function op_updateuser()
{
$msg = '';
$reg_type = !empty($_POST['reg_type']) ? $_POST['reg_type'] : '';
$_POST['sex'] = isset($_POST['sex']) ? $_POST['sex'] : 0;
$pattern2 = "/^\\w+((-\\w+)|(\\.\\w+))*\\@[A-Za-z0-9]+((\\.|-)[A-Za-z0-9]+)*\\.[A-Za-z0-9]+\$/";
if ($reg_type == 'email') {
if (empty($_POST['email']) || !preg_match($pattern2, $_POST['email'])) {
$msg = array('s' => 400, 'm' => lang('insertemail'), 'd' => '');
exit(json_output($msg));
}
}
if (!empty($_POST['password']) && strlen($_POST['password']) < 6) {
$msg = array('s' => 400, 'm' => lang('pwdrule'), 'd' => '');
exit(json_output($msg));
}
$_POST['nickname'] = trim($_POST['nickname']);
$nickname_len = mb_strlen($_POST['nickname'], "UTF-8");
if (empty($_POST['nickname']) || $nickname_len < 2 || $nickname_len > 16) {
$msg = array('s' => 400, 'm' => lang('nicknamerule'), 'd' => '');
exit(json_output($msg));
}
$_POST['sex'] = intval($_POST['sex']);
if (empty($_POST['sex'])) {
$msg = array('s' => 400, 'm' => lang('sexrule'), 'd' => '');
exit(json_output($msg));
}
$user = $_POST['user'];
$user_id = $_POST['user_id'];
include_once "PassportModel.class.php";
$passmod = new PassportModel();
$updates['user_email'] = $_POST['email'];
if ($_POST['password'] != '') {
$updates['user_password'] = PassportModel::encryptpwd($_POST['password'], $user);
}
$updates['user_nickname'] = htmlspecialchars($_POST['nickname']);
$updates['user_sex'] = $_POST['sex'];
// 1. update db user
$row = $passmod->updateUser($updates, $user_id, $user);
if ($row !== false) {
$msg = array('s' => 200, 'm' => lang('success'), 'd' => '');
exit(json_output($msg));
} else {
$msg = array('s' => 400, 'm' => lang('failed'), 'd' => '');
exit(json_output($msg));
}
}
function view_autologin()
{
$encrypted_data = '';
if (!empty($_GET['ticket']) && !preg_match("/[^0123456789abcdef]/i", $_GET['ticket'])) {
$encrypted_data = pack("H*", $_GET['ticket']);
$from = 'client';
} else {
if (isset($_COOKIE['Xppass_IC_CARD']) && !empty($_COOKIE['Xppass_IC_CARD']) && !preg_match("/[^0123456789abcdef]/i", $_COOKIE['Xppass_IC_CARD'])) {
$encrypted_data = pack("H*", $_COOKIE['Xppass_IC_CARD']);
$from = 'user';
}
}
if (!empty($encrypted_data)) {
$key = 'Powered by Xppass!';
$td = mcrypt_module_open('des', '', 'ecb', '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
/* Initialize encryption module for decryption */
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = mdecrypt_generic($td, $encrypted_data);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
//echo "text: ".trim($decrypted_data);
if (!empty($decrypted_data) && preg_match("/.*?\\|.{32}\\|.*?\\|\\d*?/ism", $decrypted_data)) {
list($user, $pwd_md5, $nickname, $time) = explode("|", $decrypted_data);
if ($time >= time() - 5 && $from == 'client' || $from == 'user') {
include_once "PassportModel.class.php";
$passmod = new PassportModel();
$userindex = $passmod->getUser($user);
if ($userindex !== false) {
$user_info = $passmod->getUserById($userindex['user_id'], $user);
if ($user_info['user_password'] == $pwd_md5) {
if ($user_info['user_state'] == 1) {
$updates['user_lastlogin_time'] = time();
$updates['user_lastlogin_ip'] = getip();
$passmod->updateUser($updates, $userindex['user_id'], $user);
//login
$user_info['autologin'] = 0;
$this->save_online_user($user_info);
//log
//curl_get_content($GLOBALS ['gSiteInfo'] ['stats_site_url']."/loginlog.php?user="******"&userid=".$user ['user_id']);
if (!empty($forward)) {
header("location: " . $forward);
} else {
header("location: " . $GLOBALS['gSiteInfo']['www_site_url'] . "/index.php");
die;
}
} else {
$msg = lang('userforbidden');
}
} else {
$msg = lang('pwdwrong');
}
} else {
$msg = lang('usernotexist');
}
} else {
$msg = lang('invalidurl');
}
} else {
$msg = lang('illegalsignon');
}
} else {
$msg = lang('illegalsignon');
}
show_message($msg);
goback();
}
