/* 连接mysql数据库 */ MYSQL *ConnectDB(void) { if ((mysql = mysql_init(NULL)) == NULL) DisplayStage('0', "mysql_init error", 1); if (mysql_real_connect(mysql, AUTHDBHOST, AUTHDBUSER, AUTHDBPASSWD, AUTHDB, AUTHDBPORT, AUTHDBSOCKPATH, 0) == NULL) DisplayStage('0', "mysql_connect error", 1); return mysql; }
/* 执行sql语句 */ MYSQL_RES * ExecSQL ( char *sql, int haveresult ) { MYSQL_RES * mysql_res; if( mysql_query(mysql,sql) ) DisplayStage('0',"mysql_querying error",1); if( haveresult ) { if( (mysql_res = mysql_store_result(mysql)) == NULL ) DisplayStage('0',"mysql_store_result error",1); return mysql_res; } return NULL; }
void Stage0(void) { char buf[MAXLEN]; MYSQL_RES *mysql_res; MYSQL_ROW row; snprintf(buf,MAXLEN,"select phone,memo from VIPMAC where MAC='%s'",MAC); mysql_res = ExecSQL(buf,1); row = mysql_fetch_row(mysql_res); if( row ) { snprintf(PHONE,12,row[0]); snprintf(buf,MAXLEN,"insert into Log values('%s','%s','%s',now(),'VIP %s auto online 7 day')", remote_addr(), MAC, PHONE, row[1]); ExecSQL(buf,0); IPOnline(7*24*3600); } snprintf(buf,MAXLEN,"select phone,timestampdiff(second,now(),end) from MACPhone where MAC='%s' and now()< end",MAC); mysql_res = ExecSQL(buf,1); row = mysql_fetch_row(mysql_res); if( row ) { snprintf(PHONE,12,row[0]); snprintf(buf,MAXLEN,"insert into Log values('%s','%s','%s',now(),'auto online %s sec')", remote_addr(), MAC, PHONE, row[1]); ExecSQL(buf,0); IPOnline(atoi(row[1])); } DisplayStage('0',NULL,0); exit(0); }
void IPOnline( int timespan ) { char buf[MAXLEN]; char *url; setuid(0); snprintf(buf,MAXLEN,"/usr/sbin/ipset add -exist user %s,%c%c:%c%c:%c%c:%c%c:%c%c:%c%c timeout %d", remote_addr(), MAC[0],MAC[1],MAC[2],MAC[3],MAC[4],MAC[5],MAC[6],MAC[7],MAC[8],MAC[9],MAC[10],MAC[11], timespan ); system(buf); snprintf(buf,MAXLEN,"insert into IPMACPhone values('%s', '%s','%s',now(), date_add(now(), interval %d second))", remote_addr(),MAC,PHONE,timespan); ExecSQL(buf,0); url=GetValue("url"); if(url && (*url) && (strcmp(url,"URL")!=0)) { if( HtmlHeadOut==0 ) { HtmlHead(); PrintFile("/var/www/html/redir.html"); } printf("<script language=\"javascript\" type=\"text/javascript\">" "window.location.href=\"%s\";</script>\n", url); printf("请继续访问<a href=%s>%s</a><p>",url,url); printf("</body></html>\n"); mysql_close(mysql); exit(0); } DisplayStage('2',"欢迎使用网络",0); }
void CheckPhone(char*phone) { char *p; char buf[MAXLEN]; MYSQL_RES *mysql_res; MYSQL_ROW row; if(strlen(phone)!=11) DisplayStage('0',"电话号码必须是11位数字",1); for(p=phone;*p;p++) { if(*p>='0' && *p<='9') continue; DisplayStage('0',"电话号码必须是数字",1); } if(*phone!='1') DisplayStage('0',"电话号码必须是数字1开头",1); snprintf(buf,MAXLEN,"select msg from black where black='%s'",phone); mysql_res = ExecSQL(buf,1); row = mysql_fetch_row(mysql_res); if( row ) { snprintf(buf,MAXLEN,"此电话号码禁用(%s)",row[0]); DisplayStage('0',buf,1); } }
void Stage2() // setonline { char *phone, *password, *p; char buf[MAXLEN]; MYSQL_RES *mysql_res; MYSQL_ROW row; phone = GetValue("phone"); if ((phone == NULL) || (phone[0] == 0)) DisplayStage('0', "输入的电话号码为空", 1); CheckPhone(phone); strncpy(PHONE, phone, 12); password = GetValue("password"); if ((password == NULL) || strlen(password) != 6) DisplayStage('1', "请输入密码", 1); snprintf(buf, MAXLEN, "select pass from PhonePass where phone='%s' and valid>now()", phone); mysql_res = ExecSQL(buf, 1); row = mysql_fetch_row(mysql_res); if (row == NULL) DisplayStage('0', "未查到一周内的电话号码信息,请重新输入", 1); if (strcmp(row[0], password) != 0) { DisplayStage('1', "密码错误,请重新输入", 1); } p = GetValue("timespan"); if ((p == NULL) || (*p == 0)) p = "1"; else *(p + 1) = 0; if ((*p != '1') && (*p != '7')) p = "1"; snprintf(buf, MAXLEN, "replace into MACPhone values('%s','%s',now(), date_add(now(), interval %s day))", MAC, PHONE, p); ExecSQL(buf, 0); snprintf(buf, MAXLEN, "insert into Log values('%s','%s','%s',now(),'online %s day')", remote_addr(), MAC, PHONE, p); ExecSQL(buf, 0); IPOnline((*p - '0') * 24 * 3600); }
