{"id":332,"date":"2013-11-08T10:38:58","date_gmt":"2013-11-08T02:38:58","guid":{"rendered":"http:\/\/www.zyuns.com\/?p=332"},"modified":"2015-10-22T15:27:57","modified_gmt":"2015-10-22T07:27:57","slug":"discuz-x2-yan-zheng-ma-de-chan-sheng-ji-yan-zheng","status":"publish","type":"post","link":"https:\/\/www.siediyer.cn\/?p=332","title":{"rendered":"Discuz! X2\u9a8c\u8bc1\u7801\u7684\u4ea7\u751f\u53ca\u9a8c\u8bc1"},"content":{"rendered":"
\n

\u4e00\u3001\u9a8c\u8bc1\u7801\u7684\u4ea7\u751f<\/strong><\/p>\n

1\u3001\u5982\u4f55\u5728\u6a21\u677f\u4e2d\u6dfb\u52a0\u4e00\u4e2a\u9a8c\u8bc1\u7801<\/strong>
\n\u5728X2\u4e2d\u9a8c\u8bc1\u7801\u7684\u6a21\u677f\u90e8\u5206\u72ec\u7acb\u4e3a\u4e00\u4e2a\u6a21\u677f\u6587\u4ef6\uff08template\/default\/common\/seccheck.htm\uff09\uff0c\u4f9b\u5404\u4e2a\u5730\u65b9\u8c03\u7528\u3002
\n\u5728\u6a21\u677f\u4e2d\u53ef\u4ee5\u6dfb\u52a0\u5982\u4e0b\u4ee3\u7801\u6765\u8c03\u7528\u9a8c\u8bc1\u7801\u6a21\u677f\u90e8\u5206\uff1a<\/p>\n

\n
\n
    \n
  1. <!–{eval $seccodecheck = 1;}–><\/li>\n
  2. <!–{eval $sectpl = ‘<tr><th><sec><\/th><td><sec><p class=”d”><sec><\/p><\/td>’;}–><\/li>\n
  3. <!–{subtemplate common\/seccheck}–><\/li>\n<\/ol>\n<\/div>\n

    \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

    \u89e3\u91ca\u4e0b\u8fd9\u4e09\u53e5\u8bdd\uff1a<\/p>\n

     <\/p>\n

    \u7b2c\u4e00\u53e5\u7684\u610f\u601d\u4e3a\uff0c\u6211\u8981\u5f00\u542f\u9a8c\u8bc1\u7801\uff0c\u5373 $seccodecheck<\/p>\n

    \u53d8\u91cf<\/p>\n

    \u5fc5\u987b\u4e3a\u771f\uff0c\u5c31\u8868\u793a\u5f53\u524d\u9875\u9762\u8981\u5f00\u542f\u9a8c\u8bc1\u7801\u3002<\/p>\n

     <\/p>\n

    \u7b2c\u4e8c\u53e5\u7684\u610f\u601d\u4e3a\uff0c\u7ed9\u8981\u663e\u793a\u51fa\u6765\u7684\u9a8c\u8bc1\u7801\u8bbe\u7f6e\u4e00\u4e2a\u663e\u793a\u7684\u6a21\u677f\u683c\u5f0f\uff0c$sectpl \u8fd9\u4e2a\u53d8\u91cf\u5bf9\u5e94\u7684\u5c31\u662f\u6a21\u677f\uff0c\u8bbe\u7f6e $sectpl \u53ef\u4ee5\u8ba9\u9a8c\u8bc1\u7801\u7684\u663e\u793a\u4e0e\u5f53\u524d\u9875\u9762\u7684\u683c\u5f0f\u66f4\u597d\u7684\u7ed3\u5408\u3002\u4ece\u793a\u4f8b\u7684\u6a21\u677f\u4ee3\u7801\u4e2d\u53ef\u4ee5\u770b\u51fa\uff0c\u53ea\u6709 <sec> \u4e0d\u5c5e\u4e8e HMTL \u6807\u51c6\u4ee3\u7801\uff0c\u800c\u4e14\u51fa\u73b0\u4e86 3 \u6b21\uff0c\u8fd9 3 \u6b21\u5206\u522b\u4ee3\u8868\uff1a\u201c\u9a8c\u8bc1\u7801\u201d\u6587\u5b57\u3001\u9a8c\u8bc1\u7801\u8f93\u5165\u6846\u3001\u9a8c\u8bc1\u7801\u56fe\u7247\uff0c\u5982\u4e0b\u56fe\u6240\u793a\uff1a
    \n\"1.png\"<\/p>\n

    \u8fd9\u6837\u5c31\u53ef\u4ee5\u628a\u9a8c\u8bc1\u7801\u4e0d\u540c\u7684\u90e8\u5206\u5408\u7406\u7684\u5b89\u653e\u5728\u60a8\u7684\u9875\u9762\u4e2d\u4e86\u3002<\/p>\n

     <\/p>\n

    \u7b2c\u4e09\u53e5\u7684\u610f\u601d\u4e3a\uff0c\u5c06\u72ec\u7acb\u7684\u9a8c\u8bc1\u7801\u6a21\u677f\u5408\u5e76\u5230\u5f53\u524d\u9875\u9762\u4e2d\uff0c\u4e0e\u5f53\u524d\u9875\u9762\u7684\u6a21\u677f\u4e00\u540c\u8f93\u51fa\u3002<\/p>\n

     <\/p>\n

    \u5728\u6a21\u677f\u4e2d\u6dfb\u52a0\u4e0a\u5982\u4e0a\u7684\u4ee3\u7801\u540e\uff0c\u5237\u65b0\u9875\u9762\u5c31\u53ef\u4ee5\u770b\u5230\u9a8c\u8bc1\u7801\u90e8\u5206\u4e86\u3002<\/p>\n

    2\u3001\u9a8c\u8bc1\u7801\u7684\u751f\u6210\u6d41\u7a0b<\/strong><\/p>\n

    \uff08\u4ee5X2\u9ed8\u8ba4\u8bbe\u7f6e\u7684\u201c\u82f1\u6587\u56fe\u7247\u9a8c\u8bc1\u7801\u201d\u4e3a\u4f8b\uff09<\/p>\n

     <\/p>\n

    1\uff09\u521a\u51fa\u73b0\u7684\u9a8c\u8bc1\u7801\u4f1a\u9ed8\u8ba4\u6267\u884c\u4e00\u6bb5 JS \u4ee3\u7801<\/p>\n

    \n
    \n
      \n
    1. <script type=”text\/javascript” reload=”1″>updateseccode(‘SQq29j20’);<\/script><\/li>\n<\/ol>\n<\/div>\n

