Ejemplo n.º 1
0
 private function _validate_form()
 {
     // 先验证用户名和密码
     $this->load->library('form_validation');
     $this->form_validation->set_message('required', '请输入{field}');
     $this->form_validation->set_rules('username', '用户名', array('required', array('is_username', function ($str) {
         if (is_username($str) || is_email($str) || is_phone($str)) {
             return true;
         }
         $this->form_validation->set_message('is_username', '无效{field}');
         return false;
     })));
     $this->form_validation->set_rules('password', '密码', array('required', array('is_password', function ($str) {
         if (!is_password($str)) {
             $this->form_validation->set_message('is_password', '无效{field}');
             return false;
         }
         return true;
     })));
     if (!$this->form_validation->run()) {
         return FALSE;
     }
     $this->form_validation->reset_validation();
     $this->form_validation->set_message('required', '请输入{field}');
     $this->form_validation->set_rules('captcha', '验证码', 'trim|required|callback_check_captcha');
     return $this->form_validation->run();
 }
Ejemplo n.º 2
0
 /**
  * 构造函数
  */
 public function __construct()
 {
     $this->db = pc_base::load_model('member_model');
     pc_base::load_app_func('global');
     /*获取系统配置*/
     $this->settings = getcache('settings', 'admin');
     $this->applist = getcache('applist', 'admin');
     if (isset($_GET) && is_array($_GET) && count($_GET) > 0) {
         foreach ($_GET as $k => $v) {
             if (!in_array($k, array('m', 'c', 'a'))) {
                 $_POST[$k] = $v;
             }
         }
     }
     if (isset($_POST['appid'])) {
         $this->appid = intval($_POST['appid']);
     } else {
         exit('0');
     }
     if (isset($_POST['data'])) {
         parse_str(sys_auth($_POST['data'], 'DECODE', $this->applist[$this->appid]['authkey']), $this->data);
         if (empty($this->data) || !is_array($this->data)) {
             exit('0');
         }
         if (!get_magic_quotes_gpc()) {
             $this->data = new_addslashes($this->data);
         }
         if (isset($this->data['username']) && $this->data['username'] != '' && is_username($this->data['username']) == false) {
             exit('-5');
         }
         if (isset($this->data['email']) && $this->data['username'] != '' && is_email($this->data['email']) == false) {
             exit('-5');
         }
         if (isset($this->data['password']) && $this->data['password'] != '' && (is_password($this->data['password']) == false || is_badword($this->data['password']))) {
             exit('-5');
         }
         if (isset($this->data['newpassword']) && $this->data['newpassword'] != '' && (is_password($this->data['newpassword']) == false || is_badword($this->data['newpassword']))) {
             exit('-5');
         }
     } else {
         exit('0');
     }
     if (isset($GLOBALS['HTTP_RAW_POST_DATA'])) {
         $this->data['avatardata'] = $GLOBALS['HTTP_RAW_POST_DATA'];
         //if($this->applist[$this->appid]['authkey'] != $this->data['ps_auth_key']) {
         //	exit('0');
         //}
     }
 }
Ejemplo n.º 3
0
/**
 * 检查管理员名称
 * @param array $data 管理员数据
 */
function checkuserinfo($data)
{
    if (!is_array($data)) {
        showmessage(L('parameters_error'));
        return false;
    } elseif (!is_username($data['username'])) {
        showmessage(L('username_illegal'));
        return false;
    } elseif (empty($data['email']) || !is_email($data['email'])) {
        showmessage(L('email_illegal'));
        return false;
    } elseif (empty($data['roleid'])) {
        return false;
    }
    return $data;
}
Ejemplo n.º 4
0
 public function save()
 {
     $token = $this->input->post('token', TRUE);
     if ($token != $_SESSION['token']) {
         msg_url(L('edit_02'), 'javascript:history.back();');
     }
     $userinfo['nichen'] = $this->input->post('usernichen', TRUE, TRUE);
     $userinfo['email'] = $this->input->post('useremail', TRUE, TRUE);
     $userinfo['tel'] = $this->input->post('usertel', TRUE, TRUE);
     $userinfo['qq'] = $this->input->post('userqq', TRUE, TRUE);
     $userinfo['sex'] = intval($this->input->post('usersex'));
     $userinfo['city'] = $this->input->post('usercity', TRUE, TRUE);
     $userinfo['qianm'] = $this->input->post('userqianm', TRUE);
     if (empty($userinfo['nichen']) || !is_username($userinfo['nichen'], 1)) {
         msg_url(L('edit_03'), 'javascript:history.back();');
     }
     if (empty($userinfo['email']) || !is_email($userinfo['email'])) {
         msg_url(L('edit_04'), 'javascript:history.back();');
     }
     if (empty($userinfo['tel']) || !is_tel($userinfo['tel'])) {
         msg_url(L('edit_05'), 'javascript:history.back();');
     }
     if (!empty($userinfo['qq']) && !is_qq($userinfo['qq'])) {
         msg_url(L('edit_06'), 'javascript:history.back();');
     }
     //判断昵称是否注册
     $nichen = $this->db->query("select id from " . CS_SqlPrefix . "user where nichen='" . $userinfo['nichen'] . "' and id!=" . $_SESSION['cscms__id'] . "")->row();
     if ($nichen) {
         msg_url(L('edit_07'), 'javascript:history.back();');
     }
     //判断邮箱是否注册
     $email = $this->db->query("select id from " . CS_SqlPrefix . "user where email='" . $userinfo['email'] . "' and id!=" . $_SESSION['cscms__id'] . "")->row();
     if ($email) {
         msg_url(L('edit_08'), 'javascript:history.back();');
     }
     //判断手机是否注册
     $tel = $this->db->query("select id from " . CS_SqlPrefix . "user where tel='" . $userinfo['tel'] . "' and id!=" . $_SESSION['cscms__id'] . "")->row();
