function olpay_end($numcode)
{
global $db, $pre, $webdb, $banktype, $pay_code, $lfjuid;
$pay_code = str_replace('QIBO', '=', $pay_code);
//这个符号“=”容易出问题
if (!$pay_code) {
showerr("数据有误!!");
}
list($type, $atc_moeny, $atc_numcode, $mid, $shopmoney) = explode("\t", mymd5($pay_code, 'DE'));
if ($atc_numcode != intval($numcode)) {
showerr("数据被修改过!!");
}
//主要是针对支付宝不能单纯一位数字的问题,inc/olpay/alipay.php,文件中做了修改
$numcode = str_replace("code", "", $numcode);
//万能表单订单
if ($type == 'form') {
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `formid`='{$mid}'");
//商城订单
} elseif ($type == 'module') {
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `moduleid`='{$mid}'");
$db->query("UPDATE {$pre}shoporderuser SET ifpay='1' WHERE id='{$atc_numcode}'");
//奖励积分
if ($shopmoney) {
add_user($lfjuid, $shopmoney, '购买商品得分');
}
}
if (!$rt) {
showerr('系统中没有您的订单,无法完成支付!');
}
if ($rt['ifpay'] == 1) {
showerr('该订单已经支付成功!');
}
$db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'");
refreshto("{$webdb['www_url']}/", "恭喜你支付成功", 60);
}
public function login()
{
$username = $this->data['username'];
$password = $this->data['password'];
$row = $this->field('id,username,status,password,salt,total_score')->where(array('username' => $username))->find();
if ($row) {
switch ($row['status']) {
case 2:
$this->error = '未激活!';
return false;
case 0:
case -1:
$this->error = '锁定或删除!';
return false;
}
if ($row['password'] == mymd5($password, $row['salt'])) {
//得到用户的会员价格和折扣
$memberLevel = $this->getMemberLevel($row['total_score']);
$row = array_merge($row, $memberLevel);
return $row;
} else {
$this->error = '密码错误!';
return false;
}
} else {
$this->error = '用户名不存在!';
return false;
}
}
function login()
{
$uname = request('uname');
$passwd = request('passwd');
if (false == ($uname && $passwd)) {
$this->ajaxError('用户名或者密码没有填写');
}
//echo mymd5($passwd);
$user = UserModel::get('', $uname);
if (!$user) {
$this->ajaxError('用户不存在');
}
if ($user['passwd'] != mymd5($passwd)) {
$this->ajaxError('密码不正确');
}
$_SESSION['user'] = $user;
$this->ajaxSuccess($user);
}
} else {
if (!($in = @fopen("php://input", "rb"))) {
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
}
}
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
@fclose($out);
@fclose($in);
// Check if file has been uploaded
if (!$chunks || $chunk == $chunks - 1) {
// Strip the temp .part suffix off
rename("{$filePath}.part", $filePath);
rename($filePath, $uploadPath);
array_push($md5File, mymd5($uploadPath));
$md5File = array_unique($md5File);
file_put_contents('md5list2.txt', join($md5File, "\n"));
}
function mymd5($file)
{
$fragment = 65536;
$rh = fopen($file, 'rb');
$size = filesize($file);
$part1 = fread($rh, $fragment);
fseek($rh, $size - $fragment);
$part2 = fread($rh, $fragment);
fclose($rh);
return md5($part1 . $part2);
}
// Return Success JSON-RPC response
<?php
include "include/function.php";
