zhangyuheng/blessing-skin-server
1
0
Fork 0
forked from mirror/blessing-skin-server
Code Pull Requests Activity

bravo! site options is now storaged in data table

Browse Source
This commit is contained in:
printempw 2016-03-18 16:47:25 +08:00
parent ad25e21036
commit ee22504a9b
15 changed files with 280 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
admin/index.php
View File

@ -3,7 +3,7 @@
* @Author: prpr
* @Date: 2016-02-03 14:39:50
* @Last Modified by: printempw
* @Last Modified time: 2016-03-06 14:43:49
* @Last Modified time: 2016-03-18 14:44:17
*/
require "../includes/session.inc.php";
if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
@ -13,7 +13,7 @@ if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>仪表盘 - <?php echo SITE_TITLE; ?></title>
<title>仪表盘 - <?php echo Config::get('site_name'); ?></title>
<link rel="shortcut icon" href="../assets/images/favicon.ico">
<link rel="stylesheet" href="../libs/pure/pure-min.css">
<link rel="stylesheet" href="../libs/pure/grids-responsive-min.css">
@ -26,7 +26,9 @@ if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是
<body>
<div class="header">
<div class="home-menu pure-menu pure-menu-horizontal pure-menu-fixed">
<a class="pure-menu-heading" href="../index.php"><?php echo SITE_TITLE; ?></a>
<a class="pure-menu-heading" href="<?php echo Config::get('site_url'); ?>">
<?php echo Config::get('site_name'); ?>
</a>
<ul class="pure-menu-list">
<li class="pure-menu-item">
<a class="pure-menu-link" href="manage.php">用户管理</a>

178
admin/install.php
View File

@ -3,7 +3,7 @@
* @Author: printempw
* @Date: 2016-01-16 23:01:33
* @Last Modified by: printempw
* @Last Modified time: 2016-03-18 15:33:10
* @Last Modified time: 2016-03-18 16:34:32
*
* Blessing Skin Server Installer
*/
@ -82,36 +82,36 @@ case 2: ?>
<h1>填写信息</h1>
<p>您需要填写一些基本信息。无需担心填错,这些信息以后可以再次修改。</p>
<form id="setup" method="post" action="install.php?step=3" novalidate="novalidate">
<table class="form-table">
<tr>
<th scope="row"><label for="username">管理员用户名</label></th>
<td>
<input name="username" type="text" id="username" size="25" value="" />
<p>用户名只能含有数字、字母、下划线。这是唯一的管理员账号。</p>
</td>
</tr>
<tr class="form-field form-required">
<th scope="row">
<label for="password">密码</label>
</th>
<td>
<input type="password" name="password" id="password" class="regular-text" autocomplete="off" />
<p>
<span class="description important">
<b>重要:</b>您将需要此密码来登录管理皮肤站,请将其保存在安全的位置。
</span>
</p>
</td>
</tr>
<tr class="form-field form-required">
<th scope="row">
<label for="password2">重复密码(必填)</label>
</th>
<td>
<input type="password" name="password2" id="password2" autocomplete="off" />
</td>
</tr>
</table>
<table class="form-table">
<tr>
<th scope="row"><label for="username">管理员用户名</label></th>
<td>
<input name="username" type="text" id="username" size="25" value="" />
<p>用户名只能含有数字、字母、下划线。这是唯一的管理员账号。</p>
</td>
</tr>
<tr class="form-field form-required">
<th scope="row">
<label for="password">密码</label>
</th>
<td>
<input type="password" name="password" id="password" class="regular-text" autocomplete="off" />
<p>
<span class="description important">
<b>重要:</b>您将需要此密码来登录管理皮肤站,请将其保存在安全的位置。
</span>
</p>
</td>
</tr>
<tr class="form-field form-required">
<th scope="row">
<label for="password2">重复密码(必填)</label>
</th>
<td>
<input type="password" name="password2" id="password2" autocomplete="off" />
</td>
</tr>
</table>
<?php if (isset($_GET['msg'])) echo "<div class='alert alert-warning' role='alert'>".$_GET['msg']."</div>"; ?>
<p class="step"><input type="submit" name="Submit" id="submit" class="button button-large" value="开始安装" /></p>
</form>
@ -121,67 +121,91 @@ case 2: ?>
case 3:
// check post
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['password2'])) {
if ($_POST['password'] != $_POST['password2']) {
header('Location: install.php?step=2&msg=确认密码不一致。'); die();
}
$username = $_POST['username'];
$password = $_POST['password'];
if (User::checkValidUname($username)) {
if (strlen($password) > 16 || strlen($password) < 5) {
header('Location: install.php?step=2&msg=无效的密码。密码长度应该大于 6 并小于 15。');
die();
} else if (Utils::convertString($password) != $password) {
header('Location: install.php?step=2&msg=无效的密码。密码中包含了奇怪的字符。'); die();
}
} else {
header('Location: install.php?step=2&msg=无效的用户名。用户名只能包含数字,字母以及下划线。'); die();
}
if ($_POST['password'] != $_POST['password2']) {
header('Location: install.php?step=2&msg=确认密码不一致。'); die();
}
$username = $_POST['username'];
$password = $_POST['password'];
if (User::checkValidUname($username)) {
if (strlen($password) > 16 || strlen($password) < 5) {
header('Location: install.php?step=2&msg=无效的密码。密码长度应该大于 6 并小于 15。');
die();
} else if (Utils::convertString($password) != $password) {
header('Location: install.php?step=2&msg=无效的密码。密码中包含了奇怪的字符。'); die();
}
} else {
header('Location: install.php?step=2&msg=无效的用户名。用户名只能包含数字,字母以及下划线。'); die();
}
} else {
header('Location: install.php?step=2&msg=表单信息不完整。'); die();
header('Location: install.php?step=2&msg=表单信息不完整。'); die();
}
$sql = "CREATE TABLE IF NOT EXISTS `".DB_PREFIX."users` (
`uid` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(20) NOT NULL,
`password` varchar(255) NOT NULL,
`ip` varchar(32) NOT NULL,
`preference` varchar(10) NOT NULL,
`hash_steve` varchar(64),
`hash_alex` varchar(64),
`hash_cape` varchar(64),
`last_modified` datetime,
PRIMARY KEY (`uid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;";
$table_users = DB_PREFIX."users";
$table_options = DB_PREFIX."options";
if (!$conn->query($sql)) { ?>
<h1>数据表创建失败</h1>
<p>照理来说不应该的,请带上错误信息联系作者:</p>
<p><?php echo $conn->error; ?></p>
<?php die();
$sql1 = "CREATE TABLE IF NOT EXISTS `$table_users` (
`uid` int(20) NOT NULL AUTO_INCREMENT,
`username` varchar(50) NOT NULL,
`password` varchar(255) NOT NULL,
`ip` varchar(32) NOT NULL,
`preference` varchar(10) NOT NULL,
`hash_steve` varchar(64),
`hash_alex` varchar(64),
`hash_cape` varchar(64),
`last_modified` datetime,
PRIMARY KEY (`uid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;";
$sql2 = "CREATE TABLE IF NOT EXISTS `$table_options` (
`option_id` int(20) unsigned NOT NULL AUTO_INCREMENT,
`option_name` varchar(50) NOT NULL,
`option_value` longtext,
PRIMARY KEY (`option_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;";
// import options
$sql3 = "INSERT INTO `$table_options` (`option_id`, `option_name`, `option_value`) VALUES
(1, 'site_url', ''),
(2, 'site_name', 'Default'),
(3, 'site_description', 'Minecraft 皮肤站'),
(4, 'user_can_register', '1'),
(5, 'regs_per_ip', '2'),
(6, 'api_type', '0'),
(7, 'data_adapter', ''),
(8, 'data_table_name', ''),
(9, 'data_column_uname', ''),
(10, 'data_column_passwd', ''),
(11, 'data_column_ip', '');";
if (!$conn->query($sql1) || !$conn->query($sql2) || !$conn->query($sql3)) { ?>
<h1>数据表创建失败</h1>
<p>照理来说不应该的,请带上错误信息联系作者:</p>
<p><?php echo $conn->error; ?></p>
<?php die();
}
// Insert user
$conn->query("INSERT INTO `".DB_PREFIX."users` (`uid`, `username`, `password`, `ip`, `preference`) VALUES
(1, '".$username."', '".md5($_POST['password'])."', '127.0.0.1', 'default')");
(1, '".$username."', '".md5($_POST['password'])."', '127.0.0.1', 'default')");
if (!is_dir("../textures/")) {
if (!mkdir("../textures/")): ?>
<h1>文件夹创建失败</h1>
<p>textures 文件夹创建失败。确定你拥有该目录的写权限吗?</p>
<?php endif;
if (!mkdir("../textures/")): ?>
<h1>文件夹创建失败</h1>
<p>textures 文件夹创建失败。确定你拥有该目录的写权限吗?</p>
<?php endif;
} ?>
<h1>成功!</h1>
<p>Blessing Skin Server 安装完成。您是否还沉浸在愉悦的安装过程中?很遗憾,一切皆已完成! :)</p>
<table class="form-table install-success">
<tr>
<th>用户名</th>
<td><?php echo $username; ?></td>
</tr>
<tr>
<th>密码</th>
<td><p><em><?php echo $password; ?></em></p></td>
</tr>
<tr>
<th>用户名</th>
<td><?php echo $username; ?></td>
</tr>
<tr>
<th>密码</th>
<td><p><em><?php echo $password; ?></em></p></td>
</tr>
</table>
<p class="step"><a href="../index.php" class="button button-large">首页</a></p>
<?php

