function currentuser() { global $m_cookie, $db, $tblprefix, $onlineip, $nouserinfos, $timestamp, $sessionexists; $this->cumonthadd_reset(); //将所有会员的月交互数量置为0 $memberid = 0; if (!empty($m_cookie['userauth'])) { @(list($memberpwd, $memberid) = maddslashes(explode("\t", authcode($m_cookie['userauth'], 'DECODE')), 1)); if (empty($memberid) || $memberid != intval($memberid)) { mclearcookie('userauth'); } } else { list($memberpwd, $memberid) = array('', 0); } $sessionexists = 0; $msid = isset($m_cookie['msid']) ? $m_cookie['msid'] : ''; if ($msid) { if ($memberid) { $sqlstr = "SELECT ms.* FROM {$tblprefix}msession ms,{$tblprefix}members m\n\t\t\t\t\tWHERE ms.mid=m.mid AND ms.msid='{$msid}' AND onlineip='{$onlineip}' AND m.mid='{$memberid}' AND m.password='******'"; } else { $sqlstr = "SELECT * FROM {$tblprefix}msession WHERE msid='{$msid}' AND onlineip='{$onlineip}'"; } if ($msession = $db->fetch_one($sqlstr)) { $sessionexists = 1; if ($memberid) { $msession = array_merge($msession, $db->fetch_one("SELECT * FROM {$tblprefix}members WHERE mid='{$msession['mid']}'")); } else { $msession = array_merge($msession, $nouserinfos); } } } if (!$sessionexists) { if ($memberid) { if (!($msession = $db->fetch_one("SELECT * FROM {$tblprefix}members WHERE mid='{$memberid}' AND password='******'"))) { mclearcookie('userauth'); } else { $msession['mslastactive'] = $msession['lastolupdate'] = $timestamp; } } $msession['msid'] = random(6); if (empty($msession['mid'])) { $msession = array_merge($msession, $nouserinfos); } } if (empty($m_cookie['msid']) || $msession['msid'] != $m_cookie['msid']) { msetcookie('msid', $msession['msid']); } $this->info = $msession; $this->updatesession(); }
$msg = convert_encoding($mcharset, 'gb2312', $msg); } $msg = rawurlencode($msg); $url = $msgcode_gate == 1 ? "http://sms.eshang8.cn/api/?esname={$id}&key=pw&phone={$mobile}&msg={$msg}&smskind=1" : "http://service.winic.org/sys_port/gateway/?id={$id}&pwd={$pw}&to={$mobile}&content={$msg}&time={$timestamp}"; include M_ROOT . 'include/http.cls.php'; $http = new http(); $http->timeout = 60; $msg = $http->fetchtext($url); if ($msgcode_gate == 1) { $msg = $msg === '0'; } else { $msg = explode("/", $msg); $msg = $msg[0] === '000'; } if ($msg) { msetcookie('08cms_msgcode', authcode("{$timestamp}\t{$msgcode}", 'ENCODE')); } else { $info = array('time' => -1, 'text' => 'msgcode_send_err'); } } else { $info = array('time' => 1, 'text' => 'donot_repeat_operate'); } } } else { $info = array('time' => 0, 'text' => 'mobile_format_fail'); } } ajax_info($info); break; case 'dirname': if (empty($value)) {
} } elseif ($action == 'vote') { $inajax = empty($inajax) ? 0 : 1; $cid = empty($cid) ? 0 : max(0, intval($cid)); if (!$cid) { cumessage('choosevoteobject'); } if (!($row = $db->fetch_one("SELECT * FROM {$tblprefix}offers WHERE cid='{$cid}'"))) { cumessage('choosevoteobject', $forward); } if (!($commu = read_cache('commu', $row['cid']))) { cumessage('setcomitem', $forward); } if (empty($commu['ucvote'])) { if (!empty($commu['setting']['nouservote']) && !$memberid) { cumessage('loginmember', $forward); } if (empty($commu['setting']['repeatvote'])) { if (empty($m_cookie['08cms_cuid_' . $commu['cuid'] . '_vote_' . $aid . '_' . $cid])) { msetcookie('08cms_cuid_' . $commu['cuid'] . '_vote_' . $aid . '_' . $cid, '1', 365 * 24 * 3600); } else { cumessage('dontnrepeatvote', $forward); } } $option = empty($option) ? 1 : min(5, max(1, intval($option))); $db->query("UPDATE {$tblprefix}offers SET votes{$option} = votes{$option} + 1 WHERE cid='{$cid}'", 'SILENT'); cumessage($inajax ? 'succeed' : 'votesucceed', $forward); } else { include M_ROOT . $commu['ucvote']; } }
