function synlogin($user)
{
global $timestamp, $uc_key;
list($winduid, $windid, $windpwd) = explode("\t", $this->base->strcode($user, false));
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$safecv = '';
$cktime = 31536000;
$cktime != 0 && ($cktime += $timestamp);
Cookie("winduser", StrCode($winduid . "\t" . PwdCode($windpwd) . "\t" . $safecv), $cktime);
Cookie("ucuser", StrCode($winduid . "\t" . md5($uc_key . $windpwd)), $cktime);
Cookie('lastvisit', '', 0);
return '';
}
/**
*取得用户数据
**/
function PassportUserdb()
{
global $db, $timestamp, $webdb, $onlineip, $TB, $pre, $db_ifsafecv, $userDB;
list($lfjuid, $lfjpwd, $safecv) = explode("\t", StrCode(GetCookie('winduser'), 'DECODE'));
if (!$lfjuid || !$lfjpwd) {
return '';
}
if ($db_ifsafecv) {
$SQL = ",M.safecv";
}
$detail = $userDB->get_allInfo($lfjuid);
if (PwdCode($detail[password]) != $lfjpwd || $db_ifsafecv && $safecv != $detail['safecv']) {
return;
}
return $detail;
}
function synlogin($user)
{
global $timestamp, $uc_key;
list($winduid, $windid, $windpwd) = explode("\t", $this->base->strcode($user, false));
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$safecv = '';
$cktime = 31536000;
$cktime != 0 && ($cktime += $timestamp);
Cookie("winduser", StrCode($winduid . "\t" . PwdCode($windpwd) . "\t" . $safecv), $cktime);
Cookie("ucuser", StrCode($winduid . "\t" . md5($uc_key . $windpwd)), $cktime);
Cookie('lastvisit', '', 0);
//鑾峰彇鍕嬬珷_start
require_once R_P . 'require/functions.php';
doMedalBehavior($winduid, 'continue_login');
//鑾峰彇鍕嬬珷_end
return '';
}
function wap_login($username, $password, $safecv, $lgt = 0)
{
global $db, $timestamp, $onlineip, $db_ckpath, $db_ckdomain, $db_bbsurl, $db_ifsafecv;
$men = $db->get_one("SELECT m.uid,m.password,m.safecv,m.groupid,m.yz,md.onlineip FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid WHERE m." . ($lgt ? 'uid' : 'username') . "=" . pwEscape($username));
if ($men) {
$e_login = explode("|", $men['onlineip']);
if ($e_login[0] != $onlineip . ' *' || $timestamp - $e_login[1] > 600 || $e_login[2] > 1) {
$men_uid = $men['uid'];
$men_pwd = $men['password'];
$check_pwd = $password;
if ($men['yz'] > 2) {
wap_msg('login_jihuo');
}
if (strlen($men_pwd) == 16) {
$check_pwd = substr($password, 8, 16);
/*支持 16 位 md5截取密码*/
}
if ($men_pwd == $check_pwd && (!$db_ifsafecv || $men['safecv'] == $safecv)) {
if (strlen($men_pwd) == 16) {
$db->update("UPDATE pw_members SET password="******" WHERE uid=" . pwEscape($men_uid));
}
$L_groupid = (int) $men['groupid'];
Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
} else {
global $L_T;
$L_T = $e_login[2];
$L_T ? $L_T-- : ($L_T = 5);
$F_login = "******";
$db->update("UPDATE pw_memberdata SET onlineip=" . pwEscape($F_login) . " WHERE uid=" . pwEscape($men_uid));
wap_msg('login_pwd_error');
}
} else {
global $L_T;
$L_T = 600 - ($timestamp - $e_login[1]);
wap_msg('login_forbid');
}
} else {
global $errorname;
$errorname = $username;
wap_msg('user_not_exists');
}
Cookie("winduser", StrCode($men_uid . "\t" . PwdCode($password) . "\t" . $safecv));
Cookie('lastvisit', '', 0);
wap_msg('wap_login', 'index.php');
}
function checkuptoadmin($CK)
{
Add_S($CK);
global $db, $manager;
if (is_array($manager) && CkInArray($CK[1], $manager)) {
global $manager_pwd;
$v_key = array_search($CK[1], $manager);
if (!SafeCheck($CK, PwdCode($manager_pwd[$v_key]))) {
