登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 3 Fork 2

mojie126 / HDCN-PT

代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
maxlogin.php 10.97 KB
一键复制 编辑 原始数据 按行查看 历史
mojie126 提交于 2015-12-08 21:41 . 登陆改成登录
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191
<?php

require "include/bittorrent.php";

dbconn();

loggedinorreturn();

require_once(get_langfile_path());

if (get_user_class() < UC_MODERATOR)

	stderr("错误", "权限不足");



$action = isset($_POST['action']) ? htmlspecialchars($_POST['action']) : (isset($_GET['action']) ? htmlspecialchars($_GET['action']) : 'showlist');

$id = isset($_POST['id']) ? htmlspecialchars($_POST['id']) : (isset($_GET['id']) ? htmlspecialchars($_GET['id']) : '');

$update = isset($_POST['update']) ? htmlspecialchars($_POST['update']) : (isset($_GET['update']) ? htmlspecialchars($_GET['update']) : '');

if ($_POST['delete'] != '' && get_user_class() >= UC_MODERATOR) {

	$id = implode(",", $_POST['delete']);

	sql_query("DELETE FROM loginattempts WHERE id IN (" . $id . ")") or sqlerr(__FILE__, __LINE__);

	echo "<script>location.href='maxlogin.php';</script>";

}



function check($id) {

	if (!is_valid_id($id))

		return stderr("错误", "无效的ID");

	else

		return true;

}



function safe_query($query, $id, $where = '') {

	$query = sprintf("$query WHERE id = '%s'", mysql_real_escape_string($id));

	$result = sql_query($query);

	if (!$result)

		return sqlerr(__FILE__, __LINE__);

	redirect("maxlogin.php?update=" . htmlspecialchars($where));

}



function checkdelete() {

	?>

	<script type="text/javascript">

		function checkAll()

		{

			$(".checkbox").each(function () {

				this.checked = true;

			});

		}



		function reverseCheck()

		{

			$(".checkbox").each(function () {

				this.checked = !this.checked;

			});

		}

	</script>

	<?php

}



function toolsbar() {

	print("<tr align=\"center\"><td class=\"rowfollow\" colspan=\"10\"><input type=\"button\" value=\"全选\" onclick=\"checkAll();\"><input type=\"button\" value=\"反选\" onclick=\"reverseCheck();\"> | <input type=\"submit\" id=\"delete\" value=\"删除\"></form></td></tr></table>");

}



$countrows = number_format(get_row_count("loginattempts")) + 1;

$page = 0 + $_GET["page"];



$order = $_GET['order'];

if ($order == 'id')

	$orderby = "id";

elseif ($order == 'ip')

	$orderby = "ip";

elseif ($order == 'added')

	$orderby = "added";

elseif ($order == 'attempts')

	$orderby = "attempts";

elseif ($order == 'type')

	$orderby = "type";

elseif ($order == 'status')

	$orderby = "banned";

else

	$orderby = "id";



$perpage = 25;

list($pagertop, $pagerbottom, $limit) = pager($perpage, $countrows, "maxlogin.php?order=$order&");



if ($action == 'showlist') {

	stdhead("失败登录尝试记录 - 列表");

	checkdelete();

	print("<h1>" . $lang_maxlogin['head_failed'] . "</h1>");

	searchform();

	print("<table border=1 cellspacing=0 cellpadding=5 width=95%>\n");

	if ($update)

		$msg = "<tr><td colspan=6><b>" . htmlspecialchars($update) . " 成功</b></td></tr>\n";

	$res = sql_query("SELECT * FROM  loginattempts ORDER BY $orderby DESC $limit") or sqlerr(__FILE__, __LINE__);

	if (mysql_num_rows($res) == 0)

		print("<tr><td colspan=2><b>没有任何记录</b></td></tr>\n");

	else {

		print("<form method=\"POST\" onsubmit=\"if(confirm('确定要删除吗?')){return true;}else{return false;}\"><tr><td class=colhead><a href=?order=id>" . $lang_maxlogin['text_id'] . "</a></td><td class=colhead align=left><a href=?order=ip>" . $lang_maxlogin['text_ip'] . "</a></td><td class=colhead align=left><a href=?order=added>" . $lang_maxlogin['text_action_time'] . "</a></td>" .

