Ejemplo n.º 1
0
 public function register($username, $password, $field, $type = 'email')
 {
     $returns = array('uid' => '-1', 'username' => '', 'email' => '', 'mobile' => '', 'userip' => '');
     if (!isset($username) || empty($username) || strlen($username) < 2 || !isset($password) || empty($password) || strlen($password) < 6) {
         return $returns;
     }
     if ($type == 'email' && !isemail($field)) {
         return $returns;
     }
     if ($type == 'mobile' && !ismobile($field)) {
         return $returns;
     }
     $this->group = M('member_group')->where("type='member' AND creditslower>=0")->order('creditslower', 'ASC')->find(1);
     cookie('member_group', serialize($this->group));
     $type = $type == 'mobile' ? $type : 'email';
     $email = $type == 'email' ? $field : '';
     $mobile = $type == 'mobile' ? $field : '';
     $account = array('username' => $username, 'password' => sha1(md5($password)), 'email' => $email, 'mobile' => $mobile, 'gid' => $this->group['gid'], 'status' => 0, 'newpm' => 0, 'emailstatus' => 0, 'avatarstatus' => 0, 'regdate' => TIMESTAMP);
     $this->uid = M('member')->insert($account, true);
     $this->username = $username;
     $this->email = $email;
     $this->mobile = $mobile;
     $returns = array('uid' => $this->uid, 'username' => $this->username, 'email' => $this->email, 'mobile' => $this->mobile, 'userip' => $_SERVER['REMOTE_ADDR']);
     $account['uid'] = $this->uid;
     $this->account = $account;
     cookie('member_account', serialize($account));
     $this->status = $this->getStatus();
     cookie('member_status', serialize($this->status));
     $this->count = $this->getCount();
     cookie('member_count', serialize($this->count));
     $this->profile = $this->getProfile();
     cookie('member_profile', serialize($this->profile));
     return $returns;
 }
 /**
  * 登录验证
  */
 private function chklogin()
 {
     $account = htmlspecialchars(trim($_GET['account_' . FORMHASH]));
     $password = trim($_GET['password_' . FORMHASH]);
     $captchacode = strtolower(trim($_GET['captchacode']));
     $this->checkCaptchacode($captchacode);
     if (strlen($account) < 2) {
         $this->showError('username_verify_failed');
     }
     if (strlen($password) < 6) {
         $this->showError('password_verify_failed');
     }
     $member = new Member();
     if (isemail($account)) {
         $returns = $member->Login($account, $password, 'email');
     } elseif (ismobile($account)) {
         $returns = $member->Login($account, $password, 'mobile');
     } else {
         $returns = $member->Login($account, $password);
     }
     if ($member->uid > 0) {
         $continue = $_GET['continue'];
         $this->showSuccess('login_succeed', $continue, array(), '', true);
     } else {
         $this->showError('login_verify_failed');
     }
 }
 /**
  * 保存注册信息
  */
 function save()
 {
     $username = htmlspecialchars(trim($_GET['username_' . FORMHASH]));
     $password = trim($_GET['password_' . FORMHASH]);
     $email = trim($_GET['email_' . FORMHASH]);
     $captchacode = trim($_GET['captchacode']);
     $this->checkCaptchacode($captchacode);
     if (strlen($username) < 2) {
         $this->showError('username_verify_failed');
     }
     if ($this->_verify(array('username' => $username))) {
         $this->showError('username_exists');
     }
     if (empty($email) || !isemail($email)) {
         $this->showError('email_verify_failed');
     }
     if ($this->_verify(array('email' => $email))) {
         $this->showError('email_exists');
     }
     if (empty($password) || strlen($password) < 6) {
         $this->showError('password_verify_failed');
     }
     $member = new Member();
     $returns = $member->register($username, $password, $email, $_GET['type']);
     if ($member->uid > 0) {
         $this->showSuccess('register_succeed', '/?m=home', array(), '', true);
     }
 }
Ejemplo n.º 4
0
function userlogin($username, $password, $questionid, $answer, $loginfield = 'username')
{
    $return = array();
    if ($loginfield == 'uid') {
        $isuid = 1;
    } elseif ($loginfield == 'email') {
        $isuid = 2;
    } elseif ($loginfield == 'auto') {
        $isuid = 3;
    } else {
        $isuid = 0;
    }
    if (!function_exists('uc_user_login')) {
        loaducenter();
    }
    if ($isuid == 3) {
        if (preg_match('/^[1-9]\\d*$/', $username)) {
            $return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer);
        } elseif (isemail($username)) {
            $return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer);
        }
        if ($return['ucresult'][0] <= 0) {
            $return['ucresult'] = uc_user_login($username, $password, 0, 1, $questionid, $answer);
        }
    } else {
        $return['ucresult'] = uc_user_login($username, $password, $isuid, 1, $questionid, $answer);
    }
    $tmp = array();
    $duplicate = '';
    list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($return['ucresult'], 1);
    $return['ucresult'] = $tmp;
    if ($duplicate && $return['ucresult']['uid'] > 0) {
        if ($olduid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'ucresult']['username']) . "'")) {
            require_once libfile('function/membermerge');
            if ($olduid != $return['ucresult']['uid']) {
                membermerge($olduid, $return['ucresult']['uid']);
            }
            uc_user_merge_remove($return['ucresult']['username']);
        } else {
            $return['status'] = 0;
            return $return;
        }
    }
    if ($return['ucresult']['uid'] <= 0) {
        $return['status'] = 0;
        return $return;
    }
    $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $return['ucresult']['uid'] . "'");
    if (!$member) {
        $return['status'] = -1;
        return $return;
    }
    $return['member'] = $member;
    $return['status'] = 1;
    if (addslashes($member['email']) != $return['ucresult']['email']) {
        DB::query("UPDATE " . DB::table('common_member') . " SET email='" . $return['ucresult']['email'] . "' WHERE uid='" . $return['ucresult']['uid'] . "'");
    }
    return $return;
}
Ejemplo n.º 5
0
 public static function editUser($keyName, $userInfo)
 {
     if (!isemail($userInfo[self::TABLE_EMAIL])) {
         return control_returnCode::REG_ERROR_EMAIL;
     }
     $userInfo[self::TABLE_UPDATETIME] = time();
     self::getDB()->table(self::TABLE_NAME)->where(array(self::TABLE_UNIONKEY => $keyName))->update($userInfo);
     return control_returnCode::REG_TRUE;
 }
Ejemplo n.º 6
0
function userlogin($username, $password, $questionid, $answer, $loginfield = 'username', $ip = '') {
	$return = array();

	if($loginfield == 'uid' && getglobal('setting/uidlogin')) {
		$isuid = 1;
	} elseif($loginfield == 'email') {
		$isuid = 2;
	} elseif($loginfield == 'auto') {
		$isuid = 3;
	} else {
		$isuid = 0;
	}

	if(!function_exists('uc_user_login')) {
		loaducenter();
	}
	if($isuid == 3) {
		if(!strcmp(dintval($username), $username) && getglobal('setting/uidlogin')) {
			$return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer, $ip);
		} elseif(isemail($username)) {
			$return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer, $ip);
		}
		if($return['ucresult'][0] <= 0 && $return['ucresult'][0] != -3) {
			$return['ucresult'] = uc_user_login(addslashes($username), $password, 0, 1, $questionid, $answer, $ip);
		}
	} else {
		$return['ucresult'] = uc_user_login(addslashes($username), $password, $isuid, 1, $questionid, $answer, $ip);
	}
	$tmp = array();
	$duplicate = '';
	list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = $return['ucresult'];
	$return['ucresult'] = $tmp;
	if($duplicate && $return['ucresult']['uid'] > 0 || $return['ucresult']['uid'] <= 0) {
		$return['status'] = 0;
		return $return;
	}

	$member = getuserbyuid($return['ucresult']['uid'], 1);
	if(!$member || empty($member['uid'])) {
		$return['status'] = -1;
		return $return;
	}
	$return['member'] = $member;
	$return['status'] = 1;
	if($member['_inarchive']) {
		C::t('common_member_archive')->move_to_master($member['uid']);
	}
	if($member['email'] != $return['ucresult']['email']) {
		C::t('common_member')->update($return['ucresult']['uid'], array('email' => $return['ucresult']['email']));
	}

	return $return;
}
 public function save()
 {
     $accountnew = $_GET['accountnew'];
     $profilenew = $_GET['profilenew'];
     if (isemail($accountnew['email']) || ismobile($accountnew['mobile'])) {
         $this->t('member')->where(array('uid' => $this->uid))->update($accountnew);
     }
     $profilenew['locked'] = 1;
     $profilenew['modified'] = time();
     $this->t('member_profile')->where(array('uid' => $this->uid))->update($profilenew);
     $this->showSuccess('modi_succeed');
 }
Ejemplo n.º 8
0
function mobcent_threadsort_validator($sortoption, $pid)
{
    global $_G, $var;
    $postaction = $_G['tid'] && $pid ? "edit&tid={$_G['tid']}&pid={$pid}" : 'newthread';
    $_G['forum_optiondata'] = array();
    foreach ($_G['forum_checkoption'] as $var => $option) {
        if ($_G['forum_checkoption'][$var]['required'] && ($sortoption[$var] === '' && $_G['forum_checkoption'][$var]['type'] != 'number')) {
            return array('message' => 'threadtype_required_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
            //showmessage('threadtype_required_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $_G['forum_checkoption'][$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
            return array('message' => 'threadtype_required_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
            //showmessage('threadtype_format_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['maxlength'] && strlen($sortoption[$var]) > $_G['forum_checkoption'][$var]['maxlength']) {
            return array('message' => 'threadtype_toolong_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
            // showmessage('threadtype_toolong_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['maxnum'] && $sortoption[$var] > $_G['forum_checkoption'][$var]['maxnum'] || $_G['forum_checkoption'][$var]['minnum'] && $sortoption[$var] < $_G['forum_checkoption'][$var]['minnum'])) {
            return array('message' => 'threadtype_num_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
            // showmessage('threadtype_num_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['unchangeable'] && !($_G['tid'] && $pid)) {
            return array('message' => 'threadtype_unchangeable_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
            //showmessage('threadtype_unchangeable_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['type'] == 'select') {
            if ($_G['forum_optionlist'][$_G['forum_checkoption'][$var]['optionid']]['choices'][$sortoption[$var]]['level'] != 1) {
                //判断下拉选择项的必填项是否填写,如果为多级连动选择客户端会发不出去帖子,注释此行
                //return array('message'=>'threadtype_select_invalid','params'=>array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
                // showmessage('threadtype_select_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
            }
        }
        if ($_G['forum_checkoption'][$var]['type'] == 'checkbox') {
            $sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
        } elseif ($_G['forum_checkoption'][$var]['type'] == 'url') {
            $sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
        }
        if ($_G['forum_checkoption'][$var]['type'] == 'image') {
            if ($sortoption[$var]['aid']) {
                $_GET['attachnew'][$sortoption[$var]['aid']] = $sortoption[$var];
            }
            $sortoption[$var] = serialize($sortoption[$var]);
        } elseif ($_G['forum_checkoption'][$var]['type'] == 'select') {
            $sortoption[$var] = censor(trim($sortoption[$var]));
        } else {
            $sortoption[$var] = dhtmlspecialchars(censor(trim($sortoption[$var])));
        }
        $_G['forum_optiondata'][$_G['forum_checkoption'][$var]['optionid']] = $sortoption[$var];
    }
    return $_G['forum_optiondata'];
}
Ejemplo n.º 9
0
             //$row = $_SGLOBAL['db']->fetch_array($query);$_SGLOBAL['db']->fetch_array($query)
         }
         //提示用户已经激活过了
         showmessage('identifier_is_active', '', 3);
     }
 }
 //根据学号取得邮箱和激活信息
 //$query = $_SGLOBAL['db']->query("SELECT defaultemail, isactive, emaildateline FROM ".tname('baseprofile')." WHERE collegeid='$collegeid'");
 //$row = $_SGLOBAL['db']->fetch_array($query);
 if (empty($one)) {
     showmessage('collegeid_is_invalid', '', 3);
 }
 $defaultemail = $one['defaultemail'];
 $isactive = $one['isactive'];
 //没有邮箱信息
 if (empty($defaultemail) || !isemail($defaultemail)) {
     showmessage('have_no_email', '', 10);
 }
 if ($isactive > 0) {
     showmessage('collegeid_is_active', '', 3);
 } elseif (empty($isactive)) {
     $nowtime = explode(' ', microtime());
     $tmptime = $nowtime[1];
     //记录邮件发送时间,存入数据库
     $tmptime = $tmptime + $nowtime[0];
     if ($tmptime - intval($row['emaildateline']) <= 1800) {
         showmessage('sendtime_limit');
     }
     //激活成功
     $hash = authcode("{$collegeid}\t{$defaultemail}", 'ENCODE');
     $url = getsiteurl() . 'do.php?ac=' . $_SCONFIG['buaaregister_action'] . '&amp;hash=' . urlencode($hash);
Ejemplo n.º 10
0
 function check_limit()
 {
     $mlimit = $this->field['mlimit'];
     if ($this->field['datatype'] == 'date') {
         $mlimit = 'date';
     } elseif ($this->field['datatype'] == 'int') {
         $mlimit = 'int';
     } elseif ($this->field['datatype'] == 'float') {
         $mlimit = 'number';
     }
     if (empty($this->newvalue) || empty($mlimit)) {
         return true;
     }
     $cname = $this->field['cname'];
     if ($mlimit == 'date' && !isdate($this->newvalue)) {
         $this->error = "{$cname} " . lang('liminpda');
     } elseif ($mlimit == 'int' && !is_numeric($this->newvalue)) {
         $this->error = "{$cname} " . lang('liminpint');
     } elseif ($mlimit == 'number' && !is_numeric($this->newvalue)) {
         $this->error = "{$cname} " . lang('liminpnum');
     } elseif ($mlimit == 'letter' && !preg_match("/^[a-z]+\$/i", $this->newvalue)) {
         $this->error = "{$cname} " . lang('limiinputlett');
     } elseif ($mlimit == 'numberletter' && !preg_match("/^[0-9a-z]+\$/i", $this->newvalue)) {
         $this->error = "{$cname} " . lang('limitinputnumberl');
     } elseif ($mlimit == 'tagtype' && !preg_match("/^[a-z]+\\w*\$/i", $this->newvalue)) {
         $this->error = "{$cname} " . lang('limitinputtagtype');
     } elseif ($mlimit == 'email' && !isemail($this->newvalue)) {
         $this->error = "{$cname} " . lang('limitinputemail');
     }
     return $this->error ? false : true;
 }
Ejemplo n.º 11
0
function threadsort_validator($sortoption)
{
    global $checkoption, $var, $selectsortid, $fid, $tid, $pid;
    $postaction = $tid && $pid ? "edit&tid={$tid}&pid={$pid}" : 'newthread';
    $optiondata = array();
    foreach ($checkoption as $var => $option) {
        if ($checkoption[$var]['required'] && !$sortoption[$var]) {
            showmessage('threadtype_required_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
        } elseif ($sortoption[$var] && ($checkoption[$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $checkoption[$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
            showmessage('threadtype_format_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
        } elseif ($sortoption[$var] && $checkoption[$var]['maxlength'] && strlen($typeoption[$var]) > $checkoption[$var]['maxlength']) {
            showmessage('threadtype_toolong_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
        } elseif ($sortoption[$var] && ($checkoption[$var]['maxnum'] && $sortoption[$var] >= $checkoption[$var]['maxnum'] || $checkoption[$var]['minnum'] && $sortoption[$var] < $checkoption[$var]['minnum'])) {
            showmessage('threadtype_num_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
        } elseif ($sortoption[$var] && $checkoption[$var]['unchangeable'] && !($tid && $pid)) {
            showmessage('threadtype_unchangeable_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
