Skip to content
This repository was archived by the owner on Dec 5, 2025. It is now read-only.

Commit 3d43400

Browse files
NetrvinNetrvin
committed
txt验证、禁止用户注册
1 parent 59cefa0 commit 3d43400

File tree

13 files changed

+562
-525
lines changed

13 files changed

+562
-525
lines changed

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
.idea
2+
config.php

README.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,10 @@ Cloudflare Partner Management Panel
33

44
打开config.php,根据里面的注释进行设置后即可使用
55

6-
English version: [https://github.com/Netrvin/CFPMP/tree/en-v0.2.3](https://github.com/Netrvin/CFPMP/tree/en-v0.2.3)
7-
86
## 功能
97
* CNAME接入
108
* reCAPTCHA
119
* 设置回源地址为IP(基于sslip.io)(默认关闭此功能)
10+
* 通过 TXT 记录验证域名是否受用户控制
1211

1312
可用实例:[https://cf.yuzu.im/](https://cf.yuzu.im/)

add_domain.php

Lines changed: 16 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -3,24 +3,31 @@
33

44
$cloudflare->is_login();
55

6-
function msg($s){
7-
$_SESSION["msg"]=$s;
6+
function msg($s)
7+
{
8+
$_SESSION["msg"] = $s;
89
header("Location: domains.php");
910
exit(0);
1011
}
1112

12-
if (empty($_POST["domain"])){
13+
if (empty($_POST["domain"])) {
1314
msg("域名不能为空");
1415
}
1516

16-
$r=$cloudflare->zone_set($_POST["domain"],$_POST["domain"],"www:".$_POST["domain"]);
17+
if (Enable_TXT_Verification){
18+
if (!$cloudflare->check_txt_record($_POST["domain"])){
19+
msg("TXT 记录验证失败");
20+
}
21+
}
22+
23+
$r = $cloudflare->zone_set($_POST["domain"], $_POST["domain"], "www:" . $_POST["domain"]);
1724

18-
if ($r["result"]=="success"){
25+
if ($r["result"] == "success") {
1926
msg("添加成功");
20-
}else{
21-
if (empty($r["msg")){
27+
} else {
28+
if (empty($r["msg"])) {
2229
msg("请刷新本页面以确认域名是否添加成功");
23-
}else{
24-
msg("添加失败:".$r["msg"]);
30+
} else {
31+
msg("添加失败:" . $r["msg"]);
2532
}
2633
}

auth.php

Lines changed: 16 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -2,36 +2,33 @@
22

33
include_once("cf.class.php");
44

5-
function msg($s){
6-
$_SESSION["login_msg"]=$s;
5+
function msg($s)
6+
{
7+
$_SESSION["login_msg"] = $s;
78
header("Location: index.php");
89
exit(0);
910
}
1011

11-
if (Enable_reCAPTCHA)
12-
{
13-
if (!empty($_POST["g-recaptcha-response"]))
14-
{
15-
if (!($cloudflare->reCAPTCHA($_POST["g-recaptcha-response"])))
16-
{
12+
if (Enable_reCAPTCHA) {
13+
if (!empty($_POST["g-recaptcha-response"])) {
14+
if (!($cloudflare->reCAPTCHA($_POST["g-recaptcha-response"]))) {
1715
msg("请完成验证码");
1816
}
19-
}else{
17+
} else {
2018
msg("请完成验证码");
2119
}
2220
}
2321

24-
if ((!empty($_POST["email"]))&&(!empty($_POST["password"])))
25-
{
26-
$r=$cloudflare->login($_POST["email"],$_POST["password"]);
27-
if ($r["result"]=="success")
28-
{
29-
$_SESSION["user_key"]=$r["response"]["user_key"];
30-
$_SESSION["email"]=$r["response"]["cloudflare_email"];
22+
if ((!empty($_POST["email"])) && (!empty($_POST["password"]))) {
23+
$r = $cloudflare->login($_POST["email"], $_POST["password"]);
24+
if ($r["result"] == "success") {
25+
$_SESSION["user_key"] = $r["response"]["user_key"];
26+
$_SESSION["email"] = $r["response"]["cloudflare_email"];
27+
if (Enable_TXT_Verification) $_SESSION["txt_verification"] = password_hash(Random_String.$_SESSION["email"],PASSWORD_BCRYPT );
3128
header("Location: domains.php");
32-
}else{
33-
msg("登录 / 注册失败:".$r["msg"]);
29+
} else {
30+
msg("失败:" . $r["msg"]);
3431
}
35-
}else{
32+
} else {
3633
msg("用户名和密码不能为空");
3734
}

cf.class.php

Lines changed: 117 additions & 96 deletions
Original file line numberDiff line numberDiff line change
@@ -2,147 +2,168 @@
22

