';
// // Check if PHP is using only cookies for sessions
// echo 'session.use_only_cookies: ' . ini_get('session.use_only_cookies') . '
';
// // Check if JavaScript access to session cookies is prevented
// echo 'session.cookie_httponly: ' . ini_get('session.cookie_httponly') . '
';
// // Check if transparent session ID management is disabled
// echo 'session.use_trans_sid: ' . ini_get('session.use_trans_sid') . '
';
}
//reCAPTCHA 驗證
// 接收前端傳遞的 reCAPTCHA 驗證碼
if (!isset($_POST['recaptcha_response'])) {
exit;
}
$recaptchaResponse = $_POST['recaptcha_response'];
// 驗證 reCAPTCHA
$recaptchaUrl = 'https://www.google.com/recaptcha/api/siteverify';
$recaptchaSecretKey = '6LcJ3homAAAAAKNU4sZpbY2yESihQAEGwqwcNs6c'; // 將此替換為您的 reCAPTCHA 密鑰
$recaptchaSecretKey = $_SERVER['SERVER_NAME'] == "localhost" ? "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI" : "6LcJ3homAAAAAKNU4sZpbY2yESihQAEGwqwcNs6c";
$data = array(
'secret' => $recaptchaSecretKey,
'response' => $recaptchaResponse
);
$options = array(
'http' => array(
'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
)
);
$context = stream_context_create($options);
$recaptchaResult = file_get_contents($recaptchaUrl, false, $context);
$recaptchaResultJson = json_decode($recaptchaResult);
if ($recaptchaResultJson->success) {
// reCAPTCHA 驗證成功,可以繼續處理相應的邏輯
} else {
// reCAPTCHA 驗證失敗,請求可能是機器人發起的
if (!$_SERVER['SERVER_NAME'] == "localhost") {
echo 'reCAPTCHA 驗證失敗';
exit;
}
}
// time zone
$timezone = new DateTimeZone('Asia/Taipei');
$date = new DateTime('now', $timezone);
$taiwanTime = $date->format('Y-m-d H:i:s');
$session_id = session_id();
$user_ip = $_SERVER['REMOTE_ADDR'];
/* Show info for developer */
$is_developer = false;
if ($is_developer):
echo "session.gc_maxlifetime: " . ini_get('session.gc_maxlifetime') . "
";
endif;
/* Only allow developer*/
if (0) {
if (!in_array($_SERVER['REMOTE_ADDR'], array('149.28.16.132', '61.222.27.93'))) { //if(!get_current_user_id()){
die('please login first for viewing website.');
}
}
if (isset($_GET['is_developer']) && $_GET['is_developer'] == "1") {
$is_developer = true;
}
/* Get post form*/
if (!$is_developer):
if (!isset($_POST['areuconfpurchaser']) or $_POST['areuconfpurchaser'] == "") {
//echo "沒有輸入 Email" ;
header("Location: /");
exit;
}
$purchaser_email = $_POST['areuconfpurchaser'];
$purchaser_email = strtolower($purchaser_email); //converts an email address to lowercase
//使用BCRYPT算法加密密码
$hash_purchaser_email = substr(hash('sha256', $purchaser_email), 0, 40); //substr(password_hash($purchaser_email, PASSWORD_BCRYPT), 0, 20);
//驗證 email 格式
//echo $purchaser_email;
// 定義Email地址的正則表達式
// 使用filter_var()函数验证电子邮件地址
if (!filter_var($purchaser_email, FILTER_VALIDATE_EMAIL)) {
echo "請輸入有效的 email 格式"; //"Invalid email address!";
exit;
}
endif;
// 核對資料庫的資料
// $purchaser_email
// Query database for user with matching email address
if ($is_developer):
$purchaser_email = 'wbx1119@thhs.ntpc.edu.tw';
endif;
/* use $wpdb */
require_once $_SERVER['DOCUMENT_ROOT'] . '/db_user_pwd.php';
//
// $db_name
// $db_user
// $db_pwd
$db_host = "mysql8";
try {
// Create a new PDO instance
$pdo = new PDO("mysql:host=$db_host;dbname=$db_name;charset=utf8", $db_user, $db_pwd);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
//echo 'Connection failed: ' . $e->getMessage();
echo '登入失敗,請重新嘗試。\n或連繫AIA台灣人工智慧學校。';
exit;
}
$intra_email = array(
//'786f4af443363aa073ecfe9b964cdbf645260619',
