Home >Backend Development >PHP Tutorial >Introduction to DISCUZ login without a pass, page 1/2_PHP tutorial
Introduction to the content of DISCUZ login without a pass
DISCUZ is the most commonly used forum in China. Although it has a pass for everyone to connect, in fact the unification of users is still very poor. Two user tables are often created. The first is not It is convenient for registration and management, and secondly it wastes the database.
I recently worked on a project that also used DISCUZ, so I studied the login of DISCUZ and basically completed the synchronous login. If you are interested, you can research it.
No more nonsense. If you write your own system, you can directly use the DISCUZ public file and directly quote include/common.inc.php. This is the simplest. Just quote this file and $discuz_uid is Your user ID, $discuz_user is your user name,
If you use your own public file, you need to extract two functions. In global.func.php, there are two functions
Dsetcookie, And authcode, if you are not lazy, copy a function clearcookies. The first one is DISCUZ's own function to build COOKIE, the second one is DISCUZ's reversible encryption function, and the third one is the clear COOKIE function. I put it on my own FUNC.PHP file
Okay, let’s start writing the method of creating and identifying COOKIE
function lgoin($array)
{
$username = $array['username'];
$password = $array['password'];
$sql = "SELECT `uid`,`password`,`secques` FROM `cdb_members` WHERE
`username`='$username' and `password`=md5('$password')";
try {
$rs = $this -> _db -> query($sql);
}catch (Exception $e){
exit("Query error, error message: ".$e->getMessage());
return 0;
}
$row = $this -> _db -> fetch ($rs); //Check whether the logged in user name and password are correct
if($row){
dsetcookie('sid','',-2423234234); // Log out sid
$secques = $row['secques'];
$uid = $row['uid'];
$formPassword = $row['password'];
dsetcookie('auth', authcode("$ formPasswordt$secquest$uid", 'ENCODE','123'), '0');
return 1;
}else{
return 2;
}
}
This is a login function, let’s not talk nonsense, let’s talk about the key part directly. After querying, when the information is obtained, (if the username and password are correct) we get 3 pieces of information, UID, PASSWORD, and SECQUES. These three are what DISCUZ needs to use to create COOKIE. The first is the user ID, the second is the encrypted password, and the third is the encrypted answer to the question (it needs to be used even if it is not set). DISCUZ needs to prompt. Questions and answers, but we don’t need it when logging in, so I checked it out directly here. dsetcookie('auth', authcode("$formPasswordt$secquest$uid", 'ENCODE','123'), '0');
This sentence is to create the user's COOKIE. Needless to say anything else, please pay attention You must pay attention to this '123'. This is the KEY set during encryption. It needs to be the same as your DISCUZ, so there are three places that must be unified. One is global.func.php, and the other is yourself. The copied authcode function, and when you use authcode. You should be able to log in to the forum at this time. If you cannot log in, please see below