$forward = empty($forward) ? M_REFERER : $forward; $forwardstr = '&forward=' . rawurlencode($forward); $inajax = empty($inajax) ? 0 : 1; $aid = empty($aid) ? 0 : max(0, intval($aid)); !$aid && cumessage('choosearchive'); !($commu = read_cache('commu', 2)) && cumessage('choosecommuitem'); if (empty($commu['ucadd'])) { !$curuser->pmbypmids('cuadd', $commu['setting']['apmid']) && cumessage('younoscorepermis'); $score = empty($score) ? 0 : max(0, intval($score)); $scorearr = empty($commu['setting']['scorestr']) ? array() : array_filter(explode(',', $commu['setting']['scorestr'])); if (!in_array($score, $scorearr)) { cumessage('scoreoptionerr'); } if (empty($commu['setting']['repeat']) || !empty($commu['setting']['repeattime'])) { if (empty($m_cookie['08cms_cuid_' . $commu['cuid'] . '_' . $aid])) { msetcookie('08cms_cuid_' . $commu['cuid'] . '_' . $aid, '1', empty($commu['setting']['repeat']) ? 365 * 24 * 3600 : $commu['setting']['repeattime'] * 60); } else { cumessage(empty($commu['setting']['repeat']) ? 'norepeatoper' : 'overquick', $forward); } } $aedit = new cls_arcedit(); $aedit->set_aid($aid); $aedit->basic_data(); !$aedit->aid && cumessage('choosearchive'); !$aedit->archive['checked'] && cumessage('poinarcnoche'); $aedit->updatefield('avgscore', round(($aedit->archive['avgscore'] * $aedit->archive['scores'] + $score) / ($aedit->archive['scores'] + 1), 2), 'main'); //平均分 if (!empty($commu['setting']['pics']) && isset($aedit->archive['score_' . $score])) { $aedit->updatefield('score_' . $score, $aedit->archive['score_' . $score] + 1, 'main'); } $aedit->arc_nums('scores', 1, 1);
function mclearcookie($ckname = 'userauth') { if ($ckname == 'userauth') { global $memberid, $memberpwd, $curuser; msetcookie('userauth', '', -86400 * 365); $memberid = 0; $memberpwd = ''; unset($curuser); } else { msetcookie($ckname, '', -86400 * 365); } }
if ($autocheck == 2) { $confirmid = random(6); $confirmstr = "{$timestamp}\t2\t{$confirmid}"; $subarr['confirmstr'] = $confirmstr; } foreach (array('main', 'sub', 'custom') as $var) { foreach (${$var . 'arr'} as $k => $v) { $newuser->updatefield($k, $v, $var); } } $newuser->autoinit(); $newuser->updatedb(); unset($newuser); cms_spread(empty($_REQUEST['uid']) ? '' : stripslashes($_REQUEST['uid']), 1); if ($autocheck == 1) { msetcookie('userauth', authcode("{$md5_password}\t{$mid}", 'ENCODE')); if ($enable_pptout && !empty($pptout_file) && !empty($pptout_url)) { $action = 'login'; $username = $mname; include M_ROOT . './include/pptout/' . $pptout_file . '.php'; header('location:' . $url); exit; } } elseif ($autocheck == 2) { mailto($email, 'member_active_subject', 'member_active_content', array('mid' => $mid, 'mname' => $mname, 'url' => "{$cms_abs}tools/memactive.php?action=emailactive&mid={$mid}&id={$confirmid}")); } if (!$forward || preg_match('/\\bregister.php(\\?|#|$)/i', $forward)) { $forward = 'index.php'; } message(!$autocheck ? 'userchecking' : ($autocheck == 2 ? 'emailactiving' : 'memberregistersucce'), $forward); }
