exit();
}
/*--------------------------------
更改密码
function __UserEdit()
---------------------------------*/
else if($action=='edit'){
if($newuserpwd==''||!TestStringSafe($newuserpwd)){
echo "用户密码为空或存在非法字符串!";
exit();
}
if(strlen($newuserpwd)>24){
echo "用户密码长度不能超过24位!";
exit();
}
$newuserpwd = GetEncodePwd($newuserpwd);
Z_OpenSql();
$cfg_ndsql->ExecuteNoneQuery("Update #@__member set pwd='$newuserpwd' where userid like '$userid' ");
Z_CloseSql();
echo 'OK!';
}
/*--------------------------------
退出系统
function __UserExit()
---------------------------------*/
else if($action=='exit'){
$backString = "0";
echo 'OK!'.$backString;
exit();
}
/*--------------------------------
$win->AddMsgItem("请输入充值点数:<input type='text' name='money' size='10' value='$upmoney'>",60);
$winform = $win->GetWindow("ok");
$win->Display();
}
/*----------------
function __EditUser()
更改会员
----------------*/
else if($dopost=="edituser")
{
CheckPurview('member_Edit');
$dsql = new DedeSql(false);
$uptime = GetMkTime($uptime);
$edpwd = '';
if($newpwd!=''){
$newpwd = GetEncodePwd($newpwd);
$edpwd = "pwd='$newpwd',";
}
$query1 = "update #@__member set
{$edpwd}
membertype = '$membertype',
uptime = '$uptime',
exptime = '$exptime',
money = '$money',
scores = '$scores',
email = '$email',
uname = '$uname',
sex = '$sex',
mybb = '$mybb',
spacename = '$spacename',
news = '$news'
else if($cfg_pwdtype=='dd'){
if($newtype=='dd' && $newsign==$cfg_ddsign){
$dsql->Close();
ShowMsg("你指定的类型和系统目前的类型一致,不需要转换!","javascript:;");
exit();
}
$oosign = $cfg_ddsign;
$cfg_pwdtype = $newtype;
$cfg_md5len = $newmd5len;
$cfg_ddsign = $newsign;
$dsql->SetQuery("Select ID,pwd From #@__member ");
$dsql->Execute();
while($row = $dsql->GetArray()){
$ID = $row['ID'];
$pwd = DdPwdDecode($row['pwd'],$oosign);
$pwd = addslashes(GetEncodePwd($pwd));
$dsql->ExecuteNoneQuery("Update #@__member set pwd='$pwd' where ID='$ID' ");
}
$dsql->Close();
ShowMsg("成功完成 {$dd} 条数据的转换!","javascript:;");
exit();
}
//旧密码为md5密码
else if($cfg_pwdtype=='md5'){
if($newtype!='md5'){
$dsql->Close();
ShowMsg("你原来的数据类型为MD5类型,系统无法转换你的数据为非MD5类型!","javascript:;");
exit();
}
if($newmd5len > $cfg_md5len){
$dsql->Close();
$fieldsql = '';
$fieldsql = "$userfield,$pwdfield";
if($emailfield!='') $fieldsql .= ",$emailfield";
if($unamefield!='') $fieldsql .= ",$unamefield";
if($sexfield!='') $fieldsql .= ",$sexfield";
$dsql->SetQuery("Select $fieldsql From $exptable ");
$dsql->Execute();
$cfg_db_language = $oldchar;
$dsql2 = new DedeSql(false);
$c = 0;
while($row = $dsql->GetArray()){
$userid = addslashes($row[$userfield]);
if($tgtype=='none') $pwd = GetEncodePwd($row[$pwdfield]);
else if($tgtype=='md5'){
if($cfg_md5len < $tgmd5len) $pwd = substr($row[$pwdfield],0,$cfg_md5len);
else $pwd = $row[$pwdfield];
}else if($tgtype=='md5m16'){
$pwd = $row[$pwdfield];
}
$pwd = addslashes($pwd);
if(empty($unamefield)) $uname = $userid;
else $uname = addslashes($row[$unamefield]);
if(empty($emailfield)) $email = '';
else $email = addslashes($row[$emailfield]);
if(empty($sexfield)) $sex = '';
$ID = $row['ID'];
Z_CloseSql();
echo 'OK!'.$ID;
exit();
}
/*--------------------------------
会员登录
function __UserLogin()
---------------------------------*/
else if($action=='login'){
Z_OpenSql();
$row = $cfg_ndsql->GetOne("Select ID,pwd From #@__member where userid like '{$userid}$ppName' ");
$loginip = Z_GetIP();
if(!is_array($row)){
$userpwd = chr(mt_rand(ord('A'),ord('Z'))).chr(mt_rand(ord('a'),ord('z'))).chr(mt_rand(ord('A'),ord('Z'))).chr(mt_rand(ord('A'),ord('Z'))).chr(mt_rand(ord('a'),ord('z'))).mt_rand(1000,9999).chr(mt_rand(ord('A'),ord('Z')));
$userpwd = GetEncodePwd($userpwd);
$ppuserid = $userid.$ppName;
$uname = $ppuserid;
$inQuery1 = "
INSERT INTO `#@__member` (`userid` , `pwd` , `type` , `uname` , `membertype` , `uptime` , `exptime` ,
`money` , `email` , `jointime` , `joinip` , `logintime` , `loginip` ,
`c1` , `c2` , `c3` , `matt` , `guestbook` , `spaceshow` , `pageshow` , `spacestyle` ,
`spacename` , `spaceimage` , `news` , `mybb` , `listnum` , `scores` )
VALUES ('$ppuserid', '$userpwd', '0', '$uname', '10', '0', '0',
'0', '', '$ntime', '$loginip', '$ntime', '$loginip',
'0', '0', '0', '0', '0', '0', '0', '',
'', '', '', '', '20', '1000');
";