      \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

      \u6267 \u884c\u7684 JS \u4e3b\u8981\u5c31\u662f\u6267\u884c\u4e86 updateseccode \u8fd9\u4e2a\u51fd\u6570\uff0c\u76f4\u63a5\u70b9\u51fb\u9a8c\u8bc1\u7801\u56fe\u7247\u6267\u884c\u7684\u4e5f\u662f\u8fd9\u4e2a\u51fd\u6570\u3002\u51fd\u6570\u4e2d\u7684 ‘SQq29j20’ \u662f\u5f53\u524d\u9875\u9762\u9a8c\u8bc1\u7801\u7684\u552f\u4e00\u5b57\u7b26\u4e32 idhash\uff0c\u4ed6\u662f\u7531\u662f\u5426\u4e3aAjax\u8bf7\u6c42\u3001session id\u3001\u81ea\u589e\u6570\u5b57\u7ec4\u6210\uff0c\u6b64\u5904\u4e0d\u5fc5\u6df1\u7a76\u5176\u542b\u4e49\u3002<\/p>\n

       <\/p>\n

      2\uff09updateseccode \u51fd\u6570\u5728 static\/js\/common.js \u4e2d<\/p>\n

      \n
      \n
        \n
      1. function updateseccode(idhash, play) {<\/li>\n
      2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$F(‘_updateseccode’, arguments);<\/li>\n
      3. }<\/li>\n<\/ol>\n<\/div>\n

        \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

        \u901a\u8fc7\u4e0a\u9762\u4ee3\u7801\u53ef\u4ee5\u770b\u5230\uff0cupdateseccode \u53c8\u8c03\u7528\u4e86 _updateseccode \u79c1\u6709\u51fd\u6570\uff0c_updateseccode \u51fd\u6570\u5728 static\/js\/common_extra.js \u6587\u4ef6\u4e2d<\/p>\n

        \n
        \n
          \n
        1. function _updateseccode(idhash, play) {<\/li>\n
        2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(isUndefined(play)) {<\/li>\n
        3. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 if($(‘seccode_’ + idhash)) {<\/li>\n
        4. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0$(‘seccodeverify_’ + idhash).value = ”;<\/li>\n
        5. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0if(secST[‘code_’ + idhash]) {<\/li>\n
        6. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0clearTimeout(secST[‘code_’ + idhash]);<\/li>\n
        7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0}<\/li>\n
        8. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0$(‘checkseccodeverify_’ + idhash).innerHTML = ‘<img src=”‘+%20IMGDIR%20+%20’\/none.gif” width=”16″ height=”16″ \/>’;<\/li>\n
        9. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0ajaxget(‘misc.php?mod=seccode&action=update&idhash=’ + idhash, ‘seccode_’ + idhash, null, ”, ”, function() {<\/li>\n
        10. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0secST[‘code_’ + idhash] = setTimeout(function() {$(‘seccode_’ + idhash).innerHTML = ‘<span class=”xi2 cur1″ onclick=”updateseccode(”+idhash+”)”>\u5237\u65b0\u9a8c\u8bc1\u7801<\/span>’;}, 180000);<\/li>\n
        11. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0});<\/li>\n
        12. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 }<\/li>\n
        13. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0} else {<\/li>\n
        14. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 eval(‘window.document.seccodeplayer_’ + idhash + ‘.SetVariable(“isPlay”, “1”)’);<\/li>\n
        15. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
        16. }<\/li>\n<\/ol>\n<\/div>\n

          \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

          \u8fd9\u6bb5 JS \u4ee3\u7801\u6709\u4e24\u4e2a\u542b\u4e49\uff1a<\/p>\n

           <\/p>\n

          \u4e00\u662f\u901a\u8fc7 ajaxget \u8bf7\u6c42\u4e86 misc.php?mod=seccode&action=update&idhash=xxxx \u8fd9\u6837\u4e00\u4e2a\u5730\u5740<\/p>\n

           <\/p>\n

          \u4e8c\u662f\u8bbe\u5b9a\u4e86\u4e00\u4e2a<\/p>\n

          \u5b9a\u65f6\u5668<\/p>\n

          \uff0c\u4ece\u663e\u793a\u4e86\u9a8c\u8bc1\u7801\u5f00\u59cb\uff0c3\u5206\u949f\u540e\u81ea\u52a8\u5c06\u9a8c\u8bc1\u7801\u56fe\u7247\u6362\u4e3a\u201c\u5237\u65b0\u9a8c\u8bc1\u7801\u201d\u7684\u6587\u5b57\uff0c\u70b9\u51fb\u8be5\u6587\u5b57\u5c31\u6267\u884c updateseccode \u8fd9\u4e2a\u51fd\u6570\uff0c\u91cd\u65b0\u66f4\u65b0\u9a8c\u8bc1\u7801\u3002\u7531\u6b64\u53ef\u4ee5\u770b\u51fa\uff0c\u6b64\u79cd\u65b9\u5f0f\u53ef\u4ee5\u5f88\u597d\u7684\u89e3\u51b3\u9a8c\u8bc1\u7801\u8fc7\u671f\u7684\u95ee\u9898\u3002<\/p>\n

           <\/p>\n

          3\uff09\u627e\u5230\u901a\u8fc7 ajaxget \u8bf7\u6c42\u7684\u7a0b\u5e8f source\/module\/misc\/misc_seccode.php<\/p>\n

           <\/p>\n

          \u901a\u8fc7 url \u4e2d\u7684 action=update \u53ef\u4ee5\u770b\u51fa\uff0c\u5e94\u8be5\u67e5\u770b if($_G[‘gp_action’] == ‘update’) { \u2026\u2026 } \u4e2d\u7684\u4e00\u6bb5<\/p>\n