8
admin/manage.php
View File

@ -3,7 +3,7 @@
* @Author: printempw
* @Date: 2016-03-06 14:19:20
* @Last Modified by: printempw
* @Last Modified time: 2016-03-06 15:32:20
* @Last Modified time: 2016-03-18 14:44:23
*/
require "../includes/session.inc.php";
if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
@ -13,7 +13,7 @@ if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>用户管理 - <?php echo SITE_TITLE; ?></title>
<title>用户管理 - <?php echo Config::get('site_name'); ?></title>
<link rel="shortcut icon" href="../assets/images/favicon.ico">
<link rel="stylesheet" href="../libs/pure/pure-min.css">
<link rel="stylesheet" href="../libs/pure/grids-responsive-min.css">
@ -26,7 +26,9 @@ if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是
<body>
<div class="header">
<div class="home-menu pure-menu pure-menu-horizontal pure-menu-fixed">
<a class="pure-menu-heading" href="../index.php"><?php echo SITE_TITLE; ?></a>
<a class="pure-menu-heading" href="<?php echo Config::get('site_url'); ?>">
<?php echo Config::get('site_name'); ?>
</a>
<ul class="pure-menu-list">
<li class="pure-menu-item">
<a class="pure-menu-link" href="index.php">仪表盘</a>

45
ajax.php
View File

@ -3,7 +3,7 @@
* @Author: printempw
* @Date: 2016-01-16 23:01:33
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 14:03:58
* @Last Modified time: 2016-03-18 14:50:43
*
* - login, register, logout
* - upload, change, delete
@ -55,29 +55,34 @@ if ($action == "login") {
} else if ($action == "register") {
if (checkPost('register')) {
if (!$user->is_registered) {
if (User::checkValidPwd($_POST['passwd'])) {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
// If amount of registered accounts of IP is more than allowed mounts,
// then reject the registration.
if ($user->db->getNumRows('ip', $ip) < REGS_PER_IP) {
// use once md5 to encrypt password
if ($user->register($_POST['passwd'], $ip)) {
$json['errno'] = 0;
$json['msg'] = "注册成功~";
if (Config::get('user_can_register') == 1) {
if (User::checkValidPwd($_POST['passwd'])) {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
// If amount of registered accounts of IP is more than allowed mounts,
// then reject the registration.
if ($user->db->getNumRows('ip', $ip) < Config::get('regs_per_ip')) {
// use once md5 to encrypt password
if ($user->register($_POST['passwd'], $ip)) {
$json['errno'] = 0;
$json['msg'] = "注册成功~";
} else {
$json['errno'] = 1;
$json['msg'] = "出现了奇怪的错误。。请联系作者 :(";
}
} else {
$json['errno'] = 1;
$json['msg'] = "出现了奇怪的错误。。请联系作者 :(";
$json['msg'] = "你最多只能注册 ".Config::get('regs_per_ip')." 个账户哦";
}
} else {
$json['errno'] = 1;
$json['msg'] = "你最多只能注册 ".REGS_PER_IP." 个账户哦";
}
} else {
$json['errno'] = 1;
$json['msg'] = "残念。。本皮肤站已经关闭注册咯 QAQ";
}
} else {
$json['errno'] = 1;

27
config.example.php
View File

@ -14,21 +14,6 @@ define('DB_PORT', 3306);
/* MySQL 主机 */
define('DB_HOST', 'localhost');
/* 盐,用于 token 加密,修改为任意随机字符串 */
define('SALT', '9tvsE+1._%R4@VLaX(I|.U+h_d*s');
/* 调试模式,开启后将会显示所有用于错误提示 */
define('DEBUG_MODE', false);
/* 同一 IP 最大可注册账户数 */
define('REGS_PER_IP', 2);
/* 优先使用的 Json API0 为 CustomSkinLoader API, 1 为 UniSkinAPI */
define('API_TYPE', 0);
/* 站点名称,推荐英文(字体原因) */
define('SITE_TITLE', 'Blessing Skin Server');
/**
* 数据表前缀
*
@ -38,10 +23,8 @@ define('SITE_TITLE', 'Blessing Skin Server');
*/
define('DB_PREFIX', '');
/**
* 数据对接适配器
*
* 目前可进行数据对接的程序有 Authme、Crazylogin、Discuz
* 只可填写 `Authme``Crazy` 或者 `Discuz`,留空即为不进行数据对接
*/
define('DATA_ADAPTER', '');
/* 盐,用于 token 加密,修改为任意随机字符串 */
define('SALT', '9tvsE+1._%R4@VLaX(I|.U+h_d*s');
/* 调试模式,开启后将会显示所有错误提示 */
define('DEBUG_MODE', false);

4
get.php
View File

@ -3,7 +3,7 @@
* @Author: prpr
* @Date: 2016-02-02 20:56:42
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 09:27:24
* @Last Modified time: 2016-03-18 14:38:46
*
* All textures requests of legacy link will be handle here.
*/
@ -39,7 +39,7 @@ if (isset($_GET['type']) && isset($_GET['uname'])) {
if (isset($_GET['api'])) {
echo $user->getJsonProfile(($_GET['api'] == 'csl') ? 0 : 1);
} else {
echo $user->getJsonProfile(API_TYPE);
echo $user->getJsonProfile(Config::get('api_type'));
}
} else {
Utils::raise(1, 'Illegal parameters.');

32
includes/AuthmeDatabase.class.php
View File

@ -3,12 +3,23 @@
* @Author: printempw
* @Date: 2016-03-13 11:59:32
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 15:29:23
* @Last Modified time: 2016-03-18 16:40:24
*/
class AuthmeDatabase extends Database implements EncryptInterface, SyncInterface
{
protected $table_name = "authme";
protected $table_name;
protected $column_uname;
protected $column_passwd;
protected $column_ip;
function __construct() {
parent::__construct();
$this->table_name = Config::get('data_table_name');
$this->column_uname = Config::get('data_column_uname');
$this->column_passwd = Config::get('data_column_passwd');
$this->column_ip = Config::get('data_column_ip');
}
/**
* Default SHA256 encryption method for Authme
@ -16,22 +27,21 @@ class AuthmeDatabase extends Database implements EncryptInterface, SyncInterface
* http://pastebin.com/1wy9g2HT
*/
public function encryptPassword($raw_passwd, $username="") {
$hash = hash('sha256', hash('sha256', $raw_passwd) . SALT);
$encrypt = '$SHA$' . SALT . '$' . $hash;
$hash = hash('sha256', hash('sha256', $raw_passwd).SALT);
$encrypt = '$SHA$'.SALT.'$'. $hash;
return $encrypt;
}
public function createRecord($username, $password, $ip) {
$sql = "INSERT INTO ".$this->table_name." (username, password, ip)
$sql = "INSERT INTO ".$this->table_name." (".$this->column_uname.", ".$this->column_passwd.", ".$this->column_ip.")
VALUES ('$username', '$password', '$ip')";
return $this->query($sql);
}
public function sync($username) {
$exist_in_bs_table = $this->checkRecordExist('username', $username);
$exist_in_authme_table = ($this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->num_rows) ? true : false;
WHERE ".$this->column_uname."='$username'")->num_rows) ? true : false;
if ($exist_in_bs_table && !$exist_in_authme_table) {
$result = $this->select('username', $username);
@ -41,11 +51,11 @@ class AuthmeDatabase extends Database implements EncryptInterface, SyncInterface
if (!$exist_in_bs_table && $exist_in_authme_table) {
$result = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array();
WHERE ".$this->column_uname."='$username'")->fetch_array();
$this->insert(array(
"uname" => $username,
"passwd" => $result['password'],
"ip" => $result['ip']
"passwd" => $result[$this->column_passwd],
"ip" => $result[$this->column_ip]
));
return $this->sync($username);
}
@ -56,7 +66,7 @@ class AuthmeDatabase extends Database implements EncryptInterface, SyncInterface
if ($exist_in_bs_table && $exist_in_authme_table) {
$passwd1 = $this->select('username', $username)['password'];
$passwd2 = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array()['password'];
WHERE ".$this->column_uname."='$username'")->fetch_array()[$this->column_passwd];
if ($passwd1 == $passwd2) {
return true;
} else {