$rt = $db->get_one("SELECT uid,username,groupid,groups,password FROM pw_members WHERE username="******"SELECT uid,username,groupid,groups,password FROM pw_members WHERE username=" . pwEscape($CK[1]));
if (!SafeCheck($CK, PwdCode($rt['password']))) {
return false;
}
}
return true;
} else {
return false;
}
}
function weiboResetUserPassword($userId, $password, $repeatPassword)
{
global $db_ckpath, $db_ckdomain;
if ('' == $password || '' == $repeatPassword) {
Showmsg('创建密码不能为空');
}
$rg_config = L::reg();
list($rg_regminpwd, $rg_regmaxpwd) = explode("\t", $rg_config['rg_pwdlen']);
$register = L::loadClass('Register', 'user');
$register->checkPwd($password, $repeatPassword);
$weiboLoginService = L::loadClass('WeiboLoginService', 'sns/weibotoplatform/service');
/* @var $weiboLoginService PW_WeiboLoginService */
$isSuccess = $weiboLoginService->resetLoginUserPassword($userId, $password);
if (!$isSuccess) {
return false;
}
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$user = $userService->get($userId);
Cookie("winduser", StrCode($userId . "\t" . PwdCode($user['password']) . "\t" . $user['safecv']));
Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
Cookie('lastvisit', '', 0);
//自动获取勋章_start
require_once R_P . 'require/functions.php';
doMedalBehavior($userId, 'continue_login');
//自动获取勋章_end
return true;
}
} else {
pwCache::setData(D_P . 'data/bbscache/ip_cache.php', "<?php die;?><{$timestamp}>\n<{$onlineip}>");
}
}
//addonlinefile();
if (GetCookie('userads') && $inv_linkopen && $inv_linktype == '1') {
require_once R_P . 'require/userads.php';
}
if (GetCookie('o_invite') && $db_modes['o']['ifopen'] == 1) {
list($o_u, $hash, $app) = explode("\t", GetCookie('o_invite'));
if (is_numeric($o_u) && strlen($hash) == 18) {
require_once R_P . 'require/o_invite.php';
}
}
if ($rgyz == 1) {
Cookie("winduser", StrCode($winduid . "\t" . PwdCode($windpwd) . "\t" . $safecv));
Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
Cookie('lastvisit', '', 0);
//将$lastvist清空以将刚注册的会员加入今日到访会员中
/*连续登录天数*/
if ($db_md_ifopen) {
require_once R_P . 'require/functions.php';
doMedalBehavior($winduid, 'continue_login');
}
}
//发送短消息
if ($rg_config['rg_regsendmsg']) {
$rg_config['rg_welcomemsg'] = str_replace('$rg_name', $regname, $rg_config['rg_welcomemsg']);
M::sendNotice(array($windid), array('title' => "Welcome To[{$db_bbsname}]!", 'content' => $rg_config['rg_welcomemsg']));
}
//发送邮件
/**
*相册浏览权限
*@param $aid int 相册ID
*@return Array 返回相册相关信息
*/
function albumViewRight($aid)
{
$albumDao = $this->_getDaoFactory('CnAlbum');
$album = $albumDao->getAlbumInfo($aid, 0);
if (empty($album)) {
return 'data_error';
}
$ownerid = $album['ownerid'];
/*if(!$this->isUserAlbum($ownerid)){
return 'mode_o_photos_private_0';
}*/
$friendService = $this->_getServiceFactory('Friend', 'friend');
if (!$this->isMyAlbum($ownerid) && $album['private'] == 1 && $friendService->isFriend($this->_winduid, $ownerid) !== true && !$this->isPermission()) {
return 'mode_o_photos_private_1';
}
if (!$this->isMyAlbum($ownerid) && $album['private'] == 2 && !$this->isPermission()) {
return 'mode_o_photos_private_2';
}
$cookiename = 'albumview_' . $aid;
if ($album['albumpwd'] && PwdCode($album['albumpwd']) != GetCookie($cookiename) && !$this->isMyAlbum($ownerid) && $album['private'] == 3 && !$this->isPermission()) {
//GetCookie($cookiename) && Cookie($cookiename,'',time()-3600);
return 'mode_o_photos_private_3';