        }
        if ($checkoption[$var]['type'] == 'checkbox') {
            $sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
        } elseif ($checkoption[$var]['type'] == 'url') {
            $sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
        }
        $sortoption[$var] = dhtmlspecialchars(censor(trim($sortoption[$var])));
        $optiondata[$checkoption[$var]['optionid']] = $sortoption[$var];
    }
    return $optiondata;
}
Ejemplo n.º 12
0
 checkclose();
 $realname = trim($_GET['realname']);
 $birthday = trim($_GET['birthday']);
 $password = $birthday;
 if (empty($realname)) {
     showmessage('对不起,请输入姓名!', '', 2);
 }
 if (empty($birthday)) {
     showmessage('对不起,请输入生日!', '', 2);
 }
 //已经注册用户
 if ($_SGLOBAL['supe_uid']) {
     showmessage('registered', 'space.php');
 }
 //检查邮箱
 $email = isemail(trim($_GET['email'])) ? trim($_GET['email']) : '';
 if (empty($email)) {
     showmessage('email_format_is_wrong');
 }
 if ($_SCONFIG['checkemail']) {
     if ($count = getcount('spacefield', array('email' => $email))) {
         showmessage('email_has_been_registered');
     }
 }
 $num = strpos($email, '@');
 $num = $num > 15 ? 15 : $num;
 $newusername = substr($email, 0, $num);
 /*******************这里应该判断要不要用户名是否被占********************
 		$username = $newusername;
 		
 		if(!@include_once S_ROOT.'./uc_client/client.php')
Ejemplo n.º 13
0
function threadsort_validator($sortoption, $pid)
{
    global $_G, $var;
    $postaction = $_G['tid'] && $pid ? "edit&tid={$_G['tid']}&pid={$pid}" : 'newthread';
    $_G['forum_optiondata'] = array();
    foreach ($_G['forum_checkoption'] as $var => $option) {
        if ($_G['forum_checkoption'][$var]['required'] && !$sortoption[$var]) {
            showmessage('threadtype_required_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $_G['forum_checkoption'][$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
            showmessage('threadtype_format_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['maxlength'] && strlen($typeoption[$var]) > $_G['forum_checkoption'][$var]['maxlength']) {
            showmessage('threadtype_toolong_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['maxnum'] && $sortoption[$var] > $_G['forum_checkoption'][$var]['maxnum'] || $_G['forum_checkoption'][$var]['minnum'] && $sortoption[$var] < $_G['forum_checkoption'][$var]['minnum'])) {
            showmessage('threadtype_num_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        } elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['unchangeable'] && !($_G['tid'] && $pid)) {
            showmessage('threadtype_unchangeable_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
        }
        if ($_G['forum_checkoption'][$var]['type'] == 'checkbox') {
            $sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
        } elseif ($_G['forum_checkoption'][$var]['type'] == 'url') {
            $sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
        }
        $sortoption[$var] = $_G['forum_checkoption'][$var]['type'] != 'image' ? dhtmlspecialchars(censor(trim($sortoption[$var]))) : addslashes(serialize($sortoption[$var]));
        $_G['forum_optiondata'][$_G['forum_checkoption'][$var]['optionid']] = $sortoption[$var];
    }
    return $_G['forum_optiondata'];
}
Ejemplo n.º 14
0
/*
	[UCenter Home] (C) 2007-2008 Comsenz Inc.
	$Id: do_login.php 8543 2008-08-21 05:51:48Z liguode $
*/
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
$uid = 0;
$email = '';
$_GET['hash'] = empty($_GET['hash']) ? '' : trim($_GET['hash']);
if ($_GET['hash']) {
    list($uid, $email) = explode("\t", authcode($_GET['hash'], 'DECODE'));
    $uid = intval($uid);
}
if ($uid && isemail($email)) {
    //检查邮箱唯一性
    if ($_SCONFIG['uniqueemail']) {
        if (getcount('spacefield', array('email' => $email, 'emailcheck' => 1))) {
            showmessage('uniqueemail_recheck');
        }
    }
    // Bonus Points
    getreward('realemail', 1, $uid);
    //修改资料
    updatetable('spacefield', array('email' => addslashes($email), 'emailcheck' => '1', 'newemail' => ''), array('uid' => $uid));
    //跳转页面
    showmessage('email_check_sucess', '', 1, array($email));
} else {
    showmessage('email_check_error');
}
Ejemplo n.º 15
0
<?php

include "../common.inc.php";
include "function_common.php";
InitGP(array("page", "action", "inbox", "uname", "email", "subject", "message", "did", "delids"));
//初始化变量全局返回
AjaxHead();
//禁止页面缓存
header("Content-type: text/html; charset=" . CHARSET);
if (empty($action)) {
    InitGP(array("uid", "isadmin", "email", "subject", "message"));
    //初始化变量全局返回
    if (!empty($_POST) and !empty($subject)) {
        //发送邮件
        if (isemail($email) && !empty($message)) {
            $emailstr = $message;
            include_once INC_PATH . "/sendmail.class.php";
            $sendmail = new SendEmail();
            $sendmail->sendmailto($subject, $emailstr, $email);
            if (!empty($inbox)) {
                exit("<script language='javascript'>alert('" . $sendmail->printmsg . "');parent.\$.fn.colorbox.close();</script>");
            } else {
                showmsg($sendmail->printmsg, PHP_SELF);
                //出错!
            }
        } else {
            if (!empty($inbox)) {
                exit("<script language='javascript'>alert('email格式错误');location.reload();</script>");
            } else {
                showmsg("email格式错误", PHP_SELF);
                //出错!
Ejemplo n.º 16
0
if ($cur_user && $cur_user['flag'] == 0) {
    header('location: /');
    exit;
}
//
$errors = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $name = addslashes(trim($_POST["name"]));
    $email = addslashes(trim($_POST["email"]));
    if ($name && $email) {
        if (strlen($name) < 21 && strlen($email) < 32) {
            if (preg_match('/^[a-zA-Z0-9\\x80-\\xff]{4,20}$/i', $name)) {
                if (preg_match('/^[0-9]{4,20}$/', $name)) {
                    $errors[] = '名字不能全为数字';
                } else {
                    if (isemail($email)) {
                        $db_user = $DBS->fetch_one_array("SELECT * FROM yunbbs_users WHERE name='" . $name . "' LIMIT 1");
                        if ($db_user) {
                            if ($email == $db_user['email']) {
                                header("content-Type: text/html; charset=UTF-8");
                                exit('请用该邮箱: ' . $db_user['email'] . ' 给管理员(管理员信箱' . $options['admin_email'] . ')发送一封密码重设请求,内容只需包含您的用户名“' . $name . '”');
                            } else {
                                $errors[] = '填写的邮箱 和 个人设置里的邮箱 不一致';
                            }
                        } else {
                            $errors[] = '用户名 错误';
                        }
                    } else {
                        $errors[] = '邮箱 格式错误';
                    }
                }
Ejemplo n.º 17
0
if (submitcheck('login')) {
    /*
    echo $_POST[username];
    echo $_POST[password];
    exit();
    */
    //exit('26');
    $password = $_POST['password'];
    $username = trim($_POST['username']);
    $cookietime = intval($_POST['cookietime']);
    $cookiecheck = $cookietime ? ' checked' : '';
    $membername = $username;
    if (empty($_POST['username'])) {
        showmessage('users_were_not_empty_please_re_login_1', './login.php', 0);
    } else {
        if (isemail($_POST['username'])) {
            $query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('spacefield') . " WHERE email='{$_POST['username']}'");
            $value = $_SGLOBAL['db']->fetch_array($query);
            if (empty($value)) {
                showmessage('users_were_not_empty_please_re_login_2', './login.php', 0);
            }
            $query = $_SGLOBAL['db']->query("SELECT username FROM " . tname('member') . " WHERE uid='{$value['uid']}'");
            $value = $_SGLOBAL['db']->fetch_array($query);
            //得到用户名
            $username = $value['username'];
        }
    }
    if ($_SCONFIG['seccode_login']) {
        include_once S_ROOT . './source/function_cp.php';
        if (!ckseccode($_POST['seccode'])) {