          \n
          \n
            \n
          1. if($_G[‘gp_action’] == ‘update’) {<\/li>\n
          2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$message = ”;<\/li>\n
          3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if($_G[‘setting’][‘seccodestatus’]) {<\/li>\n
          4. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $rand = random(5, 1);<\/li>\n
          5. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $flashcode = ”;<\/li>\n
          6. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $idhash = isset($_G[‘gp_idhash’]) ? $_G[‘gp_idhash’] : ”;<\/li>\n
          7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $ani = $_G[‘setting’][‘seccodedata’][‘animator’] ? ‘_ani’ : ”;<\/li>\n
          8. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 if($_G[‘setting’][‘seccodedata’][‘type’] == 2) {<\/li>\n
          9. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u2026\u2026<\/li>\n
          10. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 } elseif($_G[‘setting’][‘seccodedata’][‘type’] == 3) {<\/li>\n
          11. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u2026…<\/li>\n
          12. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 } else {<\/li>\n
          13. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0$message = lang(‘core’, ‘seccode_image’.$ani.’_tips’).'<img onclick=”updateseccode(”.$idhash.”)” width=”‘.$_G[‘setting’][‘seccodedata’][‘width’].'” height=”‘.$_G[‘setting’][‘seccodedata’][‘height’].'” src=”misc.php?mod=seccode&update=’.$rand.’&idhash=’.$idhash.'” class=”vm” alt=”” \/>’;<\/li>\n
          14. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 }<\/li>\n
          15. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
          16. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0include template(‘common\/header_ajax’);<\/li>\n
          17. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0echo lang(‘message’, $message, array(‘flashcode’ => $flashcode, ‘idhash’ => $idhash));<\/li>\n
          18. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0include template(‘common\/footer_ajax’);<\/li>\n
          19. }<\/li>\n<\/ol>\n<\/div>\n

            \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

            \u9ed8 \u8ba4\u8bbe\u7f6e\u7684\u201c\u82f1\u6587\u56fe\u7247\u9a8c\u8bc1\u7801\u201d\u7684 $_G[‘setting’][‘seccodedata’][‘type’] \u4e3a 0\uff0c\u6240\u4ee5\u770b else \u7684\u90e8\u5206\u3002\u4ed4\u7ec6\u770b\u8fd9\u91cc\u5c31\u662f\u6309\u7167 ajax \u7684\u683c\u5f0f\u8fd4\u56de\u4e86\u4e00\u4e2a\u9a8c\u8bc1\u7801\u7684\u56fe\u7247\uff0c\u4f46\u662f\u56fe\u7247\u7684 src \u4e3a misc.php?mod=seccode&update=$rand&idhash=$idhash \u8fd9\u6837\u4e00\u4e2a\u52a8\u6001\u94fe\u63a5\uff0c\u6240\u4ee5\u662f\u901a\u8fc7\u8fd9\u4e2a\u94fe\u63a5\u52a8\u6001\u751f\u6210\u7684\u56fe\u7247\uff0c\u6b64\u65f6\u53c8\u4ea7\u751f\u4e86\u4e00\u4e2a\u65b0\u7684\u8bf7\u6c42\u3002<\/p>\n

             <\/p>\n

            4\uff09\u627e\u5230\u901a\u8fc7\u56fe\u7247\u94fe\u63a5\u8bf7\u6c42\u7684\u7a0b\u5e8f source\/module\/misc\/misc_seccode.php\uff08\u548c\u4e0a\u9762\u662f\u540c\u4e00\u4e2a\u6587\u4ef6\uff09<\/p>\n

             <\/p>\n

            \u901a\u8fc7 url \u53ef\u4ee5\u770b\u51fa\uff0c\u5e94\u8be5\u67e5\u770b if($_G[‘gp_action’] == ‘update’) { \u2026\u2026 } else { \u2026\u2026 } \u4e2d\u7684\u4e00\u6bb5<\/p>\n

            \n
            \n
              \n
            1. } else {<\/li>\n
            2. <\/li>\n
            3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$refererhost = parse_url($_SERVER[‘HTTP_REFERER’]);<\/li>\n
            4. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$refererhost[‘host’] .= !empty($refererhost[‘port’]) ? (‘:’.$refererhost[‘port’]) : ”;<\/li>\n
            5. <\/li>\n
            6. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if($_G[‘setting’][‘seccodedata’][‘type’] < 2 && ($refererhost[‘host’] != $_SERVER[‘HTTP_HOST’] || !$_G[‘setting’][‘seccodestatus’]) || $_G[‘setting’][‘seccodedata’][‘type’] == 2 && !extension_loaded(‘ming’) && $_POST[‘fromFlash’] != 1 || $_G[‘setting’][‘seccodedata’][‘type’] == 3 && $_GET[‘fromFlash’] != 1) {<\/li>\n
            7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 exit(‘Access Denied’);<\/li>\n
            8. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
            9. <\/li>\n
            10. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$seccode = make_seccode($_G[‘gp_idhash’]);<\/li>\n
            11. <\/li>\n
            12. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(!$_G[‘setting’][‘nocacheheaders’]) {<\/li>\n
            13. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 @header(“Expires: -1”);<\/li>\n
            14. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 @header(“Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0”, FALSE);<\/li>\n
            15. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 @header(“Pragma: no-cache”);<\/li>\n
            16. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
            17. <\/li>\n
            18. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0require_once libfile(‘class\/seccode’);<\/li>\n
            19. <\/li>\n
            20. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code = new seccode();<\/li>\n
            21. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->code = $seccode;<\/li>\n
            22. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->type = $_G[‘setting’][‘seccodedata’][‘type’];<\/li>\n
            23. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->width = $_G[‘setting’][‘seccodedata’][‘width’];<\/li>\n
            24. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->height = $_G[‘setting’][‘seccodedata’][‘height’];<\/li>\n
            25. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->background = $_G[‘setting’][‘seccodedata’][‘background’];<\/li>\n
            26. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->adulterate = $_G[‘setting’][‘seccodedata’][‘adulterate’];<\/li>\n
            27. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->ttf = $_G[‘setting’][‘seccodedata’][‘ttf’];<\/li>\n
            28. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->angle = $_G[‘setting’][‘seccodedata’][‘angle’];<\/li>\n
            29. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->warping = $_G[‘setting’][‘seccodedata’][‘warping’];<\/li>\n
            30. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->scatter = $_G[‘setting’][‘seccodedata’][‘scatter’];<\/li>\n
            31. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->color = $_G[‘setting’][‘seccodedata’][‘color’];<\/li>\n
            32. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->size = $_G[‘setting’][‘seccodedata’][‘size’];<\/li>\n
            33. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->shadow = $_G[‘setting’][‘seccodedata’][‘shadow’];<\/li>\n
            34. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->animator = $_G[‘setting’][‘seccodedata’][‘animator’];<\/li>\n
            35. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->fontpath = DISCUZ_ROOT.’.\/static\/image\/seccode\/font\/’;<\/li>\n
            36. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->datapath = DISCUZ_ROOT.’.\/static\/image\/seccode\/’;<\/li>\n
            37. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->includepath = DISCUZ_ROOT.’.\/source\/class\/’;<\/li>\n
            38. <\/li>\n
            39. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$code->display();<\/li>\n
            40. }<\/li>\n<\/ol>\n<\/div>\n

