?? read8.php
字號:
<?
//Pos: bbsroot/api/read8.php
//copyright : Read8.net
//rollback for thecredits
error_reporting(E_ERROR | E_PARSE);
define('IN_DISCUZ', true);
define('DISCUZ_ROOT', './');
$timestamp = time();
if(PHP_VERSION < '4.1.0') {
$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
}
chdir('../');
require_once './config.inc.php';
require_once './include/db_'.$database.'.class.php';
require_once './forumdata/cache/cache_settings.php';
if($_DCACHE['settings']['passport_status'] != 'passport') {
exit('Passport disabled');
} elseif($_GET['verify'] != md5($_GET['auth'].$_GET['forward'].$_DCACHE['settings']['passport_key'])) {
exit('Illegal request');
}
$memberfields = $remoteinfo = array();
parse_str(passport_decrypt($_GET['auth'], $_DCACHE['settings']['passport_key']),$member);
$theextcredits=$member['theextcredits'];
$chargamount=$member['chargamount'];
$username=$member['username'];
if($theextcredits<1 || $theextcredits>8) exit('unknown row');
if($chargamount<=0) exit('unknown charge');
$username=addslashes($username);
$db = new dbstuff;
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
$query = $db->query("SELECT uid,extcredits$theextcredits as extcreditnum FROM {$tablepre}members WHERE username='$username'");
if($member = $db->fetch_array($query)) {
if($member['extcreditnum']<$chargamount) exit('積分剩余不足'.$member['extcreditnum']."<$chargamount");
$db->query("UPDATE {$tablepre}members SET extcredits$theextcredits=extcredits$theextcredits-$chargamount WHERE uid='$member[uid]'");
}else {
exit('未知用戶');
}
updatemembercache();
header('Location: '.(empty($_GET['forward']) ? $_DCACHE['settings']['passport_url'] : $_GET['forward']."?action=rollback&verify=".md5($_GET['auth'].$_DCACHE['settings']['passport_key'])."&auth=".$_GET['auth']));
function passport_encrypt($txt, $key) {
srand((double)microtime() * 1000000);
$encrypt_key = md5(rand(0, 32000));
$ctr = 0;
$tmp = '';
for($i = 0;$i < strlen($txt); $i++) {
$ctr = $ctr == strlen($encrypt_key) ? 0 : $ctr;
$tmp .= $encrypt_key[$ctr].($txt[$i] ^ $encrypt_key[$ctr++]);
}
return base64_encode(passport_key($tmp, $key));
}
function passport_decrypt($txt, $key) {
$txt = passport_key(base64_decode($txt), $key);
$tmp = '';
for ($i = 0;$i < strlen($txt); $i++) {
$md5 = $txt[$i];
$tmp .= $txt[++$i] ^ $md5;
}
return $tmp;
}
function passport_key($txt, $encrypt_key) {
$encrypt_key = md5($encrypt_key);
$ctr = 0;
$tmp = '';
for($i = 0; $i < strlen($txt); $i++) {
$ctr = $ctr == strlen($encrypt_key) ? 0 : $ctr;
$tmp .= $txt[$i] ^ $encrypt_key[$ctr++];
}
return $tmp;
}
function updatemembercache() {
$dir = './forumdata/cache/';
if(!is_dir($dir)) {
@mkdir($dir, 0777);
}
if(@$fp = fopen($dir.'cache_settings.php', 'w')) {
fwrite($fp, "<?php\n//Discuz! cache file, DO NOT modify me!\n".
"//Created on ".date("M j, Y, G:i")."\n\n\$_DCACHE['settings'] = ".arrayeval($GLOBALS['_DCACHE']['settings'])."?>");
fclose($fp);
} else {
exit('Can not write to cache files, please check directory ./forumdata/ and ./forumdata/cache/ .');
}
}
function arrayeval($array, $level = 0) {
$space = '';
for($i = 0; $i <= $level; $i++) {
$space .= "\t";
}
$evaluate = "Array\n$space(\n";
$comma = $space;
foreach($array as $key => $val) {
$key = is_string($key) ? '\''.addcslashes($key, '\'\\').'\'' : $key;
$val = !is_array($val) && (!preg_match("/^\d+$/", $val) || strlen($val) > 12) ? '\''.addcslashes($val, '\'\\').'\'' : $val;
if(is_array($val)) {
$evaluate .= "$comma$key => ".arrayeval($val, $level + 1);
} else {
$evaluate .= "$comma$key => $val";
}
$comma = ",\n$space";
}
$evaluate .= "\n$space)";
return $evaluate;
}
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -