[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 login.php

Zen Cart 源代码 login.php




下载文件

文件名: login.php
文件类型: PHP文件
文件大小: 7.1 KiB
MD5: 490d54879904a17ff99b9a626319450a

login.php - 关闭高亮
  1. <?php
  2. /**
  3.  * @package admin
  4.  * @copyright Copyright 2003-2011 Zen Cart Development Team
  5.  * @copyright Portions Copyright 2003 osCommerce
  6.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7.  * @version $Id: login.php 19296 2011-07-28 18:33:38Z wilt $
  8.  */
  9. define('ADMIN_SWITCH_SEND_LOGIN_FAILURE_EMAILS', 'Yes'); // Can be set to 'No' if you don't want warning/courtesy emails to be sent after several login failures have occurred
  10.  
  11. // PCI-DSS / PA-DSS requirements for lockouts and intervals:
  12. define('ADMIN_LOGIN_LOCKOUT_TIMER', (30 * 60));
  13. define('ADMIN_PASSWORD_EXPIRES_INTERVAL', strtotime('- 90 day'));
  14.  
  15. //////////
  16. require ('includes/application_top.php');
  17. $admin_name = $admin_pass = $message = "";
  18. $errors = array();
  19. $error = $expired = false;
  20. if (isset($_POST['action']) && $_POST['action'] != '')
  21. {
  22.   if ((! isset($_SESSION['securityToken']) || ! isset($_POST['securityToken'])) || ($_SESSION['securityToken'] !== $_POST['securityToken']))
  23.   {
  24.     $error = true;
  25.     $message = ERROR_SECURITY_ERROR;
  26.   }
  27.   if ($_POST['action'] == 'do' . $_SESSION['securityToken'])
  28.   {
  29.     $admin_name = zen_db_prepare_input($_POST['admin_name']);
  30.     $admin_pass = zen_db_prepare_input($_POST['admin_pass']);
  31.     if ($admin_name == '' && $admin_pass == '')
  32.     {
  33.       sleep(4);
  34.       $error = true;
  35.       $message = ERROR_WRONG_LOGIN;
  36.     } else
  37.     {
  38.       list($error, $expired, $message, $redirect) = zen_validate_user_login($admin_name, $admin_pass);
  39.       if ($redirect != '') zen_redirect($redirect);
  40.     }
  41.   } elseif ($_POST['action'] == 'rs' . $_SESSION['securityToken'])
  42.   {
  43.     $expired = true;
  44.     $admin_name = zen_db_prepare_input($_POST['admin_name-' . $_SESSION['securityToken']]);
  45.     $adm_old_pwd = zen_db_prepare_input($_POST['oldpwd-' . $_SESSION['securityToken']]);
  46.     $adm_new_pwd = zen_db_prepare_input($_POST['newpwd-' . $_SESSION['securityToken']]);
  47.     $adm_conf_pwd = zen_db_prepare_input($_POST['confpwd-' . $_SESSION['securityToken']]);
  48.  
  49.     $errors = zen_validate_pwd_reset_request($admin_name, $adm_old_pwd, $adm_new_pwd, $adm_conf_pwd);
  50.     if (sizeof($errors) > 0)
  51.     {
  52.       $error = TRUE;
  53.       foreach ($errors as $text)
  54.       {
  55.         $message .= '<br />' . $text;
  56.       }
  57.     } else
  58.     {
  59.       $message = SUCCESS_PASSWORD_UPDATED;
  60.       list($error, $expired, $message, $redirect) = zen_validate_user_login($admin_name, $adm_new_pwd);
  61.       if ($redirect != '') zen_redirect($redirect);
  62.       zen_redirect(zen_href_link(FILENAME_DEFAULT, '', 'SSL'));
  63.     }
  64.     if ($error) sleep(3);
  65.   }
  66. }
  67. if ($expired && $message == '') $message = sprintf(ERROR_PASSWORD_EXPIRED . ' ' . ERROR_PASSWORD_RULES, ((int)ADMIN_PASSWORD_MIN_LENGTH < 7 ? 7 : (int)ADMIN_PASSWORD_MIN_LENGTH));
  68. ?>
  69. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  70. <html xmlns="http://www.w3.org/1999/xhtml" <?php echo HTML_PARAMS; ?>>
  71. <head>
  72. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  73. <title><?php echo TITLE; ?></title>
  74. <link href="includes/stylesheet.css" rel="stylesheet" type="text/css" />
  75. <meta name="robot" content="noindex, nofollow" />
  76. <script language="javascript" type="text/javascript"><!--
  77. function animate(f)
  78. {
  79.   var button = document.getElementById("btn_submit");
  80.   var img = document.getElementById("actionImg");
  81.   button.style.cursor="wait";
  82.   button.disabled = true;
  83.   button.className = 'hiddenField';
  84.   img.className = '';