              \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

              \u8fd9\u90e8\u5206\u5f00\u59cb\u662f\u5148\u505a\u4e86\u4e00\u4e9b\u5b89\u5168\u6027\u7684\u9a8c\u8bc1\uff0c\u6700\u540e\u662f\u6839\u636e\u7ed9\u5b9a\u7684\u53c2\u6570\u548c\u7531 make_seccode \u751f\u6210\u7684\u9a8c\u8bc1\u7801\u5b57\u7b26\u4e32\uff0c\u751f\u6210\u9a8c\u8bc1\u7801\u7684\u56fe\u7247\uff0c\u6240\u4ee5\u4e2d\u95f4\u662f\u91cd\u70b9\u3002<\/p>\n

               <\/p>\n

              make_seccode($_G[‘gp_idhash’]) \u8fd9\u4e2a\u51fd\u6570\u4f20\u5165\u4e86\u5f53\u524d\u9875\u9762\u9a8c\u8bc1\u7801\u7684\u552f\u4e00\u5b57\u7b26\u4e32 idhash\uff0c\u751f\u6210\u4e86\u7528\u4e8e\u9a8c\u8bc1\u7801\u7684\u5b57\u7b26\u4e32\u3002<\/p>\n

               <\/p>\n

              5\uff09make_seccode \u51fd\u6570\u5728 source\/function\/function_seccode.php \u6587\u4ef6<\/p>\n

              \n
              \n
                \n
              1. function make_seccode($idhash){<\/li>\n
              2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0global $_G;<\/li>\n
              3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$seccode = random(6, 1);<\/li>\n
              4. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$seccodeunits = ”;<\/li>\n
              5. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if($_G[‘setting’][‘seccodedata’][‘type’] == 1) {<\/li>\n
              6. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $lang = lang(‘seccode’);<\/li>\n
              7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $len = strtoupper(CHARSET) == ‘GBK’ ? 2 : 3;<\/li>\n
              8. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $code = array(substr($seccode, 0, 3), substr($seccode, 3, 3));<\/li>\n
              9. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $seccode = ”;<\/li>\n
              10. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 for($i = 0; $i < 2; $i++) {<\/li>\n
              11. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0$seccode .= substr($lang[‘chn’], $code[$i] * $len, $len);<\/li>\n
              12. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 }<\/li>\n
              13. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0} elseif($_G[‘setting’][‘seccodedata’][‘type’] == 3) {<\/li>\n
              14. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $s = sprintf(‘%04s’, base_convert($seccode, 10, 20));<\/li>\n
              15. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $seccodeunits = ‘CEFHKLMNOPQRSTUVWXYZ’;<\/li>\n
              16. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0} else {<\/li>\n
              17. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $s = sprintf(‘%04s’, base_convert($seccode, 10, 24));<\/li>\n
              18. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $seccodeunits = ‘BCEFGHJKMPQRTVWXY2346789’;<\/li>\n
              19. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
              20. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if($seccodeunits) {<\/li>\n
              21. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $seccode = ”;<\/li>\n
              22. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 for($i = 0; $i < 4; $i++) {<\/li>\n
              23. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0$unit = ord($s{$i});<\/li>\n
              24. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0$seccode .= ($unit >= 0x30 && $unit <= 0x39) ? $seccodeunits[$unit – 0x30] : $seccodeunits[$unit – 0x57];<\/li>\n
              25. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 }<\/li>\n
              26. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
              27. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0dsetcookie(‘seccode’.$idhash, authcode(strtoupper($seccode).”t”.(TIMESTAMP – 180).”t”.$idhash.”t”.FORMHASH, ‘ENCODE’, $_G[‘config’][‘security’][‘authkey’]), 0, 1, true);<\/li>\n
              28. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0return $seccode;<\/li>\n
              29. }<\/li>\n<\/ol>\n<\/div>\n

                \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                \u4ece\u51fd\u6570\u4e2d\u53ef\u4ee5\u770b\u5230\uff0c\u9a8c\u8bc1\u7801 $seccode \u9996\u5148\u6765\u81ea\u4e00\u4e2a6\u4f4d\u7684\u968f\u673a\u6570\u5b57 random(6, 1) \uff08\u6b64\u51fd\u6570\u5982\u4f55\u5de5\u4f5c\uff0c\u6700\u540e\u8bb2\u89e3\uff09\u3002<\/p>\n

                 <\/p>\n

                \u9ed8\u8ba4\u8bbe\u7f6e\u7684\u201c\u82f1\u6587\u56fe\u7247\u9a8c\u8bc1\u7801\u201d\u7684 $_G[‘setting’][‘seccodedata’][‘type’] \u4e3a 0\uff0c\u6240\u4ee5\u770b else \u7684\u90e8\u5206\u3002\u5c06 $seccode \u7684\u6570\u5b57\u901a\u8fc7 base_convert \u51fd\u6570\u7531 10<\/p>\n

                \u8fdb\u5236<\/p>\n

                \u8f6c\u4e3a 24 \u8fdb\u5236\uff0c\u7136\u540e\u8bbe\u5b9a\u53ef\u4ee5\u5728\u9a8c\u8bc1\u7801\u51fa\u73b0\u7684\u5b57\u7b26\u4e32<\/p>\n

                 <\/p>\n

                ‘BCEFGHJKMPQRTVWXY2346789’\u3002<\/p>\n

                 <\/p>\n

                \u6700\u540e\u5c06 24 \u8fdb\u5236\u7684\u9a8c\u8bc1\u7801\u5728 $seccodeunits \u4e2d\u53d6\u5f97\u771f\u6b63\u7684 4 \u4f4d\u9a8c\u8bc1\u7801\u5b57\u7b26\u4e32 $seccode \uff0c\u6700\u540e\u5c06 $seccode \u901a\u8fc7 authcode \u52a0\u5bc6\u51fd\u6570\u8fdb\u884c\u52a0\u5bc6\uff0c\u5199\u5165 cookie \u4e2d\uff0c\u5e76\u8fd4\u56de\uff0ccookie \u7684\u540d\u5b57\u662f seccode \u8fde\u4e0a $idhash \u7684\u503c\uff08\u4f8b\u5982\uff1aseccodeSQq29j20\uff09\u3002\u52a0\u5bc6\u65f6\u4f7f\u7528\u7684\u662f\u5728 config\/config_global.php \u4e2d\u8bbe\u7f6e\u7684 $_G[‘config’][‘security’][‘authkey’] \u7684\u503c\u3002<\/p>\n