37
includes/Config.class.php Normal file
View File

@ -0,0 +1,37 @@
<?php
/**
* @Author: printempw
* @Date: 2016-03-18 14:02:12
* @Last Modified by: printempw
* @Last Modified time: 2016-03-18 14:37:04
*/
class Config
{
public static function get($key) {
$conn = Database::checkConfig();
$sql = "SELECT * FROM ".DB_PREFIX."options WHERE `option_name` = '$key'";
$result = $conn->query($sql);
if ($conn->error)
Utils::raise(-1, "Database query error: ".$conn->error);
return $result->fetch_array()['option_value'];
}
public static function set($key, $value) {
$conn = new mysqli(DB_HOST, DB_USER, DB_PASSWD, DB_NAME, DB_PORT);
$sql = "UPDATE ".DB_PREFIX."options SET `option_value`='$value' WHERE `option_name`='$key'";
$result = $conn->query($sql);
if ($conn->error)
Utils::raise(-1, "Database query error: ".$conn->error);
else
return true;
}
public static function setArray($options) {
foreach ($options as $key => $value) {
self::set($key, $value);
}
return true;
}
}

29
includes/CrazyDatabase.class.php
View File

@ -3,12 +3,23 @@
* @Author: printempw
* @Date: 2016-03-13 12:15:08
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 15:29:19
* @Last Modified time: 2016-03-18 16:41:05
*/
class CrazyDatabase extends Database implements EncryptInterface, SyncInterface
{
protected $table_name = "CrazyLogin_accounts";
protected $table_name;
protected $column_uname;
protected $column_passwd;
protected $column_ip;
function __construct() {
parent::__construct();
$this->table_name = Config::get('data_table_name');
$this->column_uname = Config::get('data_column_uname');
$this->column_passwd = Config::get('data_column_passwd');
$this->column_ip = Config::get('data_column_ip');
}
/**
* Fucking CrazyCrypt1
@ -25,16 +36,15 @@ class CrazyDatabase extends Database implements EncryptInterface, SyncInterface
}
public function createRecord($username, $password, $ip) {
$sql = "INSERT INTO ".$this->table_name." (username, password, ips)
$sql = "INSERT INTO ".$this->table_name." (".$this->column_uname.", ".$this->column_passwd.", ".$this->column_ip.")
VALUES ('$username', '$password', '$ip')";
return $this->query($sql);
}
public function sync($username) {
$exist_in_bs_table = $this->checkRecordExist('username', $username);
$exist_in_crazy_table = ($this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->num_rows) ? true : false;
WHERE ".$this->column_uname."='$username'")->num_rows) ? true : false;
if ($exist_in_bs_table && !$exist_in_crazy_table) {
$result = $this->select('username', $username);
@ -44,11 +54,11 @@ class CrazyDatabase extends Database implements EncryptInterface, SyncInterface
if (!$exist_in_bs_table && $exist_in_crazy_table) {
$result = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array();
WHERE ".$this->column_uname."='$username'")->fetch_array();
$this->insert(array(
"uname" => $username,
"passwd" => $result['password'],
"ip" => $result['ips']
"passwd" => $result[$this->column_passwd],
"ip" => $result[$this->column_ip]
));
return $this->sync($username);
}
@ -59,7 +69,7 @@ class CrazyDatabase extends Database implements EncryptInterface, SyncInterface
if ($exist_in_bs_table && $exist_in_crazy_table) {
$passwd1 = $this->select('username', $username)['password'];
$passwd2 = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array()['password'];
WHERE ".$this->column_uname."='$username'")->fetch_array()[$this->column_passwd];
if ($passwd1 == $passwd2) {
return true;
} else {
@ -71,4 +81,5 @@ class CrazyDatabase extends Database implements EncryptInterface, SyncInterface
}
}