}
return $album;
}
function User_info()
{
global $db, $timestamp, $db_onlinetime, $winduid, $windpwd, $safecv, $db_ifonlinetime, $c_oltime, $onlineip, $db_ipcheck, $tdtime, $montime, $db_ifsafecv, $db_ifpwcache, $uc_server;
PwNewDB();
$detail = getUserByUid($winduid);
if (empty($detail) && $uc_server) {
require_once R_P . 'require/ucuseradd.php';
}
$loginout = 0;
if ($db_ipcheck && strpos($detail['onlineip'], $onlineip) === false) {
$iparray = explode('.', $onlineip);
strpos($detail['onlineip'], $iparray[0] . '.' . $iparray[1]) === false && ($loginout = 1);
}
if (!$detail || PwdCode($detail['password']) != $windpwd || $db_ifsafecv && $safecv != $detail['safecv'] || $loginout || $detail['yz'] > 1) {
$GLOBALS['groupid'] = 'guest';
require_once R_P . 'require/checkpass.php';
Loginout();
if ($detail['yz'] > 1) {
$GLOBALS['jihuo_uid'] = $detail['uid'];
Showmsg('login_jihuo');
}
Showmsg('ip_change');
} else {
list($detail['shortcut'], $detail['appshortcut']) = explode("\t", $detail['shortcut']);
unset($detail['password']);
$detail['honor'] = substrs($detail['honor'], 90);
$distime = $timestamp - $detail['lastvisit'];
if ($distime > $db_onlinetime || $distime > 3600) {
//Start elementupdate
if ($db_ifpwcache & 1 && SCR != 'post' && SCR != 'thread') {
require_once R_P . 'lib/elementupdate.class.php';
$elementupdate = new ElementUpdate();
$elementupdate->userSortUpdate($detail);
}
//End elementupdate
if (!GetCookie('hideid')) {
$ecpvisit = pwEscape($timestamp, false);
$ct = 'lastvisit=' . $ecpvisit . ',thisvisit=' . $ecpvisit;
if ($db_ifonlinetime) {
$c_oltime = $c_oltime <= 0 ? 0 : ($c_oltime > $db_onlinetime * 1.2 ? $db_onlinetime : intval($c_oltime));
$s_oltime = pwEscape($c_oltime, false);
$ct .= ',onlinetime=onlinetime+' . $s_oltime;
if ($detail['lastvisit'] > $montime) {
$ct .= ',monoltime=monoltime+' . $s_oltime;
} else {
$ct .= ',monoltime=' . $s_oltime;
}
$c_oltime && updateDatanalyse($winduid, 'memberOnLine', $c_oltime);
$c_oltime = 0;
}
$db->update("UPDATE pw_memberdata SET {$ct} WHERE uid=" . pwEscape($winduid));
$detail['lastvisit'] = $detail['thisvisit'] = $timestamp;
}
}
}
return $detail;
}
function checkpass($CK)
{
S::slashes($CK);
global $db, $manager, $db_ifsafecv;
if (S::inArray($CK[1], $manager)) {
global $manager_pwd;
$v_key = array_search($CK[1], $manager);
$ifQuery = true;
// In order ot get bubble info
if (!SafeCheck($CK, PwdCode($manager_pwd[$v_key]))) {
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$rt = $userService->getByUserName($CK[1], true, true);
if (!SafeCheck($CK, PwdCode($rt['password'])) || $db_ifsafecv && $rt['safecv'] != $CK['3']) {
return false;
}
if (!admincheck($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups'], 'check')) {
return false;
}
$ifQuery = false;
} elseif ($db_ifsafecv) {
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$rt = $userService->getByUserName($CK[1], true, true);
if ($rt && $rt['safecv'] != $CK['3']) {
return false;
}
$ifQuery = false;
}
if ($ifQuery) {
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$rt = $userService->getByUserName($CK[1], true, true);
}
define('If_manager', 1);
$rightset['gid'] = 3;
$rightset['all'] = 1;
$rightset['bubble'] = $rt['bubble'];
require GetLang('purview');
foreach ($purview as $key => $value) {
$rightset[$key] = 1;
}
foreach ($nav_manager['option'] as $key => $value) {
$rightset[$key] = 1;