echo mymd5("aaaaaa", "EN");
}
$rs[nowprice] = str_replace(",", "", $rs[nowprice]);
$totalmoney += $rs[nowprice];
$buydb[$value] = 1;
}
if ($sendType == 'EMS快递') {
$totalmoney += $webdb[ShopEmsSend];
} elseif ($sendType == '其他快递') {
$totalmoney += $webdb[ShopOtherSend];
} elseif ($sendType == '平邮') {
$totalmoney += $webdb[ShopNormalSend];
}
$db->query("UPDATE `{$pre}shoporderuser` SET `totalmoney`='{$totalmoney}' WHERE id='{$orderid}'");
setcookie("buyid", '');
if ($payType == '在线支付' && $totalmoney > 0) {
$pay_code = str_replace('+', '%2B', mymd5("module\t{$totalmoney}\t{$orderid}\t{$rs['mid']}\t{$shopmoney}"));
echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$webdb['www_url']}/do/olpay.php?pay_code={$pay_code}'>";
exit;
}
echo '<meta http-equiv="Content-Type" content="text/html; charset=gb2312">';
die("<CENTER>恭喜你,订单提交成功,请劳记你的订单号,方便查询,你的订单号是:<font color=red>{$orderid}</font><br><br><A HREF='{$webdb['www_url']}/'>点击返回首页</A></CENTER>");
}
$detail = explode(",", $buyid);
foreach ($detail as $key => $value) {
if (!is_numeric($value)) {
unset($detail[$key]);
}
$numdb[$value]++;
}
$fids = implode(",", $detail);
$totalmoney = 0;
';
include "../include/conn.php";
include "../include/function.php";
if ($action == "changepass") {
$hint = "";
if (trim($pwd1) == "") {
$hint .= "请输入密码\\n";
}
if ($pwd2 != $pwd1) {
$hint .= "两次密码不一致\\n";
}
if ($hint != "") {
echo "<script>alert('" . $hint . "');history.back();</script>";
exit;
}
$sql = "update {$db_prefix}admin set pwd='" . mymd5($pwd1, "EN") . "' where id='" . $_SESSION["glo_adminid"] . "'";
$db->query($sql);
echo "<script>alert('密码已修改');location.href='changepass.php';</script>";
exit;
}
echo '</HEAD><body>
<form name="form1" method="post" action="?action=changepass">
<br>
<TABLE width="421" border=0 align="center" cellPadding=0 cellSpacing=0 class=Table_xt>
<TBODY>
<TR><TD width="421" colSpan=4>
<TABLE cellSpacing=0 cellPadding=0 width="100%" background="images/tab_05.gif"><TBODY><TR>
<TD width=213 height=23> <strong>密码修改</strong></TD>
<TD > </TD>
</TR></TBODY></TABLE>
public function edit($id = '')
{
if (!$id) {
$id = request('id');
}
if (isset($_POST['id'])) {
$uname = request('uname');
$user = UserModel::get('', $uname);
if ($user && $user['id'] != $id) {
$this->error('用户名重复');
}
$passwd = request('passwd');
if ($passwd) {
if ($passwd != request('passwd2')) {
$this->error('两次输入的密码不一致');
}
$data['passwd'] = mymd5($passwd);
}
if ($GLOBALS['method'] != 'my') {
$data['group_id'] = request('group_id');
$data['department_id'] = request('department_id');
}
$data['alias'] = request('alias');
$data['uname'] = request('uname');
$data['phone'] = request('phone');
if (UserModel::update($id, $data)) {
$this->success(request('reffer'));
} else {
$this->error('更新失败');
}
} else {
$user = UserModel::get($id);
if (!$user) {
$this->error('用户不存在');
}
$this->assign('user', $user);
$this->display('user_edit');