     if ($tel) {
         msg_url(L('edit_09'), 'javascript:history.back();');
     }
     //修改入库
     $this->CsdjDB->get_update('user', $_SESSION['cscms__id'], $userinfo);
     msg_url(L('edit_10'), 'javascript:history.back();');
 }
Ejemplo n.º 5
0
	private function _checkuserinfo($data, $is_edit=0) {
		if(!is_array($data)){
			showmessage(L('need_more_param'));return false;
		} elseif (!is_username($data['username']) && !$is_edit){
			showmessage(L('username_format_incorrect'));return false;
		} elseif (!isset($data['userid']) && $is_edit) {
			showmessage(L('username_format_incorrect'));return false;
		}  elseif (empty($data['email']) || !is_email($data['email'])){
			showmessage(L('email_format_incorrect'));return false;
		}
		return $data;
	}
Ejemplo n.º 6
0
 /**
  * 检查用户昵称
  * @param string $nickname	昵称
  * @return $status {0:已存在;1:成功}
  */
 public function public_checknickname_ajax()
 {
     $nickname = isset($_GET['nickname']) && trim($_GET['nickname']) && is_username(trim($_GET['nickname'])) ? trim($_GET['nickname']) : exit('0');
     if (CHARSET != 'utf-8') {
         $nickname = iconv('utf-8', CHARSET, $nickname);
         $nickname = addslashes($nickname);
     }
     //首先判断会员审核表
     $this->verify_db = pc_base::load_model('member_verify_model');
     if ($this->verify_db->get_one(array('nickname' => $nickname))) {
         exit('0');
     }
     if (isset($_GET['userid'])) {
         $userid = intval($_GET['userid']);
         //如果是会员修改,而且NICKNAME和原来优质一致返回1,否则返回0
         $info = get_memberinfo($userid);
         if ($info['nickname'] == $nickname) {
             //未改变
             exit('1');
         } else {
             //已改变,判断是否已有此名
             $where = array('nickname' => $nickname);
             $res = $this->db->get_one($where);
             if ($res) {
                 exit('0');
             } else {
                 exit('1');
             }
         }
     } else {
         $where = array('nickname' => $nickname);
         $res = $this->db->get_one($where);
         if ($res) {
             exit('0');
         } else {
             exit('1');
         }
     }
 }
Ejemplo n.º 7
0
 public function login()
 {
     $this->_session_start();
     //获取用户siteid
     $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
     //定义站点id常量
     if (!defined('SITEID')) {
         define('SITEID', $siteid);
     }
     if (isset($_POST['dosubmit'])) {
         if (empty($_SESSION['connectid'])) {
             //判断验证码
             $code = isset($_POST['code']) && trim($_POST['code']) ? trim($_POST['code']) : showmessage(L('input_code'), HTTP_REFERER);
             if ($_SESSION['code'] != strtolower($code)) {
                 showmessage(L('code_error'), HTTP_REFERER);
             }
         }
         //echo $_POST['username'];
         //die;
         $username = isset($_POST['username']) && is_username($_POST['username']) ? trim($_POST['username']) : showmessage(L('username_empty'), HTTP_REFERER);
         $password = isset($_POST['password']) && trim($_POST['password']) ? trim($_POST['password']) : showmessage(L('password_empty'), HTTP_REFERER);
         $cookietime = intval($_POST['cookietime']);
         $synloginstr = '';
         //同步登陆js代码
         if (pc_base::load_config('system', 'phpsso')) {
             $this->_init_phpsso();
             $status = $this->client->ps_member_login($username, $password);
             $memberinfo = unserialize($status);
             //print_r($memberinfo);
             //die;
             // dprint_r($status);die;
             if (isset($memberinfo['uid'])) {
                 //查询帐号
                 $r = $this->db->get_one(array('phpssouid' => $memberinfo['uid']));
                 if (!$r) {
                     //插入企业详细信息,企业不存在 插入企业
                     $info = array('phpssouid' => $memberinfo['uid'], 'username' => $memberinfo['username'], 'password' => $memberinfo['password'], 'encrypt' => $memberinfo['random'], 'email' => $memberinfo['email'], 'regip' => $memberinfo['regip'], 'regdate' => $memberinfo['regdate'], 'lastip' => $memberinfo['lastip'], 'lastdate' => $memberinfo['lastdate'], 'groupid' => $this->_get_usergroup_bypoint(), 'modelid' => 10);
                     //如果是connect用户
                     if (!empty($_SESSION['connectid'])) {
                         $userinfo['connectid'] = $_SESSION['connectid'];
                     }
                     if (!empty($_SESSION['from'])) {
                         $userinfo['from'] = $_SESSION['from'];
                     }
                     unset($_SESSION['connectid'], $_SESSION['from']);
                     $this->db->insert($info);
                     unset($info);
                     $r = $this->db->get_one(array('phpssouid' => $memberinfo['uid']));
                 }
                 $password = $r['password'];
                 $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
             } else {
                 if ($status == -1) {
                     //用户不存在
                     showmessage(L('user_not_exist'), 'index.php?m=member&c=index&a=login');
                 } elseif ($status == -2) {
                     //密码错误
                     showmessage(L('password_error'), 'index.php?m=member&c=index&a=login');
                 } else {
                     showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
                 }
             }
         } else {
             //密码错误剩余重试次数
             $this->times_db = pc_base::load_model('times_model');
             $rtime = $this->times_db->get_one(array('username' => $username));
             if ($rtime['times'] > 4) {