}
} else {
$rt = $db->get_one("SELECT m.uid,m.username,m.groupid,m.groups,m.password,m.safecv,m.groupid,u.gptype,p.rvalue as allowadmincp,md.bubble FROM pw_members m LEFT JOIN pw_usergroups u ON u.gid=m.groupid LEFT JOIN pw_permission p ON p.uid='0' AND p.fid='0' AND p.gid=m.groupid AND p.rkey='allowadmincp' LEFT JOIN pw_memberdata md ON md.uid = m.uid WHERE m.username=" . S::sqlEscape($CK[1]));
if (!$rt['allowadmincp'] || $rt['gptype'] != 'system' && $rt['gptype'] != 'special' || $db_ifsafecv && $rt['safecv'] != $CK['3']) {
return false;
}
if (!SafeCheck($CK, PwdCode($rt['password'])) || !admincheck($rt['uid'], $CK[1], $rt['groupid'], $rt['groups'], 'check')) {
return false;
}
$rightset = $db->get_value('SELECT value FROM pw_adminset WHERE gid=' . S::sqlEscape($rt['groupid']));
if ($rightset) {
if (!is_array($rightset = unserialize($rightset))) {
$rightset = array();
}
} else {
$rightset = array();
}
require GetLang('purview');
foreach ($rightset as $key => $value) {
$rightset[$key] = isset($purview[$key]) && $rightset[$key] == 1 ? 1 : 0;
}
$rightset['gid'] = $rt['groupid'];
$rightset['bubble'] = $rt['bubble'];
}
$rightset['uid'] = $rt['uid'];
return $rightset;
}
/**
* 获取用户信息
*/
function User_info()
{
global $db, $timestamp, $db_onlinetime, $winduid, $windpwd, $bday, $safecv, $db_ifonlinetime, $c_oltime, $onlineip, $db_ipcheck, $tdtime, $montime, $db_ifsafecv, $db_ifpwcache, $uc_server, $db_md_ifopen;
PwNewDB();
$detail = getUserByUid($winduid);
if (empty($detail) && $uc_server) {
require_once R_P . 'require/ucuseradd.php';
}
$loginout = 0;
if ($db_ipcheck && strpos($detail['onlineip'], $onlineip) === false) {
$iparray = explode('.', $onlineip);
strpos($detail['onlineip'], $iparray[0] . '.' . $iparray[1]) === false && ($loginout = 1);
}
if (!$detail || PwdCode($detail['password']) != $windpwd || $db_ifsafecv && $safecv != $detail['safecv'] || $loginout || $detail['yz'] > 1) {
$GLOBALS['groupid'] = 'guest';
require_once R_P . 'require/checkpass.php';
Loginout();
if ($detail['yz'] > 1) {
$GLOBALS['jihuo_uid'] = $detail['uid'];
Showmsg('login_jihuo');
}
Showmsg('ip_change');
} else {
list($detail['shortcut'], $detail['appshortcut']) = explode("\t", $detail['shortcut']);
unset($detail['password']);
$detail['honor'] = substrs($detail['honor'], 90);
$distime = $timestamp - $detail['lastvisit'];
if ($distime > $db_onlinetime || $distime > 3600) {
/*--- element update ---start*/
if ($db_ifpwcache & 1 && SCR != 'post' && SCR != 'thread') {
L::loadClass('elementupdate', '', false);
$elementupdate = new ElementUpdate();
$elementupdate->userSortUpdate($detail);
}
/*--- element update ---end*/
if (!GetCookie('hideid')) {
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$updateMemberData = $updateByIncrementMemberData = array();
$updateMemberData['lastvisit'] = $timestamp;
$updateMemberData['thisvisit'] = $timestamp;
if ($db_ifonlinetime) {
$c_oltime = intval($c_oltime);
$c_oltime = $c_oltime <= 0 ? 0 : ($c_oltime > $db_onlinetime * 1.2 ? $db_onlinetime : $c_oltime);
$updateByIncrementMemberData['onlinetime'] = $c_oltime;
if ($detail['lastvisit'] > $montime) {
$updateByIncrementMemberData['monoltime'] = $c_oltime;
} else {
$updateMemberData['monoltime'] = $c_oltime;
}
if ($c_oltime) {
require_once R_P . 'require/functions.php';
updateDatanalyse($winduid, 'memberOnLine', $c_oltime);
}
$c_oltime = 0;
}