}
}
//注册时间间隔处理
if ($webdb[limitRegTime]) {
set_cookie("limitRegTime", 1, $webdb[limitRegTime] * 60);
}
//注册用户自定义字段
Reg_memberdata_field($uid, $postdb);
//通行证处理
if ($_COOKIE[passport_url] || $_POST[passport_url]) {
$passport_url = urldecode($_COOKIE[passport_url] ? $_COOKIE[passport_url] : $_POST[passport_url]);
setcookie('passport_url', '');
$userDB->passport_server($username, $passport_url);
}
$jumpto && ($jumpto = urldecode($jumpto));
add_user($uid, $webdb[regmoney], '注册得分');
//捆绑QQ帐号
list($token, $secret, $openid) = explode("\t", mymd5(get_cookie('token_secret'), 'DE'));
if ($openid) {
$rs1 = $db->get_one("SELECT * FROM {$pre}memberdata WHERE `qq_api`='{$openid}'");
if (!$rs1) {
$db->query("UPDATE {$pre}memberdata SET `qq_api`='{$openid}' WHERE username='******'");
refreshto("{$webdb['www_url']}", "帐号捆绑成功!!", 1);
}
}
if (strstr($jumpto, $webdb[www_url])) {
refreshto("{$jumpto}", "恭喜你,注册成功", 1);
} else {
refreshto("{$webdb['www_url']}", "恭喜你,注册成功", 1);
}
} else {
//通行证处理
if ($_GET[passport_url]) {
echo '<HTML><HEAD><title></title><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="/images/datalist.css" type="text/css">
';
include "../include/conn_2.php";
include "../include/function.php";
session_start();
if ($action == "secpwd") {
$hint = "";
if ($pwd1 != $re_pwd1) {
$hint .= "Different entering\\";
}
if ($hint != "") {
echo "<script>alert('" . $hint . "');history.back();</script>";
exit;
}
$sql_1 = "select * from {$db_prefix}users where username='******' and pwd1='" . mymd5($pwd1, "EN") . "'";
$rs_1 = $db->get_one($sql_1);
if (empty($rs_1["id"])) {
echo "<script>alert('Fail to confirm');history.back();</script>";
exit;
}
$_SESSION["glo_usersecpwd"] = $rs_1["pwd1"];
header("location:{$fromurl1}");
exit;
}
echo '</HEAD><body>
<form name="form1" method="post" action="?action=secpwd">
<br>
<TABLE width="600" border=0 align="center" cellPadding=0 cellSpacing=0 class=Table_xt>
<TBODY>
function passport_server($username, $url)
{
global $WEBURL;
if (eregi("^{$WEBURL}", $url)) {
showerr("网址有误!");
}
if (!strstr($url, '?')) {
$url .= '?';
} else {
$url .= '&';
}
$rs = $this->get_allInfo($username, 'name');
$md5code = "uid={$rs['uid']}&username={$rs['username']}&password={$rs['password']}&email={$rs['email']}";
$md5code = urlencode(mymd5($md5code));
echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$url}md5code={$md5code}'>";
exit;
}
function testMyMd5()
{
$md5 = mymd5("impxl");
my_log($md5);
my_log(mymd5($md5, "DE"));
}
unset($_ENV, $HTTP_COOKIE, $HTTP_ENV_VARS, $_REQUEST, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_POST_FILES, $HTTP_COOKIE_VARS);
$db = new MYSQL_DB();
unset($web_admin, $sort_admin, $lfjid, $lfjuid, $lfjpwd, $lfjdb, $groupdb);
$usr_oltime = intval($usr_oltime);
/*用户登录模块*/
if ($webdb[passport_type] && is_file(ROOT_PATH . "inc/passport/{$webdb[passport_type]}.php")) {
