function _login($forward = '')
{
global $_GPC, $_W;
load()->model('user');
$member = array();
$username = trim($_GPC['username']);
if (empty($username)) {
message('请输入要登录的用户名');
}
$member['username'] = $username;
$member['password'] = $password = $_GPC['password'];
if (empty($member['password'])) {
message('请输入密码');
}
$record = user_single($member);
if (!empty($record)) {
/*if($record['status'] == 1) {
message('您的账号正在审核或是已经被系统禁止,请联系网站管理员解决!');
}*/
$founders = explode(',', $_W['config']['setting']['founder']);
$_W['isfounder'] = in_array($record['uid'], $founders);
if ($_W['siteclose'] && !$_W['isfounder']) {
$settings = setting_load('copyright');
message('站点已关闭,关闭原因:' . $settings['copyright']['reason']);
}
$cookie = array();
$cookie['uid'] = $record['uid'];
$cookie['lastvisit'] = $record['lastvisit'];
$cookie['lastip'] = $record['lastip'];
$cookie['hash'] = md5($record['password'] . $record['salt']);
$session = base64_encode(json_encode($cookie));
isetcookie('__session', $session, !empty($_GPC['rember']) ? 7 * 86400 : 0);
$status = array();
$status['uid'] = $record['uid'];
$status['lastvisit'] = TIMESTAMP;
$status['lastip'] = CLIENT_IP;
user_update($status);
if (empty($forward)) {
$forward = $_GPC['forward'];
}
if (empty($forward)) {
$forward = './index.php?c=index&a=index';
}
$_W['user'] = $record;
if (cly_isAdmin()) {
message('', url('admin/index'));
} else {
message('', $forward);
}
//message("欢迎回来,{$record['username']}。", $forward);
} else {
message('登录失败,请检查您输入的用户名和密码!');
}
}
function guest_agree_delete($sid, $pid, $touid, $tid)
{
$pid = intval($pid);
$sid = addslashes($sid);
$r = db_exec("DELETE FROM `bbs_guest_agree` WHERE sid='{$sid}' AND pid='{$pid}'");
if ($r !== FALSE) {
user_update($touid, array('agrees-' => 1));
post_update($pid, array('agrees-' => 1));
$tid and thread_update($tid, array('agrees-' => 1));
// 改变用户组
user_update_group($touid);
return TRUE;
// 0
} else {
return FALSE;
}
}
function myagree_delete($uid, $pid, $isfirst)
{
$agree = myagree_read($pid, $uid);
if (empty($agree)) {
return 0;
}
$fromuid = $agree['uid'];
$touid = $agree['touid'];
$tid = $agree['tid'];
$r = db_exec("DELETE FROM `bbs_myagree` WHERE uid='{$uid}' AND pid='{$pid}' LIMIT 1");
db_exec("DELETE FROM `bbs_post_agree` WHERE pid='{$pid}' AND uid='{$uid}' LIMIT 1");
if ($r !== FALSE) {
user_update($fromuid, array('myagrees-' => 1));
user_update($touid, array('agrees-' => 1));
post_update($pid, array('agrees-' => 1));
$isfirst and thread_update($tid, array('agrees-' => 1));
// 改变用户组
user_update_group($touid);
return $r;
// 0
} else {
return FALSE;
}
}
if (isset($_GET["action"])) {
switch ($_GET["action"]) {
case "check":
user_check();
break;
case "login":
user_login();
break;
case "register":
user_register();
break;
case "remind":
user_remind();
break;
case "update":
user_update();
break;
case "logout":
user_logout();
break;
}
}
function user_check()
{
if ($_SESSION['LoggedIn'] == 1) {
echo '{"response":"Yes", "username":"******"}';
} else {
echo '{"response":"No"}';
}
}
function user_login()
/**
* edit user
*/
function edituser($dir)
{
// Determine the user name from the post data
$user = stripslashes($GLOBALS['__POST']["user"]);
// try to find the user
$data = user_find($user, NULL);
if ($data == NULL) {
show_error($user . ": " . $GLOBALS["error_msg"]["miscnofinduser"]);
}
if ($self = $user == $GLOBALS['__SESSION']["s_user"]) {
$dir = "";
}
if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") {
$nuser = stripslashes($GLOBALS['__POST']["nuser"]);
if ($nuser == "" || $GLOBALS['__POST']["home_dir"] == "") {
show_error($GLOBALS["error_msg"]["miscfieldmissed"]);
}
if (isset($GLOBALS['__POST']["chpass"]) && $GLOBALS['__POST']["chpass"] == "true") {
if ($GLOBALS['__POST']["pass1"] != $GLOBALS['__POST']["pass2"]) {
show_error($GLOBALS["error_msg"]["miscnopassmatch"]);
}
$pass = md5(stripslashes($GLOBALS['__POST']["pass1"]));
} else {
$pass = $data[1];
}
if ($self) {
$GLOBALS['__POST']["active"] = 1;
}
// determine the user permissions
$permissions = _eval_permissions();
// determine the new user data
