function clearcookies()
{
global $uid, $username, $pw, $adminid;
makecookie('auth', '', -86400 * 365);
$uid = $adminid = 0;
$username = $pw = '';
}
/**
* Logs the user in.
*
* @param boolean Remember the user's data (with cookies).
* @return boolean Returns 'true' on success, 'false' on failure.
*/
function sid_login($remember = true) {
global $my, $config, $db, $gpc, $scache;
$username = $gpc->get('name', str);
$pw = $gpc->get('pw', str);
$result = $db->query("
SELECT u.*, f.*, u.lastvisit as clv, s.ip, s.mark, s.pwfaccess, s.sid, s.settings, s.is_bot
FROM {$db->pre}user AS u
LEFT JOIN {$db->pre}session AS s ON (u.id = s.mid OR s.sid = '{$this->sid}')
LEFT JOIN {$db->pre}userfields as f ON f.ufid = u.id
WHERE u.name = '{$username}' AND u.pw = MD5('{$pw}') AND s.is_bot = '0'
");
$sessions = $db->num_rows($result);
if ($sessions > 1) {
while ($row = $db->fetch_object($result)) {
if ($row->sid == $this->sid) {
$mytemp = $this->cleanUserData($row);
break;
}
}
if (!isset($mytemp)) {
$mytemp = $this->cleanUserData($row);
unset($row);
}
else {
unset($row);
$db->query("DELETE FROM {$db->pre}session WHERE mid = '{$mytemp->id}' AND sid != '{$mytemp->sid}'");
}
}
else {
$mytemp = $this->cleanUserData($db->fetch_object($result));
}
if ($sessions > 0 && $mytemp->confirm == '11') {
$mytemp->mark = $my->mark;
$mytemp->pwfaccess = $my->pwfaccess;
$mytemp->settings = $my->settings;
$my = $mytemp;
unset($mytemp);
$my->vlogin = true;
$my->p = $this->Permissions();
if (!isset($my->timezone) || $my->timezone === null || $my->timezone === '') {
$my->timezone = $config['timezone'];
}
$loaddesign_obj = $scache->load('loaddesign');
$cache = $loaddesign_obj->get();
$q_tpl = $gpc->get('design', int);
if (isset($my->template) == false || isset($cache[$my->template]) == false) {
$my->template = $config['templatedir'];
}
if (isset($my->settings['q_tpl']) && isset($cache2[$my->settings['q_tpl']]) != false) {
$my->template = $my->settings['q_tpl'];
}
if (isset($cache2[$q_tpl]) != false) {
$my->settings['q_tpl'] = $q_tpl;
$my->template = $q_tpl;
}
if (isset($cache[$q_tpl]) != false) {
$my->template = $q_tpl;
}
$my->templateid = $cache[$my->template]['template'];
$my->imagesid = $cache[$my->template]['images'];
$my->cssid = $cache[$my->template]['stylesheet'];
$loadlanguage_obj = $scache->load('loadlanguage');
$cache2 = $loadlanguage_obj->get();
$q_lng = $gpc->get('language', int);
if (isset($my->language) == false || isset($cache2[$my->language]) == false) {
$my->language = $config['langdir'];
}
if (isset($my->settings['q_lng']) && isset($cache2[$my->settings['q_lng']])) {
$my->language = $my->settings['q_lng'];
}
if (isset($cache2[$q_lng])) {
$my->settings['q_lng'] = $q_lng;
$my->language = $q_lng;
}
if (!isset($my->settings) || !is_array($my->settings)) {
$my->settings = array();
}
$this->setlang();
$action = $gpc->get('action', str);
$qid = $gpc->get('id', int);
$this->change_mid = $my->id;
if ($remember == true) {
$expire = 31536000;
}
else {
$expire = 900;
}
makecookie($config['cookie_prefix'].'_vdata', $my->id.'|'.$my->pw, $expire);
$this->cookiedata[0] = $my->id;
$this->cookiedata[1] = $my->pw;
return true;
}
else {
return false;
}
}
$data['dowords'] = 0;
}
$bbcode->setReplace($data['dowords']);
$data['formatted_comment'] = $bbcode->parse($data['comment']);
}
} else {
$data = array('name' => '', 'email' => '', 'comment' => '', 'dosmileys' => 1, 'dowords' => 1, 'digest' => 0, 'topic' => $lang->phrase('reply_prefix') . $info['topic'], 'human' => null);