                 <\/p>\n

                \u81f3\u6b64\u9a8c\u8bc1\u7801\u53ca\u56fe\u7247\u751f\u6210\u5b8c\u6bd5\uff0c\u751f\u6210\u7684\u9a8c\u8bc1\u7801\u5230\u76ee\u524d\u4e3a\u6b62\u53ea\u4ee5\u52a0\u5bc6\u7684\u65b9\u5f0f\u5b58\u5728\u4e8e cookie \u4e2d\u3002<\/p>\n

                \u4e8c\u3001\u9a8c\u8bc1\u7801\u7684\u9a8c\u8bc1<\/strong><\/p>\n

                1\u3001JS \u65b9\u5f0f\u7684\u9a8c\u8bc1<\/strong><\/p>\n

                1\uff09\u8fd9\u79cd\u9a8c\u8bc1\u5c31\u662f\u5728\u6587\u672c\u6846\u4e2d\u8f93\u5165\u9a8c\u8bc1\u7801\u540e\uff0c\u53ca\u65f6\u7684\u9a8c\u8bc1\u3002
                \n\"2.png\"<\/p>\n

                \u8fd9\u4e2a\u9a8c\u8bc1\u662f\u7531\u6587\u672c\u6846\u7684 onblur \u5931\u53bb\u7126\u70b9\u4e8b\u4ef6\u89e6\u53d1 checksec(‘code’, ‘SQq29j20’) JS \u51fd\u6570\u8fdb\u884c\u9a8c\u8bc1\u7684\u3002<\/p>\n

                 <\/p>\n

                2\uff09checksec \u51fd\u6570\u5728 static\/js\/common.js \u4e2d<\/p>\n

                \n
                \n
                  \n
                1. function checksec(type, idhash, showmsg, recall) {<\/li>\n
                2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$F(‘_checksec’, arguments);<\/li>\n
                3. }<\/li>\n<\/ol>\n<\/div>\n

                  \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                  \u901a\u8fc7\u4e0a\u9762\u4ee3\u7801\u53ef\u4ee5\u770b\u5230\uff0cchecksec \u53c8\u8c03\u7528\u4e86 _checksec \u79c1\u6709\u51fd\u6570\uff0c_checksec \u51fd\u6570\u5728 static\/js\/common_extra.js \u6587\u4ef6\u4e2d<\/p>\n

                  \n
                  \n
                    \n
                  1. function _checksec(type, idhash, showmsg, recall) {<\/li>\n
                  2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0var showmsg = !showmsg ? 0 : showmsg;<\/li>\n
                  3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0var secverify = $(‘sec’ + type + ‘verify_’ + idhash).value;<\/li>\n
                  4. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(!secverify) {<\/li>\n
                  5. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 return;<\/li>\n
                  6. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                  7. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0var x = new Ajax(‘XML’, ‘checksec’ + type + ‘verify_’ + idhash);<\/li>\n
                  8. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0x.loading = ”;<\/li>\n
                  9. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$(‘checksec’ + type + ‘verify_’ + idhash).innerHTML = ‘<img src=”‘+%20IMGDIR%20+%20’\/loading.gif” width=”16″ height=”16″ class=”vm” \/>’;<\/li>\n
                  10. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0x.get(‘misc.php?mod=sec’ + type + ‘&action=check&inajax=1&&idhash=’ + idhash + ‘&secverify=’ + (BROWSER.ie && document.charset == ‘utf-8’ ? encodeURIComponent(secverify) : secverify), function(s){<\/li>\n
                  11. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 var obj = $(‘checksec’ + type + ‘verify_’ + idhash);<\/li>\n
                  12. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 obj.style.display = ”;<\/li>\n
                  13. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 if(s.substr(0, 7) == ‘succeed’) {<\/li>\n
                  14. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0obj.innerHTML = ‘<img src=”‘+%20IMGDIR%20+%20’\/check_right.gif” width=”16″ height=”16″ \/>’;<\/li>\n
                  15. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0if(showmsg) {<\/li>\n
                  16. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0recall(1);<\/li>\n
                  17. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0}<\/li>\n
                  18. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 } else {<\/li>\n
                  19. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0obj.innerHTML = ‘<img src=”‘+%20IMGDIR%20+%20’\/check_error.gif” width=”16″ height=”16″ \/>’;<\/li>\n
                  20. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0if(showmsg) {<\/li>\n
                  21. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(type == ‘code’) {<\/li>\n
                  22. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 showError(‘\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u586b\u5199’);<\/li>\n
                  23. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0} else if(type == ‘qaa’) {<\/li>\n
                  24. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 showError(‘\u9a8c\u8bc1\u95ee\u7b54\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u586b\u5199’);<\/li>\n
                  25. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                  26. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0recall(0);<\/li>\n
                  27. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0}<\/li>\n
                  28. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 }<\/li>\n
                  29. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0});<\/li>\n
                  30. }<\/li>\n<\/ol>\n<\/div>\n

                    \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                    \u8fd9 \u4e2a\u51fd\u6570\u9996\u5148\u9a8c\u8bc1\u4e0b\uff0c\u8f93\u5165\u6846\u5185\u586b\u5199\u7684\u9a8c\u8bc1\u7801\u7684\u503c $(‘sec’ + type + ‘verify_’ + idhash).value \u662f\u5426\u5b58\u5728\uff08type \u5c31\u662f\u4f20\u5165\u7684 code\uff09\u3002\u7136\u540e\u901a\u8fc7 ajax \u8bf7\u6c42\u8bbf\u95ee misc.php?mod=seccode&action=check&inajax=1&&idhash=xxxx&secverify=xxxx \u8fd9\u6837\u4e00\u4e2a\u5730\u5740\uff0c\u8fd9\u4e2a\u5730\u5740\u4f1a\u8fd4\u56de\u9a8c\u8bc1\u7684\u7ed3\u679c\u5b57\u7b26\u4e32\u3002\u5982\u679c\u8fd4\u56de\u7ed3\u679c\u7684\u524d 7 \u4e2a\u5b57\u7b26\u662f succeed \u5219\u9a8c\u8bc1\u901a\u8fc7\uff0c\u663e\u793a\u5bf9\u52fe\uff1b\u5426\u5219\u63d0\u793a\u201c\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u586b\u5199\u201d\uff0c\u5e76\u663e\u793a\u7ea2\u53c9\u3002<\/p>\n

                     <\/p>\n

                    3\uff09\u627e\u5230\u901a\u8fc7 ajax \u8bf7\u6c42\u7684\u7a0b\u5e8f source\/module\/misc\/misc_seccode.php<\/p>\n