            $_SGLOBAL['input_seccode'] = 1;
Ejemplo n.º 18
0
function threadsort_validator($sortoption)
{
    global $_G;
    $_G['category_optiondata'] = array();
    foreach ($_G['category_checkoption'] as $var => $option) {
        $typetitle = $_G['category_checkoption'][$var]['title'];
        if ($_G['category_checkoption'][$var]['required'] && !$sortoption[$var]) {
            showmessage('threadtype_required_invalid', '', array('typetitle' => $typetitle));
        } elseif ($sortoption[$var] && ($_G['category_checkoption'][$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $_G['forum_checkoption'][$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
            showmessage('threadtype_format_invalid', '', array('typetitle' => $typetitle));
        } elseif ($sortoption[$var] && $_G['category_checkoption'][$var]['maxlength'] && strlen($typeoption[$var]) > $_G['forum_checkoption'][$var]['maxlength']) {
            showmessage('threadtype_toolong_invalid', '', array('typetitle' => $typetitle));
        } elseif ($sortoption[$var] && ($_G['category_checkoption'][$var]['maxnum'] && $sortoption[$var] > $_G['category_checkoption'][$var]['maxnum'] || $_G['forum_checkoption'][$var]['minnum'] && $sortoption[$var] < $_G['category_checkoption'][$var]['minnum'])) {
            showmessage('threadtype_num_invalid', '', array('typetitle' => $typetitle));
        } elseif ($sortoption[$var] && $_G['category_checkoption'][$var]['unchangeable']) {
            showmessage('threadtype_unchangeable_invalid', '', array('typetitle' => $typetitle));
        }
        if ($_G['category_checkoption'][$var]['numbercheck']) {
            checkphonenum($sortoption[$var]);
        }
        if ($_G['category_checkoption'][$var]['type'] == 'checkbox') {
            $sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
        } elseif ($_G['category_checkoption'][$var]['type'] == 'url') {
            $sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
        }
        $sortoption[$var] = dhtmlspecialchars(censor(trim($sortoption[$var])));
        $_G['category_optiondata'][$_G['category_checkoption'][$var]['optionid']] = $sortoption[$var];
    }
    return $_G['category_optiondata'];
}
Ejemplo n.º 19
0
         capi_showmessage_by_data('incorrect_code');
     }
 }
 if (!@(include_once S_ROOT . './uc_client/client.php')) {
     capi_showmessage_by_data('system_error');
 }
 if ($_REQUEST['password'] != $_REQUEST['password2']) {
     capi_showmessage_by_data('password_inconsistency');
 }
 if (!$_REQUEST['password'] || $_REQUEST['password'] != addslashes($_REQUEST['password'])) {
     capi_showmessage_by_data('profile_passwd_illegal');
 }
 $username = trim($_REQUEST['username']);
 $password = $_REQUEST['password'];
 $_REQUEST['email'] = "{$username}@dawnlightning.com";
 $email = isemail($_REQUEST['email']) ? $_REQUEST['email'] : '';
 if (empty($email)) {
     capi_showmessage_by_data('email_format_is_wrong');
 }
 //检查邮件
 if ($_SCONFIG['checkemail']) {
     if ($count = getcount('spacefield', array('email' => $email))) {
         capi_showmessage_by_data('email_has_been_registered');
     }
 }
 //检查IP
 $onlineip = getonlineip();
 if ($_SCONFIG['regipdate']) {
     $query = $_SGLOBAL['db']->query("SELECT dateline FROM " . tname('space') . " WHERE regip='{$onlineip}' ORDER BY dateline DESC LIMIT 1");
     if ($value = $_SGLOBAL['db']->fetch_array($query)) {
         if ($_SGLOBAL['timestamp'] - $value['dateline'] < $_SCONFIG['regipdate'] * 3600) {
Ejemplo n.º 20
0
 *      [Discuz!] (C)2001-2099 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: misc_emailcheck.php 30383 2012-05-25 04:45:49Z liulanbo $
 */
if (!defined('IN_DISCUZ')) {
    exit('Access Denied');
}
$uid = 0;
$email = '';
$_GET['hash'] = empty($_GET['hash']) ? '' : $_GET['hash'];
if ($_GET['hash']) {
    list($uid, $email, $time) = explode("\t", authcode($_GET['hash'], 'DECODE', md5(substr(md5($_G['config']['security']['authkey']), 0, 16))));
    $uid = intval($uid);
}
if ($uid && isemail($email) && $time > TIMESTAMP - 86400) {
    $member = getuserbyuid($uid);
    $setarr = array('email' => $email, 'emailstatus' => '1');
    loaducenter();
    $ucresult = uc_user_edit(addslashes($member['username']), '', '', $email, 1);
    if ($ucresult == -8) {
        showmessage('email_check_account_invalid', '', array(), array('return' => true));
    } elseif ($ucresult == -4) {
        showmessage('profile_email_illegal', '', array(), array('return' => true));
    } elseif ($ucresult == -5) {
        showmessage('profile_email_domain_illegal', '', array(), array('return' => true));
    } elseif ($ucresult == -6) {
        showmessage('profile_email_duplicate', '', array(), array('return' => true));
    }
    if ($_G['setting']['regverify'] == 1 && $member['groupid'] == 8) {
        $membergroup = C::t('common_usergroup')->fetch_by_credits($member['credits']);
Ejemplo n.º 21
0
/**
 * Process CMS tags into HTML for comments.
 */
function cms_tag_comments($tag_attr, $tag_default)
{
    global $db, $row, $block, $Current_weblog, $Weblogs, $Paths;
    if (strlen($Weblogs[$Current_weblog]['comment_format']) > 1) {
        $format = $Weblogs[$Current_weblog]['comment_format'];
    } else {
        $format = "%anchor%<p>%comment%</p><p><small><b>%name%</b> %email% %url% - %date%</small></p>";
    }
    if (strlen($Weblogs[$Current_weblog]['comment_reply']) > 1) {
        $format_reply = $Weblogs[$Current_weblog]['comment_reply'];
    } else {
        $format_reply = "Reply on %name%";
    }
    if (strlen($Weblogs[$Current_weblog]['comment_forward']) > 1) {
        $format_forward = $Weblogs[$Current_weblog]['comment_forward'];
    } else {
        $format_forward = "Replied on by %name%";
    }
    if (strlen($Weblogs[$Current_weblog]['comment_backward']) > 1) {
        $format_backward = $Weblogs[$Current_weblog]['comment_backward'];
    } else {
        $format_backward = "This is a reply on %name%";
    }
    // If %editlink% is not present, insert it right after %date%..
    if (strpos($format, "%editlink%") == 0) {
        $format = str_replace("%date%", "%date% %editlink%", $format);
    }
    $content_code = get_attr_value('content_code', $tag_attr);
    $nocomments = get_attr_value('ifnocomments', $tag_attr);
    $comments = get_attr_value('ifcomments', $tag_attr);
    $order = get_attr_value('order', $tag_attr);
    $entrydate = $Weblogs[$Current_weblog]['fulldate_format'];
    if ($content_code == "") {
        $content_code = $row["code"];
    }
    $last_comment = "";
    if (isset($db->entry['comments']) && count($db->entry['comments']) > 0) {
        // first, make a list of comment-on-comments..
        $crosslink = array();
        foreach ($db->entry['comments'] as $count => $temp_row) {
            if (preg_match("/\\[(.*):([0-9]*)\\]/Ui", $temp_row['comment'], $matches)) {
                $crosslink[$count + 1] = $matches[2];
                // remove [name:1] from comment..
                $db->entry['comments'][$count]['comment'] = str_replace($matches[0], "", $db->entry['comments'][$count]['comment']);
            }
        }
        $last_count = count($db->entry['comments']) - 1;
        foreach ($db->entry['comments'] as $count => $temp_row) {
            /**
             * If we get here, this is a record we have to output in some form..
             */
            $temp_row['name'] = strip_tags($temp_row['name']);
            $temp_row['email'] = strip_tags($temp_row['email']);
            $temp_row['url'] = strip_tags($temp_row['url']);
            // Set the flag to display the 'awaiting moderation' text.
            if ($temp_row["moderate"] == 1) {
                $awaiting_moderation = true;
            }
            // Check if the comment is different than the last one, if the author's
            // IP isn't blocked, and if the comment isn't waiting for moderation.
            if ($temp_row["ip"] . $temp_row["comment"] != $last_comment && !ip_check_block($temp_row["ip"]) && ($temp_row["moderate"] != 1 || $temp_row['showpreview'] == 1)) {
                /**
                 * make email link..