tpl_refresh($tplname); @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php"); $_content = ob_get_contents(); ob_clean(); mexit($_content); } } else { load_cache('mcfields'); include_once M_ROOT . "./include/fields.cls.php"; include_once M_ROOT . "./include/upload.cls.php"; include_once M_ROOT . "./include/cheader.inc.php"; include_once M_ROOT . "./include/mcuedit.cls.php"; $inajax ? aheader() : _header(); if (!empty($mcommu['setting']['norepeat']) || !empty($mcommu['setting']['repeattime'])) { if (empty($m_cookie['08cms_mcuid_' . $mcommu['cuid'] . '_' . $mid])) { msetcookie('08cms_mcuid_' . $mcommu['cuid'] . '_' . $mid, '1', !empty($mcommu['setting']['norepeat']) ? 365 * 24 * 3600 : $mcommu['setting']['repeattime'] * 60); } else { mcmessage(empty($mcommu['setting']['norepeat']) ? 'addcommentoverquick' : 'dorepeataddcomment', axaction(2, M_REFERER)); } } if (!($maxfloorid = $db->result_one("SELECT MAX(floorid) FROM {$tblprefix}mcomments WHERE mid='{$mid}'"))) { $maxfloorid = 0; } $maxfloorid++; $quoteids = ''; if ($qtid && ($r = $db->fetch_one("SELECT quoteids FROM {$tblprefix}mcomments WHERE mid='{$mid}' AND cid='{$qtid}'"))) { $quoteids = ($r['quoteids'] ? $r['quoteids'] . ',' : '') . $qtid; } $db->query("INSERT INTO {$tblprefix}mcomments SET\n\t\t\tmid='{$mid}',\n\t\t\tmname='" . $actuser->info['mname'] . "',\n\t\t\tcuid='{$mcommu['cuid']}',\n\t\t\tfromid='{$memberid}',\n\t\t\tfromname='" . $curuser->info['mname'] . "',\n\t\t\tchecked='" . ($mcommu['setting']['autocheck'] ? 1 : 0) . "',\n\t\t\tfloorid = '{$maxfloorid}',\n\t\t\tquoteids = '{$quoteids}',\n\t\t\tcreatedate='{$timestamp}'\n\t\t\t"); if ($cid = $db->insert_id()) { $uedit = new cls_mcuedit();
$errtimes++ < $maxerrtimes || message('mloginerrtimes'); $cantimes = $maxerrtimes - $errtimes; $md5_password = md5(md5($password)); $enable_uc && (include_once M_ROOT . './include/ucenter/uc.inc.php'); $curuser->activeuserbyname($username); if ($curuser->info['mid'] && ($enable_uc || $curuser->info['password'] == $md5_password)) { //是本站会员,检查更新密码 if ($curuser->info['password'] != $md5_password) { $curuser->updatefield('password', $md5_password); } if ($curuser->info['checked'] == 1) { $curuser->updatefield('lastvisit', $timestamp); $curuser->updatefield('lastip', $onlineip); $curuser->updatedb(); $memberid = $curuser->info['mid']; msetcookie('userauth', authcode("{$md5_password}\t" . $curuser->info['mid'], 'ENCODE'), $expires); if ($enable_pptout && !empty($pptout_file) && !empty($pptout_url)) { include M_ROOT . './include/pptout/' . $pptout_file . '.php'; header('location:' . $url); exit; } login_safecheck($username, 0, 1); if (!$forward || preg_match('/\\b(?:login|register).php(\\?|#|$)/i', $forward)) { $forward = 'adminm.php'; } message('loginsucceed', axaction(2, $forward)); } elseif ($curuser->info['checked'] == 2) { //需要重新激活的会员 message('outmemberactive', axaction(0, 'tools/memactive.php?ppt=1&username='******'&password='******'&forward=' . rawurlencode($forward))); } else { message('nocheckmember', axaction(1, $forward));
