){ if($val==$met_adminfile){ $flag=1; } if($flag==1&&$val){ $filedir.='/'.$val; } } if($re_url&&file_exists('../..'.$filedir)&&$filedir){ if(!strstr($re_url, ".php")){ $re_url .= "index.php?lang=".$lang; } Header("Location: {$re_url}"); met_setcookie("re_url",$re_url,time()-21600); exit; }else{ if($re_url)met_setcookie("re_url",$re_url,time()-21600); echo "<script type='text/javascript'> var nowurl=parent.location.href; var metlogin=(nowurl.split('login')).length-1; if(metlogin==0)window.parent.frames.location.href='../index.php?lang=$lang'; if(metlogin!=0)location.href='../index.php?lang=$lang';</script>"; } } }else{ if(!$metinfo_admin_name||!$metinfo_admin_pass){ if($admin_index){ met_cooike_unset(); met_setcookie("re_url",$re_url,time()-21600); Header("Location: login/login.php"); }else{ if(!$re_url){ $re_url=$_SERVER[HTTP_REFERER]; $HTTP_REFERERs=explode('?',$_SERVER[HTTP_REFERER]); $admin_file_len1=strlen("/$met_adminfile/"); $admin_file_len2=strlen("/$met_adminfile/index.php"); if(strrev(substr(strrev($HTTP_REFERERs[0]),0,$admin_file_len1))=="/$met_adminfile/"||strrev(substr(strrev($HTTP_REFERERs[0]),0,$admin_file_len2))=="/$met_adminfile/index.php"||!$HTTP_REFERERs[0]){ $re_url="http://$_SERVER[SERVER_NAME]$_SERVER[REQUEST_URI]"; } } if(!$_COOKIE[re_url]&&!strstr($re_url, "return.php"))met_setcookie("re_url",$re_url,time()+21600); met_cooike_unset(); Header("Location: ".$depth."../login/login.php"); } exit; }else{ $admincp_ok = $db->get_one("SELECT * FROM $met_admin_table WHERE admin_id='$metinfo_admin_name' and admin_pass='$metinfo_admin_pass' and usertype='3'"); if(!$admincp_ok){ if($admin_index){ met_cooike_unset(); met_setcookie("re_url",$re_url,time()-21600); Header("Location: login/login.php"); }else{ if(!$re_url){ $re_url=$_SERVER[HTTP_REFERER]; $HTTP_REFERERs=explode('?',$_SERVER[HTTP_REFERER]); $admin_file_len1=strlen("/$met_adminfile/"); $admin_file_len2=strlen("/$met_adminfile/index.php"); if(strrev(substr(strrev($HTTP_REFERERs[0]),0,$admin_file_len1))=="/$met_adminfile/"||strrev(substr(strrev($HTTP_REFERERs[0]),0,$admin_file_len2))=="/$met_adminfile/index.php"||!$HTTP_REFERERs[0]){ $re_url="http://$_SERVER[SERVER_NAME]$_SERVER[REQUEST_URI]"; } } if(!strstr($re_url, "return.php")){ if(!$_COOKIE[re_url])met_setcookie("re_url",$re_url,time()+21600); } met_cooike_unset(); Header("Location: ".$depth."../login/login.php"); } exit; } /*power start*/ if(ADMIN_POWER!="metinfo"){ if(!strstr($admincp_ok[admin_op], "metinfo")){ if(strstr($_SERVER['REQUEST_URI'], "delete.php")){ if(!strstr($admincp_ok[admin_op], "del"))okinfo('javascript:window.history.back();',$lang_logindelete); } if(strstr($_SERVER['REQUEST_URI'], "changeState.php")){ if(!strstr($admincp_ok[admin_op], "editor"))okinfo('javascript:window.history.back();',$lang_loginedit); } if(strstr($_SERVER['REQUEST_URI'], "/htm.php")){ if(!strstr($admincp_ok[admin_op], "editor"))okinfo('javascript:window.history.back();',$lang_loginedit); } switch($action){ case "add"; if(!strstr($_SERVER['REQUEST_URI'], "/content.php")){ if(!strstr($admincp_ok[admin_op], "add"))okinfo('javascript:window.history.back();',$lang_loginadd); } break; case "editor"; if(!strstr($_SERVER['REQUEST_URI'], "/content.php")){ if(!strstr($admincp_ok[admin_op], "editor"))okinfo('javascript:window.history.back();',$lang_loginedit); } break; case "modify"; if(!strstr($admincp_ok[admin_op], "editor"))okinfo('javascript:window.history.back();',$lang_loginedit); break; case "Modify"; if(!strstr($admincp_ok[admin_op], "editor"))okinfo('javascript:window.history.back();',$lang_loginedit); break; case "del"; if(!strstr($admincp_ok[admin_op], "del"))okinfo('javascript:window.history.back();',$lang_logindelete); break; case "delete"; if(!strstr($admincp_ok[admin_op], "del"))okinfo('javascript:window.history.back();',$lang_logindelete); break; } if(!strstr($_SERVER['REQUEST_URI'], "olupdate.php")){ if(($admincp_ok[admin_op]=='---' or $admincp_ok[admin_op]=='') and $action<>'' and $action<>'list' and !$action_ajax and (!strstr($_SERVER['REQUEST_URI'], "/content.php")) )okinfo('javascript:window.history.back();',$lang_loginall); } } if(strstr($_SERVER['REQUEST_URI'], "olupdate.php")&&strpos($met_host, 'api.metinfo.cn')){ $first=strpos($met_host, '/'); $first=$first?$first+1:0; $met_host=substr($met_host,$first); } } $adminlang=explode('-',$admincp_ok[langok]); if($depth){ $depth1='../'.$depth; } $jurisdiction_url = $depth1.'index.php?lang='.$adminlang[1]; if(!strstr($_SERVER['REQUEST_URI'], "include/turnover.php")){ if(!strstr($_SERVER['REQUEST_URI'], "login_out.php")){ if($admincp_ok[langok]<>'metinfo' and (!strstr($admincp_ok[langok],$lang)))okinfo($jurisdiction_url,$lang_loginalllang); } } /*power end*/ } } # This program is an open source system, commercial use, please consciously to purchase commercial license. # Copyright (C) MetInfo Co., Ltd. (http://www.metinfo.cn). All rights reserved. ?>