require_once ROOT_PATH . "inc/passport/{$webdb[passport_type]}.php";
$userDB = new qb_user();
$lfjdb = PassportUserdb();
} else {
$TB = array("table" => "{$pre}members", "uid" => "uid", "username" => "username", "password" => "password");
$userDB = new qb_user();
$lfjdb = $userDB->login_info();
}
//同步后台登录
if ($_COOKIE["adminID"] && ($detail = mymd5($_COOKIE["adminID"], 'DE', $onlineip))) {
unset($_uid, $_username, $_password);
list($_uid, $_username, $_password) = explode("\t", $detail);
$lfjdb = $db->get_one("SELECT * FROM {$pre}memberdata WHERE uid='{$_uid}' AND username='******'");
}
if ($lfjdb[yz]) {
$lfjid = $lfjdb['username'];
$lfjuid = $lfjdb['uid'];
$lfjdb[icon] && ($lfjdb[icon] = tempdir($lfjdb[icon]));
if ($lfjdb['groupid'] == 3 || $lfjdb['groupid'] == 4) {
$web_admin = $sort_admin = '1';
}
if (file_exists(ROOT_PATH . "data/group/{$lfjdb[groupid]}.php")) {
$groupdb = @(include ROOT_PATH . "data/group/{$lfjdb[groupid]}.php");
} else {
$lfjdb['groupid'] = 8;
unset($sqldb);
$sqldb['id'] = "id='{$id}'";
$sqldb['uid'] = "uid='{$lfjuid}'";
/*检查判断辅信息表要插入哪些字段的内容*/
$array = table_field("{$_pre}content_{$fidDB['id']}");
foreach ($array as $key => $value) {
if ($value == "id" || $value == "uid") {
continue;
}
isset($postdb[$value]) && ($sqldb["{$value}"] = "`{$value}`='{$postdb[$value]}'");
}
$sql = implode(",", $sqldb);
$db->query("INSERT INTO `{$_pre}content_{$fidDB['id']}` SET {$sql}");
//在线支付
if ($postdb[paytype] == 'olpay' && $postdb[paymoney] > 0) {
$pay_code = str_replace('+', '%2B', mymd5("form\t{$postdb['paymoney']}\t{$id}\t{$mid}"));
echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$webdb['www_url']}/do/olpay.php?pay_code={$pay_code}'>";
exit;
}
refreshto("/", "表单提交成功 ", 5);
} elseif ($job == "edit") {
$rsdb = $db->get_one("SELECT A.*,B.* FROM `{$_pre}content` A LEFT JOIN `{$_pre}content_{$fidDB['id']}` B ON A.id=B.id WHERE A.id='{$id}'");
if ($rsdb[uid] != $lfjuid && !$web_admin) {
showerr("你无权修改");
}
/*对附件地址作还原*/
foreach ($m_config[is_html] as $key => $value) {
$rsdb[$key] = editor_replace($rsdb[$key]);
$rsdb[$key] = En_TruePath($rsdb[$key], 0);
}
/*表单默认变量作处理*/
<?php
require dirname(__FILE__) . "/" . 'global.php';
if ($_POST) {
if (!ereg("^[0-9a-z_]+\$", $dir)) {
$dir = "other";
}
$array[name] = is_array($Filedata) ? $_FILES[Filedata][name] : $Filedata_name;
$array[path] = $webdb[updir] . "/" . $dir;
$array[size] = is_array($Filedata) ? $_FILES[Filedata][size] : $Filedata_size;
$array[updateTable] = 1;
//统计用户上传的文件占用空间大小
list($lfjid, $lfjuid) = explode("\t", mymd5($_POST[str], 'DE'));
$filename = upfile(is_array($Filedata) ? $_FILES[Filedata][tmp_name] : $Filedata, $array);
/*
ob_end_clean();
ob_start();
print_r($_POST);
$c=ob_get_contents();ob_end_clean();
write_file('a.txt',$c);
*/
if (!$filename) {
echo "";
} else {
$newfile = "{$dir}/{$filename}";
echo "{$newfile}|{$array['name']}|{$array['size']}";
}
}
<?php
