function action_act_update_phone()
{
// 获取全局变量
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
$phone = isset($_POST['v_phone']) ? trim($_POST['v_phone']) : '';
$verifycode = isset($_POST['v_code']) ? trim($_POST['v_code']) : '';
if ($phone == '') {
show_message('手机号不能为空!');
} else {
if (is_telephone($phone)) {
if ($verifycode == '') {
show_message('手机验证码不能为空!');
} else {
/* 验证手机号验证码和IP */
$sql = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE mobile='{$phone}' AND verifycode='{$verifycode}' AND getip='" . real_ip() . "' AND status=1 AND dateline>'" . gmtime() . "'-86400";
// 验证码一天内有效
if ($db->getOne($sql) == 0) {
show_message('手机号和验证码不匹配,请重新输入!');
} else {
ecs_header("Location: user.php?act=re_binding\n");
exit;
}
}
} else {
show_message('请输入正确的手机号!');
}
}
}
} else {
$num = $db->getOne("select count(*) from " . $ecs->table('user_card') . " where card_no='{$username}' and card_pass ='******' and user_id=0 and is_show=1 ");
if ($num == 1) {
show_message('此卡号还未绑定,您可以用此新注册一个会员帐号并绑定此卡号,如果您已有本站会员帐号,请登录后在会员中心绑定此卡号后方可登录!', array('立即注册并绑定此卡号', '重新登录'), array('user.php?act=register&card_no=' . $username . '&card_pass='******'user.php'), 'error');
}
show_message('会员卡卡号不存在', '请重新登录', 'user.php', 'error');
}
}
if (is_email($username)) {
$sql = "select user_name from " . $ecs->table('users') . " where email='" . $username . "'";
$username_e = $db->getOne($sql);
if ($username_e) {
$username = $username_e;
}
}
if (is_telephone($username)) {
$sql = "select user_name from " . $ecs->table('users') . " where mobile_phone='" . $username . "'";
$username_e = $db->getOne($sql);
if ($username_e) {
$username = $username_e;
}
}
if ($user->login($username, $password, isset($_POST['remember']))) {
update_user_info();
recalculate_price();
$ucdata = isset($user->ucdata) ? $user->ucdata : '';
show_message($_LANG['login_success'] . $ucdata, array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
} else {
$_SESSION['login_fail']++;
show_message($_LANG['login_failure'], $_LANG['relogin_lnk'], 'user.php', 'error');
}
function action_binding()
{
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $GLOBALS['user_id'];
$phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
$verifycode = isset($_POST['verifycode']) ? trim($_POST['verifycode']) : '';
if ($phone == '') {
show_message('手机号不能为空!');
} else {
if (is_telephone($phone)) {
$sql = "SELECT COUNT(user_id) FROM " . $ecs->table('users') . " WHERE mobile_phone = '{$phone}'";
if ($db->getOne($sql) > 0) {
show_message('手机号已经存在,请重新输入!');
} else {
if ($verifycode == '') {
show_message('手机验证码不能为空!');
} else {
/* 验证手机号验证码和IP */
$sql = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE mobile='{$phone}' AND verifycode='{$verifycode}' AND getip='" . real_ip() . "' AND status=1 AND dateline>'" . gmtime() . "'-86400";
// 验证码一天内有效
if ($db->getOne($sql) == 0) {
show_message('手机号和验证码不匹配,请重新输入!');
} else {
$sql = "update " . $ecs->table('users') . " set mobile_phone = '{$phone}',validated = 1 where user_id = '" . $_SESSION['user_id'] . "'";
$num = $db->query($sql);
if ($num > 0) {
show_message('绑定手机号成功!', '返回账户安全', 'user.php?act=account_security');
} else {
show_message('绑定手机号失败!');
}
}
}
}
} else {
show_message('请输入正确的手机号!');
}
}
}
/**
* 处理会员登录
*/
function action_act_login()
{
$user_id = $_SESSION['user_id'];
$smarty = get_smarty();
$ecs = get_ecs();
$db = get_database();
/* 处理会员的登录 */
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
$captcha = intval($_CFG['captcha']);
if ($captcha & CAPTCHA_LOGIN && (!($captcha & CAPTCHA_LOGIN_FAIL) || $captcha & CAPTCHA_LOGIN_FAIL && $_SESSION['login_fail'] > 2) && gd_version() > 0) {
if (empty($_POST['captcha'])) {
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', $_LANG['invalid_captcha']);
$smarty->display('chat_passport.dwt');
return;
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', $_LANG['invalid_captcha']);
$smarty->display('chat_passport.dwt');
return;
}
}
if (is_email($username)) {