                     <\/p>\n

                    \u901a\u8fc7 url \u4e2d\u7684 action=check \u53ef\u4ee5\u770b\u51fa\uff0c\u5e94\u8be5\u67e5\u770b elseif($_G[‘gp_action’] == ‘check’) { \u2026\u2026 } \u4e2d\u7684\u4e00\u6bb5<\/p>\n

                    \n
                    \n
                      \n
                    1. } elseif($_G[‘gp_action’] == ‘check’) {<\/li>\n
                    2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0include template(‘common\/header_ajax’);<\/li>\n
                    3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0echo check_seccode($_G[‘gp_secverify’], $_G[‘gp_idhash’]) ? ‘succeed’ : ‘invalid’;<\/li>\n
                    4. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0include template(‘common\/footer_ajax’);<\/li>\n
                    5. } else {<\/li>\n<\/ol>\n<\/div>\n

                      \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                      \u8fd9 \u91cc\u5c06\u901a\u8fc7 url \u4f20\u5165\u7684 secverify \u548c idhash \u4e24\u4e2a\u503c\u4f20\u9012\u7ed9 check_seccode \u51fd\u6570\uff0c\u901a\u8fc7\u4ee3\u7801\u770b\u5230 check_seccode \u8fd4\u56de\u5e03\u5c14\u503c\uff0c\u6545\u7ed3\u679c\u4e3a\u771f\uff0c\u5219\u901a\u8fc7\u9a8c\u8bc1\uff0c\u8fd4\u56de succeed \u5b57\u7b26\u4e32\uff0c\u7ed3\u679c\u4e3a\u5047\uff0c\u5219\u9a8c\u8bc1\u5931\u8d25\uff0c\u8fd4\u56de invalid \u5b57\u7b26\u4e32\u3002<\/p>\n

                       <\/p>\n

                      4\uff09check_seccode \u51fd\u6570\u5728 source\/function\/function_core.php \u6587\u4ef6<\/p>\n

                      \n
                      \n
                        \n
                      1. function check_seccode($value, $idhash) {<\/li>\n
                      2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0global $_G;<\/li>\n
                      3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(!$_G[‘setting’][‘seccodestatus’]) {<\/li>\n
                      4. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 return true;<\/li>\n
                      5. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                      6. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(!isset($_G[‘cookie’][‘seccode’.$idhash])) {<\/li>\n
                      7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 return false;<\/li>\n
                      8. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                      9. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0list($checkvalue, $checktime, $checkidhash, $checkformhash) = explode(“t”, authcode($_G[‘cookie’][‘seccode’.$idhash], ‘DECODE’, $_G[‘config’][‘security’][‘authkey’]));<\/li>\n
                      10. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0return $checkvalue == strtoupper($value) && TIMESTAMP – 180 > $checktime && $checkidhash == $idhash && FORMHASH == $checkformhash;<\/li>\n
                      11. }<\/li>\n<\/ol>\n<\/div>\n

                        \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                        \u6b64\u51fd\u6570\u9996\u5148\u6839\u636e\u7f13\u5b58\u4e2d\u7684\u8bbe\u5b9a\u9a8c\u8bc1\u9a8c\u8bc1\u7801\u7684\u5f00\u542f\u72b6\u6001\uff0c\u5982\u679c\u672a\u5f00\u542f\uff0c\u6b64\u5904\u9a8c\u8bc1\u76f4\u63a5\u8fd4\u56de\u771f\uff0c\u65e2\u7136\u6ca1\u6709\u5f00\u542f\u9a8c\u8bc1\u7801\u81ea\u7136\u5982\u4f55\u9a8c\u8bc1\u5747\u4e3a\u771f\u3002<\/p>\n

                         <\/p>\n

                        \u7136\u540e\u9a8c\u8bc1 cookie \u4e2d\u662f\u5426\u5b58\u5728\u751f\u6210\u9a8c\u8bc1\u7801\u65f6\u5199\u5165 cookie \u7684\u503c\uff08\u4f8b\u5982\uff1aseccodeSQq29j20\uff09\uff0c\u5982\u679c cookie \u6ca1\u6709\u6b64\u503c\uff0c\u5219\u6b64\u6b21\u9a8c\u8bc1\u5931\u6548\uff0c\u9700\u8981\u91cd\u65b0\u751f\u6210\u9a8c\u8bc1\u7801\uff0c\u91cd\u65b0\u9a8c\u8bc1\u3002<\/p>\n

                         <\/p>\n

                        \u6700\u540e\u4ece cookie \u53d6\u51fa\u503c\uff0c\u4f7f\u7528\u00a0\u00a0$_G[‘config’][‘security’][‘authkey’] \u52a0\u5bc6\u4e32\uff0c\u901a\u8fc7 authcode \u51fd\u6570\u5bf9\u503c\u8fdb\u884c\u89e3\u5bc6\uff0c\u89e3\u5bc6\u540e\u83b7\u53d6\u5230\u9a8c\u8bc1\u7801\u3001\u751f\u6210\u65f6\u95f4\u3001idhash\u3001formhash \u56db\u4e2a\u503c\u3002\u7136\u540e\u9700\u8981\u540c\u65f6\u6ee1\u8db3\u4ee5\u4e0b\u56db\u4e2a\u6761\u4ef6\u624d\u53ef\u4ee5\u901a\u8fc7\u9a8c\u8bc1\uff1a<\/p>\n

                         <\/p>\n

                        – \u8f93\u5165\u7684\u9a8c\u8bc1\u7801\u7b49\u4e8e\u89e3\u5bc6\u51fa\u6765\u7684\u9a8c\u8bc1\u7801<\/p>\n

                         <\/p>\n

                        – \u9a8c\u8bc1\u7801\u7684\u751f\u6210\u65f6\u95f4\u8ddd\u5f53\u524d\u65f6\u95f4\u5c0f\u4e8e 180 \u79d2<\/p>\n

                         <\/p>\n

                        – \u4f20\u5165\u7684 idhash \u7b49\u4e8e\u89e3\u5bc6\u51fa\u6765\u7684 idhash<\/p>\n

                         <\/p>\n

                        – \u5f53\u524d\u7cfb\u7edf\u751f\u6210\u7684 formhash \u7b49\u4e8e\u89e3\u5bc6\u51fa\u6765\u7684 formhash<\/p>\n

                         <\/p>\n

                        \u81f3\u6b64\u901a\u8fc7 JS \u65b9\u5f0f\u7684\u9a8c\u8bc1\u7801\u9a8c\u8bc1\u5b8c\u6210\u3002<\/p>\n