$memberdata_obj = $scache->load('memberdata');
$memberdata = $memberdata_obj->get();
// Multiquote
$qids = $gpc->get('qid', arr_int);
$pids = getcookie('vquote');
if (!empty($pids) && preg_match("/^[0-9,]+\$/", $pids)) {
$qids = array_merge($qids, explode(',', $pids));
$qids = array_unique($qids);
makecookie($config['cookie_prefix'] . '_vquote', '', 0);
}
if (count($qids) > 0) {
$result = $db->query('
SELECT name, comment, guest
FROM ' . $db->pre . 'replies
WHERE id IN(' . implode(',', $qids) . ')
LIMIT ' . $config['maxmultiquote'], __LINE__, __FILE__);
while ($row = $gpc->prepare($db->fetch_assoc($result))) {
if ($row['guest'] == 0) {
if (isset($memberdata[$row['name']])) {
$row['name'] = $memberdata[$row['name']];
} else {
$row['name'] = '';
}
}
break;
}
$email = mysql_real_escape_string(strtolower($_POST['email']));
$pass = mysql_real_escape_string($_POST['pass']);
//检查是密码正确性
$sql = "SELECT id FROM `user` WHERE `email` = '{$email}' AND `pass` = '{$pass}'";
$result = mysql_query($sql);
if (mysql_num_rows($result) == 0) {
$err_msg = '你输入的密码有误!';
break;
}
if ($row = mysql_fetch_array($result)) {
//IP
log_ip($row['id']);
//密码正确保存cookie
makecookie($row['id'], isset($_POST['remember']));
//做跳转
header('Location: ' . get_protocol_prefix() . "{$BASEURL}/pannel.php");
} else {
$err_msg = '抱歉!发生了我们认为不可能发生的错误,请与客服联系!';
break;
}
} while (false);
} else {
if (checklogin(False) == True) {
header('Location: ' . get_protocol_prefix() . "{$BASEURL}/pannel.php");
}
}
?>
function sid_login()
{
global $my, $config, $db, $gpc;
$result = $db->query('SELECT u.*, s.mid FROM ' . $db->pre . 'user AS u LEFT JOIN ' . $db->pre . 'session AS s ON s.mid = u.id WHERE name="' . $_POST['name'] . '" AND pw=MD5("' . $_POST['pw'] . '") LIMIT 1', __LINE__, __FILE__);
$my2 = array();
$my2['mark'] = $my->mark;
$my2['sid'] = $my->sid;
$mytemp = $gpc->prepare($db->fetch_object($result));
if ($db->num_rows($result) == 1 && $mytemp->confirm == '11') {
$my =& $mytemp;
$my->vlogin = TRUE;
$my->mark = $my2['mark'];
$my->sid = $my2['sid'];
$my->p = $this->Permissions();
if (!isset($my->timezone)) {
$my->timezone = $config['timezone'];
}
$my->timezonestr = '';
if ($my->timezone != 0) {
if ($my->timezone[0] != '+' && $my->timezone > 0) {
$my->timezonestr = '+' . $my->timezone;
} else {
$my->timezonestr = $my->timezone;
}
}
$cache = cache_loaddesign();
$q_tpl = $gpc->get('design', int);
if (isset($my->template) == false || isset($cache[$my->template]) == false) {
$my->template = $config['templatedir'];
}
if (isset($my->settings['q_tpl']) && isset($cache2[$my->settings['q_tpl']]) != false) {
$my->template = $my->settings['q_tpl'];
}
if (isset($cache2[$q_tpl]) != false) {
//if ($gpc->get('admin', int) != 1) {
$my->settings['q_tpl'] = $q_tpl;
//}
$my->template = $q_tpl;
}
if (isset($cache[$q_tpl]) != false) {
$my->template = $q_tpl;
}
$my->templateid = $cache[$my->template]['template'];
$my->imagesid = $cache[$my->template]['images'];
$my->cssid = $cache[$my->template]['stylesheet'];
$my->smileyfolder = $cache[$my->template]['smileyfolder'];
$cache2 = cache_loadlanguage();
$q_lng = $gpc->get('lang', int);
if (isset($my->language) == false || isset($cache2[$my->language]) == false) {
$my->language = $config['langdir'];
}
if (isset($my->settings['q_lng']) && isset($cache2[$my->settings['q_lng']]) != false) {
$my->language = $my->settings['q_lng'];
}
if (isset($cache2[$q_lng]) != false) {
$my->settings['q_lng'] = $q_lng;
$my->language = $q_lng;