                 $minute = 60 - floor((SYS_TIME - $rtime['logintime']) / 60);
                 showmessage(L('wait_1_hour', array('minute' => $minute)));
             }
             //查询帐号
             $r = $this->db->get_one(array('username' => $username));
             if (!$r) {
                 showmessage(L('user_not_exist'), 'index.php?m=member&c=index&a=login');
             }
             //验证用户密码
             $password = md5(md5(trim($password)) . $r['encrypt']);
             if ($r['password'] != $password) {
                 $ip = ip();
                 if ($rtime && $rtime['times'] < 5) {
                     $times = 5 - intval($rtime['times']);
                     $this->times_db->update(array('ip' => $ip, 'times' => '+=1'), array('username' => $username));
                 } else {
                     $this->times_db->insert(array('username' => $username, 'ip' => $ip, 'logintime' => SYS_TIME, 'times' => 1));
                     $times = 5;
                 }
                 showmessage(L('password_error', array('times' => $times)), 'index.php?m=member&c=index&a=login', 3000);
             }
             $this->times_db->delete(array('username' => $username));
         }
         //如果用户被锁定
         if ($r['islock']) {
             showmessage(L('user_is_lock'));
         }
         $userid = $r['userid'];
         $groupid = $r['groupid'];
         $username = $r['username'];
         $nickname = empty($r['nickname']) ? $username : $r['nickname'];
         $updatearr = array('lastip' => ip(), 'lastdate' => SYS_TIME);
         //vip过期,更新vip和企业组
         if ($r['overduedate'] < SYS_TIME) {
             $updatearr['vip'] = 0;
         }
         //检查用户积分,更新新用户组,除去邮箱认证、禁止访问、游客组用户、vip用户,如果该用户组不允许自助升级则不进行该操作
         if ($r['point'] >= 0 && !in_array($r['groupid'], array('1', '7', '8')) && empty($r[vip])) {
             $grouplist = getcache('grouplist');
             if (!empty($grouplist[$r['groupid']]['allowupgrade'])) {
                 $check_groupid = $this->_get_usergroup_bypoint($r['point']);
                 if ($check_groupid != $r['groupid']) {
                     $updatearr['groupid'] = $groupid = $check_groupid;
                 }
             }
         }
         //如果是connect用户
         if (!empty($_SESSION['connectid'])) {
             $updatearr['connectid'] = $_SESSION['connectid'];
         }
         if (!empty($_SESSION['from'])) {
             $updatearr['from'] = $_SESSION['from'];
         }
         unset($_SESSION['connectid'], $_SESSION['from']);
         $this->db->update($updatearr, array('userid' => $userid));
         if (!isset($cookietime)) {
             $get_cookietime = param::get_cookie('cookietime');
         }
         $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
         $cookietime = $_cookietime ? SYS_TIME + $_cookietime : 0;
         $gxw_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
         $gxw_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $gxw_auth_key);
         param::set_cookie('auth', $gxw_auth, $cookietime);
         param::set_cookie('_userid', $userid, $cookietime);
         param::set_cookie('_username', $username, $cookietime);
         param::set_cookie('_groupid', $groupid, $cookietime);
         param::set_cookie('_nickname', $nickname, $cookietime);
         param::set_cookie('_status', $status, $cookietime);
         //param::set_cookie('cookietime', $_cookietime, $cookietime);
         $forward = isset($_POST['forward']) && !empty($_POST['forward']) ? urldecode($_POST['forward']) : 'index.php?m=member&c=index';
         showmessage(L('login_success') . $synloginstr, $forward);
     } else {
         $setting = pc_base::load_config('system');
         $forward = isset($_GET['forward']) && trim($_GET['forward']) ? urlencode($_GET['forward']) : '';
         $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
         $siteinfo = siteinfo($siteid);
         include template('member', 'login');
     }
 }
Ejemplo n.º 8
0
 public function register()
 {
     $this->_session_start();
     //加载用户模块配置
     $member_setting = getcache('member_setting');
     if (!$member_setting['allowregister']) {
         showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');
     }
     //获取用户siteid
     $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
     //定义站点id常量
     if (!defined('SITEID')) {
         define('SITEID', $siteid);
     }
     header("Cache-control: private");
     if (isset($_POST['dosubmit'])) {
         if (empty($_SESSION['connectid']) && $_SESSION['code'] != strtolower($_POST['code'])) {
             showmessage(L('code_error'));
         }
         $userinfo = array();
         $userinfo['encrypt'] = create_randomstr(6);
         $userinfo['username'] = isset($_POST['username']) && is_username($_POST['username']) ? $_POST['username'] : exit('0');
         $userinfo['nickname'] = isset($_POST['nickname']) && is_username($_POST['nickname']) ? $_POST['nickname'] : '';
         $userinfo['email'] = isset($_POST['email']) && is_email($_POST['email']) ? $_POST['email'] : exit('0');
         $userinfo['password'] = isset($_POST['password']) ? $_POST['password'] : exit('0');
         $userinfo['email'] = isset($_POST['email']) && is_email($_POST['email']) ? $_POST['email'] : exit('0');
         $userinfo['modelid'] = isset($_POST['modelid']) ? intval($_POST['modelid']) : 10;
         $userinfo['regip'] = ip();
         $userinfo['point'] = $member_setting['defualtpoint'] ? $member_setting['defualtpoint'] : 0;
         $userinfo['amount'] = $member_setting['defualtamount'] ? $member_setting['defualtamount'] : 0;
