Ejemplo n.º 1
0
/**
 * 获取身份验证方式
 *
 * @param unknown $user_id        	
 * @return array
 */
function get_validate_types($user_id)
{
    // 获取用户信息,判断用户是否验证了手机、邮箱
    $sql = "select user_id, user_name, email, mobile_phone from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $user_id . "'";
    $user = $GLOBALS['user'];
    $user_info = $user->get_profile_by_id($user_id);
    $email = $user_info['email'];
    $mobile_phone = $user_info['mobile_phone'];
    $email_validate = $user_info['email_validated'];
    $mobile_validate = $user_info['mobile_validated'];
    $row = $GLOBALS['db']->getRow($sql);
    if ($row == false) {
        show_message('您输入的账户名不存在,请核对后重新输入。', $_LANG['relogin_lnk'], 'findPwd.php', 'error');
    }
    $validate_types = array();
    if (isset($mobile_phone) && !empty($mobile_phone) && $mobile_validate == 1) {
        $_SESSION[VT_MOBILE_VALIDATE] = $mobile_phone;
        // 处理手机号,不让前台显示
        $mobile_phone = encrypt_mobile($mobile_phone);
        $validate_types[] = array('type' => 'mobile_phone', 'name' => '已验证的手机号码', 'value' => $mobile_phone);
    }
    if (isset($email) && !empty($email) && $email_validate == 1) {
        $_SESSION[VT_EMAIL_VALIDATE] = $email;
        $email = encrypt_email($email);
        $validate_types[] = array('type' => 'email', 'name' => '邮箱', 'value' => $email);
    }
    if (count($validate_types) == 0) {
        $validate_types[] = array('type' => 'password', 'name' => '登录密码验证', 'value' => $_SESSION['user_name']);
    }
    return $validate_types;
}
Ejemplo n.º 2
0
$select_inv = sql_query('SELECT sender, receiver, status FROM invite_codes WHERE code = ' . sqlesc($invite)) or sqlerr(__FILE__, __LINE__);
$rows = mysqli_num_rows($select_inv);
$assoc = mysqli_fetch_assoc($select_inv);
if ($rows == 0) {
    stderr("Error", "Invite not found.\nPlease request a invite from one of our members.");
}
if ($assoc["receiver"] != 0) {
    stderr("Error", "Invite already taken.\nPlease request a new one from your inviter.");
}
$secret = mksecret();
$wantpasshash = make_passhash($secret, md5($wantpassword));
$editsecret = !$arr[0] ? "" : make_passhash_login_key();
$wanthintanswer = md5($hintanswer);
check_banned_emails($email);
$user_frees = TIME_NOW + 14 * 86400;
$emails = encrypt_email($email);
$new_user = sql_query("INSERT INTO users (username, passhash, secret, passhint, hintanswer, editsecret, birthday, invitedby, email, added, last_access, last_login, time_offset, dst_in_use, free_switch) VALUES (" . implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $birthday, $passhint, $wanthintanswer, (int) $assoc['sender'], $emails, TIME_NOW, TIME_NOW, TIME_NOW, $time_offset, $dst_in_use['tm_isdst'], $user_frees))) . ")");
sql_query("INSERT INTO usersachiev (id, username) VALUES (" . sqlesc($id) . ", " . sqlesc($wantusername) . ")") or sqlerr(__FILE__, __LINE__);
sql_query("UPDATE usersachiev SET invited=invited+1 WHERE id =" . sqlesc($assoc['sender'])) or sqlerr(__FILE__, __LINE__);
$message = "Welcome New {$INSTALLER09['site_name']} Member : - " . htmlsafechars($wantusername) . "";
if (!$new_user) {
    if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 1062) {
        stderr("Error", "Username already exists!");
    }
}
//===send PM to inviter
$sender = (int) $assoc["sender"];
$added = TIME_NOW;
$msg = sqlesc("Hey there [you] ! :wave:\nIt seems that someone you invited to {$INSTALLER09['site_name']} has arrived ! :clap2: \n\n Please go to your [url={$INSTALLER09['baseurl']}/invite.php]Invite page[/url] to confirm them so they can log in.\n\ncheers\n");
$subject = sqlesc("Someone you invited has arrived!");
sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, {$subject}, " . sqlesc($sender) . ", {$msg}, {$added})") or sqlerr(__FILE__, __LINE__);
Ejemplo n.º 3
0
 /**
  * veifyEmail()
  * 绑定邮箱,给邮箱发送验证邮件
  * @param id   邮件验证id
  * @param code 验证码
  */
 public function verifyEmail()
 {
     $id = I('id', false, 'int');
     $code = I('code', false, '/^\\w{32}/');
     if ($id && $code) {
         $map['id'] = $id;
         $map['code'] = $code;
         $map['type'] = 1;
         $info = M('Code')->where($map)->Field('use_id,content')->find();
         if ($info) {
             M('Code')->where('id=%d', $id)->delete();
             $email = $info['content'];
             import('Common.Encrypt', COMMON_PATH, '.php');
             if (get_user_by_email($email)) {
                 $this->error('此邮箱已经绑定过账号!');
             } else {
                 $User = M('User');
                 $user = $User->field('name,email')->getById($info['use_id']);
                 if ($User->where('id=%d', $info['use_id'])->setField('email', encrypt_email($email))) {
                     //首次绑定邮件
                     if (!$user['email']) {
                         $user['email'] = $email;
                         send_mail($user, L('MAIL_FIRST', array('name' => $user['name'])), C('MAIL_NOTIFY'));
                     }
                     $this->success('绑定成功!', '/');
                 } else {
                     $this->error('邮箱绑定失败!');
                 }
             }
         } else {
             $this->error('验证信息已不存在!');
         }
     } else {
         $this->error('信息不完整');
     }
 }
Ejemplo n.º 4
0
/**
 * 根据邮箱查找用户
 * @method get_user_by_email($email)
 * @param  $email 邮箱
 * @return int    返回对应用户的id
 */
function get_user_by_email($email)
{
    if (strpos($email, '@') == 1) {
        $q1 = '`email` LIKE "' . substr_replace($email, '%', 1, 0) . '"';
        $q2 = 'length(`email`)<' . (strlen($email) + 23);
        $condition = $q1 . ' AND ' . $q2;
        $id = M('User')->where($condition)->getField('id');
    } else {
        import('Common.Encrypt', COMMON_PATH, '.php');
        $en_email = encrypt_email($email);
        $id = M('User')->getFieldByEmail($en_email, 'id');
    }
    return $id;
}