12
includes/Database.class.php
View File

@ -3,7 +3,7 @@
* @Author: printempw
* @Date: 2016-02-02 21:59:06
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 14:21:10
* @Last Modified time: 2016-03-18 14:34:09
*/
class Database implements EncryptInterface, SyncInterface
@ -22,7 +22,7 @@ class Database implements EncryptInterface, SyncInterface
"无法连接至 MySQL 服务器。请确认 config.php 中的配置是否正确:".$conn->connect_error);
}
if (!self::checkTableExist($conn)) {
Utils::showErrorPage(-1, "数据库中不存在 ".DB_PREFIX."users 表。请先运行 /admin/install.php 进行安装。");
}
$dir = dirname(dirname(__FILE__));
if (!is_dir("$dir/textures/")) {
@ -33,9 +33,11 @@ class Database implements EncryptInterface, SyncInterface
public static function checkTableExist($conn) {
$sql = "SELECT table_name FROM
`INFORMATION_SCHEMA`.`TABLES` WHERE table_name ='".DB_PREFIX."users'
AND TABLE_SCHEMA='".DB_NAME."'";
return ($conn->query($sql)->num_rows != 0) ? true : false;
`INFORMATION_SCHEMA`.`TABLES` WHERE (table_name ='".DB_PREFIX."users'
OR table_name ='".DB_PREFIX."options') AND TABLE_SCHEMA='".DB_NAME."'";
if ($conn->query($sql)->num_rows != 2)
Utils::showErrorPage(-1, "数据库中不存在 ".DB_PREFIX."users 或 ".DB_PREFIX."options 表。请先运行 /admin/install.php 进行安装。");
}
public function query($sql) {