         $userinfo['regdate'] = $userinfo['lastdate'] = SYS_TIME;
         $userinfo['siteid'] = $siteid;
         $userinfo['connectid'] = isset($_SESSION['connectid']) ? $_SESSION['connectid'] : '';
         $userinfo['from'] = isset($_SESSION['from']) ? $_SESSION['from'] : '';
         unset($_SESSION['connectid'], $_SESSION['from']);
         if ($member_setting['enablemailcheck']) {
             //是否需要邮件验证
             $userinfo['groupid'] = 7;
         } elseif ($member_setting['registerverify']) {
             //是否需要管理员审核
             $userinfo['modelinfo'] = isset($_POST['info']) ? array2string($_POST['info']) : '';
             $this->verify_db = pc_base::load_model('member_verify_model');
             unset($userinfo['lastdate'], $userinfo['connectid'], $userinfo['from']);
             $this->verify_db->insert($userinfo);
             showmessage(L('operation_success'), 'index.php?m=member&c=index&a=register&t=3');
         } else {
             //查看当前模型是否开启了短信验证功能
             $model_field_cache = getcache('model_field_' . $userinfo['modelid'], 'model');
             if (isset($model_field_cache['mobile']) && $model_field_cache['mobile']['disabled'] == 0) {
                 $mobile = $_POST['info']['mobile'];
                 if (!preg_match('/^1([0-9]{10})/', $mobile)) {
                     showmessage(L('input_right_mobile'));
                 }
                 $sms_report_db = pc_base::load_model('sms_report_model');
                 $posttime = SYS_TIME - 300;
                 $where = "`mobile`='{$mobile}' AND `posttime`>'{$posttime}'";
                 $r = $sms_report_db->get_one($where);
                 if (!$r || $r['id_code'] != $_POST['mobile_verify']) {
                     showmessage(L('error_sms_code'));
                 }
             }
             $userinfo['groupid'] = $this->_get_usergroup_bypoint($userinfo['point']);
         }
         if (pc_base::load_config('system', 'phpsso')) {
             $this->_init_phpsso();
             $status = $this->client->ps_member_register($userinfo['username'], $userinfo['password'], $userinfo['email'], $userinfo['regip'], $userinfo['encrypt']);
             if ($status > 0) {
                 $userinfo['phpssouid'] = $status;
                 //传入phpsso为明文密码,加密后存入phpcms_v9
                 $password = $userinfo['password'];
                 $userinfo['password'] = password($userinfo['password'], $userinfo['encrypt']);
                 $userid = $this->db->insert($userinfo, 1);
                 if ($member_setting['choosemodel']) {
                     //如果开启选择模型
                     //通过模型获取会员信息
                     require_once CACHE_MODEL_PATH . 'member_input.class.php';
                     require_once CACHE_MODEL_PATH . 'member_update.class.php';
                     $member_input = new member_input($userinfo['modelid']);
                     $user_model_info = $member_input->get($_POST['info']);
                     $user_model_info['userid'] = $userid;
                     //插入会员模型数据
                     $this->db->set_model($userinfo['modelid']);
                     $this->db->insert($user_model_info);
                 }
                 if ($userid > 0) {
                     //执行登陆操作
                     if (!$cookietime) {
                         $get_cookietime = param::get_cookie('cookietime');
                     }
                     $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
                     $cookietime = $_cookietime ? TIME + $_cookietime : 0;
                     if ($userinfo['groupid'] == 7) {
                         param::set_cookie('_username', $userinfo['username'], $cookietime);
                         param::set_cookie('email', $userinfo['email'], $cookietime);
                     } else {
                         $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
                         $phpcms_auth = sys_auth($userid . "\t" . $userinfo['password'], 'ENCODE', $phpcms_auth_key);
                         param::set_cookie('auth', $phpcms_auth, $cookietime);
                         param::set_cookie('_userid', $userid, $cookietime);
                         param::set_cookie('_username', $userinfo['username'], $cookietime);
                         param::set_cookie('_nickname', $userinfo['nickname'], $cookietime);
                         param::set_cookie('_groupid', $userinfo['groupid'], $cookietime);
                         param::set_cookie('cookietime', $_cookietime, $cookietime);
                     }
                 }
                 //如果需要邮箱认证
                 if ($member_setting['enablemailcheck']) {
                     pc_base::load_sys_func('mail');
                     $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key'));
                     $code = sys_auth($userid . '|' . $phpcms_auth_key, 'ENCODE', $phpcms_auth_key);
                     $url = APP_PATH . "index.php?m=member&c=index&a=register&code={$code}&verify=1";
                     $message = $member_setting['registerverifymessage'];
                     $message = str_replace(array('{click}', '{url}', '{username}', '{email}', '{password}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url, $userinfo['username'], $userinfo['email'], $password), $message);
                     sendmail($userinfo['email'], L('reg_verify_email'), $message);
                     //设置当前注册账号COOKIE,为第二步重发邮件所用
                     param::set_cookie('_regusername', $userinfo['username'], $cookietime);
                     param::set_cookie('_reguserid', $userid, $cookietime);