'e5a48b3d1595be5000a5e73d741d4e9bce24021d',
'a8fbaa12f5e1191abeb0b472247279f78bc2ef0c',
'ceefa78c76e765b4fc9b7955e0b8578f41fd3427',
'afc90d41f116f27dff404e28486564fc291749ce',
'ee0a533ea29004e9abc92c3b790fab338cbe1951',
'cca52ad3be29f235564b0d60af70b47edbe1f8ae',
'0927bff0c55db949bdee32cf32599c240b3b354c',
'8f715c4781d54ed0486f6f4afd23317a4f0ce4ab',
'775d8dd69dcb5239a96eb9320538923d5b6f8240',
'2e257652351e4d33c22a8b31c1196577e95c3b9f',
'f1e2187ca95f10012577fd0cfe37078b9aa57784',
'700af92e59cca181e82c1141a3d7768a4f8b88dd',
'e50a58682e7d541628c2167675a92080c297aa2f',
'334403ca727521b8169aad064b5c62261d7a2029',
'f4165a1c3c527fa8e89e148183678e66e556be73',
'db27e2eaf817b0e8f2d7f979960b2ceb960ddc28',
'd5dd6842452998dd6de443416d4a1c66308fd24f',
'f58d15db4b0f4005fa830ba2bdfc3c3c67a229ae',
'5139fbb4ff03b758e6ac5a86adab61e0d36141c7',
'0f43d254d97a7f8e04545108dcfe6381972fcb2a',
'e7a918a292c359e47424a0e0bc3f149b2540c934',
'acbd34f8dc9ba21651ee3c4399edfec9cf005935',
'469f19a68ce45e474667cae5a8548f37a48ad5e0',
'073e3e67466abfe878c9b3bca8445211a00b31b7',
'7a815b7297cb69cf37082acefbbffdc94450bcec'
);
$dateString = "2024-10-08 23:59:59";
if ($_SERVER['REMOTE_ADDR'] == '61.222.27.93') {
$dateString = "2024-10-07 23:59:59";
}
$video_start_date = new DateTime($dateString);
$converted_video_start_date = $video_start_date->format('Y-m-d');
$dateString = "2024-10-22 23:59:59";
$video_end_date = new DateTime($dateString);
$converted_video_end_date = $video_end_date->format('Y-m-d');
if (!($date >= $video_start_date && $date <= $video_end_date)) { //non-opening dates
if (!in_array($hash_purchaser_email, $intra_email)) {
echo "開放日期: 2024.10.09 ~ 2024.10.22";
exit;
}
}
// Prepare the query
$query = "SELECT * FROM conf2024_purchaser_online_replay WHERE email = :email"; //aigc_purchaser for aigc //aigc_purchaser_online_replay
$statement = $pdo->prepare($query);
$statement->bindValue(':email', $hash_purchaser_email);
// Execute the query
$statement->execute();
// Fetch the row
$user = $statement->fetch(PDO::FETCH_OBJ);
if ($user) {
// Access user's information
$email = $user->email;
$old_session_id = $user->session;
} else {
// Email address does not exist in the database
echo '無效的信箱地址,信箱應是您入場時持有年會電子票券的信箱。'; //( 開放日期: 2023.9.26 ~ 2023.10.10 );
$logData = "fail\t" . $user_ip . "\t" . $session_id . "\t" . $purchaser_email . "\t" . $taiwanTime; // Replace this with your actual log data
file_put_contents('login/login_log', $logData . PHP_EOL, FILE_APPEND);
exit;
}
if ($is_developer) {
echo "Check the status of the session:
";
if (isset($_SESSION['user_id'])) {
echo "User is logged in
";
} else {
echo "Session has expired or user is not logged
";
}
}
/* 取得所需資訊 */
// get Session ID
// $session_id = session_id();
//$email='ben.wang@sted.tw';
// if (password_verify($password , $hash_password)){
// echo "密码匹配";
// }else{
// echo "密码错误";
// }
// Verify expiration
// If an expiration has been set, then verify it. (for table:aigc2023.aigc_purchaser_online_replay)
if (property_exists($user, 'expiration')) { // aigc_purchaser_online_replay Set expiration one by one
// Verify that the time is within the valid expiration period.
$current_date = date('Y-m-d');
$time_expiration_ = strtotime($user->expiration);
$time_from_today = strtotime($current_date);
if ($time_expiration_ < $time_from_today) { //It means the user is outside the valid expiration period.