                 */
                if (isemail($temp_row["email"]) && !$temp_row["discreet"]) {
                    $email_format = "(" . encodemail_link($temp_row["email"], lang('email'), $temp_row["name"]) . ")";
                    $emailtoname = encodemail_link($temp_row["email"], $temp_row["name"], $temp_row["name"]);
                } else {
                    $email_format = "";
                    $emailtoname = $temp_row["name"];
                }
                if (isemail($temp_row["email"])) {
                    $grav_email = $temp_row["email"];
                    $grav_default = $Weblogs[$Current_weblog]['comment_gravatardefault'];
                    $grav_html = stripslashes($Weblogs[$Current_weblog]['comment_gravatarhtml']);
                    $grav_size = $Weblogs[$Current_weblog]['comment_gravatarsize'];
                    if ($grav_default == "") {
                        $grav_default = "http://www.pivotlog.net/images/gravatar.gif";
                    }
                    if ($grav_html == "") {
                        $grav_html = '<img src="%img%" align="right" valign="top" hspace="2" vspace="2" />';
                    }
                    if ($grav_size == "") {
                        $grav_size = 48;
                    }
                    $grav_imgurl = "http://www.gravatar.com/avatar.php?gravatar_id=" . md5($grav_email) . "&amp;default=" . urlencode($grav_default) . "&amp;size=" . $grav_size;
                    $grav_url = str_replace("%img%", $grav_imgurl, $grav_html);
                } else {
                    $grav_url = "";
                }
                /**
                 * make url link..
                 */
                if (isurl($temp_row["url"])) {
                    if (strpos($temp_row["url"], "ttp://") < 1) {
                        $temp_row["url"] = "http://" . $temp_row["url"];
                    }
                    $target = $Weblogs[$Current_weblog]['target_blank'] == 1 ? " target='_blank'" : "";
                    $temp_row["url_title"] = str_replace('http://', '', $temp_row["url"]);
                    //perhaps redirect the link..
                    if (isset($Weblogs[$Current_weblog]['lastcomm_redirect']) && $Weblogs[$Current_weblog]['lastcomm_redirect'] == 1) {
                        $target .= " rel=\"nofollow\" ";
                    }
                    $url_format = sprintf("(<a href='%s' {$target} title='%s'>%s</a>)", $temp_row["url"], $temp_row["url_title"], lang('url'));
                    $urltoname = sprintf("<a href='%s' {$target} title='%s'>%s</a>", $temp_row["url"], $temp_row["url_title"], $temp_row['name']);
                } else {
                    $url_format = "";
                    $urltoname = $temp_row["name"];
                }
                /**
                 * Make 'edit' and 'delete' links..
                 */
                $editlink = get_editcommentlink($db->entry['code'], $count);
                /**
                 * make a 'registered user' span..
                 */
                if ($temp_row['registered'] == 1) {
                    $name = "<span class='registered'>[" . $temp_row["name"] . "]</span>";
                } else {
                    $name = $temp_row["name"];
                }
                /**
                 * make quote link..
                 */
                $quote = sprintf("<a href='#form' onclick='javascript:var pv=document.getElementsByName(\"piv_comment\");pv[0].value=\"[%s:%s] \"+pv[0].value;'>%s</a>", $temp_row["name"], $count + 1, $format_reply);
                // make backward link..
                if (isset($crosslink[$count + 1])) {
                    $to = $db->entry['comments'][$crosslink[$count + 1] - 1];
                    $backward_text = str_replace("%name%", $to['name'], $format_backward);
                    $backward_anchor = safe_string($to["name"], TRUE) . "-" . format_date($to["date"], "%ye%%month%%day%%hour24%%minute%");
                    $backward_link = sprintf("<a href='#%s'>%s</a>", $backward_anchor, $backward_text);
                } else {
                    $backward_link = "";
                }
                /**
                 * make forward link..
                 */
                $forward_link = "";
                foreach ($crosslink as $key => $val) {
                    if ($val - 1 == $count) {
                        $from = $db->entry['comments'][$key - 1];
                        $forward_text = str_replace("%name%", $from['name'], $format_forward);
                        $forward_anchor = safe_string($from["name"], TRUE) . "-" . format_date($from["date"], "%ye%%month%%day%%hour24%%minute%");
                        $forward_link .= sprintf("<a href='#%s'>%s</a> ", $forward_anchor, $forward_text);
                    }
                }
                /**
                 * make anchor
                 */
                $anchor = "<a id=\"" . safe_string($temp_row["name"], TRUE) . "-" . format_date($temp_row["date"], "%ye%%month%%day%%hour24%%minute%") . "\"></a>";
                /**
                 * substite all of the parameters into the comment, and add it to the output.
                 */
                $this_tag = $format;
                $this_tag = str_replace("%quote%", $quote, $this_tag);
                $this_tag = str_replace("%quoted-back%", $backward_link, $this_tag);
                $this_tag = str_replace("%quoted-forward%", $forward_link, $this_tag);
                $this_tag = str_replace("%count%", $count + 1, $this_tag);
                $this_tag = str_replace("%code%", $db->entry['code'], $this_tag);
                $this_tag = str_replace("%even-odd%", $count % 2 ? 'even' : 'odd', $this_tag);
                $this_tag = str_replace("%ip%", $temp_row["ip"], $this_tag);
                $this_tag = str_replace("%date%", format_date($temp_row["date"], $entrydate), $this_tag);
                $this_tag = str_replace("%comment%", comment_format($temp_row["comment"]), $this_tag);
                $this_tag = str_replace("%name%", $name, $this_tag);
                $this_tag = str_replace("%email%", $email_format, $this_tag);
                $this_tag = str_replace("%url%", $url_format, $this_tag);
                $this_tag = str_replace("%anchor%", $anchor, $this_tag);
                $this_tag = str_replace("%url-to-name%", $urltoname, $this_tag);
                $this_tag = str_replace("%email-to-name%", $emailtoname, $this_tag);
                $this_tag = str_replace("%gravatar%", $grav_url, $this_tag);
                $this_tag = str_replace("%editlink%", $editlink, $this_tag);
                if ($count == $last_count) {
                    $this_tag = '<a id="lastcomment"></a>' . $this_tag;
                }
                $last_comment = $temp_row["ip"] . $temp_row["comment"];
                // Outputting according to order:
                if ($order == 'ascending') {
                    $output .= $this_tag . "\n";
                } elseif ($order == 'descending') {
                    $output = $this_tag . "\n" . $output;
                }
            }
        }
    }
    // If there are comments waiting for moderation, append a note saying so.
