function currentuser()
{
global $m_cookie, $db, $tblprefix, $onlineip, $nouserinfos, $timestamp, $sessionexists;
$this->cumonthadd_reset();
//将所有会员的月交互数量置为0
$memberid = 0;
if (!empty($m_cookie['userauth'])) {
@(list($memberpwd, $memberid) = maddslashes(explode("\t", authcode($m_cookie['userauth'], 'DECODE')), 1));
if (empty($memberid) || $memberid != intval($memberid)) {
mclearcookie('userauth');
}
} else {
list($memberpwd, $memberid) = array('', 0);
}
$sessionexists = 0;
$msid = isset($m_cookie['msid']) ? $m_cookie['msid'] : '';
if ($msid) {
if ($memberid) {
$sqlstr = "SELECT ms.* FROM {$tblprefix}msession ms,{$tblprefix}members m\n\t\t\t\t\tWHERE ms.mid=m.mid AND ms.msid='{$msid}' AND onlineip='{$onlineip}' AND m.mid='{$memberid}' AND m.password='******'";
} else {
$sqlstr = "SELECT * FROM {$tblprefix}msession WHERE msid='{$msid}' AND onlineip='{$onlineip}'";
}
if ($msession = $db->fetch_one($sqlstr)) {
$sessionexists = 1;
if ($memberid) {
$msession = array_merge($msession, $db->fetch_one("SELECT * FROM {$tblprefix}members WHERE mid='{$msession['mid']}'"));
} else {
$msession = array_merge($msession, $nouserinfos);
}
}
}
if (!$sessionexists) {
if ($memberid) {
if (!($msession = $db->fetch_one("SELECT * FROM {$tblprefix}members WHERE mid='{$memberid}' AND password='******'"))) {
mclearcookie('userauth');
} else {
$msession['mslastactive'] = $msession['lastolupdate'] = $timestamp;
}
}
$msession['msid'] = random(6);
if (empty($msession['mid'])) {
$msession = array_merge($msession, $nouserinfos);
}
}
if (empty($m_cookie['msid']) || $msession['msid'] != $m_cookie['msid']) {
msetcookie('msid', $msession['msid']);
}
$this->info = $msession;
$this->updatesession();
}
message('outmemberactive', axaction(0, 'tools/memactive.php?username='******'&password='******'&forward=' . rawurlencode($forward)));
}
login_safecheck($username, $errtimes);
$password = preg_replace("/^(.{" . round(strlen($password) / 4) . "})(.+?)(.{" . round(strlen($password) / 6) . "})\$/s", "\\1***\\3", $password);
$record = mhtmlspecialchars($timestamp . "\t" . stripslashes($username) . "\t" . $password . "\t" . $onlineip);
record2file('badlogin', $record);
message($cantimes ? 'loginfailed' : 'mloginerrtimes', axaction(1, $forward), $cantimes);
}
} elseif ($action == 'logout') {
if ($enable_uc) {
include_once M_ROOT . './include/ucenter/uc.inc.php';
}
$cmember = $curuser->info;
if ($enable_pptin && !empty($pptin_url) && $pptin_logout) {
$url = $pptin_url . $pptin_logout;
$url .= (strpos($url, '?') ? '&' : '?') . 'verify=' . substr(md5("{$onlineip}{$pptin_key}{$_SERVER['HTTP_USER_AGENT']}"), 8, 8) . "&{$getval}=" . rawurlencode($forward);
#PHPWind
header('location:' . $url);
exit;
}
mclearcookie();
if ($enable_pptout && !empty($pptout_file) && !empty($pptout_url)) {
include M_ROOT . './include/pptout/' . $pptout_file . '.php';
header('location:' . $url);
exit;
}
if (!$forward || preg_match('/\\blogin.php(\\?|#|$)/i', $forward)) {
$forward = 'index.php';
}
message('memlogoutsucce', $forward);
}
function cms_spread($uid, $mode = 0)
{
global $db, $tblprefix, $onlineip, $timestamp, $curuser, $m_cookie;
if (empty($uid) && $mode == 1) {
$uid = empty($m_cookie['spread_uid']) ? '' : $m_cookie['spread_uid'];
} else {
$uid = trim($uid);
}
if (empty($uid) || !($commu = read_cache('commu', 9)) || empty($commu['available']) || empty($commu['setting'][$mode])) {
return;
}
$user = new cls_userinfo();
$user->activeuserbyname($uid);
if (!($mid = $user->info['mid']) || $mid == $curuser->info['mid']) {
return;
}
$s =& $commu['setting'][$mode];
$ip = ip2long($onlineip);
$time = getdate($timestamp);
$time = mktime(0, 0, 0, $time['mon'], $time['mday'], $time['year']);
$record = $db->result_one("SELECT COUNT(*) FROM {$tblprefix}spreads WHERE mid='{$mid}' AND ip={$ip} AND mode={$mode} AND time>{$time}");
if ($s['value'] && (!$s['count'] || $s['count'] > $db->result_one("SELECT COUNT(*) FROM {$tblprefix}spreads WHERE mid='{$mid}' AND time>{$time}")) && !$record) {
$user->updatecrids(array($s['crid'] => $s['value']), 1);
}
$record || $db->query("INSERT INTO {$tblprefix}spreads(mid,ip,mode,time) VALUES('{$mid}',{$ip},{$mode},{$timestamp})");
$mode ? mclearcookie('spread_uid') : msetcookie('spread_uid', $uid);
}
function synlogout($get, $post)
{
if (!API_SYNLOGOUT) {
return API_RETURN_FORBIDDEN;
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
require_once M_ROOT . './include/general.fun.php';
mclearcookie();
}