if (get_date($timestamp, 'Y-m-d') > get_date($detail['lastvisit'], 'Y-m-d')) {
/*更新今日登录数*/
$stasticsService = L::loadClass('Statistics', 'datanalyse');
$stasticsService->login($winduid);
/*连续登录天数*/
if ($db_md_ifopen) {
require_once R_P . 'require/functions.php';
doMedalBehavior($winduid, 'continue_login');
}
}
$userService->update($winduid, array(), $updateMemberData);
$updateByIncrementMemberData && $userService->updateByIncrement($winduid, array(), $updateByIncrementMemberData);
$detail['lastvisit'] = $detail['thisvisit'] = $timestamp;
}
}
}
return $detail;
}
}
//update meminfo
if ($upmeminfo) {
updateThreadTrade($upmeminfo, $winduid);
}
unset($upmemdata, $upmeminfo);
$result = $userService->update($winduid, $pwSQL);
// defend start
CloudWind::yunUserDefend('editprofile', $winduid, $windid, $upmemdata['pwdctime'], 0, 101, '', '', '', array('profile' => array_keys($pwSQL)));
// defend end
/* platform weibo app */
$siteBindService = L::loadClass('WeiboSiteBindService', 'sns/weibotoplatform/service');
/* @var $siteBindService PW_WeiboSiteBindService */
if ($siteBindService->isOpen() && $upmembers['password']) {
$weiboLoginService = L::loadClass('WeiboLoginService', 'sns/weibotoplatform/service');
/* @var $weiboLoginService PW_WeiboLoginService */
$weiboLoginService->setLoginUserPasswordHasReset($winduid);
Cookie("winduser", StrCode($winduid . "\t" . PwdCode($upmembers['password']) . "\t" . $upmembers['safecv']));
Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
Cookie('lastvisit', '', 0);
//自动获取勋章_start
require_once R_P . 'require/functions.php';
doMedalBehavior($winduid, 'continue_login');
//自动获取勋章_end
}
//* $_cache = getDatastore();
//* $_cache->delete('UID_'.$winduid);
initJob($winduid, "doUpdatedata");
refreshto("profile.php?action=modify&info_type={$info_type}", 'operate_success', 2, true);
}
}
function login($username, $password, $cookietime, $not_pwd = false)
{
extract($GLOBALS);
if ($not_pwd) {
//不需要知道原始密码就能登录
$rs = $this->get_passport($username, 'name');
} else {
$rs = $this->check_password($username, $password);
if (!is_array($rs)) {
return $rs;
//0为用户不存在,-1为密码不正确
}
}
if (eregi("^pwbbs", $webdb[passport_type])) {
if ($db_ifsafecv) {
$_r = $this->get_passport($username, 'name');
$safecv = $_r[safecv];
}
set_cookie(CookiePre() . '_winduser', StrCode($rs[uid] . "\t" . PwdCode($rs[password]) . "\t{$safecv}"), $cookietime);
set_cookie('lastvisit', '', 0);
} else {
set_cookie("passport", "{$rs['uid']}\t{$username}\t" . mymd5("{$rs['password']}"), $cookietime);
}
if (defined("UC_CONNECT")) {
global $uc_login_code;
$uc_login_code = uc_user_synlogin($rs[uid]);
}
return $rs[uid];
}
function checkpass1($username, $password, $safecv, $lgt = 0)
{
global $db, $timestamp, $onlineip, $db_ckpath, $db_ckdomain, $men_uid, $db_ifsafecv, $db_ifpwcache, $db_logintype;
$str_logintype = '';
if ($db_logintype) {
for ($i = 0; $i < 3; $i++) {
${'logintype_' . $i} = $db_logintype & pow(2, $i) ? 1 : 0;
}
} else {
$logintype_0 = 1;
}
!${'logintype_' . $lgt} && Showmsg('login_errortype');
switch (intval($lgt)) {
case 0:
$str_logintype = 'username';
break;
case 1:
$str_logintype = 'uid';
break;
case 2:
!preg_match("/^[-a-zA-Z0-9_\\.]+@([0-9A-Za-z][0-9A-Za-z-]+\\.)+[A-Za-z]{2,5}\$/", $username) && Showmsg('illegal_email');
$str_logintype = 'email';
break;
default:
$str_logintype = 'username';
break;
}
$men_uid = '';