				"<td class=colhead align=left><a href=?order=attempts>" . $lang_maxlogin['text_attempts_time'] . "</a></td><td class=colhead align=left><a href=?order=type>" . $lang_maxlogin['text_attempts_type'] . "</a></td><td class=colhead align=left><a href=?order=status>" . $lang_maxlogin['text_status'] . "</a></td><td class=colhead align=center style=width:10px>行为</td></tr>\n");



		while ($arr = mysql_fetch_assoc($res)) {

			$r2 = sql_query("SELECT id, username FROM users WHERE ip=" . sqlesc($arr[ip])) or sqlerr(__FILE__, __LINE__);

			$a2 = mysql_fetch_assoc($r2);

			print("<tr><td align=>$arr[id]</td><td align=left>$arr[ip] " . ($a2[id] ? get_username($a2['id']) : "" ) . "</td><td align=left>$arr[added]</td><td align=left>$arr[attempts]</td><td align=left>" . ($arr[type] == "recover" ? $lang_maxlogin['type_recover'] : $lang_maxlogin['type_login']) . "</td><td align=left>" . ($arr[banned] == "yes" ? "<font color=red><b>" . $lang_maxlogin['status_banned'] . "</b></font> <a href=maxlogin.php?action=unban&id=$arr[id]><font color=green>[<b>" . $lang_maxlogin['action_unban'] . "</b>]</font></a>" : "<font color=green><b>" . $lang_maxlogin['status_notbanned'] . "</b></font> <a href=maxlogin.php?action=ban&id=$arr[id]><font color=red>[<b>" . $lang_maxlogin['action_ban'] . "</b>]</font></a>") . "  <a onclick=\"return confirm('" . $lang_maxlogin['text_notice'] . "');\" href=maxlogin.php?action=delete&id=$arr[id]>[<b>" . $lang_maxlogin['action_delete'] . "</b></a>] <a href=maxlogin.php?action=edit&id=$arr[id]><font color=blue>[<b>" . $lang_maxlogin['action_edit'] . "</b></a>]</font></td><td align=center><input type=checkbox class=checkbox name=delete[] value=$arr[id] /></td></tr>\n");

		}

		toolsbar();

	}

	print($msg);

	if ($countrows > $perpage)

		echo '<tr><td colspan=2>' . $pagerbottom . '</td></tr>';

	print("</table>\n");

	stdfoot();

}elseif ($action == 'ban') {

	check($id);

	stdhead("失败登录尝试记录 - 封禁");

	safe_query("UPDATE loginattempts SET banned = 'yes'", $id, "Ban");

	header("Location: maxlogin.php?update=Ban");

} elseif ($action == 'unban') {

	check($id);

	stdhead("失败登录尝试记录 - 未封禁");

	safe_query("UPDATE loginattempts SET banned = 'no'", $id, "Unban");

} elseif ($action == 'delete') {

	check($id);

	stdhead("失败登录尝试记录 - 删除");

	safe_query("DELETE FROM loginattempts", $id, "Delete");

} elseif ($action == 'edit') {

	check($id);

	stdhead("失败登录尝试记录 - 编辑 (" . htmlspecialchars($id) . ")");

	$query = sprintf("SELECT * FROM loginattempts WHERE id ='%s'", mysql_real_escape_string($id));

	$result = sql_query($query) or sqlerr(__FILE__, __LINE__);

	$a = mysql_fetch_array($result);

	print("<table border=1 cellspacing=0 cellpadding=5 width=95%>\n");

	print("<tr><td><p>" . $lang_maxlogin['text_ip'] . ":<b>" . htmlspecialchars($a[ip]) . "</b></p>");

	print("<p>" . $lang_maxlogin['text_action_time'] . ": <b>" . htmlspecialchars($a[added]) . "</b></p></tr></td>");

	print("<form method='post' action='maxlogin.php'>");

	print("<input type='hidden' name='action' value='save'>");

	print("<input type='hidden' name='id' value='$a[id]'>");

	print("<input type='hidden' name='ip' value='$a[ip]'>");

	if ($_GET['return'] == 'yes')

		print("<input type='hidden' name='returnto' value='viewunbaniprequest.php'>");

	print("<tr><td>" . $lang_maxlogin['text_attempts_time'] . "<input type='text' size='33' name='attempts' value='$a[attempts]'>");

	print("<tr><td>" . $lang_maxlogin['text_attempts_type'] . "<select name='type'><option value='login' " . ($a["type"] == "login" ? "selected" : "") . ">" . $lang_maxlogin['type_login'] . "</option><option value='recover' " . ($a["type"] == "recover" ? "selected" : "") . ">" . $lang_maxlogin['type_recover'] . "</option></select></tr></td>");

	print("<tr><td>" . $lang_maxlogin['text_status'] . "<select name='banned'><option value='yes' " . ($a["banned"] == "yes" ? "selected" : "") . ">" . $lang_maxlogin['status_banned'] . "</option><option value='no' " . ($a["banned"] == "no" ? "selected" : "") . ">" . $lang_maxlogin['status_notbanned'] . "</option></select></tr></td>");

	print("<tr><td><input type='submit' name='submit' value='" . $lang_maxlogin['submit_save'] . "' class=btn></tr></td>");

	print("</table>");

	stdfoot();