                     param::set_cookie('_reguseruid', $userinfo['phpssouid'], $cookietime);
                     showmessage(L('operation_success'), 'index.php?m=member&c=index&a=register&t=2');
                 } else {
                     //如果不需要邮箱认证、直接登录其他应用
                     $synloginstr = $this->client->ps_member_synlogin($userinfo['phpssouid']);
                     showmessage(L('operation_success') . $synloginstr, 'index.php?m=member&c=index&a=init');
                 }
             }
         } else {
             showmessage(L('enable_register') . L('enable_phpsso'), 'index.php?m=member&c=index&a=login');
         }
         showmessage(L('operation_failure'), HTTP_REFERER);
     } else {
         if (!pc_base::load_config('system', 'phpsso')) {
             showmessage(L('enable_register') . L('enable_phpsso'), 'index.php?m=member&c=index&a=login');
         }
         if (!empty($_GET['verify'])) {
             $code = isset($_GET['code']) ? trim($_GET['code']) : showmessage(L('operation_failure'), 'index.php?m=member&c=index');
             $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key'));
             $code_res = sys_auth($code, 'DECODE', $phpcms_auth_key);
             $code_arr = explode('|', $code_res);
             $userid = isset($code_arr[0]) ? $code_arr[0] : '';
             $userid = is_numeric($userid) ? $userid : showmessage(L('operation_failure'), 'index.php?m=member&c=index');
             $this->db->update(array('groupid' => $this->_get_usergroup_bypoint()), array('userid' => $userid));
             showmessage(L('operation_success'), 'index.php?m=member&c=index');
         } elseif (!empty($_GET['protocol'])) {
             include template('member', 'protocol');
         } else {
             //过滤非当前站点会员模型
             $modellist = getcache('member_model', 'commons');
             foreach ($modellist as $k => $v) {
                 if ($v['siteid'] != $siteid || $v['disabled']) {
                     unset($modellist[$k]);
                 }
             }
             if (empty($modellist)) {
                 showmessage(L('site_have_no_model') . L('deny_register'), HTTP_REFERER);
             }
             //是否开启选择会员模型选项
             if ($member_setting['choosemodel']) {
                 $first_model = array_pop(array_reverse($modellist));
                 $modelid = isset($_GET['modelid']) && in_array($_GET['modelid'], array_keys($modellist)) ? intval($_GET['modelid']) : $first_model['modelid'];
                 if (array_key_exists($modelid, $modellist)) {
                     //获取会员模型表单
                     require CACHE_MODEL_PATH . 'member_form.class.php';
                     $member_form = new member_form($modelid);
                     $this->db->set_model($modelid);
                     $forminfos = $forminfos_arr = $member_form->get();
                     //万能字段过滤
                     foreach ($forminfos as $field => $info) {
                         if ($info['isomnipotent']) {
                             unset($forminfos[$field]);
                         } else {
                             if ($info['formtype'] == 'omnipotent') {
                                 foreach ($forminfos_arr as $_fm => $_fm_value) {
                                     if ($_fm_value['isomnipotent']) {
                                         $info['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $info['form']);
                                     }
                                 }
                                 $forminfos[$field]['form'] = $info['form'];
                             }
                         }
                     }
                     $formValidator = $member_form->formValidator;
                 }
             }
             $description = $modellist[$modelid]['description'];
             include template('member', 'register');
         }
     }
 }
Ejemplo n.º 9
0
 public function check()
 {
     $field = $this->input->get_post('field', TRUE, TRUE);
     //需要查询的字段
     $data = $this->input->get_post('param', TRUE, TRUE);
     //需要查询的字段
     if (empty($field) || empty($data)) {
         exit('{"status":"n","info":"' . get_bm(L('reg_27')) . '"}');
     }
     //判断保留用户名
     $ymext = explode('|', Home_Ymext);
     if ($field == 'name' && in_array($data, $ymext)) {
         exit('{"status":"n","info":"' . get_bm(L('reg_28')) . '"}');
     }
     //判断用户名格式
     if ($field == 'name' && !is_username($data)) {
         exit('{"status":"n","info":"' . get_bm(L('reg_29')) . '"}');
     }
     //判断邮箱格式
     if ($field == 'email' && !is_email($data)) {
         exit('{"status":"n","info":"' . get_bm(L('reg_30')) . '"}');
     }
     //判断手机号码格式
     if ($field == 'tel' && !preg_match('/^1([0-9]{9})/', $data)) {
         exit('{"status":"n","info":"' . get_bm(L('reg_31')) . '"}');
     }
     //判断需要查询的字段是否存在
     if (!$this->db->field_exists($field, CS_SqlPrefix . 'user')) {
         exit('{"status":"n","info":"' . get_bm(L('reg_32')) . '"}');
     }
     //查询数据库
     $row = $this->CsdjDB->get_row('user', 'id', $data, $field);
     if ($row) {
         exit('{"status":"n","info":"' . get_bm(L('reg_33')) . '"}');
     } else {
         exit('{"status":"y","info":""}');
     }
 }
Ejemplo n.º 10
0
 public function account_manage_info()
 {
     if (isset($_POST['dosubmit'])) {
         //更新用户昵称
         $nickname = isset($_POST['nickname']) && is_username(trim($_POST['nickname'])) ? trim($_POST['nickname']) : '';
         if ($nickname) {
             $this->db->update(array('nickname' => $nickname), array('userid' => $this->memberinfo['userid']));
             if (!isset($cookietime)) {