30
includes/DiscuzDatabase.class.php
View File

@ -3,25 +3,36 @@
* @Author: printempw
* @Date: 2016-03-13 14:59:32
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 15:29:26
* @Last Modified time: 2016-03-18 16:42:37
*/
class DiscuzDatabase extends Database implements EncryptInterface, SyncInterface
{
protected $table_name = "pre_ucenter_members";
protected $table_name;
protected $column_uname;
protected $column_passwd;
protected $column_ip;
function __construct() {
parent::__construct();
$this->table_name = Config::get('data_table_name');
$this->column_uname = Config::get('data_column_uname');
$this->column_passwd = Config::get('data_column_passwd');
$this->column_ip = Config::get('data_column_ip');
}
/**
* Discuz's Fucking dynamic salt
*/
public function encryptPassword($raw_passwd, $username="") {
$salt = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array()['salt'];
WHERE ".$this->column_uname."='$username'")->fetch_array()['salt'];
$encrypt = md5(md5($raw_passwd).$salt);
return $encrypt;
}
public function createRecord($username, $password, $ip) {
$sql = "INSERT INTO ".$this->table_name." (username, password, regip)
$sql = "INSERT INTO ".$this->table_name." (".$this->column_uname.", ".$this->column_passwd.", ".$this->column_ip.")
VALUES ('$username', '$password', '$ip')";
return $this->query($sql);
}
@ -29,7 +40,7 @@ class DiscuzDatabase extends Database implements EncryptInterface, SyncInterface
public function sync($username) {
$exist_in_bs_table = $this->checkRecordExist('username', $username);
$exist_in_discuz_table = ($this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->num_rows) ? true : false;
WHERE ".$this->column_uname."='$username'")->num_rows) ? true : false;
if ($exist_in_bs_table && !$exist_in_discuz_table) {
$result = $this->select('username', $username);
@ -39,11 +50,11 @@ class DiscuzDatabase extends Database implements EncryptInterface, SyncInterface
if (!$exist_in_bs_table && $exist_in_discuz_table) {
$result = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array();
WHERE ".$this->column_uname."='$username'")->fetch_array();
$this->insert(array(
"uname" => $username,
"passwd" => $result['password'],
"ip" => $result['regip']
"passwd" => $result[$this->column_passwd],
"ip" => $result[$this->column_ip]
));
return $this->sync($username);
}
@ -54,7 +65,7 @@ class DiscuzDatabase extends Database implements EncryptInterface, SyncInterface
if ($exist_in_bs_table && $exist_in_discuz_table) {
$passwd1 = $this->select('username', $username)['password'];
$passwd2 = $this->query("SELECT * FROM ".$this->table_name."
WHERE username='$username'")->fetch_array()['password'];
WHERE ".$this->column_uname."='$username'")->fetch_array()[$this->column_passwd];
if ($passwd1 == $passwd2) {
return true;
} else {
@ -65,4 +76,5 @@ class DiscuzDatabase extends Database implements EncryptInterface, SyncInterface
}
}
}

6
includes/User.class.php
View File

@ -3,12 +3,12 @@
* @Author: printempw
* @Date: 2016-01-16 23:01:33
* @Last Modified by: printempw
* @Last Modified time: 2016-03-13 14:45:04
* @Last Modified time: 2016-03-18 16:45:00
*/
class User
{
public $uname = "";
public $uname = "";
private $passwd = "";
private $token = "";
@ -18,7 +18,7 @@ class User
function __construct($uname) {
$this->uname = Utils::convertString($uname);
$class_name = DATA_ADAPTER."Database";
$class_name = Config::get('data_adapter')."Database";
$this->db = new $class_name();
if ($this->db->sync($this->uname)) {

27
index.php
View File

@ -3,7 +3,7 @@
* @Author: printempw
* @Date: 2016-01-17 13:55:20
* @Last Modified by: printempw
* @Last Modified time: 2016-03-12 18:03:48
* @Last Modified time: 2016-03-18 15:02:24
*/
session_start();
$dir = dirname(__FILE__);
@ -24,7 +24,7 @@ if (isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo SITE_TITLE; ?></title>
<title><?php echo Config::get('site_name'); ?></title>
<link rel="shortcut icon" href="./assets/images/favicon.ico">
<link rel="stylesheet" href="./libs/pure/pure-min.css">
<link rel="stylesheet" href="./libs/pure/grids-responsive-min.css">
@ -38,14 +38,16 @@ if (isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
<div class="header">
<div class="home-menu pure-menu pure-menu-horizontal pure-menu-fixed">
<a class="pure-menu-heading" href="#"><?php echo SITE_TITLE; ?></a>
<a class="pure-menu-heading" href="<?php echo Config::get('site_url'); ?>">
<?php echo Config::get('site_name'); ?>
</a>
<ul class="pure-menu-list">
<li class="pure-menu-item">
<?php if (isset($_SESSION['uname'])): ?>
<a href="./user/index.php" class="pure-menu-link">
欢迎,<?php echo $_SESSION['uname']; ?>
</a>|<span class="pure-menu-link" id="logout">登出?</span>
<?php else: ?>
<?php elseif (Config::get('user_can_register') == 1): ?>
<button id="login" class="pure-button pure-button-primary">登录</button>
<?php endif; ?>
</li>
@ -60,15 +62,19 @@ if (isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
<div class="container">
<div class="splash">
<h1 class="splash-head"><?php echo SITE_TITLE; ?></h1>
<h1 class="splash-head"><?php echo Config::get('site_name'); ?></h1>
<p class="splash-subhead">
开源的 PHP Minecraft 皮肤站
<?php echo Config::get('site_description'); ?>
</p>
<?php if (!isset($_SESSION['uname'])) { ?>
<p>
<button id="register" class="pure-button pure-button-primary">现在注册</button>
<?php if (!isset($_SESSION['uname'])):
if (Config::get('user_can_register') == 1): ?>
<button id="register" class="pure-button pure-button-primary">现在注册</button><?php
else: ?>
<button id="login" class="pure-button pure-button-primary">登录</button><?php
endif; ?>
<?php endif; ?>
</p>
<?php } ?>
</div>
</div>
@ -91,7 +97,7 @@ if (isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
</div>
<div id="msg" class="alert"></div>
</div>
<?php if (Config::get('user_can_register') == 1): ?>
<div class="remodal" data-remodal-id="register-modal">
<button data-remodal-action="close" class="remodal-close"></button>
<h1 id="register-title">注册</h1>
@ -104,6 +110,7 @@ if (isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
</div>
<div id="msg" class="alert alert-info">请使用您的 <b>Minecraft 用户名</b> 来注册</div>
</div>
<?php endif; ?>
<!-- Contents above is for login/register dialog -->
<script type="text/javascript" src="./libs/jquery/jquery-2.1.1.min.js"></script>

