phpwind޸ĹԱ©

[phpwind޸ĹԱ© ȫ]
Ӱ汾: 
phpwind<=5.X   4.X
PHPWind ̳ϵͳ һײ php+mysql ݿ ʽв html ҳȫƵǿϵͳзǷķٶȺ׿Խĸܹѵϲ80secзһȫ©ɹô©ֱ޸ĹԱ̨ȡùԱȨޡ

phpwindwapģУñתڸΪص⣬ûκεʹװiconvȱģһܵ©Ӱ죬ûơphpwindУwapĬϹرյģǷphpwind<=5.3汾Уȫûгʼ⣬ԶûԿģ飬Ӷһע䰲ȫ©
phpwindеע©УphpwindŴݿȡıӶܿԸһЩݴ̣޸û룬Աwap_mod.php£

function wap_login($username,$password){
global $db,$timestamp,$onlineip,$db_ckpath,$db_ckdomain,$db_bbsurl;

$men=$db->get_one("SELECT m.uid,m.password,m.groupid,m.yz,md.onlineip FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid WHERE username=''$username''");
if($men){
$e_login=explode("|",$men[''onlineip'']);
if($e_login[0]!=$onlineip. * || ($timestamp-$e_login[1])>600 || $e_login[2]>1 ){
$men_uid=$men[''uid''];
$men_pwd=$men[''password''];
$check_pwd=$password;
if($men[''yz''] > 2){
wap_msg(c'');
}
if(strlen($men_pwd)==16){
$check_pwd=substr($password,8,16);/*֧ 16 λ md5ȡ*/
}
if($men_pwd==$check_pwd){
if(strlen($men_pwd)==16){
$db->update(UPDATE pw_members SET password=$password WHERE uid=$men_uid);
}
$L_groupid=(int)$men[''groupid''];
Cookie(ck_info,$db_ckpath.\t.$db_ckdomain);
}else{
global $L_T;
$L_T=$e_login[2];
$L_T ? $L_TC:$L_T=5;
$F_login=$onlineip *|$timestamp|$L_T;
$db->update(UPDATE pw_memberdata SET onlineip=$F_login WHERE uid=$men_uid);
wap_msg(login_pwd_error);
}
}else{
global $L_T;
$L_T=600-($timestamp-$e_login[1]);
wap_msg(login_forbid);
}
} else {
global $errorname;
$errorname=$username;
wap_msg(user_not_exists);
}
Cookie(winduser,StrCode($men_uid.\t.PwdCode($password)));
Cookie(lastvisit,,0);
wap_msg(wap_login,''index.php);
}

ע˻ֻҪĹusernameô©