                 $get_cookietime = param::get_cookie('cookietime');
             }
             $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
             $cookietime = $_cookietime ? TIME + $_cookietime : 0;
             param::set_cookie('_nickname', $nickname, $cookietime);
         }
         require_once CACHE_MODEL_PATH . 'member_input.class.php';
         require_once CACHE_MODEL_PATH . 'member_update.class.php';
         $member_input = new member_input($this->memberinfo['modelid']);
         $modelinfo = $member_input->get($_POST['info']);
         $this->db->set_model($this->memberinfo['modelid']);
         $membermodelinfo = $this->db->get_one(array('userid' => $this->memberinfo['userid']));
         if (!empty($membermodelinfo)) {
             $this->db->update($modelinfo, array('userid' => $this->memberinfo['userid']));
         } else {
             $modelinfo['userid'] = $this->memberinfo['userid'];
             $this->db->insert($modelinfo);
         }
         showmessage(L('operation_success'), HTTP_REFERER);
     } else {
         $memberinfo = $this->memberinfo;
         //获取会员模型表单
         require CACHE_MODEL_PATH . 'member_form.class.php';
         $member_form = new member_form($this->memberinfo['modelid']);
         $this->db->set_model($this->memberinfo['modelid']);
         $membermodelinfo = $this->db->get_one(array('userid' => $this->memberinfo['userid']));
         $forminfos = $forminfos_arr = $member_form->get($membermodelinfo);
         //万能字段过滤
         foreach ($forminfos as $field => $info) {
             if ($info['isomnipotent']) {
                 unset($forminfos[$field]);
             } else {
                 if ($info['formtype'] == 'omnipotent') {
                     foreach ($forminfos_arr as $_fm => $_fm_value) {
                         if ($_fm_value['isomnipotent']) {
                             $info['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $info['form']);
                         }
                     }
                     $forminfos[$field]['form'] = $info['form'];
                 }
             }
         }
         $formValidator = $member_form->formValidator;
         include template('member', 'account_manage_info');
     }
 }
Ejemplo n.º 11
0
<?php

/*
四川省扶贫和移民工作局
*/
define('IN_ADMIN', True);
require 'include/common.php';
$do = getGP('do', 'G');
if (check_submit('dosubmit')) {
    $errmsg = array();
    initGP(array('username', 'password', 'vdcode', 'remember'), 'P');
    if (strlen($username) < 3 || strlen($username) > 50) {
        $errmsg[] = '用户名长度必须在3-20字节之间。';
    } elseif (!is_username($username)) {
        $errmsg[] = '用户名中含有非法字符。';
    }
    if (strlen($password) < 6) {
        $errmsg[] = '密码长度不能小于6个字节。';
    }
    if (get_config('user', 'login_vdcode')) {
        session_start();
        if (strtolower($vdcode) != $_SESSION['vdcode']) {
            $errmsg[] = '验证码不正确。';
        }
        unset($_SESSION['vdcode']);
    }
    if (count($errmsg)) {
        show_msg($errmsg, 'login.php');
    }
    $flag = $_USER->login($username, $password, $remember);
    if ($flag == 1) {
Ejemplo n.º 12
0
<?php

!defined('DEBUG') and exit('Access Denied.');
include './xiunophp/image.func.php';
$action = param(1);
$user = user_read($uid);
user_login_check($user);
if (empty($action) || $action == 'profile') {
    if ($method == 'GET') {
        $header['title'] = '个人中心';
        include './flarum/view/my_profile.htm';
    } else {
        $username = param('username');
        $email = param('email');
        !is_username($username, $err) and message(1, $err);
        !is_email($email, $err) and message(2, $err);
        $update = array();
        if ($username != $user['username']) {
            mb_strlen($username, 'UTF-8') > 32 and message(1, '用户名 最长为 32 个字符。');
            $u = user_read_by_username($username);
            $u and message(1, '用户名已经存在,更换其它名字试试。');
            $update['username'] = $username;
        }
        if ($email != $user['email']) {
            mb_strlen($email, 'UTF-8') > 40 and message(1, 'EMAIL 最长为 40 个字符。');
            $u = user_read_by_email($email);
            $u and message(2, 'Email 已经存在,更换其它 Email 试试。');
            $update['email'] = $email;
        }
        if ($update) {
            $r = user_update($uid, $update);
Ejemplo n.º 13
0
 public function reg_save()
 {
     //注册开关
     if (User_Reg == 0) {
         msg_url(L('reg_35'), Web_Path);
     }
     if (!isset($_SESSION['denglu__id'])) {
         msg_url(L('open_09'), spacelink('login'));
     }
     $token = $this->input->post('token', TRUE);
     if ($token != $_SESSION['token']) {
         msg_url(L('open_16'), 'javascript:history.back();');
     }
     $userpass2 = $this->input->post('repassword', TRUE, TRUE);
     $userinfo['code'] = random_string('alnum', 6);
     $userinfo['name'] = $this->input->post('username', TRUE, TRUE);
     $userinfo['pass'] = $this->input->post('userpass', TRUE, TRUE);
     $userinfo['nichen'] = $this->input->post('usernichen', TRUE);
     $userinfo['email'] = $this->input->post('useremail', TRUE, TRUE);
     $userinfo['tel'] = $this->input->post('usertel', TRUE, TRUE);
     $userinfo['regip'] = getip();
     $userinfo['cion'] = User_Cion_Reg;
     $userinfo['jinyan'] = User_Jinyan_Reg;
     $userinfo['addtime'] = time();
     $userinfo['yid'] = 0;
     if ($userinfo['nichen'] == "0") {
         $userinfo['nichen'] = '';
     }
     if (!is_username($userinfo['name'])) {
         msg_url(L('reg_04'), 'javascript:history.back();');
     }
     if (!is_userpass($userinfo['pass'])) {
         msg_url(L('reg_05'), 'javascript:history.back();');