if (intval($lgt) == 2) {
$query = $db->query("SELECT m.uid,m.username,m.password,m.safecv,m.groupid,m.memberid,m.yz,md.onlineip,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastpost,md.onlinetime,md.todaypost,md.monthpost,md.monoltime,md.digests " . " FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid" . " WHERE m." . $str_logintype . "=" . pwEscape($username) . " LIMIT 2");
$int_querynum = $db->num_rows($query);
if (!$int_querynum) {
Showmsg('user_not_exists');
} elseif ($int_querynum == 1) {
$men = $db->fetch_array($query);
} else {
Showmsg('reg_email_have_same');
}
} else {
$men = $db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.groupid,m.memberid,m.yz,md.onlineip,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastpost,md.onlinetime,md.todaypost,md.monthpost" . " FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid" . " WHERE m." . $str_logintype . "=" . pwEscape($username));
}
if ($men) {
$e_login = explode("|", $men['onlineip']);
if ($e_login[0] != $onlineip . ' *' || $timestamp - $e_login[1] > 600 || $e_login[2] > 1) {
$men_uid = $men['uid'];
$men_pwd = $men['password'];
$check_pwd = $password;
$men['yz'] > 2 && Showmsg('login_jihuo');
if (strlen($men_pwd) == 16) {
$check_pwd = substr($password, 8, 16);
/*支持 16 位 md5截取密码*/
}
if ($men_pwd == $check_pwd && (!$db_ifsafecv || $men['safecv'] == $safecv)) {
if (strlen($men_pwd) == 16) {
$db->update("UPDATE pw_members SET password="******"WHERE uid=" . pwEscape($men_uid));
}
$L_groupid = $men['groupid'] == '-1' ? $men['memberid'] : $men['groupid'];
Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
} else {
global $L_T;
$L_T = $timestamp - $e_login[1] > 600 ? 5 : $e_login[2];
$L_T ? $L_T-- : ($L_T = 5);
$F_login = "******";
$db->update("UPDATE pw_memberdata SET onlineip=" . pwEscape($F_login) . "WHERE uid=" . pwEscape($men_uid));
Showmsg('login_pwd_error');
}
} else {
global $L_T;
$L_T = 600 - ($timestamp - $e_login[1]);
Showmsg('login_forbid');
}
} else {
global $errorname;
$errorname = $username;
Showmsg('user_not_exists');
}
//Start Here会员排行榜
if ($db_ifpwcache & 1) {
require_once R_P . 'lib/elementupdate.class.php';
$elementupdate = new ElementUpdate();
$elementupdate->userSortUpdate($men);
}
//End Here
return array($men_uid, $L_groupid, PwdCode($password));
}
}
$sql1 += array('groupid' => -1, 'memberid' => 8, 'gender' => 0, 'regdate' => $timestamp);
/**
$db->update("REPLACE INTO pw_members SET".S::sqlSingle($sql1));
**/
pwQuery::replace('pw_members', $sql1);
$winduid = $db->insert_id();
$sql2 += array('uid' => $winduid, 'postnum' => 0, 'lastvisit' => $timestamp, 'thisvisit' => $timestamp, 'onlineip' => $onlineip);
/**
$db->update("REPLACE INTO pw_memberdata SET".S::sqlSingle($sql2));
**/
pwQuery::replace('pw_memberdata', $sql2);
//* $db->update("UPDATE pw_bbsinfo SET newmember=".S::sqlEscape($userdb['username']).",totalmember=totalmember+1 WHERE id='1'");
$db->update(pwQuery::buildClause("UPDATE :pw_table SET newmember=:newmember,totalmember=totalmember+1 WHERE id=:id", array('pw_bbsinfo', $userdb['username'], 1)));
}
$db_hash = $_db_hash;
$windpwd = PwdCode($userdb['password']);
Cookie("winduser", StrCode($winduid . "\t" . $windpwd), $userdb['cktime']);
Cookie('lastvisit', '', 0);
Loginipwrite();
if ($ajax == 1) {
ObStart();
echo "success\t{$db_bbsurl}";
ajax_footer();
}
ObHeader($forward ? $forward : $db_bbsurl);