require_once dirname(__FILE__) . "/" . "global.php";
header("Content-type: application/xml");
$string = '';
$detail = explode(",", $filetype);
foreach ($detail as $key => $value) {
if ($value) {
$string .= "<items>{$value}</items>\r\n";
}
}
$uploadMax = intval(ini_get('upload_max_filesize') ? ini_get('upload_max_filesize') : '2');
$str = str_replace('+', '%2B', mymd5("{$lfjid}\t{$lfjuid}"));
echo '<?xml version="1.0" encoding="utf-8"?>';
print <<<EOT
<sapload>
\t<config>
\t\t<upLoadUrl>{$webdb['www_url']}/do/swfupload.php</upLoadUrl>
\t\t<maxNum>100</maxNum>
\t\t<upMaxbig>{$uploadMax}</upMaxbig>
\t\t<fileType>
\t\t\t{$string}
\t\t</fileType>
\t\t<arguments>
\t\t\t<items atr="str">{$str}</items>
\t\t</arguments>
\t</config>
</sapload>
EOT
echo '\');location.href=\'userreg.php?';
reset($_POST);
if (count($_POST)) {
while (list($key, $val) = each($_POST)) {
if (!is_array($_POST[$key])) {
echo $key . "=" . urlencode($_POST[$key]) . "&";
}
}
}
echo 'tempt=haha\';</script>
';
exit;
}
$db->query("update {$db_prefix}users set tjnum=tjnum+1 where username='******'");
}
$sql = "insert into {$db_prefix}users(username,realname,pwd,pwd1,tjrname,prename,tjstr,glstr,pos,zmdname,price,bv,bdmoney,bdnum,bdnum_team,pv_reg,pv_team_reg,pv_team_regp,rank0,rank,isdp,state,lognum,regtime,confirmtime,sex,province,city,area,mobile,postcode,address,receiver,email,idcard,bank,zhanghao,huzhu,bankaddress,fax,qq,gldept,tjdept,regusername,regrealname,regtype,timepre,tghttp,timeok,tjnet) values('" . trim($username) . "','" . trim($realname) . "','" . mymd5($pwd, "EN") . "','" . mymd5($pwd1, "EN") . "','" . trim($tjrname) . "','" . trim($prename) . "','" . $tjstr . "','" . $glstr . "','{$pos}','" . trim($zmdname) . "','{$price}','{$bv}','{$bdmoney}','{$bdnum}','{$bdnum}','{$bdmoney}','{$bdmoney}','{$bdmoney}','{$rank}','{$rank}','{$isdp}','{$regstate}','0','{$modtime}','{$confirmtime}','{$sex}','{$province}','{$city}','{$area}','{$mobile}','{$postcode}','{$address}','{$receiver}','{$email}','{$idcard}','{$bank}','{$zhanghao}','{$huzhu}','{$bankaddress}','{$fax}','{$qq}','{$gldept}','{$tjdept}','" . $_SESSION["glo_username"] . "','" . $_SESSION["glo_realname"] . "','1','{$timepre}','{$tghttp}','{$timeok}','{$tjnet}')";
$db->query($sql);
if ($bdmoney > 0) {
if ($regstate == 1) {
$db->query("update {$db_prefix}users set tjnum=tjnum+1,rfd=0,zfd=0 where username='******' limit 1");
$tjnetary = explode(",", trim($tjstr));
include "../mjjsalfecals.php";
insertintopv_1($year, $month, $day, $username, $bdmoney, $bdnum, 1);
if (trim($glstr) != '') {
$glnetary = explode(",", trim($glstr));
foreach ($glnetary as $u => $u1) {
updateglnettdpv($year, $month, $day, $u1, $bdmoney, $bdnum, 1);
}
unset($glnetary);
}
$tjnetupstr = "";
function synlogin($get, $post)
{
$uid = $get['uid'];
$username = $get['username'];
if (!API_SYNLOGIN) {
return API_RETURN_FORBIDDEN;
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