<?php include_once dirname(dirname(__FILE__)) . '/include/general.inc.php'; include_once M_ROOT . './include/common.fun.php'; include_once M_ROOT . "./include/arcedit.cls.php"; $aid = empty($aid) ? 0 : max(0, intval($aid)); $forward = rawurlencode(M_REFERER); !$aid && message('choosegoods'); empty($memberid) && message('nousnopurchasepermi'); $aedit = new cls_arcedit(); $aedit->set_aid($aid); $aedit->basic_data(); empty($cid) && ($cid = 0); !($aid = $aedit->aid) && message('choosegoods'); !($commu = read_cache('commu', $aedit->channel['cuid'])) && (!$aedit->channel['offer'] || !($ocommu = read_cache('commu', $aedit->channel['offer'])) || !($commu = read_cache('commu', $ocommu['setting']['purchase']))) && message('noavailableitemoper'); $commu['cclass'] != 'purchase' && message('noavailableitemoper'); !$curuser->pmbypmids('cuadd', $commu['setting']['apmid']) && message('younoitempermis'); $goods = empty($m_cookie["goods_{$memberid}"]) ? array() : explode(';', $m_cookie["goods_{$memberid}"]); $cartmaxlimited && count($goods) > $cartmaxlimited && message('carovermaxgoodamo', "cart.php?forward={$forward}"); foreach ($goods as $v) { $tmp = explode(',', $v); ($tmp[1] ? $tmp[0] == $cid : $tmp[0] == $aid) && message('goodalreadyexist', "cart.php?forward={$forward}"); } $cid && !($mid = $db->result_one("SELECT mid FROM {$tblprefix}offers WHERE aid={$aid} AND cid = {$cid}")) && message('choosegoods'); $tmp = $cid ? "{$cid},{$mid},1" : "{$aid},0,1"; //第二个参数为商家id,0表网站商品,第3个参数为数量 msetcookie("goods_{$memberid}", empty($m_cookie["goods_{$memberid}"]) ? $tmp : $m_cookie["goods_{$memberid}"] . ';' . $tmp); message('goodsaddfinish', "cart.php?forward={$forward}");
$userinfos['regip'] = empty($userinfos['regip']) ? onlineip() : $userinfos['regip']; $userinfos['regdate'] = empty($userinfos['regdate']) ? $timestamp : $userinfos['regdate']; foreach (array('mname', 'password', 'email', 'regip', 'regdate') as $var) { $sqlstr .= (empty($sqlstr) ? '' : ',') . "{$var}='{$userinfos[$var]}'"; } $sqlstr .= ",checked='2'"; $db->query("INSERT INTO {$tblprefix}members SET {$sqlstr}"); //没有写入模型记录//没有初始化积分 $userinfos['mid'] = $db->insert_id(); $db->query("INSERT INTO {$tblprefix}members_sub SET mid='{$userinfos['mid']}'"); } empty($_GET['forward']) || header("Location: {$_GET['forward']}"); exit; } elseif ($_GET['action'] == 'logout') { msetcookie('msid', '', -86400 * 365); msetcookie('userauth', '', -86400 * 365); empty($_GET['forward']) || header("Location: {$_GET['forward']}"); exit; } function passport_decrypt($txt, $key) { $txt = passport_key(base64_decode($txt), $key); $tmp = ''; for ($i = 0; $i < strlen($txt); $i++) { $md5 = $txt[$i]; $tmp .= $txt[++$i] ^ $md5; } return $tmp; } function passport_key($txt, $encrypt_key) {
function closure($clear = 0, $aid = 0, $table = 'archives') { global $db, $tblprefix, $curuser, $m_cookie; $ckey = $curuser->info['msid'] . '_upload'; $ids = implode(',', $this->ufids); empty($m_cookie[$ckey]) || ($ids = $m_cookie[$ckey] . ($ids ? ",{$ids}" : '')); if ($clear) { //表ID对应数组 $tids = array('archives' => 1, 'farchives' => 2, 'members' => 3, 'marchives' => 4, 'comments' => 16, 'replys' => 17, 'offers' => 18, 'mcomments' => 32, 'mreplys' => 33); $tid = $table && isset($tids[$table]) ? $tids[$table] : 0; //防止别人修改cookie注入MySQL if (preg_match('/^\\d+(?:,\\d+)*$/', $ids)) { if ($aid) { $tid && $db->query("UPDATE {$tblprefix}userfiles SET aid={$aid},tid={$tid} WHERE aid=0 AND ufid IN ({$ids})", 'UNBUFFERED'); } elseif ($clear == 1) { $query = $db->query("SELECT url FROM {$tblprefix}userfiles WHERE mid={$curuser->info['mid']} AND ufid IN ({$ids})"); while ($item = $db->fetch_array($query)) { @unlink(local_file($item['url'])); } $db->query("DELETE FROM {$tblprefix}userfiles WHERE ufid IN ({$ids})", 'UNBUFFERED'); } } msetcookie($ckey, '', -31536000); } else { msetcookie($ckey, $ids, 31536000); } }