    if ($awaiting_moderation) {
        $output .= sprintf("<p id='moderate_queue_waiting'>%s</p>", lang("comment", "moderate_waiting"));
    }
    return '<a id="comm"></a>' . "\n" . $output;
}
 function on_register()
 {
     global $_G;
     $_GET['username'] = $_GET['' . $this->setting['reginput']['username']];
     $_GET['password'] = $_GET['' . $this->setting['reginput']['password']];
     $_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']];
     $_GET['email'] = $_GET['' . $this->setting['reginput']['email']];
     if ($_G['uid']) {
         $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
         $url_forward = dreferer();
         if (strpos($url_forward, $this->setting['regname']) !== false) {
             $url_forward = 'forum.php';
         }
         showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
     } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
         if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
             if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
                 showmessage('register_disable_activation');
             }
         } elseif (!$this->setting['regstatus']) {
             if ($this->setting['regconnect']) {
                 dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
             }
             showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
         }
     }
     $bbrules =& $this->setting['bbrules'];
     $bbrulesforce =& $this->setting['bbrulesforce'];
     $bbrulestxt =& $this->setting['bbrulestxt'];
     $welcomemsg =& $this->setting['welcomemsg'];
     $welcomemsgtitle =& $this->setting['welcomemsgtitle'];
     $welcomemsgtxt =& $this->setting['welcomemsgtxt'];
     $regname = $this->setting['regname'];
     if ($this->setting['regverify']) {
         if ($this->setting['areaverifywhite']) {
             $location = $whitearea = '';
             $location = trim(convertip($_G['clientip'], "./"));
             if ($location) {
                 $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
                 $whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
                 $whitearea = '.*' . $whitearea . '.*';
                 $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
                 if (@preg_match($whitearea, $location)) {
                     $this->setting['regverify'] = 0;
                 }
             }
         }
         if ($_G['cache']['ipctrl']['ipverifywhite']) {
             foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $this->setting['regverify'] = 0;
                     break;
                 }
             }
         }
     }
     $invitestatus = false;
     if ($this->setting['regstatus'] == 2) {
         if ($this->setting['inviteconfig']['inviteareawhite']) {
             $location = $whitearea = '';
             $location = trim(convertip($_G['clientip'], "./"));
             if ($location) {
                 $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
                 $whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
                 $whitearea = '.*' . $whitearea . '.*';
                 $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
                 if (@preg_match($whitearea, $location)) {
                     $invitestatus = true;
                 }
             }
         }
         if ($this->setting['inviteconfig']['inviteipwhite']) {
             foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $invitestatus = true;
                     break;
                 }
             }
         }
     }
     $groupinfo = array();
     if ($this->setting['regverify']) {
         $groupinfo['groupid'] = 8;
     } else {
         $groupinfo['groupid'] = $this->setting['newusergroupid'];
     }
     $seccodecheck = $this->setting['seccodestatus'] & 1;
     $secqaacheck = $this->setting['secqaa']['status'] & 1;
     $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
     $username = isset($_GET['username']) ? $_GET['username'] : '';
     $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
     $auth = $_GET['auth'];
     if (!$invitestatus) {
         $invite = getinvite();
     }
     $sendurl = $this->setting['sendregisterurl'] ? true : false;
     if ($sendurl) {
         if (!empty($_GET['hash'])) {
             $_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']);
             $hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
             if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
                 $sendurl = false;
             }
         }
     }
     if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
         if ($_GET['action'] == 'activation') {
             $auth = explode("\t", authcode($auth, 'DECODE'));
             if (FORMHASH != $auth[1]) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
             $username = $auth[0];
             $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
             $sendurl = false;
         }
         if (!$sendurl) {
             if ($fromuid) {
                 $member = getuserbyuid($fromuid);
                 if (!empty($member)) {
                     $fromuser = dhtmlspecialchars($member['username']);
                 } else {
                     dsetcookie('promotion');
                 }
             }
             if ($_GET['action'] == 'activation') {
                 $auth = dhtmlspecialchars($auth);
             }
             if ($seccodecheck) {
                 $seccode = random(6, 1);
             }
             $username = dhtmlspecialchars($username);
             $htmls = $settings = array();
             foreach ($_G['cache']['fields_register'] as $field) {
                 $fieldid = $field['fieldid'];
                 $html = profile_setting($fieldid, array(), false, false, true);
                 if ($html) {
                     $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
                     $htmls[$fieldid] = $html;
                 }
             }
             $navtitle = $this->setting['reglinkname'];
             if ($this->extrafile && file_exists($this->extrafile)) {
                 require_once $this->extrafile;
             }
         }
         $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
         $dreferer = dreferer();
         include template($this->template);
     } else {
         $activationauth = array();
         if (isset($_GET['activationauth']) && $_GET['activationauth']) {
             $activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
             if ($activationauth[1] != FORMHASH) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
             $sendurl = false;
         }
         if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
             checkemail($_GET['email']);
         }
         if ($sendurl) {
             $hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey']));
             $registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&amp;hash={$hashstr}&amp;email={$_GET[email]}";
             $email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl));
             if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) {
                 runlog('sendmail', "{$_GET['email']} sendmail failed.");
             }
             showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
         }
         $emailstatus = 0;
         if ($this->setting['sendregisterurl'] && !$sendurl) {
             $_GET['email'] = strtolower($hash[0]);
             $this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
             if (!$this->setting['regverify']) {
                 $groupinfo['groupid'] = $this->setting['newusergroupid'];
             }
             $emailstatus = 1;
         }
         if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
             showmessage('not_open_registration_invite');
         }
         if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
             showmessage('register_rules_agree');
         }
         $activation = array();
         if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
             if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
         }
         if (!$activation) {
             $usernamelen = dstrlen($username);
             if ($usernamelen < 3) {
                 showmessage('profile_username_tooshort');
             } elseif ($usernamelen > 15) {
                 showmessage('profile_username_toolong');
             }
             if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
                 if ($_G['inajax']) {
                     showmessage('profile_username_duplicate');
                 } else {
                     showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
                 }
             }
             if ($this->setting['pwlength']) {
                 if (strlen($_GET['password']) < $this->setting['pwlength']) {
                     showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
                 }
             }
             if ($this->setting['strongpw']) {
                 $strongpw_str = array();
                 if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_1');
                 }
                 if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_2');
                 }
                 if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_3');
                 }
                 if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_4');
                 }
                 if ($strongpw_str) {
                     showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
                 }
             }
             $email = strtolower(trim($_GET['email']));
             if (empty($email) && $_G['setting']['forgeemail']) {
                 $_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST'];
             }
             if (empty($this->setting['ignorepassword'])) {
                 if ($_GET['password'] !== $_GET['password2']) {
                     showmessage('profile_passwd_notmatch');
                 }
                 if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
                     showmessage('profile_passwd_illegal');
                 }
                 $password = $_GET['password'];
             } else {
                 $password = md5(random(10));
             }
         }
         $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
         if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
             showmessage('profile_username_protect');
         }
         if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
             showmessage('profile_required_info_invalid');
         }
         if ($_G['cache']['ipctrl']['ipregctrl']) {
             foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $ctrlip = $ctrlip . '%';
                     $this->setting['regctrl'] = $this->setting['ipregctrltime'];
                     break;
                 } else {
                     $ctrlip = $_G['clientip'];
                 }
             }
         } else {
             $ctrlip = $_G['clientip'];
         }
         if ($this->setting['regctrl']) {
             if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) {
                 showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
             }
         }
         $setregip = null;
         if ($this->setting['regfloodctrl']) {
             $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
             if ($regip) {
                 if ($regip['count'] >= $this->setting['regfloodctrl']) {
                     showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
                 } else {
                     $setregip = 1;
                 }
             } else {
                 $setregip = 2;
             }
         }
         $profile = $verifyarr = array();
         foreach ($_G['cache']['fields_register'] as $field) {
             if (defined('IN_MOBILE')) {
                 break;
             }
             $field_key = $field['fieldid'];
             $field_val = $_GET['' . $field_key];
             if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
                 $field_val = true;
             }
             if (!profile_check($field_key, $field_val)) {
                 $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
                 showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
             }
             if ($field['needverify']) {
                 $verifyarr[$field_key] = $field_val;
             } else {
                 $profile[$field_key] = $field_val;
             }
         }
         if (!$activation) {
             $uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
             if ($uid <= 0) {
                 if ($uid == -1) {
                     showmessage('profile_username_illegal');
                 } elseif ($uid == -2) {
                     showmessage('profile_username_protect');
                 } elseif ($uid == -3) {
                     showmessage('profile_username_duplicate');
                 } elseif ($uid == -4) {
                     showmessage('profile_email_illegal');
                 } elseif ($uid == -5) {
                     showmessage('profile_email_domain_illegal');
                 } elseif ($uid == -6) {
                     showmessage('profile_email_duplicate');
                 } else {
                     showmessage('undefined_action');
                 }
             }
         } else {
             list($uid, $username, $email) = $activation;
         }
         $_G['username'] = $username;
         if (getuserbyuid($uid, 1)) {
             if (!$activation) {
                 uc_user_delete($uid);
             }
             showmessage('profile_uid_duplicate', '', array('uid' => $uid));
         }
         $password = md5(random(10));
         $secques = $questionid > 0 ? random(8) : '';
         if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
             $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
         }
         if (isset($_POST['birthyear'])) {
             $profile['zodiac'] = get_zodiac($_POST['birthyear']);
         }
         if ($_FILES) {
             $upload = new discuz_upload();
             foreach ($_FILES as $key => $file) {
                 $field_key = 'field_' . $key;
                 if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
                     $upload->init($file, 'profile');
                     $attach = $upload->attach;
                     if (!$upload->error()) {
                         $upload->save();
                         if (!$upload->get_image_info($attach['target'])) {
                             @unlink($attach['target']);
                             continue;
                         }
                         $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
                         if ($_G['cache']['fields_register'][$field_key]['needverify']) {
                             $verifyarr[$key] = $attach['attachment'];
                         } else {
                             $profile[$key] = $attach['attachment'];
                         }
                     }
                 }
             }
         }
         if ($setregip !== null) {
             if ($setregip == 1) {
                 C::t('common_regip')->update_count_by_ip($_G['clientip']);
             } else {
                 C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
             }
         }
         if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
             $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
         }
         $init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
         C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
         if ($emailstatus) {
             updatecreditbyaction('realemail', $uid);
         }
         if ($verifyarr) {
             $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
             C::t('common_member_verify_info')->insert($setverify);
             C::t('common_member_verify')->insert(array('uid' => $uid));
         }
         require_once libfile('cache/userstats', 'function');
         build_cache_userstats();
         if ($this->extrafile && file_exists($this->extrafile)) {
             require_once $this->extrafile;
         }
         if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
             C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600);
             if ($this->setting['regctrl']) {
                 C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
             }
         }
         $regmessage = dhtmlspecialchars($_GET['regmessage']);
         if ($this->setting['regverify'] == 2) {
             C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
             manage_addnotify('verifyuser');
         }
         setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
         include_once libfile('function/stat');
         updatestat('register');
         if ($invite['id']) {
             $result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
             if (!$result) {
                 C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
                 updatestat('invite');
             } else {
                 $invite = array();
             }
         }
         if ($invite['uid']) {
             if ($this->setting['inviteconfig']['inviteaddcredit']) {
                 updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
             }
             if ($this->setting['inviteconfig']['invitedaddcredit']) {
                 updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
             }
             require_once libfile('function/friend');
             friend_make($invite['uid'], $invite['username'], false);
             notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
             space_merge($invite, 'field_home');
             if (!empty($invite['privacy']['feed']['invite'])) {
                 require_once libfile('function/feed');
                 $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
                 feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
             }
             if ($invite['appid']) {
                 updatestat('appinvite');
             }
         }
         if ($welcomemsg && !empty($welcomemsgtxt)) {
             $welcomemsgtitle = replacesitevar($welcomemsgtitle);
             $welcomemsgtxt = replacesitevar($welcomemsgtxt);
             if ($welcomemsg == 1) {
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
                 notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
             } elseif ($welcomemsg == 2) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
             } elseif ($welcomemsg == 3) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
                 notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
             }
         }
         if ($fromuid) {
             updatecreditbyaction('promotion_register', $fromuid);
             dsetcookie('promotion', '');
         }
         dsetcookie('loginuser', '');
         dsetcookie('activationauth', '');
         dsetcookie('invite_auth', '');
         $url_forward = dreferer();
         $refreshtime = 3000;
         switch ($this->setting['regverify']) {
             case 1:
                 $idstring = random(6);
                 $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
                 C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
                 $verifyurl = "{$_G[siteurl]}member.php?mod=activate&amp;uid={$_G[uid]}&amp;id={$idstring}";
                 $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
                 if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
                     runlog('sendmail', "{$email} sendmail failed.");
                 }
                 $message = 'register_email_verify';
                 $locationmessage = 'register_email_verify_location';
                 $refreshtime = 10000;
                 break;
             case 2:
                 $message = 'register_manual_verify';
                 $locationmessage = 'register_manual_verify_location';
                 break;
             default:
                 $message = 'register_succeed';
                 $locationmessage = 'register_succeed_location';
                 break;
         }
         $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
         if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
             $url_forward = 'forum.php';
         }
         $href = str_replace("'", "\\'", $url_forward);
         $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
         showmessage($message, $url_forward, $param, $extra);
     }
 }
Ejemplo n.º 23
0
     trbasic(lang('space_tpl_prj'), 'minfosnew[mtcid]', makeoption(mtcidsarr($mchid), $actuser->info['mtcid']), 'select');
     foreach ($mfields as $k => $field) {
         if ($field['available'] && !$field['issystem'] && !$field['isfunc']) {
             $a_field->init();
             $a_field->field = $field;
             $a_field->oldvalue = isset($actuser->info[$k]) ? $actuser->info[$k] : '';
             $a_field->trfield('minfosnew', '', 'm', $mchid);
             $submitstr .= $a_field->submitstr;
         }
     }
     tabfooter('bmemberdetail');
     check_submit_func($submitstr);
     a_guide('memberdetail');
 } else {
     $minfosnew['email'] = empty($minfosnew['email']) ? '' : trim($minfosnew['email']);