global $userDB;
$rs = $userDB->get_passport($uid);
set_cookie("passport", "{$rs['uid']}\t{$username}\t" . mymd5("{$rs['password']}"), 86400);
}
if (get_money($lfjuid) < $fen) {
showerr("你的{$webdb[MoneyName]}不足{$fen}{$webdb[MoneyDW]}", 1);
} else {
add_user($lfjuid, -$fen, '观看视频扣分');
//1小时内不重复扣积分
setcookie("down_{$rsdb['aid']}", mymd5("{$ti}\t{$rsdb['aid']}"), $timestamp + 3600);
}
}
} elseif (!$web_admin && $lfjuid !== $rsdb[uid] && $rsdb[money] > 0) {
if ($Aid != $rsdb[aid] || $TI != $ti) {
if (get_money($lfjuid) < $rsdb[money]) {
showerr("你的{$webdb[MoneyName]}不足{$rsdb[money]}{$webdb[MoneyDW]}", 1);
} else {
add_user($lfjuid, -$rsdb[money], '观看视频扣分');
//1小时内不重复扣积分
setcookie("down_{$rsdb['aid']}", mymd5("{$ti}\t{$rsdb['aid']}"), $timestamp + 3600);
}
}
}
//更新点击量
update_hits($mid, $midDB[keywords], $id, $rid, $rsdb[hits_time]);
$true_url = tempdir($url);
require_once html("player");
//下载与播放视频更新点击率
function update_hits($mid, $keyword, $aid, $rid, $time)
{
global $lfjid, $db, $pre, $timestamp;
if ($keyword == 'download' || $keyword == 'mv') {
if (date("W", $time) != date("W", $timestamp)) {
$SQL .= ",week_hits=1";
} else {
showmsg("你当前所在用户组,无权访问");
}
} else {
setcookie("Admin", '', 0, "/");
showmsg("<A HREF='index.php?iframe=1'>请输入正确密码帐号再访问</A>");
}
}
if ($ForceEnter == 1) {
$groupdb = @(include ROOT_PATH . "data/group/3.php");
$Apower = $groupdb[allowadmindb];
} elseif (!$userdb) {
include './template/login.htm';
exit;
} else {
//同步前台登录
$md5code = mymd5("{$lfjdb['uid']}\t{$lfjdb['username']}\t{$lfjdb['password']}", 'EN', $onlineip);
setcookie("adminID", $md5code, $timestamp + 1800, '/');
}
function login_logs($username, $password)
{
global $timestamp, $onlineip;
$logdb[] = "{$username}\t{$password}\t{$timestamp}\t{$onlineip}";
@(include ROOT_PATH . "cache/adminlogin_logs.php");
$writefile = "<?php\t\r\n";
$jj = 0;
foreach ($logdb as $key => $value) {
$jj++;
$value = addslashes($value);
$writefile .= "\$logdb[]='{$value}';\r\n";
if ($jj > 200) {
break;
}
$md5code = str_replace('+', '%2B', mymd5("{$code}\t{$mobphone}\t{$lfjuid}", "EN"));
require dirname(__FILE__) . "/" . "head.php";
require dirname(__FILE__) . "/" . "template/yz.htm";
require dirname(__FILE__) . "/" . "foot.php";
} elseif ($action == 'mobphone2') {
if ($lfjdb[mob_yz]) {
showerr("请不要重复验证手机号码!");
}
if (!$yznum) {
showerr("请输入验证码");
} elseif (!$md5code) {
showerr("资料有误");
} else {
unset($code, $mobphone, $uid);
list($code, $mobphone, $uid) = explode("\t", mymd5($md5code, "DE"));
if ($code != $yznum || $uid != $lfjuid) {
showerr("验证码不对");
}
}
add_user($lfjuid, $webdb[YZ_MobMoney], '手机号码审核奖分');
$db->query("UPDATE {$pre}memberdata SET mobphone='{$mobphone}',mob_yz='1' WHERE uid='{$lfjuid}'");
refreshto("yz.php?job=mob", "恭喜你,你的手机号码成功通过审核,你同时得到 {$webdb[YZ_MobMoney]} 个积分奖励!", 10);
} else {
unset($idcardpic);
if ($job == 'idcard') {