function synlogin($get, $post) { if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } require_once M_ROOT . './include/general.fun.php'; header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); $mname = $get['username']; if ($cmember = $this->db->fetch_one("SELECT mid,mname,password,email FROM " . $this->tablepre . "members WHERE mname='{$mname}' AND checked=1")) { msetcookie('userauth', authcode("{$cmember['password']}\t{$cmember['mid']}", 'ENCODE'), 2592000); } else { mclearcookie(); } }
# $ordersn = date('Ymd')."-$memberid-".date('His').'-'.random(6,1); $ordersn = date("Ymd-{$memberid}-His-") . random(6, 1); } while ($db->fetch_one("SELECT oid FROM {$tblprefix}orders WHERE ordersn='{$ordersn}' LIMIT 0,1")); $db->query("INSERT INTO {$tblprefix}orders SET\n\t\t\t\tordersn='{$ordersn}',\n\t\t\t\torderfee='{$orderfee}',\n\t\t\t\tshipingmode='{$spmd['0']}',\n\t\t\t\tshipingfee='{$spmd['1']}',\n\t\t\t\ttotalfee='{$totalfee}',\n\t\t\t\tmid='{$memberid}',\n\t\t\t\tmname='" . $curuser->info['mname'] . "',\n\t\t\t\ttomid='{$oid}',\n\t\t\t\ttomname='{$tomname}',\n\t\t\t\tpaymode='-1',\n\t\t\t\tcreatedate='{$timestamp}'\n\t\t\t\t{$sqlstr}\n\t\t\t\t"); if ($nid = $db->insert_id()) { //统计库存量与商品统计及会员统计 $c_upload->closure(1, $nid, 'orders'); $gcookie = empty($m_cookie["goods_{$memberid}"]) ? array() : explode(';', $m_cookie["goods_{$memberid}"]); $ncookie = array(); foreach ($gcookie as $v) { $tmp = explode(',', $v); if ($tmp[1] != $oid) { $ncookie[] = $v; } } msetcookie("goods_{$memberid}", join(';', $ncookie)); //更新cookie $sqlstr = array(); /* foreach($nums as $k => $v)$sqlstr[] = "('$k','$v')"; $sqlstr = ($oid ? "REPLACE INTO {$tblprefix}offers (cid,storage) VALUES " : "REPLACE INTO {$tblprefix}archives_sub (aid,storage) VALUES ") . join(',', $sqlstr); $sqlstr = ($oid ? "REPLACE INTO {$tblprefix}offers (cid,storage) VALUES " : "REPLACE INTO {$tblprefix}archives_sub (aid,storage) VALUES ") . join(',', $sqlstr); $db->query($sqlstr);//更新库存*/ $table = $oid ? 'offers' : 'archives_sub'; $key = $oid ? 'cid' : 'aid'; foreach ($nums as $k => $v) { $sqlstr = "UPDATE {$tblprefix}{$table} SET storage={$v} WHERE {$key}={$k}"; $db->query($sqlstr); //更新库存 } $sqlstr = array(); $mname = $curuser->info['mname'];
<?php define('NOROBOT', TRUE); include_once dirname(dirname(__FILE__)) . '/include/general.inc.php'; !defined('M_COM') && exit('No Permisson'); $timestamp = time(); $x_size = empty($regcode_width) ? 60 : $regcode_width; $y_size = empty($regcode_height) ? 20 : $regcode_height; $nmsg = random(4, 1); msetcookie('08cms_regcode', authcode($timestamp . "\t" . $nmsg, 'ENCODE')); if (function_exists('imagecreate') && function_exists('imagecolorallocate') && function_exists('imagepng') && function_exists('imagesetpixel') && function_exists('imageString') && function_exists('imagedestroy') && function_exists('imagefilledrectangle') && function_exists('imagerectangle')) { $aimg = imagecreate($x_size, $y_size); $back = imagecolorallocate($aimg, 255, 255, 255); $border = imagecolorallocate($aimg, 183, 216, 239); imagefilledrectangle($aimg, 0, 0, $x_size - 1, $y_size - 1, $back); imagerectangle($aimg, 0, 0, $x_size - 1, $y_size - 1, $border); for ($i = 1; $i <= 20; $i++) { $dot = imagecolorallocate($aimg, mt_rand(150, 255), mt_rand(150, 255), mt_rand(150, 255)); imagesetpixel($aimg, mt_rand(2, $x_size - 2), mt_rand(2, $y_size - 2), $dot); } for ($i = 1; $i <= 10; $i++) { imageString($aimg, 1, $i * $x_size / 12 + mt_rand(1, 3), mt_rand(1, 13), '.', imageColorAllocate($aimg, mt_rand(150, 255), mt_rand(150, 255), mt_rand(150, 255))); } for ($i = 0; $i < strlen($nmsg); $i++) { imageString($aimg, mt_rand(4, 5), $i * $x_size / 4 + mt_rand(1, 5), mt_rand(1, 6), $nmsg[$i], imageColorAllocate($aimg, mt_rand(50, 255), mt_rand(0, 120), mt_rand(50, 255))); } header("Pragma:no-cache"); header("Cache-control:no-cache"); header("Content-type: image/png"); imagepng($aimg); imagedestroy($aimg);
$fields =& $initfields; foreach ($fields as $k => $field) { if ($field['available'] && $field['issearch']) { $a_field->init(1); $a_field->field = $field; $a_field->trsearch(); } } unset($a_field); } mtrbasic(lang('indays'), 'indays', $indays); mtrbasic(lang('outdays'), 'outdays', $outdays); mtabfooter('searchsubmit', lang('search')); if (submitcheck('searchsubmit')) { if ($search_repeat) { empty($m_cookie['08cms_search_time']) ? msetcookie('08cms_search_time', '1', $search_repeat) : mcmessage('searchoverquick'); } $pagetmp = $page; do { $query = $db->query("SELECT a.* {$fromstr} {$wherestr} {$orderstr} LIMIT " . ($pagetmp - 1) * $mrowpp . ",{$mrowpp}"); $pagetmp--; } while (!$db->num_rows($query) && $pagetmp); $itemarchive = ''; $no = $pagetmp * $mrowpp; while ($archive = $db->fetch_array($query)) { $no++; $archive['arcurl'] = view_arcurl($archive); $archive['subject'] = "<a href=\"{$archive['arcurl']}\" target=\"_blank\">" . mhtmlspecialchars($archive['subject']) . "</a>"; $archive['catalog'] = $catalogs[$archive['caid']]['title']; $archive['createdate'] = date("{$dateformat} {$timeformat}", $archive['createdate']); $itemarchive .= "<tr><td class=\"item\" width=\"40\">{$no}</td>\n" . "<td class=\"item2\">{$archive['subject']}</td>\n" . "<td align=\"center\" class=\"item\">{$archive['catalog']}</td>\n" . "<td align=\"center\" class=\"item\">{$archive['mname']}</td>\n" . "<td align=\"center\" class=\"item\" width=\"110\">{$archive['createdate']}</td></tr>\n";
$submitstr .= makesubmitstr('npassword', 1, 0, 0, 15); $submitstr .= makesubmitstr('npassword2', 1, 0, 0, 15); $submitstr .= tr_regcode('login'); tabfooter('bmemberpwd'); check_submit_func($submitstr); } else { if (!regcode_pass('login', empty($regcode) ? '' : trim($regcode))) { mcmessage('regcodeerror', '?action=memberpwd'); } $opassword = trim($opassword); $npassword = trim($npassword); $npassword2 = trim($npassword2); if (md5(md5($opassword)) != $curuser->info['password']) { mcmessage('oldpasserror', '?action=memberpwd'); } if ($npassword != $npassword2) { mcmessage('notsamepwd', '?action=memberpwd'); } if (!$npassword || strlen($npassword) > 15 || $npassword != addslashes($npassword)) { mcmessage('memberpwdillegal', '?action=memberpwd'); } if ($enable_uc) { include_once M_ROOT . './include/ucenter/uc.inc.php'; } $npassword = md5(md5($npassword)); $curuser->updatefield('password', $npassword, 'main'); $curuser->updatedb(); msetcookie('userauth', authcode("{$npassword}\t{$memberid}", 'ENCODE')); // msetcookie('userauth',authcode("$npassword\t$memberid",'ENCODE'),31536000); mcmessage('mempassmodsuc', '?action=memberpwd'); }