}elseif ($action == 'save') {

	$id = sqlesc(0 + $_POST['id']);

	$ip = sqlesc($_POST['ip']);

	$attempts = sqlesc($_POST['attempts']);

	$type = sqlesc($_POST['type']);

	$banned = sqlesc($_POST['banned']);

	check($id);

	check($attempts);

	sql_query("UPDATE loginattempts SET attempts = $attempts, type = $type, banned = $banned WHERE id = $id LIMIT 1") or sqlerr(__FILE__, __LINE__);

	if ($_POST['returnto']) {

		$returnto = $_POST['returnto'];

		header("Location: $returnto");

	} else

		header("Location: maxlogin.php?update=Edit");

}elseif ($action == 'searchip') {

	$ip = mysql_real_escape_string($_POST['ip']);

	$search = sql_query("SELECT * FROM loginattempts WHERE ip LIKE '%$ip%'") or sqlerr(__FILE__, __LINE__);

	stdhead("失败登录尝试记录 - 搜索");

	checkdelete();

	print("<h2>" . $lang_maxlogin['head_failed'] . "</h2>");

	searchform();

	print("<table border=1 cellspacing=0 cellpadding=5 width=95%>\n");

	if (mysql_num_rows($search) == 0)

		print("<tr><td colspan=2><b>" . $lang_maxlogin['text_nothing'] . "</b></td></tr>\n");

	else {

		print("<form method=\"POST\" onsubmit=\"if(confirm('确定要删除吗?')){return true;}else{return false;}\"><tr><td class=colhead><a href=?order=id>" . $lang_maxlogin['text_id'] . "</a></td><td class=colhead align=left><a href=?order=ip>" . $lang_maxlogin['text_ip'] . "</a></td><td class=colhead align=left><a href=?order=added>" . $lang_maxlogin['text_action_time'] . "</a></td>" .

				"<td class=colhead align=left><a href=?order=attempts>" . $lang_maxlogin['text_attempts_time'] . "</a></td><td class=colhead align=left><a href=?order=type>" . $lang_maxlogin['text_attempts_type'] . "</a></td><td class=colhead align=left><a href=?order=status>" . $lang_maxlogin['text_status'] . "</a></td><td class=colhead align=center style=width:10px>行为</td></tr>\n");



		while ($arr = mysql_fetch_assoc($search)) {

			$r2 = sql_query("SELECT id,username FROM users WHERE ip=" . sqlesc($arr[ip])) or sqlerr(__FILE__, __LINE__);

			$a2 = mysql_fetch_assoc($r2);

			print("<tr><td align=>$arr[id]</td><td align=left>$arr[ip] " . ($a2[id] ? get_username($a2[id]) : "" ) . "</td><td align=left>$arr[added]</td><td align=left>$arr[attempts]</td><td align=left>" . ($arr[type] == "recover" ? $lang_maxlogin['type_recover'] : $lang_maxlogin['type_login']) . "</td><td align=left>" . ($arr[banned] == "yes" ? "<font color=red><b>" . $lang_maxlogin['status_banned'] . "</b></font> <a href=maxlogin.php?action=unban&id=$arr[id]><font color=green>[<b>" . $lang_maxlogin['action_unban'] . "</b>]</font></a>" : "<font color=green><b>" . $lang_maxlogin['status_notbanned'] . "</b></font> <a href=maxlogin.php?action=ban&id=$arr[id]><font color=red>[<b>" . $lang_maxlogin['action_ban'] . "</b>]</font></a>") . "  <a onclick=\"return confirm('" . $lang_maxlogin['text_notice'] . "');\" href=maxlogin.php?action=delete&id=$arr[id]>[<b>" . $lang_maxlogin['action_delete'] . "</b></a>] <a href=maxlogin.php?action=edit&id=$arr[id]><font color=blue>[<b>" . $lang_maxlogin['action_edit'] . "</b></a>]</font></td><td align=center><input type=checkbox class=checkbox name=delete[] value=$arr[id] /></td></tr>\n");

		}

		toolsbar();

	}

	print("</table>\n");

	stdfoot();

} else

	stderr("错误", "无效的操作");



function searchform() {

	global $lang_maxlogin;

	?>

	<br />

	<form method=post name=search action=maxlogin.php>

		<input type=hidden name=action value=searchip>

		<p class=success align=center><?php print($lang_maxlogin['text_searchip']); ?><input type=text name=ip size=25> <input type=submit name=submit class=btn></p>

	</form>

	<a href="maxlogin.php">全部记录</a>

	<br /><br />

	<?php

}
PHP
1
https://gitee.com/mojie126/HDCN-PT.git
git@gitee.com:mojie126/HDCN-PT.git
mojie126
HDCN-PT
HDCN-PT
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部