33
include_once("config.php");
44

5+
if (Enable_TXT_Verification&&(strlen(Random_String)<64)){
6+
die("Please set Random_String in config.php or disable TXT record verification");
7+
}
8+
59
session_start();
610

7-
class CF {
8-
public function post($data){
9-
$data["host_key"]=HOST_KEY;
10-
$ch=curl_init();
11-
curl_setopt($ch,CURLOPT_URL,"https://api.cloudflare.com/host-gw.html");
12-
curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
13-
curl_setopt($ch,CURLOPT_TIMEOUT,10);
14-
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
15-
$r=curl_exec($ch);
11+
class CF
12+
{
13+
public function post($data)
14+
{
15+
$data["host_key"] = HOST_KEY;
16+
$ch = curl_init();
17+
curl_setopt($ch, CURLOPT_URL, "https://api.cloudflare.com/host-gw.html");
18+
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
19+
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
20+
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
21+
$r = curl_exec($ch);
1622
curl_close($ch);
17-
return json_decode($r,true);
23+
return json_decode($r, true);
1824
}
1925

20-
public function login($email,$password){
21-
$data["act"]="user_create";
22-
$data["cloudflare_email"]=$email;
23-
$data["cloudflare_pass"]=$password;
24-
$data["unique_id"]=NULL;
25-
return self::post($data);
26+
public function login($email, $password)
27+
{
28+
$data["act"] = (Allow_Register ? "user_create" : "user_auth");
29+
$data["cloudflare_email"] = $email;
30+
$data["cloudflare_pass"] = $password;
31+
$data["unique_id"] = NULL;
32+
return self::post($data);
2633
}
2734

28-
public function logout(){
29-
if (!empty($_SESSION["email"])){
35+
public function logout()
36+
{
37+
if (!empty($_SESSION["email"])) {
3038
unset($_SESSION["email"]);
3139
}
32-
if (!empty($_SESSION["user_key"])){
40+
if (!empty($_SESSION["user_key"])) {
3341
unset($_SESSION["user_key"]);
3442
}
3543
}
3644

37-
public function is_login(){
38-
if ((empty($_SESSION["email"]))||(empty($_SESSION["user_key"]))){
45+
public function is_login()
46+
{
47+
if ((empty($_SESSION["email"])) || (empty($_SESSION["user_key"]))) {
3948
header("Location: index.php");
4049
exit(0);
4150
}
4251
}
4352

44-
public function user_lookup(){
45-
$data["act"]="user_lookup";
46-
$data["cloudflare_email"]=$_SESSION["email"];
47-
return self::post($data);
48-
}
49-
50-
public function zone_set($zone_name,$resolve_to,$subdomains){
51-
$data["act"] = "zone_set";
52-
$data["user_key"] = $_SESSION["user_key"];
53-
$data["zone_name"] = $zone_name;
54-
$data["resolve_to"] = $resolve_to;
55-
$data["subdomains"] = $subdomains;
56-
return self::post($data);
57-
}
58-
59-
public function zone_delete($zone_name){
60-
$data["act"] = "zone_delete";
61-
$data["user_key"] = $_SESSION["user_key"];
62-
$data["zone_name"] = $zone_name;
63-
return self::post($data);
64-
}
65-
66-
public function zone_lookup($zone_name){
67-
$data["act"] = "zone_lookup";
68-
$data["user_key"] = $_SESSION["user_key"];
69-
$data["zone_name"] = $zone_name;
70-
return self::post($data);
71-
}
72-
73-
public function update_record($zone_name,$record){
74-
if (empty($record["@"])){
75-
$record["@"]=$zone_name;
53+
public function user_lookup()
54+
{
55+
$data["act"] = "user_lookup";
56+
$data["cloudflare_email"] = $_SESSION["email"];
57+
return self::post($data);
58+
}
59+
60+
public function zone_set($zone_name, $resolve_to, $subdomains)
61+
{
62+
$data["act"] = "zone_set";
63+
$data["user_key"] = $_SESSION["user_key"];
64+
$data["zone_name"] = $zone_name;
65+
$data["resolve_to"] = $resolve_to;
66+
$data["subdomains"] = $subdomains;
67+
return self::post($data);
68+
}
69+
70+
public function zone_delete($zone_name)
71+
{
72+
$data["act"] = "zone_delete";
73+
$data["user_key"] = $_SESSION["user_key"];
74+
$data["zone_name"] = $zone_name;
75+
return self::post($data);
76+
}
77+
78+
public function zone_lookup($zone_name)
79+
{
80+
$data["act"] = "zone_lookup";
81+
$data["user_key"] = $_SESSION["user_key"];
82+
$data["zone_name"] = $zone_name;
83+
return self::post($data);
84+
}
85+
86+
public function update_record($zone_name, $record)
87+
{
88+
if (empty($record["@"])) {
89+
$record["@"] = $zone_name;
7690
}
77-
$at=$record["@"];
91+
$at = $record["@"];
7892
unset($record["@"]);
79-
if ((Enable_A_Record) && (filter_var($at,FILTER_VALIDATE_IP,FILTER_FLAG_IPV4))){
80-
$at=$at.'.sslip.io';
93+
if ((Enable_A_Record) && (filter_var($at, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))) {
94+
$at = $at . '.sslip.io';
8195
}
82-
$str="";
83-
foreach ($record as $key => $value){
84-
if ((Enable_A_Record) && (filter_var($value,FILTER_VALIDATE_IP,FILTER_FLAG_IPV4))){
85-
$str.=$key.":".$value.".sslip.io,";
86-
}else{
87-
$str.=$key.":".$value.",";
96+
$str = "";
97+
foreach ($record as $key => $value) {
98+
if ((Enable_A_Record) && (filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))) {
99+
$str .= $key . ":" . $value . ".sslip.io,";
100+
} else {
101+
$str .= $key . ":" . $value . ",";
88102
}
89103
}
90-
if (empty($str)){
91-
$str="www:".$zone_name;
92-
}else{
93-
$str=substr($str,0,strlen($str)-1);
104+
if (empty($str)) {
105+
$str = "www:" . $zone_name;
106+
} else {
107+
$str = substr($str, 0, strlen($str) - 1);
94108
}
95-
return self::zone_set($zone_name,$at,$str);
109+
return self::zone_set($zone_name, $at, $str);
96110
}
97111