}
if (!empty($my->mid)) {
$sqlwhere = "mid = '{$my->id}'";
$db->query("DELETE FROM {$db->pre}session WHERE sid = '{$my->sid}' LIMIT 1", __LINE__, __FILE__);
} else {
$sqlwhere = "sid = '{$my->sid}'";
}
if (!isset($my->settings) || !is_array($my->settings)) {
$my->settings = array();
}
$action = $gpc->get('action', str);
$qid = $gpc->get('id', int);
$db->query("UPDATE {$db->pre}session SET settings = '" . serialize($my->settings) . "', mark = '" . serialize($my->mark) . "', wiw_script = '" . SCRIPTNAME . "', wiw_action = '" . $action . "', wiw_id = '" . $qid . "', active = '" . time() . "', mid = '{$my->id}', lastvisit = '{$my->lastvisit}' WHERE {$sqlwhere} LIMIT 1", __LINE__, __FILE__);
makecookie($config['cookie_prefix'] . '_vdata', $my->id . "|" . $my->pw);
makecookie($config['cookie_prefix'] . '_vlastvisit', $my->lastvisit);
$this->cookiedata[0] = $my->id;
$this->cookiedata[1] = $my->pw;
return TRUE;
} else {
return FALSE;
}
}
$dsql->ExecuteNoneQuery("insert into `#@__askanswer`(askid, ifanswer, tid, tid2, uid, username, userip, dateline, content)\r\n\tvalues('{$askid}', '0', '{$tid}', '{$tid2}', '{$uid}', '{$username}', '{$userip}', '{$timestamp}', '{$content}')");
showmsgs('post_comment_succeed', "question.php?id={$askid}");
} else {
if ($action == 'rate') {
if ($type == 'bad') {
$rate = 'badrate';
} else {
$rate = 'goodrate';
}
$cookiename = 'rated' . $id;
if (!isset(${$cookiename})) {
${$cookiename} = 0;
}
if (!${$cookiename} == $id) {
$dsql->ExecuteNoneQuery("update `#@__askanswer` set {$rate}={$rate}+1 where id='{$id}'");
makecookie($cookiename, $id, 3600);
}
$row = $dsql->getone("select goodrate, badrate from `#@__askanswer` where id='{$id}'");
$goodrate = $row['goodrate'];
$badrate = $row['badrate'];
if ($goodrate + $badrate > 0) {
$goodrateper = ceil($goodrate * 100 / ($badrate + $goodrate));
$badrateper = 100 - $goodrateper;
} else {
$goodrateper = $badrateper = 0;
}
AjaxHead();
?>
<dl>
<dt><strong>您觉得最佳答案好不好? </strong><br> 目前有 <?php
echo $row['goodrate'] + $row['badrate'];
function ac_rate()
{
$type = request('type', '');
$rate = request('rate', '');
$askaid = request('askaid', '');
$askaid = is_numeric($askaid) ? $askaid : 0;
$type = strip_tags($type);
$rate = strip_tags($rate);
if ($type == 'bad') {
$rate = 'badrate';
} else {
$rate = 'goodrate';
}
$cookiename = 'rated' . $askaid;
if (!isset($_COOKIE[$cookiename])) {
$_COOKIE[$cookiename] = 0;
}
if (!$_COOKIE[$cookiename] == $askaid) {
$this->answer->update_answer("{$rate}={$rate}+1", "id='{$askaid}'");
makecookie($cookiename, $askaid, 3600);
}
$row = $this->answer->get_one("id='{$askaid}'", "goodrate, badrate");
$goodrate = $row['goodrate'];
$badrate = $row['badrate'];
if ($goodrate + $badrate > 0) {
$goodrateper = ceil($goodrate * 100 / ($badrate + $goodrate));
$badrateper = 100 - $goodrateper;
} else {
$goodrateper = $badrateper = 0;
}
$total = $goodrate + $badrate;
$aid = $askaid;
AjaxHead();
$poststr = "<dl>\r\n\t\t\t\t\t<dt><strong>您觉得最佳答案好不好? </strong></dt>\r\n\t\t\t\t\t<dd> <a href=\"#\" onclick=\"rate('mark',{$askaid},'good')\"><img src=\"static/images/mark_g.gif\" width=\"14\" height=\"16\" />好</a> <span>{$goodrateper}% ({$goodrate})</span> </dd>\r\n <dd> <a href=\"#\" onclick=\"rate('mark',{$askaid},'bad')\"><img src=\"static/images/mark_b.gif\" width=\"14\" height=\"16\" />不好</a> <span>{$badrateper}% ({$badrate})</span></dd>\r\n <dt>(目前有 {$total} 个人评价)</dt>\r\n\t\t\t\t </dl>";
echo $poststr;
}
/**
* Logs the user in.