function cms_spread($uid, $mode = 0) { global $db, $tblprefix, $onlineip, $timestamp, $curuser, $m_cookie; if (empty($uid) && $mode == 1) { $uid = empty($m_cookie['spread_uid']) ? '' : $m_cookie['spread_uid']; } else { $uid = trim($uid); } if (empty($uid) || !($commu = read_cache('commu', 9)) || empty($commu['available']) || empty($commu['setting'][$mode])) { return; } $user = new cls_userinfo(); $user->activeuserbyname($uid); if (!($mid = $user->info['mid']) || $mid == $curuser->info['mid']) { return; } $s =& $commu['setting'][$mode]; $ip = ip2long($onlineip); $time = getdate($timestamp); $time = mktime(0, 0, 0, $time['mon'], $time['mday'], $time['year']); $record = $db->result_one("SELECT COUNT(*) FROM {$tblprefix}spreads WHERE mid='{$mid}' AND ip={$ip} AND mode={$mode} AND time>{$time}"); if ($s['value'] && (!$s['count'] || $s['count'] > $db->result_one("SELECT COUNT(*) FROM {$tblprefix}spreads WHERE mid='{$mid}' AND time>{$time}")) && !$record) { $user->updatecrids(array($s['crid'] => $s['value']), 1); } $record || $db->query("INSERT INTO {$tblprefix}spreads(mid,ip,mode,time) VALUES('{$mid}',{$ip},{$mode},{$timestamp})"); $mode ? mclearcookie('spread_uid') : msetcookie('spread_uid', $uid); }
if (!($field = @$fields[$fname]) || $field['datatype'] != 'vote') { message('choosevoteitem'); } if ($type == 'archives' && !$field['mcommon']) { $tbl = $type . "_{$typeid}"; } elseif ($type == 'members') { $tbl = $type . ($field['mcommon'] ? '_sub' : "_{$typeid}"); } elseif ($type == 'farchives') { $tbl = $type . "_{$typeid}"; } if ($field['nohtml'] && !$memberid) { message('nousernooperatepermis', M_REFERER); } if ($field['mode'] || $field['length']) { if (empty($m_cookie['voted_' . $type . $id . '_' . $fname . '_timelimit'])) { msetcookie('voted_' . $type . $id . '_' . $fname . '_timelimit', '1', $field['mode'] ? 365 * 24 * 3600 : $field['length'] * 60); } else { message($field['mode'] ? 'norepeatoper' : 'overquick', M_REFERER); } } $valid0 = false; foreach ($vopids as $vid => $opids) { if (!($vote = @$votes[$vid]) || $vote['enddate'] && $vote['enddate'] < $timestamp) { continue; } $valid = false; foreach ($opids as $opid) { if (isset($vote['options'][$opid])) { $vote['options'][$opid]['votenum'] = @$vote['options'][$opid]['votenum'] + 1; $valid = true; }
$comstr .= ",password='******'"; $comstr .= ",email='{$email}'"; $comstr .= ",mtcid=1"; $comstr .= ",mchid='{$mchid}'"; foreach ($currencys as $crid => $currency) { $currency['available'] && $currency['initial'] && ($comstr .= ",currency" . $crid . "='" . $currency['initial'] . "'"); } $autocheck == 1 && ($comstr .= ",checked='1'"); $comstr .= ",regip='{$onlineip}'"; $comstr .= ",regdate='{$timestamp}'"; $db->query("INSERT INTO {$tblprefix}members SET {$comstr}"); if ($mid = $db->insert_id()) { $substr = "mid='{$mid}'"; if ($autocheck == 2) { $confirmid = random(6); $confirmstr = "{$timestamp}\t2\t{$confirmid}"; $substr .= ",confirmstr='" . $confirmstr . "'"; } $db->query("INSERT INTO {$tblprefix}members_sub SET {$substr}"); $db->query("INSERT INTO {$tblprefix}members_{$mchid} SET mid='{$mid}'"); if ($autocheck == 1) { msetcookie('userauth', authcode(md5(md5($password)) . "\t{$mid}", 'ENCODE')); } elseif ($autocheck == 2) { mailto($email, 'member_active_subject', 'member_active_content', array('mid' => $mid, 'mname' => $mname, 'url' => "{$cms_abs}tools/memactive.php?action=emailactive&mid={$mid}&id={$confirmid}")); } mcmessage(!$autocheck ? 'userchecking' : ($autocheck == 2 ? 'emailactiving' : 'memactivesucceed'), $forward); } else { mcmessage('memactfai', $forward); } } }