98-
public function remove_zone_name($zone_name,$data){
99-
foreach ($data["hosted_cnames"] as $record => $set)
100-
{
101-
if (strlen($record) > strlen($zone_name)){
102-
$record2 = substr($record,0,strlen($record)-strlen($zone_name)-1);
103-
}else{
104-
$record2="@";
112+
public function remove_zone_name($zone_name, $data)
113+
{
114+
foreach ($data["hosted_cnames"] as $record => $set) {
115+
if (strlen($record) > strlen($zone_name)) {
116+
$record2 = substr($record, 0, strlen($record) - strlen($zone_name) - 1);
117+
} else {
118+
$record2 = "@";
105119
}
106120
$data["hosted_cnames"][$record2] = $set;
107121
unset($data["hosted_cnames"][$record]);
108122
}
109-
foreach ($data["forward_tos"] as $record => $set)
110-
{
111-
if (strlen($record) > strlen($zone_name)){
112-
$record2 = substr($record,0,strlen($record)-strlen($zone_name)-1);
113-
}else{
114-
$record2="@";
123+
foreach ($data["forward_tos"] as $record => $set) {
124+
if (strlen($record) > strlen($zone_name)) {
125+
$record2 = substr($record, 0, strlen($record) - strlen($zone_name) - 1);
126+
} else {
127+
$record2 = "@";
115128
}
116129
$data["forward_tos"][$record2] = $set;
117130
unset($data["forward_tos"][$record]);
118131
}
119132
return $data;
120133
}
121134

122-
public function reCAPTCHA($response){
123-
$url= "https://www.recaptcha.net/recaptcha/api/siteverify";
124-
$data=array (
135+
public function reCAPTCHA($response)
136+
{
137+
$url = "https://www.recaptcha.net/recaptcha/api/siteverify";
138+
$data = array(
125139
"secret" => reCAPTCHA_Secret,
126140
"response" => $response
127141
);
128-
$ch=curl_init();
129-
curl_setopt($ch,CURLOPT_URL,$url);
130-
curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
131-
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
132-
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,10);
133-
$r=curl_exec($ch);
142+
$ch = curl_init();
143+
curl_setopt($ch, CURLOPT_URL, $url);
144+
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
145+
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
146+
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
147+
$r = curl_exec($ch);
134148
curl_close($ch);
135-
$re=json_decode($r,true);
136-
if (!empty($re["success"])){
137-
if ($re["success"]=="true"){
149+
$re = json_decode($r, true);
150+
if (!empty($re["success"])) {
151+
if ($re["success"] == "true") {
138152
return true;
139-
}else{
153+
} else {
140154
return false;
141155
}
142-
}else{
156+
} else {
143157
return false;
144158
}
145-
}
159+
}
160+
161+
public function check_txt_record($domain){
162+
foreach(dns_get_record("cfpmp.".$domain, DNS_TXT) as $v){
163+
if (password_verify(Random_String.$_SESSION["email"], $v["txt"])) return true;
164+
}
165+
return false;
166+
}
146167
}
147168

148-
$cloudflare=new CF();
169+
$cloudflare = new CF();

0 commit comments

Comments
 (0)