</body> </html> <?php } else { if ($_POST['newid'] == '' or $_POST['newpwd'] == '' or $_POST['newname'] == '' or $_POST['newemail'] == '' or $_POST['newaddress'] == '') { c_error('One or more required fields were left blank.\\n' . 'Please fill them in and try again.'); } // here begin sanitize and password strengh $_POST['newid'] = sanitize($_POST['newid'], "id not valid"); $_POST['newname'] = sanitize($_POST['newid'], "name not valid"); $_POST['newaddress'] = sanitize($_POST['newaddress'], "address not valid"); if ($_POST['newnotes'] != '') { $_POST['newnotes'] = sanitize($_POST['newnotes'], "note not valid"); } $_POST['newemail'] = sanitize($_POST['newemail'], "email not valid"); if (!filter_var($_POST['newemail'], FILTER_SANITIZE_EMAIL)) { c_error_reporting(-1); c_error("email not valid"); } password_strength($_POST['newpwd']); // here everything have been check $success = signUp($_POST['newid'], $_POST['newpwd'], $_POST['newname'], $_POST['newemail'], $_POST['newaddress'], $_POST['newnotes']); if ($success == TRUE) { echo "<h4>Signed up!</h4>"; header("Refresh: 3; url=index.php?signed_up=1"); die; } }
function is_user($type, $username = '', $password = '', $repassword = '', $oldpassword = '') { global $path; $user['userid'] = isset($_COOKIE['userid']) ? AuthCode($_COOKIE['userid'], 'DECODE') : ''; //id $user['username'] = isset($_COOKIE['username']) ? AuthCode($_COOKIE['username'], 'DECODE') : ''; //会员用户名 $user['lastlogintime'] = isset($_COOKIE['lastlogintime']) ? AuthCode($_COOKIE['lastlogintime'], 'DECODE') : ''; //登陆时间 $user['lastloginip'] = isset($_COOKIE['lastloginip']) ? AuthCode($_COOKIE['lastloginip'], 'DECODE') : ''; //登陆ip //用户登录 if ($type == 'center') { $user = MysqlOneSelect('lgsc_member', '*', "username='******'"); //echo $user; if ($user == '-1') { return '-1'; exit; } if (md5(md5($password)) !== $user['password']) { return '-2'; exit; } //生成登陆认证 $rnd = makecode(6); //生成COOkie $cookie_time = time() + 3600; setcookie('userid', AuthCode($user['id'], $rnd), $cookie_time, '/'); setcookie('username', AuthCode($user['username'], $rnd), $cookie_time, '/'); setcookie('lastlogintime', AuthCode($user['regtime'], $rnd), $cookie_time, '/'); setcookie('lastloginip', AuthCode(GetIP(), $rnd), $cookie_time, '/'); setcookie("qtrnd", $rnd, $cookie_time, '/'); //更新最后登陆时间 和 登陆认证 登录IP mysql_query("update lgsc_member set logintime =" . time() . " , loginip=" . GetIP() . " where userid = " . $user['id']); //登录成功 return true; } //判断是否登陆 if ($type == 'islogin') { if (!isset($_COOKIE['userid']) && $user['userid'] == "") { return false; } return true; } //限制只能一个账号登陆 if ($type == 'onlyone') { $OneRow = MysqlOneSelect('phome_enewsmember', 'rnd', "userid={$user['0']}"); //print_r($OneRow); if ($_COOKIE["qtrnd"] == '' || $_COOKIE["qtrnd"] != $OneRow['rnd']) { //注销Cookie setcookie('userid', "", time() - 3600 * 10, '/'); setcookie('username', "", time() - 3600 * 10, '/'); setcookie('lastlogintime', "", time() - 3600 * 10, '/'); setcookie('lastloginip', "", time() - 3600 * 10, '/'); setcookie('qtrnd', "", time() - 3600 * 10, '/'); //跳转登陆 return true; } return false; } //退出登陆 if ($type == "exit") { //注销Cookie setcookie('userid', "", time() - 3600 * 10, '/'); setcookie('username', "", time() - 3600 * 10, '/'); setcookie('lastlogintime', "", time() - 3600 * 10, '/'); setcookie('lastloginip', "", time() - 3600 * 10, '/'); setcookie('qtrand', "", time() - 3600 * 10, '/'); //跳转登陆 return true; } //修改密码 if ($type == "password") { $one_user = MysqlOneSelect("lgsc_member", "*", "username = '******'"); //echo "select * from lgsc_member where username = '******' limit 1"; //判断是否存在该用户 if ($one_user == '-1') { return -1; exit; } //对比密码是否正确 if ($oldpassword !== "") { if ($one_user['password'] !== md5(md5($oldpassword))) { return -2; exit; } } //获取密码强度 $password_strength = password_strength($password); //密码修改 if ($password != '') { //两次密码不一致请从新输入 if ($password !== $repassword) { return false; } else { $newpassword = md5(md5($password)); $sql_password = "******" . $one_user['id']; $rest_password = mysql_query($sql_password); if (!$rest_password) { return false; } } } return true; } //获取参数 if ($type == 'par') { return $user; } }