  85.   return true;
  86. }
  87. //--></script>
  88. </head>
  89. <?php if (!isset($expired) || $expired == FALSE) { ?>
  90. <body id="login" onload="document.getElementById('admin_name').focus()">
  91. <form id="loginForm" name="loginForm" action="<?php echo zen_href_link(FILENAME_LOGIN, zen_get_all_get_params(), 'SSL'); ?>" method="post" onsubmit="animate(this)">
  92.   <fieldset>
  93.     <legend><?php echo HEADING_TITLE; ?></legend>
  94.     <label class="loginLabel" for="admin_name"><?php echo TEXT_ADMIN_NAME; ?></label>
  95.     <input style="float: left" type="text" id="admin_name" name="admin_name" value="<?php echo zen_output_string($admin_name); ?>" autocomplete="off" />
  96.     <br class="clearBoth" />
  97.     <label  class="loginLabel" for="admin_pass"><?php echo TEXT_ADMIN_PASS; ?></label>
  98.     <input style="float: left" type="password" id="admin_pass" name="admin_pass" value="" autocomplete="off" />
  99.     <br class="clearBoth" />
  100.     <p class="messageStackError"><?php echo $message; ?></p>
  101.     <input type="hidden" name="securityToken" value="<?php echo $_SESSION['securityToken']; ?>">
  102.     <input type="submit" name="submit" class="button" value="登录" id="btn_submit"/>
  103.     <input type="hidden" name="action" value="do<?php echo $_SESSION['securityToken']; ?>" id="action1"/>
  104.     <img id="actionImg" src = "images/loading.gif" class="hiddenField" />
  105.     <br /><a style="float: right;" href="<?php echo zen_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL');?>"><?php echo TEXT_PASSWORD_FORGOTTEN; ?></a>
  106.   </fieldset>
  107. </form>
  108. <div id="loginExpiryPolicy"><?php echo LOGIN_EXPIRY_NOTICE; ?></div>
  109. </body>
  110. <?php } else { ?>
  111. <body id="login" onload="document.getElementById('old_pwd').focus()">
  112. <form id="loginForm" name="loginForm" action="<?php echo zen_href_link(FILENAME_LOGIN, '', 'SSL'); ?>" method="post" onsubmit="animate(this)">
  113.   <fieldset>
  114.     <legend><?php echo HEADING_TITLE_EXPIRED; ?></legend>
  115.     <p class="messageStackError"><?php echo $message; ?></p>
  116.     <label class="loginLabel" for="admin_name-<?php echo $_SESSION['securityToken']; ?>"><?php echo TEXT_ADMIN_NAME; ?></label>
  117.     <input style="float: left" type="text" id="admin_name" name="admin_name-<?php echo $_SESSION['securityToken']; ?>" value="<?php echo zen_output_string($admin_name); ?>" autocomplete="off"/>
  118.     <br class="clearBoth" />
  119.     <label class="loginLabel" for="oldpwd-<?php echo $_SESSION['securityToken']; ?>"><?php echo TEXT_ADMIN_OLD_PASSWORD; ?></label>
  120.     <input style="float: left" type="password" id="old_pwd" name="oldpwd-<?php echo $_SESSION['securityToken']; ?>" autocomplete="off" />
  121.     <br class="clearBoth" />
  122.     <label  class="loginLabel" for="newpwd-<?php echo $_SESSION['securityToken']; ?>"><?php echo TEXT_ADMIN_NEW_PASSWORD; ?></label>
  123.     <input style="float: left" type="password" id="admin_pass" name="newpwd-<?php echo $_SESSION['securityToken']; ?>" autocomplete="off" />
  124.     <br class="clearBoth" />
  125.     <label  class="loginLabel" for="confpwd"-<?php echo $_SESSION['securityToken']; ?>><?php echo TEXT_ADMIN_CONFIRM_PASSWORD; ?></label>
  126.     <input style="float: left" type="password" id="admin_pass2" name="confpwd-<?php echo $_SESSION['securityToken']; ?>" autocomplete="off" />
  127.     <br class="clearBoth" />
  128.     <input type="hidden" name="securityToken" value="<?php echo $_SESSION['securityToken']; ?>">
  129.     <input type="submit" name="submit" class="button" value="登录" id="btn_submit" />
  130.     <input type="hidden" name="action" value="rs<?php echo $_SESSION['securityToken']; ?>" id="action1"/>
  131.     <img id="actionImg" src = "images/loading.gif" class="hiddenField" />
  132.   </fieldset>
  133. </form>
  134. </body>
  135. <?php } ?>
  136. </html>
  137. <?php require('includes/application_bottom.php'); ?>
  138.  


cron