int CGImain(void) { char *s; ConnectDB(); s = GetValue("s"); GetMAC(remote_addr()); if(MAC[0]==0) DisplayStage('0',"无法获取MAC地址",1); if ( (s== NULL) || *s=='0') Stage0(); else if( *s=='1') Stage1(); else if(*s=='2') { Stage2(); } else Stage0(); return 0; }
void GetMAC(char *ip) { FILE *fp; char buf[MAXLEN]; MYSQL_RES *mysql_res; MYSQL_ROW row; int len; MAC[0] = 0; len = strlen(ip); fp = fopen("/proc/net/arp", "r"); if (!fp) return; while (fgets(buf, MAXLEN, fp)) { if (strlen(buf) < 64) continue; if (strncmp(buf, ip, len) != 0) continue; if (buf[len] != ' ') continue; MAC[0] = buf[41]; MAC[1] = buf[42]; MAC[2] = buf[44]; MAC[3] = buf[45]; MAC[4] = buf[47]; MAC[5] = buf[48]; MAC[6] = buf[50]; MAC[7] = buf[51]; MAC[8] = buf[53]; MAC[9] = buf[54]; MAC[10] = buf[56]; MAC[11] = buf[57]; MAC[12] = 0; } fclose(fp); snprintf(buf, MAXLEN, "select msg from black where black='%s'", MAC); mysql_res = ExecSQL(buf, 1); row = mysql_fetch_row(mysql_res); if (row) { snprintf(buf, MAXLEN, "此MAC地址禁用(%s)", row[0]); DisplayStage('0', buf, 1); } }
void Stage1() // sendsms, dispay input page { char *phone,*p; char buf[MAXLEN]; char pass[MAXLEN]; MYSQL_RES *mysql_res; MYSQL_ROW row; FILE *fp; p = GetValue("changenum"); if ( p ) DisplayStage('0',"请输入电话号码",0); phone = GetValue("phone"); if( phone==NULL || phone[0]==0 ) DisplayStage('0',"输入的电话号码为空",1); CheckPhone(phone); strncpy(PHONE,phone,12); p = GetValue("havepass"); if(p) DisplayStage('1',"请输入密码",0); // 检查该设备当天是否发送过短信, 每天最多 MAXPERMAC snprintf(buf,MAXLEN,"select count from MACcount where MAC='%s' and sendday=curdate()",MAC); mysql_res = ExecSQL(buf,1); row = mysql_fetch_row(mysql_res); if( row ) { if( atoi(row[0]) >= MAXPERMAC ) { sprintf(buf,"每台设备每天允许%d手机登录,今天已经使用%s次,请换台设备再试",MAXPERMAC,row[0]); DisplayStage('0',buf,1); } snprintf(buf,MAXLEN,"update MACcount set count=count+1 where MAC='%s' and sendday=curdate()",MAC); ExecSQL(buf,0); } else { snprintf(buf,MAXLEN,"replace into MACcount values ('%s', now(), 1)",MAC); ExecSQL(buf,0); } // 检查手机当天是否发送过短信, 每天最多 MAXPERPHONE snprintf(buf,MAXLEN,"select count from Phonecount where phone='%s' and sendday=curdate()",PHONE); mysql_res = ExecSQL(buf,1); row = mysql_fetch_row(mysql_res); if( row ) { if( atoi(row[0]) >= MAXPERPHONE ) { sprintf(buf,"每个手机每天允许%d短信,今天已经使用%s次,请换手机再试",MAXPERPHONE,row[0]); DisplayStage('0',buf,1); } snprintf(buf,MAXLEN,"update Phonecount set count=count+1 where phone='%s' and sendday=curdate()",PHONE); ExecSQL(buf,0); } else { snprintf(buf,MAXLEN,"replace into Phonecount values ('%s', now(), 1)",PHONE); ExecSQL(buf,0); } snprintf(buf,MAXLEN,"select pass from PhonePass where phone='%s' and now()<valid",PHONE); mysql_res = ExecSQL(buf,1); row = mysql_fetch_row(mysql_res); if( row==NULL ) { srand(time(NULL)); int i; for(i=0;i<6;i++) { int r; r=rand(); pass[i]='0' + r%10; } pass[6]=0; } else strncpy(pass,row[0],7); snprintf(buf,MAXLEN,"replace into PhonePass values ('%s', '%s', date_add(now(), interval 8 day) )",PHONE,pass); ExecSQL(buf,0); snprintf(buf,MAXLEN,"php /usr/src/sendsms/sendsms.php %s \"%s是您在中国科大访客WLAN密码,一周内都可以使用本密码登录,请保留本短信。\" 2>/dev/null",PHONE,pass); fp=popen(buf,"r"); if(fp==NULL){ snprintf(buf,MAXLEN,"insert into Log values('%s','%s','%s',now(),'send pass error')", remote_addr(), MAC, PHONE); ExecSQL(buf,0); DisplayStage('0',"密码发送失败",1); } fgets(buf,MAXLEN,fp); if(strncmp(buf,"OK",2)==0) { snprintf(buf,MAXLEN,"insert into Log values('%s','%s','%s',now(),'send pass ok')", remote_addr(), MAC, PHONE); ExecSQL(buf,0); DisplayStage('1',"请输入手机上收到的密码",0); } else { char tmp[MAXLEN]; strncpy(tmp,buf,MAXLEN); snprintf(buf,MAXLEN,"insert into Log values('%s','%s','%s',now(),'send pass error %s')", remote_addr(), MAC, PHONE,tmp); ExecSQL(buf,0); DisplayStage('0',tmp,1); } }