                        2\u3001PHP \u65b9\u5f0f\u7684\u9a8c\u8bc1<\/strong><\/p>\n

                        1\uff09\u8fd9\u79cd\u65b9\u5f0f\u5c31\u662f\u5728\u9a8c\u8bc1\u7801\u6240\u5728\u7684\u8868\u5355\u63d0\u4ea4\u540e\uff0c\u5bf9\u8f93\u5165\u7684\u9a8c\u8bc1\u7801\u8fdb\u884c\u7684\u9a8c\u8bc1\u3002<\/p>\n

                         <\/p>\n

                        \u4f8b\u5982\u5728\u4fee\u6539\u7528\u6237\u5bc6\u7801\u65f6\u5f00\u542f\u4e86\u9a8c\u8bc1\u7801\uff0c\u5219\u4f1a\u5728\u5176\u5904\u7406\u7684 PHP\u00a0\u00a0\u7a0b\u5e8f\u4e2d\u53d1\u73b0\uff08source\/include\/spacecp\/spacecp_profile.php\uff09\u8fd9\u6837\u4e00\u53e5\u4ee3\u7801<\/p>\n

                        \n
                        \n
                          \n
                        1. submitcheck(‘passwordsubmit’, 0, $seccodecheck, $secqaacheck)<\/li>\n<\/ol>\n<\/div>\n

                          \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                          submitcheck \u51fd\u6570\u5c31\u662f\u5bf9\u63d0\u4ea4\u7684\u8868\u5355\u8fdb\u884c\u9a8c\u8bc1\u7684\u3002<\/p>\n

                           <\/p>\n

                          2\uff09submitcheck \u51fd\u6570\u5728 source\/function\/function_core.php \u6587\u4ef6<\/p>\n

                          \n
                          \n
                            \n
                          1. function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0) {<\/li>\n
                          2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if(!getgpc($var)) {<\/li>\n
                          3. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 return FALSE;<\/li>\n
                          4. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0} else {<\/li>\n
                          5. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 global $_G;<\/li>\n
                          6. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 if($allowget || ($_SERVER[‘REQUEST_METHOD’] == ‘POST’ && !empty($_G[‘gp_formhash’]) && $_G[‘gp_formhash’] == formhash() && empty($_SERVER[‘HTTP_X_FLASH_VERSION’]) && (empty($_SERVER[‘HTTP_REFERER’]) ||<\/li>\n
                          7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 preg_replace(“\/https?:\/\/([^:\/]+).*\/i”, “1”, $_SERVER[‘HTTP_REFERER’]) == preg_replace(“\/([^:]+).*\/”, “1”, $_SERVER[‘HTTP_HOST’])))) {<\/li>\n
                          8. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0if(checkperm(‘seccode’)) {<\/li>\n
                          9. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if($secqaacheck && !check_secqaa($_G[‘gp_secanswer’], $_G[‘gp_sechash’])) {<\/li>\n
                          10. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 showmessage(‘submit_secqaa_invalid’);<\/li>\n
                          11. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                          12. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0if($seccodecheck && !check_seccode($_G[‘gp_seccodeverify’], $_G[‘gp_sechash’])) {<\/li>\n
                          13. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 showmessage(‘submit_seccode_invalid’);<\/li>\n
                          14. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                          15. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0}<\/li>\n
                          16. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0return TRUE;<\/li>\n
                          17. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 } else {<\/li>\n
                          18. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0showmessage(‘submit_invalid’);<\/li>\n
                          19. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 }<\/li>\n
                          20. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                          21. }<\/li>\n<\/ol>\n<\/div>\n

                            \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                            submitcheck \u51fd\u6570\u4e00\u822c\u53ea\u586b\u5199\u524d\u4e24\u4e2a\u53c2\u6570\u5373\u53ef\uff0c\u7b2c\u4e00\u4e2a\u53c2\u6570\u8868\u793a\u8981\u9a8c\u8bc1\u7684\u8868\u5355\u5143\u7d20\u7684\u540d\u5b57\uff0c\u6b64\u8868\u5355\u5143\u7d20\u4e0d\u5b58\u5728\u5219\u9a8c\u8bc1\u5931\u8d25\uff1b\u7b2c\u4e8c\u4e2a\u53c2\u6570\u8868\u793a\u662f\u5426\u5141\u8bb8\u901a\u8fc7 GET \u65b9\u5f0f\u63d0\u4ea4\u7684\u6570\u636e\u901a\u8fc7\u9a8c\u8bc1\uff0c0 \u4e3a\u4e0d\u5141\u8bb8\uff0c1 \u4e3a\u5141\u8bb8\uff0c\u4e00\u822c\u4e3a 0 \u5373\u53ef\u3002<\/p>\n

                             <\/p>\n

                            \u540e\u4e24\u4e2a\u53c2\u6570\u7528\u4e8e\u8868\u793a\u63d0\u4ea4\u7684\u8868\u5355\u4e2d\u662f\u5426\u9700\u8981\u5bf9\u9a8c\u8bc1\u7801\u548c\u9a8c\u8bc1\u95ee\u7b54\u505a\u9a8c\u8bc1\uff0c\u7b2c\u4e09\u4e2a\u53c2\u6570 $seccodecheck \u4ee3\u8868\u9a8c\u8bc1\u7801\uff0c\u7b2c\u56db\u4e2a\u53c2\u6570 $secqaacheck \u4ee3\u8868\u9a8c\u8bc1\u95ee\u7b54\uff0c\u53c2\u6570\u503c\u90fd\u662f 0 \u4e3a\u4e0d\u9a8c\u8bc1\uff0c1 \u4e3a\u9a8c\u8bc1\u3002<\/p>\n

                             <\/p>\n

                            \u6240\u4ee5\u5982\u679c\u9700\u8981\u5728\u63d0\u4ea4\u540e\u9a8c\u8bc1\u9a8c\u8bc1\u7801\uff0c\u5219\u81f3\u5c11\u8981\u586b\u5199 3 \u4e2a\u53c2\u6570\uff0c\u5373 submitcheck(‘passwordsubmit’, 0, 1) \u3002<\/p>\n