} elseif ($action == 'quit') {
$db_hash = $_db_hash;
Loginout();
ObHeader($forward ? $forward : $db_bbsurl);
}
function checkpass($CK)
{
Add_S($CK);
global $db, $manager, $db_ifsafecv, $db_gdcheck;
if ($_POST['Login_f'] == 1 && $db_gdcheck & 32) {
GdConfirm($_POST['lg_num']);
}
if (CkInArray($CK[1], $manager)) {
global $manager_pwd;
$v_key = array_search($CK[1], $manager);
if (!SafeCheck($CK, PwdCode($manager_pwd[$v_key]))) {
$rt = $db->get_one("SELECT uid,username,groupid,groups,password,safecv FROM pw_members WHERE username="******"SELECT m.uid,m.username,m.groupid,m.groups,m.password,m.safecv,m.groupid,u.gptype,p.rvalue as allowadmincp FROM pw_members m LEFT JOIN pw_usergroups u ON u.gid=m.groupid LEFT JOIN pw_permission p ON p.uid='0' AND p.fid='0' AND p.gid=m.groupid AND p.rkey='allowadmincp' WHERE m.username=" . pwEscape($CK[1]));
if (!$rt['allowadmincp'] || $rt['gptype'] != 'system' && $rt['gptype'] != 'special' || $db_ifsafecv && $rt['safecv'] != $CK['3']) {
return false;
}
if (!SafeCheck($CK, PwdCode($rt['password'])) || !admincheck($rt['uid'], $CK[1], $rt['groupid'], $rt['groups'], 'check')) {
return false;
}
$rightset = $db->get_value('SELECT value FROM pw_adminset WHERE gid=' . pwEscape($rt['groupid']));
if ($rightset) {
if (!is_array($rightset = unserialize($rightset))) {
$rightset = array();
}
} else {
$rightset = array();
}
require GetLang('purview');
foreach ($rightset as $key => $value) {
$rightset[$key] = isset($purview[$key]) && $rightset[$key] == 1 ? 1 : 0;
}
$rightset['gid'] = $rt['groupid'];
}
return $rightset;
}
list($isheader, $isfooter, $tplname, $isleft) = array(true, true, "m_photos", true);
} elseif ($a == 'albumcheck') {
S::gp(array('aid'), null, 2);
S::gp(array('viewpwd'));
$album = $photoService->getAlbumInfo($aid);
if (empty($album)) {
echo "data_error";
ajax_footer();
}
if (!$viewpwd) {
echo "empty";
ajax_footer();
}
$viewpwd = md5($viewpwd);
if ($album['albumpwd'] == $viewpwd) {
Cookie('albumview_' . $album['aid'], PwdCode($viewpwd), time() + 24 * 3600);
echo "success";
} else {
echo "fail";
}
ajax_footer();
} elseif ($a == 'album') {
S::gp(array('aid'), null, 2);
$cnpho = array();
$result = $photoService->getPhotoListByAid($aid);
if (!is_array($result)) {
Showmsg($result);
}
// 删除积分提示
require_once R_P . 'require/credit.php';
$o_photos_creditset = unserialize($o_photos_creditset);
<?php
!function_exists('readover') && exit('Forbidden');
$bbsclose = true;
$AdminUser = GetCookie('AdminUser');
$CK = $AdminUser ? explode("\t", StrCode(GetCookie('AdminUser'), 'DECODE')) : array();
if (S::inArray($CK[1], $manager)) {
$v_key = array_search($CK[1], $manager);
SafeCheck($CK, PwdCode($manager_pwd[$v_key])) && ($bbsclose = false);
}
if (!$db_bbsifopen) {
if ($_GET['logined'] && !$bbsclose) {
Cookie('logined', 1, $timestamp + 1800);
} elseif (!GetCookie('logined') || $bbsclose) {
$skin = $skinco ? $skinco : $db_defaultstyle;
$groupid = '';
Showmsg($db_whybbsclose, $bbsclose ? NULL : 'bbsclose');
}
} elseif ($db_bbsifopen == 2) {
if ($db_visitopen) {
$tmpAllowvisit = false;
if ($db_visitips && $onlineip != 'Unknown') {
$tmpIP = ip2long($onlineip);
if ($tmpIP != -1 && $tmpIP !== FALSE) {
$tmpVisitips = explode(',', $db_visitips);
foreach ($tmpVisitips as $value) {
if (!trim($value)) {
continue;
}
$tmpSIP = ip2long(str_replace('*', '1', $value));
$tmpEIP = ip2long(str_replace('*', '255', $value));