echo "您的票券已過期{$user->expiration}";
$logData = "fail\t" . $user_ip . "\t" . $session_id . "\t" . $purchaser_email . "\t" . $taiwanTime . "\t過期:" . $time_expiration; // Replace this with your actual log data
file_put_contents('login/login_log', $logData . PHP_EOL, FILE_APPEND);
exit;
}
} else { // aigc_review
$intra_email = array(
'786f4af443363aa073ecfe9b964cdbf645260619',
'e5a48b3d1595be5000a5e73d741d4e9bce24021d',
'a8fbaa12f5e1191abeb0b472247279f78bc2ef0c',
'ceefa78c76e765b4fc9b7955e0b8578f41fd3427',
'afc90d41f116f27dff404e28486564fc291749ce',
'ee0a533ea29004e9abc92c3b790fab338cbe1951',
'cca52ad3be29f235564b0d60af70b47edbe1f8ae',
'0927bff0c55db949bdee32cf32599c240b3b354c',
'8f715c4781d54ed0486f6f4afd23317a4f0ce4ab',
'775d8dd69dcb5239a96eb9320538923d5b6f8240',
'2e257652351e4d33c22a8b31c1196577e95c3b9f',
'f1e2187ca95f10012577fd0cfe37078b9aa57784',
'700af92e59cca181e82c1141a3d7768a4f8b88dd',
'e50a58682e7d541628c2167675a92080c297aa2f',
'334403ca727521b8169aad064b5c62261d7a2029',
'f4165a1c3c527fa8e89e148183678e66e556be73',
'db27e2eaf817b0e8f2d7f979960b2ceb960ddc28',
'd5dd6842452998dd6de443416d4a1c66308fd24f',
'f58d15db4b0f4005fa830ba2bdfc3c3c67a229ae',
'5139fbb4ff03b758e6ac5a86adab61e0d36141c7',
'0f43d254d97a7f8e04545108dcfe6381972fcb2a',
'e7a918a292c359e47424a0e0bc3f149b2540c934',
'acbd34f8dc9ba21651ee3c4399edfec9cf005935',
'469f19a68ce45e474667cae5a8548f37a48ad5e0',
'7a815b7297cb69cf37082acefbbffdc94450bcec'
);
$dateString = "2024-10-08 23:59:59";
$video_start_date = new DateTime($dateString);
$converted_video_start_date = $video_start_date->format('Y-m-d');
$dateString = "2024-10-22 23:59:59";
$video_end_date = new DateTime($dateString);
$converted_video_end_date = $video_end_date->format('Y-m-d');
if (!($date >= $video_start_date && $date <= $video_end_date)) { //non-opening dates
if (!in_array($hash_purchaser_email, $intra_email)) {
echo "開放日期: 2024.10.09 ~ 2024.10.22";
exit;
}
}
}
//Verify replay event (purchaser_online_replay)
// $replay_spring = 0;
// $replay_summer = 0;
$replay_conf2024 = 0;
if (property_exists($user, 'expiration')) {
// $replay_spring = intval($user->replay_spring);
// $replay_summer = intval($user->replay_summer);
$replay_conf2024 = intval($user->replay_conf2024);
}/*else{
$replay_spring = 1;
$replay_summer = 1;
}*/
// 更新最後活動時間
$now_time = time();
if ($is_developer):
echo "所需資訊:
";
echo "session_id: " . $session_id . "
";
echo "email: " . $email . "
";
echo "user_ip: " . $user_ip . "
";
echo "now_time: " . $now_time . "
";
// echo "hash_email" .md5($hash_email);
// echo "hash_email.length" .strlen(md5($hash_email));
echo "
";
endif;
//$email = $hash_purchaser_email;
/* 設置 Session */
$user_id = $email;
$_SESSION['user_id'] = $user_id;
$_SESSION['ip'] = $user_ip; // 防止偽造
$_SESSION['last_activity'] = time();
// $_SESSION['replay_spring'] = $replay_spring;
// $_SESSION['replay_summer'] = $replay_summer;
$_SESSION['replay_conf2024'] = $replay_conf2024;
// 設置使用者 Cookie
setcookie('user_id', $user_id, time() + 3600 * 24 * 7, '/');
// 檢查
if ($is_developer):
echo "設置 Session:
";
echo "";
print_r($_SESSION);
echo "";
echo "設置 COOKIE:
";
print_r($_COOKIE['user_id']);
endif;
echo "success"; //.$_SESSION['ip']
/* Update MySQL */
// Prepare the query
$updateQuery = "UPDATE conf2024_purchaser_online_replay SET ip = :ip, session = :session WHERE email = :email";
$statement = $pdo->prepare($updateQuery);
$statement->execute(array(
'ip' => $user_ip,
'session' => $session_id,
'email' => $email
));
if ($statement->rowCount() > 0) {
//echo 'Data updated successfully.';
} else {
//echo 'Error updating data.';
}
// 刪除先前的 session;
if ($old_session_id != $session_id) {
$session_path = "/tmp/conf2024/sess_" . $old_session_id;
// 刪除文件
if (file_exists($session_path)) {
unlink($session_path);
//echo '文件已刪除。';
} else {
//echo '文件不存在。';
}
}
/* 寫下登入紀錄 */
/* 結果,ip,session_id, hash email timestamp */
$logData = "sucess" . "\t" . $user_ip . "\t" . $session_id . "\t" . $hash_purchaser_email . "\t" . $taiwanTime; // Replace this with your actual log data
file_put_contents('login/login_log', $logData . PHP_EOL, FILE_APPEND);
exit;