Beispiel #1
0
 /**
  * 会员登陆
  * @author	肖飞
  * @param	array $arrUser    会员信息数组
  * @return  void
  */
 public function userLogin($arrData, $isEncryption = 0, $jamStr)
 {
     if (!check::CheckUser($arrData['User'])) {
         check::AlertExit("输入的用户名必须是4-20字符之间的数字、字母或中文!", -1);
         return false;
     }
     if (!check::CheckPassword($arrData['Pass'])) {
         check::AlertExit("输入的密码必须是4-20字符之间的数字、字母!", -1);
         return false;
     }
     $strPassTemp = $arrData['Pass'];
     if ($isEncryption) {
         $strPassTemp = check::strEncryption($strPassTemp, $jamStr);
     }
     $strSQL = "SELECT * FROM {$this->tablename2} WHERE user_name = ? and password = ?";
     $rs = $this->db->prepare($strSQL);
     $rs->execute(array($arrData['User'], $strPassTemp));
     if ($arr = $rs->fetchAll()) {
         $arr = current($this->loadTableFieldG($arr));
         $user_id = '';
         $user_name = '';
         $password = '';
         $real_name = '';
         $user_group = '';
         $user_popedom = '';
         $submit_date = '';
         $pass = '';
         $email = '';
         $tel = '';
         $company_cn = '';
         $user_type = '';
         $user_bonus = '';
         $_SESSION['user_id'] = $arr['user_id'];
         $_SESSION['user_name'] = $arr['user_name'];
         $_SESSION['password'] = $arr['password'];
         $_SESSION['user_group'] = $arr['user_group'];
         $_SESSION['user_grade'] = $arr['user_grade'];
         $_SESSION['user_popedom'] = $arr['user_popedom'];
         $_SESSION['real_name'] = $arr['real_name'];
         $_SESSION['email'] = $arr['email'];
         $_SESSION['tel'] = $arr['tel'];
         $_SESSION['company_cn'] = $arr['company_cn'];
         $_SESSION['user_type'] = $arr['user_type'];
         $_SESSION['user_bonus'] = $arr['user_bonus'];
         $_SESSION['pass'] = $arr['pass'];
         $_SESSION['province'] = $arr['province'];
         $_SESSION['city'] = $arr['city'];
         $_SESSION['type_id'] = $arr['type_id'];
         $arrUpdate['user_ip'] = check::getIP();
         $arrUpdate['lastlog '] = date('Y-m-d H:i:s');
         $arrUpdate['user_id'] = $arr['user_id'];
         $this->updateUser($arrUpdate);
         return true;
     } else {
         return false;
     }
 }
Beispiel #2
0
 * @subpackage	mcenter
 */
require_once '../config/config.inc.php';
require_once "../class/mcenter.class.php";
require_once '../..' . __WEBADMIN_ROOT . '/checklogin.php';
$objWebInit = new mcenter();
$objWebInit->db();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    //访问权限检查
    if (!$objWebInit->checkPopedomG($_SESSION['user_id'], 'w')) {
        check::AlertExit('对不起,您没有写权限', -1);
    }
    if (!check::CheckUser($_POST['user_name'])) {
        check::AlertExit("输入的用户名必须是4-21字符之间的数字、字母,或7个中文!", -1);
    }
    if (!check::CheckPassword($_POST['password'])) {
        check::AlertExit("输入的密码必须是4-21字符之间的数字、字母!", -1);
    }
    if (empty($_POST['user_id'])) {
        check::AlertExit("用户ID不能为空!", -1);
    }
    if (empty($_POST['nick_name'])) {
        check::AlertExit("用户昵称不能为空!", -1);
    }
    //如果两次密码不一致,说明,需要更新密码
    if ($_POST['password'] != $_POST['oldpassword']) {
        if (!empty($arrGWeb['user_pass_type'])) {
            $_POST['password'] = check::strEncryption($_POST['password'], $arrGWeb['jamstr']);
        }
    }
    unset($_POST['oldpassword']);
Beispiel #3
0
 /**
  * 会员登陆
  * @author	肖飞
  * @param	array $arrUser    会员信息数组
  * @return  void
  */
 public function userLogin($arrData, $isEncryption = 0, $jamStr, $isAlert = ture)
 {
     if (!check::CheckUser($arrData['User']) && !check::CheckEmailAddr($_POST['User']) && !check::CheckMobilePhone($_POST['User'])) {
         if ($isAlert) {
             check::AlertExit("输入的用户名必须是4-21字符之间的数字、字母,或7个中文!", -1);
         } else {
             return 0;
         }
     }
     if (!check::CheckPassword($arrData['Pass'])) {
         if ($isAlert) {
             check::AlertExit("输入的密码必须是4-21字符之间的数字、字母!", -1);
         }
         return 0;
     }
     $strPassTemp = $arrData['Pass'];
     if ($isEncryption) {
         $strPassTemp = check::strEncryption($strPassTemp, $jamStr);
     }
     $strUserName = $arrData['User'];
     if ($_SESSION['user_group'] == 3) {
         $strSQL = "SELECT * FROM {$this->tablename1} WHERE user_name = '" . $strUserName . "' and status=1";
         $rs = $this->db->query($strSQL);
     } else {
         $strSQL = "SELECT * FROM {$this->tablename1} WHERE user_name = '" . $strUserName . "' and password = '******' and status=1";
         $rs = $this->db->query($strSQL);
         if (!($arr = $rs->fetch(PDO::FETCH_ASSOC))) {
             $strSQL = "SELECT * FROM {$this->tablename1} WHERE email  = '" . $strUserName . "' and password = '******' and status=1";
             $rs = $this->db->query($strSQL);
             if (!($arr = $rs->fetch(PDO::FETCH_ASSOC))) {
                 $strSQL = "SELECT * FROM {$this->tablename1} WHERE mobile  = '" . $strUserName . "' and password = '******' and status=1";
                 $rs = $this->db->query($strSQL);
                 $arr = $rs->fetch(PDO::FETCH_ASSOC);
             }
         }
     }
     if ($arr) {
         if (is_array($_SESSION)) {
             $_SESSION = array_merge($_SESSION, $arr);
         } else {
             $_SESSION = $arr;
         }
         $arrUpdate = array();
         $arrUpdate['user_ip'] = check::getIP();
         $arrUpdate['lastlog'] = date('Y-m-d H:i:s');
         $arrUpdate['user_id'] = $arr['user_id'];
         $arrUpdate['logtimes'] = ++$arr['logtimes'];
         $arrUpdate['session_id'] = session_id();
         $this->updateUser($arrUpdate);
         return 1;
     } else {
         if ($isAlert) {
             check::AlertExit("用户名或密码错误", -1);
         } else {
             return 0;
         }
     }
 }