HEX
Server: Apache/2.4.59 (Debian)
System: Linux keymana 4.19.0-21-cloud-amd64 #1 SMP Debian 4.19.249-2 (2022-06-30) x86_64
User: lijunjie (1003)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/www/html/wp-content/themes/ormedia/
Upload Files
File: /var/www/html/wp-content/themes/ormedia/page-api-for-keyalert.php
<?php
/* Template Name: api-for-keyalert-login */
require_once('key_alert_functions.php');
function secu_do_login_4api($login, $password, $push_id)
{
    date_default_timezone_set('Asia/Hong_Kong');
    global $wpdb;
    $obj = new stdClass();
    $obj->rc = 1;
    $obj->msg = "";
    $u = get_secu_user($login);
    if ($u == null) {
        $obj->rc = -1;
        $obj->msg = "login not exists";
        insert_log(0, "","","login not exist: ".$login);
    } else {
        $res = wp_check_password($password, $u->password);
        if ($res) {
            if (!empty($push_id)) {
                $old_push_id = r_push_id($u->id);
                if (!empty($old_push_id) && $old_push_id != $push_id) {
                    // 提示另一设备登录
                    $data = [
                        'title' => "logout",
                        'alert' => "logout",
                        'extras' => [
                            'logout' => 1
                        ]
                    ];
                    send_jpush_msg($old_push_id, $data);
                }
                u_push_id($u->id, $push_id);
            }
            $obj->msg = "success";

            // $obj->data = $u;
            $payload_new = array(
                'iss' => 'keylab',
                'iat' => time(),
                'exp' => time() + 3600,
                'nbf' => time() + 3600,
                'sub' => 'keylab.cc',
                'jti' => md5(uniqid('JWT') . time())
            );
            $token_new = JwtAuthClass::getToken($payload_new);
//            $old_token = r_token($u->id);

//            if ($old_token) {
//                if (JwtAuthClass::verifyToken($old_token->token) == 1) {
//                    $obj->data->token = $old_token->token;
//                    $obj->data->expiry = date('Y-m-d H:i:s', JwtAuthClass::getTokenExp($old_token->token));
//                } else {
//                    u_token($u->id, $token_new);
//                    $obj->data->token = $token_new;
//                    $obj->data->expiry = date('Y-m-d H:i:s', JwtAuthClass::getTokenExp($token_new));
//                }
//            } else {
            u_token($u->id, $token_new);
            $obj->data->token = $token_new;
            $obj->data->expiry = date('Y-m-d H:i:s', JwtAuthClass::getTokenExp($token_new));
//            }
            insert_log($u->id, $obj->data->token,"","login success: ".$login." exp: ".$obj->data->expiry);
            unset($obj->data->token_creation_timestamp);
        } else {
            $obj->rc = -2;
            $obj->msg = "incorrect password";
        }
    }
    return $obj;
}
$login = $_REQUEST['login'];
$password = $_REQUEST['password'];
$push_id = $_REQUEST['push_id'];
$push_id = empty($push_id) ? "" : $push_id;
$rv = secu_do_login_4api($login, $password, $push_id);

// insert_log(0, "", 0, get_request_string(), "登入:rc=" . $rv->rc . ",msg=" . $rv->msg);
echo json_encode($rv);
@ Telegram