$sql = "select user_name from " . $ecs->table('users') . " where email='" . $username . "'";
$username_e = $db->getOne($sql);
if ($username_e) {
$username = $username_e;
}
}
if (is_telephone($username)) {
$sql = "select user_name from " . $ecs->table('users') . " where mobile_phone='" . $username . "'";
$username_res = $db->query($sql);
$kkk = 0;
while ($username_row = $db->fetchRow($username_res)) {
$username_e = $username_row['user_name'];
$kkk = $kkk + 1;
}
if ($kkk > 1) {
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', '本网站有多个会员ID绑定了和您相同的手机号,请使用其他登录方式,如:邮箱或用户名。');
$smarty->display('chat_passport.dwt');
return;
}
if ($username_e) {
$username = $username_e;
}
}
if ($GLOBALS['user']->login($username, $password, isset($_POST['remember']))) {
update_user_info();
recalculate_price();
// 登录成功
$ucdata = isset($user->ucdata) ? $user->ucdata : '';
// show_message($_LANG['login_success'] . $ucdata ,
// array($_LANG['back_up_page'], $_LANG['profile_lnk']),
// array($back_act,'user.php'), 'info');
// 刷新user_id
$user_id = $_SESSION['user_id'];
header('Location: chat.php?act=chat');
} else {
$_SESSION['login_fail']++;
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', $_LANG['login_failure']);
$smarty->display('chat_passport.dwt');
return;
}
}
exit;
}
$is_distribor = is_distribor($_SESSION['user_id']);
if ($is_distribor != 1) {
show_message('您还不是分销商!', '去首页', 'index.php');
exit;
}
if (isset($_REQUEST['act']) && $_REQUEST['act'] == 'act_tixian') {
$tixian = array('deposit_money' => empty($_POST['deposit_money']) ? '' : $_POST['deposit_money'], 'real_name' => empty($_POST['real_name']) ? '' : compile_str(trim($_POST['real_name'])), 'account_name' => empty($_POST['account_name']) ? '' : compile_str($_POST['account_name']), 'bank_account' => empty($_POST['bank_account']) ? '' : compile_str($_POST['bank_account']), 'phone' => empty($_POST['phone']) ? '' : compile_str(trim($_POST['phone'])), 'remark' => empty($_POST['remark']) ? '' : compile_str(trim($_POST['remark'])), 'add_time' => gmtime(), 'user_id' => $_SESSION['user_id'], 'status' => 0);
if ($tixian['deposit_money'] <= 0) {
show_message('您输入的提现金额不正确!');
}
if ($tixian['real_name'] == '' || $tixian['account_name'] == '' || $tixian['bank_account'] == '') {
show_message('信息请填写完整!');
}
if (!is_telephone($tixian['phone'])) {
show_message('手机号格式不正确!');
}
$user_money = get_user_money_by_user_id($_SESSION['user_id']);
if ($tixian['deposit_money'] > $user_money) {
show_message('您的余额不足,请重新输入!');
}
$GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('deposit'), $tixian, 'INSERT');
$error_no = $GLOBALS['db']->errno();
if ($error_no > 0) {
show_message($GLOBALS['db']->errorMsg());
} else {
//提现申请提交成功后,把信息提交到用户提现信息表中
$sql = "INSERT INTO " . $GLOBALS['ecs']->table('user_deposit') . "(`real_name`,`account_name`,`bank_account`,`phone`,`remark`,`user_id`) values('" . $tixian['real_name'] . "','" . $tixian['account_name'] . "','" . $tixian['bank_account'] . "','" . $tixian['phone'] . "','" . $tixian['remark'] . "','" . $_SESSION['user_id'] . "')";
$GLOBALS['db']->query($sql);
show_message('您的提现申请已经提交!', '返回分销中心', 'v_user.php');
}
exit;
break;
case 'contact':
check_name($touser) or dalert('不能与自己对话', 'goback');
$go = '?touser='******'&mid=' . $mid . '&itemid=' . $itemid . '&forward=' . $forward;
if ($_username) {
dheader($go);
}
$filename = get_chat_file(get_chat_id($chatuser, $touser));
if (is_file($filename)) {
dheader($go);
}
require DT_ROOT . '/include/post.func.php';
strlen($truename) > 2 or dalert('请填写联系人', 'goback');
is_telephone($telephone) or dalert('请填写联系电话', 'goback');
$truename = htmlspecialchars($truename);
$word = '您好,我是' . $truename . ',电话:' . $telephone;
if (is_email($email)) {
$word .= ',电子邮箱:' . $email;
}
if (is_qq($qq)) {
$word .= ',QQ:' . $qq;
}
file_put($filename, '<?php exit;?>');
if ($fp = fopen($filename, 'a')) {
fwrite($fp, $DT_TIME . '|' . $chatuser . '|' . $word . "\n");
fclose($fp);
}
$db->query("UPDATE {$DT_PRE}member SET chat=chat+1 WHERE username='******'");
dheader($go);