if (is_file(ROOT_PATH . "{$webdb['updir']}/idcard/{$lfjuid}.jpg")) {
$idcardpic = "idcard/{$lfjuid}.jpg";
}
}
require dirname(__FILE__) . "/" . "head.php";
<?php
!function_exists('html') && exit('ERR');
unset($name, $uid, $email);
list($name, $uid, $email) = explode("\t", mymd5($eid, 'DE'));
if ($name && $uid && $email) {
$rsdb = $userDB->get_info($uid);
if ($rsdb[email_yz] == 1) {
showerr("请不要重复验证");
} elseif ($rsdb) {
$array = array('username' => $name, 'uid' => $uid, 'email_yz' => 1, 'email' => $email);
$userDB->edit_user($array);
add_user($rsdb[uid], $webdb[YZ_EmailMoney], '邮箱审核奖分');
refreshto("{$webdb['www_url']}/", "恭喜你!邮箱验证成功,同时你的{$webdb[MoneyName]}增加了{$webdb[YZ_EmailMoney]}{$webdb[MoneyDW]}", 3);
} else {
showerr("邮箱验证失败,可能当前帐号已被删除!");
}
} else {
showerr("验证失败!");
}
$smtp->debug = false;
if ($smtp->sendmail($atc_email, $webdb[MailId], $Title, $Content, "HTML")) {
$succeeNUM++;
}
} else {
if (mail($atc_email, $Title, $Content)) {
$succeeNUM++;
}
}
if ($succeeNUM) {
refreshto("../", "系统已经成功发送邮件到你的邮箱:“{$atc_email}”,请注意查收!", 5);
} else {
showerr("邮件发送失败,可能你的邮箱有误,或者是服务器发送邮件功能有问题!!");
}
} elseif ($job == 'activate') {
list($username, $password) = explode("\t", mymd5($md5_id, 'DE'));
$rs = $userDB->get_allInfo($username, 'name');
if ($rs && $rs[password] == $password) {
$db->query("UPDATE {$pre}memberdata SET `yz`='1' WHERE uid='{$rs['uid']}'");
refreshto("login.php", "恭喜你,你的帐号“{$username}”激活成功,请立即登录,体验会员特有的功能!", 10);
} else {
showerr("帐号激活失败!");
}
}
if ($username) {
$rs = $userDB->get_allInfo($username, 'name');
$email = $rs[email];
}
require ROOT_PATH . "inc/head.php";
require html("activate");
require ROOT_PATH . "inc/foot.php";
/**
* @brief redirect to QQ login page
* rfc1738 urlencode
* @param $appid
* @param $appkey
* @param $callback
*/
function redirect_to_login($appid, $appkey, $callback)
{
//授权登录页
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//获取request token
$result = array();
$request_token = get_request_token($appid, $appkey);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.真实情况需要网站自己处理
//$_SESSION["token"] = $result["oauth_token"];
//$_SESSION["secret"] = $result["oauth_token_secret"];
set_cookie('token_secret', mymd5($result["oauth_token"] . "\t" . $result["oauth_token_secret"]), 3600);
if ($result["oauth_token"] == "") {
showerr('API信息不对!');
//demo中不对错误情况做处理
//网站需要自己处理错误情况
// exit;
}
//302跳转到授权页面
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
header("Location:{$redirect}");
}
if ($glo_s_idcard) {
echo '<span class="style1">*</span> ';
}
echo '</TD>
</TR>
<TR>
<TD align="right" valign="middle" bgColor="#FBFDFF" >一级密码:</TD>
<TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="pwd" type="password" id="pwd" value="';
echo mymd5($rs["pwd"], "DE");
echo '">
<span class="style1">*</span> </TD>
</TR>
<TR>
<TD align="right" valign="middle" bgColor="#FBFDFF" >二级密码:</TD>
<TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="pwd1" type="password" id="pwd1" value="';
echo mymd5($rs["pwd1"], "DE");
echo '">
<span class="style1">*</span> </TD>
</TR>
<!--<TR>
<TD align="right" valign="middle" bgColor="#FBFDFF" >旅游记录:</TD>
<TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="lvyou" type="text" id="lvyou" value="';
echo $rs["lvyou"];
echo '" size="55"> </TD>
</TR>-->
<TR>
<TD align="right" valign="middle" bgColor="#FBFDFF" >性别:</TD>
<TD height="38" align="left" valign="middle" bgColor="#FBFDFF" ><input name="sex" type="radio" value="男" ';
if ($rs["sex"] == "男") {
echo "checked";
}
session_start();
if ($action == "login") {
$hint = '';
if (trim($username) == '') {
$hint .= "请输入用户名/手机号\\n";
}
if (trim($password) == '') {
$hint .= "请输入密码\\n";
}
if ($hint != "") {
echo "<script>alert('" . $hint . "');history.back();</script>";
exit;
}
$check_ary = array(" ", "'", "or", "OR", "and", "AND", "%", "union", "UNION", "join", "JOIN", ";", "\\%", "{", "}", "\$", "=", "/", "\\", "|", "||");
$username = str_replace($check_ary, "", $username);
$sql_lgn = "select * from {$db_prefix}users where (username='******' or mobile='" . $username . "') and pwd='" . mymd5($password, "EN") . "' and state=1";
$rs_lgn = $db->get_one($sql_lgn);
if (empty($rs_lgn["id"])) {
$hint .= "登录失败\\n";
}
if ($glo_identify_1) {
if ($verifycode != $_SESSION["code_2"]) {
$hint .= "验证码错误\\n";
}
}
if ($hint != "") {
echo "<script>alert('" . $hint . "');history.back();</script>";
exit;
}
$_SESSION["glo_userid"] = $rs_lgn["id"];
$_SESSION["glo_username"] = $rs_lgn["username"];
<?php
!function_exists('html') && exit('ERR');
//当前文件是注册时通过手机或邮箱获取注册码的功能
if (!is_table("{$pre}regnum")) {
$db->query("CREATE TABLE `{$pre}regnum` (\n\t`sid` varchar( 8 ) NOT NULL default '',\n\t`num` varchar( 6 ) NOT NULL default '',\n\t`posttime` int( 10 ) NOT NULL default '0',\n\tUNIQUE KEY `sid` ( `sid` ) ,\n\tKEY `posttime` ( `num` , `posttime` ) \n\t) ENGINE = HEAP");
}
if (!$webdb[yzNumReg]) {
showerr('系统没开放这个功能!');
}
$time = $timestamp - 60;
if ($db->get_one("SELECT * FROM {$pre}regnum WHERE sid='{$usr_sid}' AND posttime>{$time}")) {
showerr("如果你的注册码还没有收到的话?请一分钟后再重发!");
}
$randNum = rands(2) . substr(mymd5($num), 0, 2);
$content = $webdb['webname'] . "提供给您的注册码是:(" . $randNum . ")这四位数";
if ($webdb['yzNumReg'] == 2) {
if (!ereg("^1([0-9]{10})\$", $num)) {
showerr('手机号码有误!' . $num);
}
if (sms_send($num, $randNum)) {
$db->query("REPLACE INTO `{$pre}regnum` ( `sid` , `num` , `posttime` ) VALUES ('{$usr_sid}', '{$randNum}', '{$timestamp}')");
showerr("信息已经成功发送到您指定的手机号码中,请注意查收,有可能会延迟几分钟,请耐心等待!", 1);
} else {
showerr("信息发送失败,可能是手机短信接口有问题!");
}
} elseif ($webdb['yzNumReg'] == 1) {
$email = $num;
$title = $webdb['webname'] . "提供给你的注册码信息";
if (send_mail($email, $title, $content, $ifcheck = 1)) {
$db->query("REPLACE INTO `{$pre}regnum` ( `sid` , `num` , `posttime` ) VALUES ('{$usr_sid}', '{$randNum}', '{$timestamp}')");