     }
     if ($userinfo['pass'] != $userpass2) {
         msg_url(L('reg_34'), 'javascript:history.back();');
     }
     if (!empty($userinfo['nichen']) && !is_username($userinfo['nichen'], 1)) {
         msg_url(L('reg_06'), 'javascript:history.back();');
     }
     if (!is_email($userinfo['email'])) {
         msg_url(L('reg_07'), 'javascript:history.back();');
     }
     //判断保留用户名
     $ymext = explode('|', Home_Ymext);
     if (in_array($userinfo['name'], $ymext)) {
         msg_url(L('reg_08'), 'javascript:history.back();');
     }
     //判断同一IP注册时间限制
     if (User_RegIP > 0) {
         $row = $this->db->query("SELECT addtime FROM " . CS_SqlPrefix . "user where regip='" . $userinfo['regip'] . "' order by id desc")->row();
         if ($row && $row->addtime + 3600 * User_RegIP > time()) {
             msg_url(L('reg_09'), 'javascript:history.back();');
         }
     }
     //判断用户名是否注册
     $username = $this->CsdjDB->get_row('user', 'id', $userinfo['name'], 'name');
     if ($username) {
         msg_url(L('reg_10'), 'javascript:history.back();');
     }
     //判断邮箱是否注册
     $useremail = $this->CsdjDB->get_row('user', 'id', $userinfo['email'], 'email');
     if ($useremail) {
         msg_url(L('reg_11'), 'javascript:history.back();');
     }
     //下面选填字段
     $userinfo['qq'] = $this->input->post('userqq', TRUE);
     $userinfo['sex'] = intval($this->input->post('usersex', TRUE));
     $userinfo['city'] = $this->input->post('usercity', TRUE);
     $userinfo['skins'] = Home_Skins;
     $userinfo['qianm'] = '';
     if (!empty($userinfo['tel'])) {
         if (!is_tel($userinfo['tel'])) {
             msg_url(L('reg_12'), 'javascript:history.back();');
         }
         //判断手机号码是否注册
         $usertel = $this->CsdjDB->get_row('user', 'id', $userinfo['tel'], 'tel');
         if ($usertel) {
             msg_url(L('reg_13'), 'javascript:history.back();');
         }
     }
     //判断手机强制验证
     if (User_Tel == 1) {
         if (empty($userinfo['tel'])) {
             msg_url(L('reg_12'), 'javascript:history.back();');
         }
         $telcode = intval($this->input->post('telcode', TRUE));
         if ($telcode == 0 || $telcode != $_SESSION['tel_code']) {
             msg_url(L('reg_14'), 'javascript:history.back();');
         }
     }
     //是否需要人工验证
     if (User_RegFun == 1) {
         $userinfo['yid'] = 1;
         $title = L('reg_15');
     }
     //是否需要邮件验证
     if (User_RegEmailFun == 1) {
         $userinfo['yid'] = 2;
         $title = L('reg_16', array($userinfo['email']));
     }
     //--------------------------- Ucenter ---------------------------
     if (User_Uc_Mode == 1) {
         include CSCMS . 'lib/Cs_Ucenter.php';
         include CSCMSPATH . 'uc_client/client.php';
         $uid = uc_user_register($userinfo['name'], $userinfo['pass'], $userinfo['email']);
         if ($uid > 0) {
             $userinfo['uid'] = $uid;
         }
     }
     //--------------------------- Ucenter End ---------------------------
     //密码加密
     $userinfo['pass'] = md5(md5($userinfo['pass']) . $userinfo['code']);
     $regid = $this->CsdjDB->get_insert('user', $userinfo);
     if (intval($regid) == 0) {
         msg_url(L('reg_17'), 'javascript:history.back();');
     }
     //修改第三方登录UID
     $this->db->query("update " . CS_SqlPrefix . "useroauth set uid=" . $regid . " where id=" . $_SESSION['denglu__id'] . "");
     //摧毁token
     unset($_SESSION['token']);
     unset($_SESSION['denglu__id']);
     $this->load->model('CsdjEmail');
     if (User_RegEmailFun == 1) {
         //发送激活邮件
         $key = md5($regid . $userinfo['name'] . $userinfo['pass'] . $userinfo['yid']);
         $Msgs['username'] = $userinfo['name'];
         $Msgs['url'] = userurl(site_url('user/reg/verify')) . "?key=" . $key . "&username="******"user_id", $regid, time() + 86400);
         $this->cookie->set_cookie("user_login", $user_login, time() + 86400);
         msg_url(L('reg_21'), userurl(site_url('user/space')), 'ok');
     } else {
         msg_url(L('reg_21') . $title . '~!', userurl(site_url('user/login')), 'ok');
     }
 }
Ejemplo n.º 14
0
 private function _validate_userinfo(&$data)
 {
     if (isset($data['username'])) {
         $data['username'] = strtolower(trim($data['username']));
         if (!is_username($data['username'])) {
             return '用户名不合法';
         }
     }
     if (isset($data['email'])) {
         $data['email'] = strtolower(trim($data['email']));
         if (!$data['email']) {
             return 'Email不合法';
         }
     }
     if (isset($data['phone'])) {
         $data['phone'] = (int) $data['phone'];
         if (!is_phone($data['phone'])) {
             return '手机号不合法';
         }
     }
     if (isset($data['password'])) {
         if (!is_password($data['password'])) {
             return '密码不合法';
         }
     }
     if (isset($data['qq'])) {
         $data['qq'] = (int) $data['qq'];
         !is_qq($data['qq']) && ($data['qq'] = 0);
     }
     isset($data['wechat']) && !is_wechat($data['wechat']) && ($data['wechat'] = '');
     return true;
 }
Ejemplo n.º 15
0
    template_out('message_send.html', $modul_name);
    exit;
}
if ($action == "submit_send") {
    $username = c_trim($_POST['username']);
    $text = html2bb($_POST['text']);
    $user_array = explode(",", $_POST['username']);
    $subject = c_trim($_POST['subject']);
    $pri = intval($_POST['pri']);
    if (!$username || !$text || !$subject) {
        show_error('ln_message_1', $modul_name);
        exit;
    }
    for ($i = 0; $i < count($user_array); $i++) {
        $userid_c = get_userid($user_array[$i]);