8
user/index.php
View File

@ -3,7 +3,7 @@
* @Author: prpr
* @Date: 2016-01-21 13:56:40
* @Last Modified by: printempw
* @Last Modified time: 2016-03-12 21:29:34
* @Last Modified time: 2016-03-18 14:44:02
*/
require "../includes/session.inc.php";
?>
@ -12,7 +12,7 @@ require "../includes/session.inc.php";
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>上传皮肤 - <?php echo SITE_TITLE; ?></title>
<title>上传皮肤 - <?php echo Config::get('site_name'); ?></title>
<link rel="shortcut icon" href="../assets/images/favicon.ico">
<link rel="stylesheet" href="../libs/pure/pure-min.css">
<link rel="stylesheet" href="../libs/pure/grids-responsive-min.css">
@ -24,7 +24,9 @@ require "../includes/session.inc.php";
<body>
<div class="header">
<div class="home-menu pure-menu pure-menu-horizontal pure-menu-fixed">
<a class="pure-menu-heading" href="../index.php"><?php echo SITE_TITLE; ?></a>
<a class="pure-menu-heading" href="<?php echo Config::get('site_url'); ?>">
<?php echo Config::get('site_name'); ?>
</a>
<ul class="pure-menu-list">
<li class="pure-menu-item">
<a class="pure-menu-link" href="profile.php">个人设置</a>

10
user/profile.php
View File

@ -2,8 +2,8 @@
/**
* @Author: prpr
* @Date: 2016-02-03 16:12:45
* @Last Modified by: prpr
* @Last Modified time: 2016-02-10 20:54:13
* @Last Modified by: printempw
* @Last Modified time: 2016-03-18 14:44:12
*/
require "../includes/session.inc.php";
?>
@ -12,7 +12,7 @@ require "../includes/session.inc.php";
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>个人设置 - <?php echo SITE_TITLE; ?></title>
<title>个人设置 - <?php echo Config::get('site_name'); ?></title>
<link rel="shortcut icon" href="../assets/images/favicon.ico">
<link rel="stylesheet" href="../libs/pure/pure-min.css">
<link rel="stylesheet" href="../libs/pure/grids-responsive-min.css">
@ -23,7 +23,9 @@ require "../includes/session.inc.php";
<body>
<div class="header">
<div class="home-menu pure-menu pure-menu-horizontal pure-menu-fixed">
<a class="pure-menu-heading" href="../index.php"><?php echo SITE_TITLE; ?></a>
<a class="pure-menu-heading" href="<?php echo Config::get('site_url'); ?>">
<?php echo Config::get('site_name'); ?>
</a>
<a href="javascript:;" title="Movements"><span class="glyphicon glyphicon-pause"></span></a>
<a href="javascript:;" title="Running"><span class="glyphicon glyphicon-forward"></span></a>
<a href="javascript:;" title="Rotation"><span class="glyphicon glyphicon-repeat"></span></a>