                             <\/p>\n

                            \u8fdb\u5165\u51fd\u6570\u4e2d\u4f1a\u73b0\u5bf9\u63d0\u4ea4\u8868\u5355\u7684\u63d0\u4ea4\u65b9\u5f0f\u3001formhash\u3001\u8bbf\u95ee\u6765\u6e90 referer \u7b49\u6570\u636e\u8fdb\u884c\u5b89\u5168\u6027\u9a8c\u8bc1\uff0c\u901a\u8fc7\u540e\u5219\u4f1a\u8c03\u7528 check_seccode \u51fd\u6570\u5bf9\u63d0\u4ea4\u8fc7\u6765\u7684\u9a8c\u8bc1\u7801\u8fdb\u884c\u9a8c\u8bc1\u4e86\uff0c\u6839\u636e check_seccode \u7684\u8fd4\u56de\u503c\uff0c\u6765\u7ed9\u4e88\u4e0d\u540c\u7684\u63d0\u793a\u3002 check_seccode \u51fd\u6570\u5982\u4f55\u5de5\u4f5c\u7684\u53c2\u770b JS \u9a8c\u8bc1\u4e2d\u7684 4\uff09 \u5373\u53ef\u3002<\/p>\n

                             <\/p>\n

                            \u81f3\u6b64\u901a\u8fc7 PHP \u65b9\u5f0f\u7684\u9a8c\u8bc1\u7801\u9a8c\u8bc1\u5b8c\u6210\u3002<\/p>\n

                            \u4e09\u3001\u968f\u673a\u6570\u5982\u4f55\u4ea7\u751f\u7684<\/strong><\/p>\n

                            Discuz! X\u7684\u968f\u673a\u6570\u662f\u901a\u8fc7 random \u51fd\u6570\u4ea7\u751f\u7684\uff0c\u51fd\u6570\u5728\u00a0\u00a0source\/function\/function_core.php \u6587\u4ef6<\/p>\n

                            \n
                            \n
                              \n
                            1. function random($length, $numeric = 0) {<\/li>\n
                            2. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$seed = base_convert(md5(microtime().$_SERVER[‘DOCUMENT_ROOT’]), 16, $numeric ? 10 : 35);<\/li>\n
                            3. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$seed = $numeric ? (str_replace(‘0′, ”, $seed).’012340567890′) : ($seed.’zZ’.strtoupper($seed));<\/li>\n
                            4. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$hash = ”;<\/li>\n
                            5. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0$max = strlen($seed) – 1;<\/li>\n
                            6. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0for($i = 0; $i < $length; $i++) {<\/li>\n
                            7. \u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0\u00a0 \u00a0 $hash .= $seed{mt_rand(0, $max)};<\/li>\n
                            8. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0}<\/li>\n
                            9. \u00a0 \u00a0\u00a0 \u00a0\u00a0\u00a0return $hash;<\/li>\n
                            10. }<\/li>\n<\/ol>\n<\/div>\n

                              \u590d\u5236\u4ee3\u7801<\/em><\/div>\n

                              \u6b64\u51fd\u6570\u6709\u4e24\u4e2a\u53c2\u6570\uff0c$length \u8868\u793a\u8981\u83b7\u53d6\u7684\u968f\u673a\u6570\u7684\u4f4d\u6570\uff0c$numeric \u8868\u793a\u662f\u5426\u8981\u83b7\u53d6\u7eaf\u6570\u5b57\u7684\u968f\u673a\u6570\uff0c\u53d6\u503c 0 \u6216 1\u3002<\/p>\n

                               <\/p>\n

                              \u51fd\u6570\u9996\u5148\u4f7f\u7528 microtime \u51fd\u6570\u83b7\u53d6\u5f53\u524d\u7684\u5fae\u79d2\u7ea7\u65f6\u95f4\u6233\u5b57\u7b26\u4e32\uff0c\u7136\u540e\u5728\u540e\u9762\u62fc\u63a5\u4e0a\u5355\u524d\u7f51\u7ad9\u7684\u6839\u76ee\u5f55\u8def\u5f84\uff0c\u7136\u540e\u8fdb\u884c MD5 \u52a0\u5bc6\uff0c\u83b7\u5f97 32 \u4f4d\u957f\u7684\u5b57\u7b26\u4e32\u3002\u4e4b\u540e\u5bf9\u5176\u8fdb\u884c\u8f6c\u8fdb\u5236\uff0c\u5982\u679c\u8981\u83b7\u53d6\u7eaf\u6570\u5b57\u7684\u968f\u673a\u6570\uff0c\u5219\u4ece 16 \u8fdb\u5236\u8f6c\u4e3a 10 \u8fdb\u5236\uff0c\u5982\u679c\u8981\u83b7\u5f97\u6570\u5b57\u548c\u82f1\u6587\u6df7\u6742\u7684\u968f\u673a\u6570\uff0c\u5219\u4ece 16 \u8fdb\u5236\u8f6c\u4e3a 35 \u8fdb\u5236\u3002\u4e4b\u540e\u518d\u5c06\u8f6c\u8fdb\u5236\u540e\u83b7\u5f97\u7684\u5b57\u7b26\u4e32\uff0c\u6839\u636e\u662f\u5426\u8981\u83b7\u53d6\u7eaf\u6570\u5b57\u968f\u673a\u6570\u7684\u533a\u522b\uff0c\u8fdb\u884c\u62fc\u63a5\u3002\u6700\u540e\u4ece\u62fc\u63a5\u540e\u7684\u5b57\u7b26\u4e32\u4e2d\u968f\u673a\u62bd\u53d6\u968f\u673a\u6570\u7684\u7b2c\u4e00\u4f4d\u3001\u7b2c\u4e8c\u4f4d\u4ee5\u6b64\u7c7b\u63a8\uff0c\u76f4 \u81f3\u83b7\u53d6\u6ee1\u8db3\u8981\u6c42\u7684\u968f\u673a\u6570\u7684\u4f4d\u7f6e\u4e3a\u6b62\u3002\u81f3\u6b64\u751f\u6210\u4e86\u968f\u673a\u6570\u3002<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

                              \u4e00\u3001\u9a8c\u8bc1\u7801\u7684\u4ea7\u751f 1\u3001\u5982\u4f55\u5728\u6a21\u677f\u4e2d\u6dfb\u52a0\u4e00\u4e2a\u9a8c\u8bc1\u7801 \u5728X2\u4e2d\u9a8c\u8bc1\u7801\u7684\u6a21\u677f\u90e8\u5206\u72ec\u7acb\u4e3a\u4e00\u4e2a\u6a21\u677f\u6587\u4ef6\uff08template […]<\/p>\n","protected":false},"author":1,"featured_media":669,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-332","post","type-post","status-publish","format-standard","hentry","category-php"],"_links":{"self":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts\/332","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=332"}],"version-history":[{"count":2,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions"}],"predecessor-version":[{"id":671,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions\/671"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/media\/669"}],"wp:attachment":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=332"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}