     if (empty($minfosnew['email']) || !isemail($minfosnew['email'])) {
         amessage('memberemailillegal', M_REFERER);
     }
     if (!empty($minfosnew['password']) && strlen($minfosnew['password']) > 15 || $minfosnew['password'] != addslashes($minfosnew['password'])) {
         amessage('memberpwdillegal', M_REFERER);
     }
     $minfosnew['password'] = trim($minfosnew['password']);
     $actuser->updatefield('email', $minfosnew['email'], 'main');
     !empty($minfosnew['password']) && $actuser->updatefield('password', md5(md5($minfosnew['password'])), 'main');
     $actuser->updatefield('mtcid', empty($minfosnew['mtcid']) ? 0 : $minfosnew['mtcid'], 'main');
     $c_upload = new cls_upload();
     $mfields = fields_order($mfields);
     $a_field = new cls_field();
     foreach ($mfields as $k => $v) {
         if ($v['available'] && !$v['issystem'] && !$v['isfunc']) {
             $a_field->init();
Ejemplo n.º 24
0
 *      [Discuz!] (C)2001-2099 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: spacecp_sendmail.php 25246 2011-11-02 03:34:53Z zhangguosheng $
 */
if (!defined('IN_DISCUZ')) {
    exit('Access Denied');
}
$_GET['op'] = empty($_GET['op']) ? '' : trim($_GET['op']);
if (empty($_G['setting']['sendmailday'])) {
    showmessage('no_privilege_sendmailday');
}
if (submitcheck('setsendemailsubmit')) {
    $_GET['sendmail'] = serialize($_GET['sendmail']);
    C::t('common_member_field_home')->update($_G['uid'], array('acceptemail' => $_GET['sendmail']));
    showmessage('do_success', 'home.php?mod=spacecp&ac=sendmail');
}
if (empty($space['email']) || !isemail($space['email'])) {
    showmessage('email_input');
}
$sendmail = array();
if ($space['acceptemail'] && is_array($space['acceptemail'])) {
    foreach ($space['acceptemail'] as $mkey => $mailset) {
        if ($mkey != 'frequency') {
            $sendmail[$mkey] = empty($space['acceptemail'][$mkey]) ? '' : ' checked';
        } else {
            $sendmail[$mkey] = array($space['acceptemail']['frequency'] => 'selected');
        }
    }
}
include_once template("home/spacecp_sendmail");
Ejemplo n.º 25
0
         require_once DISCUZ_ROOT . './forumdata/cache/usergroup_8.php';
         $authstradd1 = ", groupid='8'";
         $authstradd2 = "authstr='{$timestamp}\t2\t{$idstring}'";
         sendmail("{$discuz_userss} <{$emailnew}>", 'email_verify_subject', 'email_verify_message');
     }
     $membersql = "secques='{$secquesnew}', email='{$emailnew}' {$newpasswdadd} {$authstradd1}";
     $memberfieldsql = $authstradd2;
 } elseif ($typeid == 2) {
     $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($censoruser = trim($censoruser), '/')) . ')$/i';
     if ($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
         showmessage('profile_nickname_cstatus_illegal');
     }
     if ($msnnew && !isemail($msnnew)) {
         showmessage('profile_alipay_msn');
     }
     if ($alipaynew && !isemail($alipaynew)) {
         showmessage('profile_alipay_illegal');
     }
     $sitenew = !preg_match("/^http:\\/\\/\$/i", $sitenew) ? dhtmlspecialchars(trim(preg_match("/^https?:\\/\\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://' . $sitenew : ''))) : '';
     $icqnew = preg_match("/^([0-9]+)\$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
     $qqnew = preg_match("/^([0-9]+)\$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
     $bdaynew = datecheck($bdaynew) ? $bdaynew : '0000-00-00';
     $yahoonew = dhtmlspecialchars($yahoonew);
     $msnnew = dhtmlspecialchars($msnnew);
     $msnnew = "{$msnnew}\t{$member[msn][1]}";
     $taobaonew = dhtmlspecialchars($taobaonew);
     $alipaynew = dhtmlspecialchars($alipaynew);
     $nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';
     $cstatusadd = $allowcstatus ? ', customstatus=\'' . cutstr(censor(dhtmlspecialchars($cstatusnew)), 30) . '\'' : '';
     $gendernew = empty($gendernew) ? 0 : intval($gendernew);
     $locationnew = cutstr(censor(dhtmlspecialchars($locationnew)), 30);
Ejemplo n.º 26
0
 if ($_SCONFIG['closeinvite']) {
     showmessage('close_invite');
 }
 $mails = array_unique(explode(",", $_POST['email']));
 $invitenum = 0;
 $failingmail = array();
 foreach ($mails as $key => $value) {
     $value = trim($value);
     if (empty($value) || !isemail($value)) {
         $failingmail[] = $value;
         continue;
     }
     if ($reward['credit']) {
         //计算积分扣减积分
         $credit = intval($reward['credit']) * ($invitenum + 1);
         if (!isemail($value) || $reward['credit'] && $credit > $space['credit']) {
             $failingmail[] = $value;
             continue;
         }
         $code = strtolower(random(6));
         $setarr = array('uid' => $_SGLOBAL['supe_uid'], 'code' => $code, 'email' => saddslashes($value), 'type' => 1);
         $id = inserttable('invite', $setarr, 1);
         if ($id) {
             $mailvar[4] = "{$siteurl}invite.php?{$id}{$code}{$inviteapp}";
             // $mailvar[4] = "http://openid.enjoyoung.cn/account/new?{$id}{$code}{$inviteapp}&amp;renturn_to=uchome";
             createmail($value, $mailvar);
             $invitenum++;
         } else {
             $failingmail[] = $value;
         }
     } else {
Ejemplo n.º 27
0
         showmessage('对不起,姓名与邀请码不匹配!', '', 2);
     }
     $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('baseprofile') . " WHERE realname='{$realname}' and mobile='{$mobile}' ORDER BY userid DESC limit 1");
     $bp = $_SGLOBAL['db']->fetch_array($query);
     if (empty($bp)) {
         showmessage('对不起,您的邀请码已经过期!');
     }
 }
 if ($bp['isactive'] == 1) {
     showmessage('users_have_actived', 'index.php', 2);
 }
 if (!@(include_once S_ROOT . './uc_client/client.php')) {
     showmessage('system_error');
 }
 //邮箱
 $email = isemail(trim($_POST['email'])) ? trim($_POST['email']) : '';
 if (empty($email)) {
     showmessage('email_format_is_wrong');
 }
 if ($_SCONFIG['checkemail']) {
     if ($count = getcount('spacefield', array('email' => $email))) {
         showmessage('email_has_been_registered');
     }
 }
 $num = strpos($email, '@');
 $num = $num > 15 ? 15 : $num;
 $username = substr($email, 0, $num);
 //创建新用户
 $newuid = uc_user_register($username, $password, $email);
 if ($newuid <= 0) {
     if ($newuid == -1) {
Ejemplo n.º 28
0
				$authstradd1 = ", groupid='8'";
				$authstradd2 = "authstr='$timestamp\t2\t$idstring'";
				sendmail("$discuz_userss <$emailnew>", 'email_verify_subject', 'email_verify_message');
			}

			$membersql = "secques='$secquesnew', email='$emailnew' $newpasswdadd $authstradd1";
			$memberfieldsql = $authstradd2;

		} elseif($typeid == 2) {

			$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
			if($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
				showmessage('profile_nickname_cstatus_illegal');
			}

			if($msnnew && !isemail($msnnew)) {
				showmessage('profile_alipay_msn');
			}

			$sitenew = !preg_match("/^http:\/\/$/i", $sitenew) ? (dhtmlspecialchars(trim(preg_match("/^https?:\/\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://'.$sitenew : '')))) : '';

			$icqnew = preg_match ("/^([0-9]+)$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
			$qqnew = preg_match ("/^([0-9]+)$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
			$bdaynew = datecheck($bdaynew) ? $bdaynew : '0000-00-00';
			$yahoonew = dhtmlspecialchars($yahoonew);
			$msnnew = dhtmlspecialchars($msnnew);
			$msnnew = "$msnnew\t{$member[msn][1]}";
			$taobaonew = dhtmlspecialchars($taobaonew);
			$alipaynew = dhtmlspecialchars($alipaynew);
			$nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';
			$cstatusadd = $allowcstatus ? ', customstatus=\''.cutstr(censor(dhtmlspecialchars($cstatusnew)), 30).'\'' : '';
Ejemplo n.º 29
0
        DB::update('common_member', $setarr, array('uid' => $_G['uid']));
    }
    if ($authstr) {
        showmessage('profile_email_verify', 'home.php?mod=spacecp&ac=profile&op=password');
    } else {
        showmessage('profile_succeed', 'home.php?mod=spacecp&ac=profile&op=password');
    }
}
if ($operation == 'password') {
    $resend = getcookie('resendemail');
    $resend = empty($resend) ? true : TIMESTAMP - $resend > 300;
    $newemail = getcookie('newemail');
    $space['newemail'] = !$space['emailstatus'] ? $space['email'] : '';
    if (!empty($newemail)) {
        $mailinfo = explode("\t", $newemail);
        $space['newemail'] = $mailinfo[0] == $_G['uid'] && isemail($mailinfo[1]) && $mailinfo[1] != $space['email'] ? $mailinfo[1] : '';
    }
    if ($_G['gp_resend'] && $resend) {
        $toemail = $space['newemail'] ? $space['newemail'] : $space['email'];
        emailcheck_send($space['uid'], $toemail);
        dsetcookie('resendemail', TIMESTAMP);
        showmessage('send_activate_mail_succeed', "home.php?mod=spacecp&ac=profile&op=password");
    } elseif ($_G['gp_resend']) {
        showmessage('send_activate_mail_error', "home.php?mod=spacecp&ac=profile&op=password");
    }
    if (!empty($space['newemail'])) {
        $acitvemessage = lang('spacecp', 'email_acitve_message', array('newemail' => $space['newemail'], 'imgdir' => $_G['style']['imgdir']));
    }
    $actives = array('password' => ' class="a"');
    $navtitle = lang('core', 'title_password_security');
} else {
Ejemplo n.º 30
0
    $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spaceinfo') . " WHERE uid='{$space['uid']}' AND type='base'");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        $friendarr[$value['subtype']][$value['friend']] = ' selected';
    }
} elseif ($_GET['op'] == 'contact') {
    if ($_GET['resend']) {
        //重新发送邮箱验证
        $toemail = $space['newemail'] ? $space['newemail'] : $space['email'];
        emailcheck_send($space['uid'], $toemail);
        showmessage('do_success', "cp.php?ac=profile&op=contact");
    }
    if (submitcheck('profilesubmit') || submitcheck('nextsubmit')) {
        //提交检查
        $setarr = array('mobile' => getstr($_POST['mobile'], 40, 1, 1), 'qq' => getstr($_POST['qq'], 20, 1, 1), 'msn' => getstr($_POST['msn'], 80, 1, 1));
        //邮箱问题
        $newemail = isemail($_POST['email']) ? $_POST['email'] : '';
        if (isset($_POST['email']) && $newemail != $space['email']) {
            //检查邮箱唯一性
            if ($_SCONFIG['uniqueemail']) {
                if (getcount('spacefield', array('email' => $newemail, 'emailcheck' => 1))) {
                    showmessage('uniqueemail_check');
                }
            }
            //验证密码
            // if(!$passport = getpassport($_SGLOBAL['supe_username'], $_POST['password'])) {
            // 			showmessage('password_is_not_passed');
            // 		}
            //邮箱修改
            if (empty($newemail)) {
                //邮箱删除
                $setarr['email'] = '';