        if (!is_username($user_array[$i])) {
            show_error('ln_users_e_1', $modul_name);
            exit;
        }
        $db->query("INSERT INTO cc" . $n . "_messages (username,fromuserid,touserid,text,time,isnew,inbox,subject,pri) VALUES ('" . $userdata['username'] . "','" . $userdata['userid'] . "','" . $userid_c . "','" . mysql_real_escape_string($text) . "','" . time() . "','1','1','" . mysql_real_escape_string($subject) . "','" . $pri . "')");
    }
    header("LOCATION: message.php");
    exit;
}
if ($action == "lookup") {
    $pmid = intval($_GET['pmid']);
    $result = $db->query("SELECT * FROM cc" . $n . "_messages WHERE touserid='" . $userdata['userid'] . "' AND pmid='{$pmid}'");
    $row = $db->fetch_array($result);
    if ($row['pmid'] != $pmid) {
        show_error('ln_message_e_notfound', $modul_name);
        exit;
Ejemplo n.º 16
0
 public function save()
 {
     $id = (int) $this->input->get_post('id');
     $data['user_name'] = trim($this->input->get_post('user_name'));
     //判断名称是否有重复
     $item = $this->model->getOne(array('user_name' => $data['user_name']));
     if ($item && intval($item->uid) != intval($id)) {
         ajax_return(lang('service_user_name_exist'));
     }
     $data['pid'] = $this->user_info->uid;
     //地区
     $data['district'] = $this->input->get_post('district');
     if (!$id) {
         if (!is_username($data['user_name'])) {
             ajax_return('账号只允许字母开头,允许5-16字节,允许字母数字下划线');
         }
         $password = $this->input->get_post('password');
         if (!is_password($password)) {
             ajax_return('密码只允许6到20个字母、数字字符');
         }
         $data['password'] = md5($password);
     }
     $data['gid'] = (int) $this->input->get_post('gid');
     $data['email'] = $this->input->get_post('email');
     if (!is_email($data['email']) and trim($data['email'])) {
         ajax_return('E-mail不是有效的邮箱格式!');
     }
     $data['nickname'] = htmlspecialchars($this->input->get_post('nickname'));
     //保存信息
     if ($id > 0) {
         $data['token'] = '';
         $result = $this->model->update($data, array('uid' => $id));
     } else {
         $data['regip'] = $this->egetip();
         $data['regtime'] = time();
         $result = $this->model->add($data);
     }
     //信息返回操作
     if ($result) {
         ajax_return(lang('save_success'), 0, '', '/admin/user/index');
     } else {
         ajax_return(lang('save_failed'));
     }
 }
Ejemplo n.º 17
0
        $_user['group'] = array_value($grouplist, $_user['gid'], '');
    }
    include "./admin/view/user_list.htm";
} elseif ($action == 'create') {
    if ($method == 'GET') {
        $header['title'] = '用户创建';
        include "./admin/view/user_create.htm";
    } elseif ($method == 'POST') {
        $mobile = param('mobile');
        $email = param('email');
        $username = param('username');
        $password = param('password');
        $gid = param('gid');
        $mobile and !is_mobile($mobile, $err) and message(1, $err);
        $email and !is_email($email, $err) and message(2, $err);
        $username and !is_username($username, $err) and message(3, $err);
        // !is_password($password, $err) AND message(4, $err);
        if ($mobile) {
            $user = user_read_by_mobile($mobile);
            $user and message(1, '用户手机已经存在');
        }
        $user = user_read_by_email($email);
        $user and message(2, '用户 EMAIL 已经存在');
        $user = user_read_by_username($username);
        $user and message(3, '用户已经存在');
        $salt = mt_rand(10000000, 9999999999);
        $state = user_create(array('username' => $username, 'password' => md5($password . $salt), 'salt' => $salt, 'gid' => $gid, 'email' => $email, 'mobile' => $mobile, 'create_ip' => ip2long(ip()), 'create_date' => $time));
        $state !== FALSE ? message(0, '创建成功') : message(11, '创建失败');
    }
} elseif ($action == 'update') {
    $uid = param(2, 0);
Ejemplo n.º 18
0
Archivo: user.php Proyecto: ruoL/fun-x
 public function update_action()
 {
     if (!$this->input->is_ajax_request()) {
         show_404();
     }
     $uid = (int) $this->input->post('uid');
     $e = $this->input->post('email', true);
     $u = $this->input->post('username', true);
     $u = trim($u);
     $e = strtolower(trim($e));
     if (!is_email($e)) {
         JSON('error', '对不起,请填写用个可以的电子邮件!');
     }
     if ($this->user_model->get_info(array('uid !=' => $uid, 'email' => $e))) {
         JSON('error', '该电子邮件已在存,请换一个!');
     }
     if (!is_username($u)) {
         JSON('error', '用户姓名可以由汉字、字母或数字组成,长度不保持 4-16 个字符!');
     }
     if ($this->user_model->get_info(array('uid !=' => $uid, 'username' => $u))) {
         JSON('error', '该用户名称已存在,请换一个!');
     }
     $p = $this->input->post('password', true);
     $r = $this->input->post('repassword', true);
     $p = strtolower(trim($p));
     $r = strtolower(trim($r));
     if ($p !== '') {
         if (!is_password($p)) {
             JSON('error', '密码必须由字母、数字和下划线组成,长度保持 6-16 个字符!');
         }
         if ($p !== $r) {
             JSON('error', '两次输入的密码不一致,请重新确认密码!');
         }
         $this->load->library('phpass');
         $data['password'] = $this->phpass->HashPassword($p);
     }
     $data['email'] = $e;
     $data['username'] = $u;
     $data['intro'] = $this->input->post('intro', true);
     $data['state'] = (int) $this->input->post('state');
     $this->db->update('user', $data, array('uid' => $uid));
     unset($data);
     if ($this->db->affected_rows()) {
         JSON('success', '恭喜,用户 ' . $u . ' 更新成功!');
     } else {
         JSON('error', '对不起,用户没有更新或更新失败!');
     }
 }