*
* @param boolean Remember the user's data (with cookies).
* @return boolean Returns 'true' on success, 'false' on failure.
*/
function sid_login($remember = true)
{
global $my, $config, $db, $gpc, $scache;
$username = $gpc->get('name', str);
$pw = $gpc->get('pw', str);
$result = $db->query("\n\tSELECT u.*, f.*, s.mid \n\tFROM {$db->pre}user AS u \n\t\tLEFT JOIN {$db->pre}session AS s ON s.mid = u.id \n\t\tLEFT JOIN {$db->pre}userfields as f ON f.ufid = u.id \n\tWHERE name = '{$username}' AND pw = MD5('{$pw}') \n\tLIMIT 1\n\t", __LINE__, __FILE__);
$my2 = array();
$my2['mark'] = $my->mark;
$my2['sid'] = $my->sid;
$mytemp = $gpc->prepare($db->fetch_object($result));
if ($db->num_rows($result) == 1 && $mytemp->confirm == '11') {
$my =& $mytemp;
$my->vlogin = TRUE;
$my->mark = $my2['mark'];
$my->sid = $my2['sid'];
$my->p = $this->Permissions();
if (!isset($my->timezone)) {
$my->timezone = $config['timezone'];
}
$my->timezonestr = '';
if ($my->timezone != 0) {
if ($my->timezone[0] != '+' && $my->timezone > 0) {
$my->timezonestr = '+' . $my->timezone;
} else {
$my->timezonestr = $my->timezone;
}
}
$loaddesign_obj = $scache->load('loaddesign');
$cache = $loaddesign_obj->get();
$q_tpl = $gpc->get('design', int);
if (isset($my->template) == false || isset($cache[$my->template]) == false) {
$my->template = $config['templatedir'];
}
if (isset($my->settings['q_tpl']) && isset($cache2[$my->settings['q_tpl']]) != false) {
$my->template = $my->settings['q_tpl'];
}
if (isset($cache2[$q_tpl]) != false) {
$my->settings['q_tpl'] = $q_tpl;
$my->template = $q_tpl;
}
if (isset($cache[$q_tpl]) != false) {
$my->template = $q_tpl;
}
$my->templateid = $cache[$my->template]['template'];
$my->imagesid = $cache[$my->template]['images'];
$my->cssid = $cache[$my->template]['stylesheet'];
$loadlanguage_obj = $scache->load('loadlanguage');
$cache2 = $loadlanguage_obj->get();
$q_lng = $gpc->get('language', int);
if (isset($my->language) == false || isset($cache2[$my->language]) == false) {
$my->language = $config['langdir'];
}
if (isset($my->settings['q_lng']) && isset($cache2[$my->settings['q_lng']])) {
$my->language = $my->settings['q_lng'];
}
if (isset($cache2[$q_lng])) {
$my->settings['q_lng'] = $q_lng;
$my->language = $q_lng;
}
if (!empty($my->mid)) {
$sqlwhere = "mid = '{$my->id}'";
if ($this->cookies) {
$db->query("DELETE FROM {$db->pre}session WHERE sid = '{$my->sid}' LIMIT 1", __LINE__, __FILE__);
}
} else {
$sqlwhere = "sid = '{$my->sid}'";
}
if (!isset($my->settings) || !is_array($my->settings)) {
$my->settings = array();
}
$action = $gpc->get('action', str);
$qid = $gpc->get('id', int);
$db->query("UPDATE {$db->pre}session SET settings = '" . serialize($my->settings) . "', mark = '" . serialize($my->mark) . "', wiw_script = '" . SCRIPTNAME . "', wiw_action = '" . $action . "', wiw_id = '" . $qid . "', active = '" . time() . "', mid = '{$my->id}', lastvisit = '{$my->lastvisit}' WHERE {$sqlwhere} LIMIT 1", __LINE__, __FILE__);
if ($remember == true) {
$expire = 31536000;
} else {
$expire = null;
}
makecookie($config['cookie_prefix'] . '_vdata', $my->id . "|" . $my->pw, $expire);
makecookie($config['cookie_prefix'] . '_vlastvisit', $my->lastvisit);
$this->cookiedata[0] = $my->id;
$this->cookiedata[1] = $my->pw;
return true;
} else {
return false;
}
}
function do_logout()
{
global $s;
if ($s[logged_in] == 1) {
session_destroy();
$cookietime = time() - 3600;
makecookie('logged_in', '', $cookietime);
makecookie('username', '', $cookietime);
makecookie('password', '', $cookietime);
header('Location: index.php');
}
}