function reg($data)
{
if (!$data['email']) {
return array('status' => 0, 'msg' => L('email_require'));
}
if (!$data['password']) {
return array('status' => 0, 'msg' => L('password_require'));
}
if ($this->check_user($data['email']) > 0) {
return array('status' => 0, 'msg' => '用户已经存在,登录邮箱不能重复。');
}
// 用于写入的数组
$indata = array();
$indata = $data;
$indata['regtime'] = time();
$indata['regip'] = get_client_ip();
$indata['status'] = 1;
$indata['salt'] = user_salt();
$indata['password'] = user_md5($data['password'], $indata['salt']);
$insertId = $this->add($indata);
// 写入记录
if ($insertId) {
return array('status' => 1, 'msg' => '注册成功!', 'userid' => $insertId);
}
return array('status' => 0, 'msg' => '注册失败,请重试。');
}
public function _before_update($data)
{
if ($data['id'] == '1' and $data['status'] == 0) {
$this->error('最后一个了,状态不能禁用哦');
exit;
}
$info = $this->_mod->find($data['id']);
if ($info['password'] != $data['password']) {
!$info['salt'] && ($data['salt'] = $info['salt'] = user_salt());
$data['password'] = user_md5($data['password'] . $info['salt']);
}
return $data;
}
public function add_user($data)
{
if (in_array('', $data)) {
return array('status' => 0, 'msg' => '内容不完整');
}
// 再次检查是否重复
if ($this->field_exists($data['username'])) {
return array('status' => 0, 'msg' => sprintf(L('is_exist'), L('username')));
}
// 处理密码
$data['salt'] = user_salt();
$data['password'] = user_md5($data['password'], $data['salt']);
if ($this->add($data)) {
return array('status' => 1, 'msg' => L('operation_success'));
}
}
public function profile()
{
if (IS_POST) {
$post = $this->_post('info');
$data = $this->_mod->create($post);
// 修改密码
if (trim($post['password'])) {
$data['salt'] = user_salt();
$data['password'] = user_md5($data['password'], $data['salt']);
} else {
unset($data['password']);
}
$data['id'] = $this->_userid;
$this->_mod->where(array('id' => $this->_userid))->save($data);
$this->success(L('operation_success'));
} else {
$this->assign('active', 'profile');
$this->theme('profile', 'user');
}
}
/**
* Respond to password reset confirmation.
* @return The url to display after the command is processed.
*/
function command_reset_password_confirm()
{
global $esc_post;
// Check code
if (!user_check_reset_code($_POST['code'])) {
error_register('Invalid reset code');
return crm_url();
}
// Check that passwords match
if ($_POST['password'] != $_POST['confirm']) {
error_register('Passwords do not match');
return crm_url();
}
// Get user id
$sql = "SELECT * FROM `resetPassword` WHERE `code`='{$esc_post['code']}'";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
$row = mysql_fetch_assoc($res);
$esc_cid = mysql_real_escape_string($row['cid']);
// Calculate hash
$salt = user_salt();
$esc_hash = mysql_real_escape_string(user_hash($_POST['password'], $salt));
$esc_salt = mysql_real_escape_string($salt);
// Update password
$sql = "\n UPDATE `user`\n SET `hash`='{$esc_hash}'\n , `salt`='{$esc_salt}'\n WHERE `cid`='{$esc_cid}'\n ";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
// Notify user to check their email
message_register('Your password has been reset, you may now log in');
return crm_url('login');
}
/**
* Handle installation request.
*
* @return The url to redirect to on completion.
*/
function command_module_install()
{
global $esc_post;
// Create tables
$res = module_install();
if (!$res) {
return crm_url();
}
// Add admin contact and user
$sql = "\n INSERT INTO `contact`\n (`firstName`, `lastName`, `email`)\n VALUES\n ('Admin', 'User', '{$esc_post['email']}')\n ";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
$cid = mysql_insert_id();
$esc_cid = mysql_real_escape_string($cid);
$salt = user_salt();
$esc_hash = mysql_real_escape_string(user_hash($_POST['password'], $salt));
$esc_salt = mysql_real_escape_string($salt);
$sql = "\n INSERT INTO `user`\n (`cid`, `username`, `hash`, `salt`)\n VALUES\n ('{$esc_cid}', 'admin', '{$esc_hash}', '{$esc_salt}')\n ";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
message_register('Seltzer CRM has been installed.');
message_register('You may log in as user "admin"');
return crm_url('login');
}