$data = array($nuser, $pass, stripslashes($GLOBALS['__POST']["home_dir"]), stripslashes($GLOBALS['__POST']["home_url"]), $GLOBALS['__POST']["show_hidden"], stripslashes($GLOBALS['__POST']["no_access"]), $permissions, $GLOBALS['__POST']["active"]);
if (!user_update($user, $data)) {
show_error($user . ": " . $GLOBALS["error_msg"]["saveuser"]);
}
if ($self) {
user_activate($nuser, NULL);
}
header("location: " . make_link("admin", $dir, NULL));
return;
}
show_header($GLOBALS["messages"]["actadmin"] . ": " . sprintf($GLOBALS["messages"]["miscedituser"], $data[0]));
// Javascript functions:
include "./_include/js_admin3.php";
echo "<CENTER><FORM name=\"edituser\" action=\"" . make_link("admin", $dir, NULL) . "&action2=edituser\" method=\"post\">\n";
echo "<INPUT type=\"hidden\" name=\"confirm\" value=\"true\"><INPUT type=\"hidden\" name=\"user\" value=\"" . $data[0] . "\">\n";
echo "<BR><TABLE width=\"450\">\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscusername"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type\"text\" name=\"nuser\" size=\"30\" value=\"";
echo $data[0] . "\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscconfpass"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"password\" name=\"pass1\" size=\"30\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscconfnewpass"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"password\" name=\"pass2\" size=\"30\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscchpass"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"checkbox\" name=\"chpass\" value=\"true\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["mischomedir"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"home_dir\" size=\"30\" value=\"";
echo $data[2] . "\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["mischomeurl"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"home_url\" size=\"30\" value=\"";
echo $data[3] . "\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscshowhidden"] . ":</TD>";
echo "<TD align=\"right\"><SELECT name=\"show_hidden\">\n";
echo "<OPTION value=\"0\">" . $GLOBALS["messages"]["miscyesno"][1] . "</OPTION>";
echo "<OPTION value=\"1\"" . ($data[4] ? " selected " : "") . ">";
echo $GLOBALS["messages"]["miscyesno"][0] . "</OPTION>\n";
echo "</SELECT></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["mischidepattern"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"no_access\" size=\"30\" value=\"";
echo $data[5] . "\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscperms"] . ":</TD>\n";
// print out the extended permission table of the user permission
echo "<TD align=\"right\">\n";
admin_print_permissions($data[0]);
echo "</TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscactive"] . ":</TD>";
echo "<TD align=\"right\"><SELECT name=\"active\"" . ($self ? " DISABLED " : "") . ">\n";
echo "<OPTION value=\"1\">" . $GLOBALS["messages"]["miscyesno"][0] . "</OPTION>";
echo "<OPTION value=\"0\"" . ($data[7] ? "" : " selected ") . ">";
echo $GLOBALS["messages"]["miscyesno"][1] . "</OPTION>\n";
echo "</SELECT></TD></TR>\n";
echo "<TR><TD colspan=\"2\" align=\"right\"><input type=\"submit\" value=\"" . $GLOBALS["messages"]["btnsave"];
echo "\" onClick=\"return check_pwd();\">\n<input type=\"button\" value=\"";
echo $GLOBALS["messages"]["btncancel"] . "\" onClick=\"javascript:location='";
echo make_link("admin", $dir, NULL) . "';\"></TD></TR></FORM></TABLE><BR></BR>\n";
}
$_GPC['password'] = trim($_GPC['password']);
if (!empty($record['password']) && istrlen($record['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$_GPC['groupid'] = intval($_GPC['groupid']);
if (empty($_GPC['groupid'])) {
message('请选择所属用户组');
}
load()->model('user');
$record = array();
$record['uid'] = $uid;
$record['password'] = $_GPC['password'];
$record['salt'] = $user['salt'];
$record['groupid'] = intval($_GPC['groupid']);
$record['remark'] = $_GPC['remark'];
user_update($record);
if (!empty($_GPC['birth'])) {
$profile['birthyear'] = $_GPC['birth']['year'];
$profile['birthmonth'] = $_GPC['birth']['month'];
$profile['birthday'] = $_GPC['birth']['day'];
}
if (!empty($_GPC['reside'])) {
$profile['resideprovince'] = $_GPC['reside']['province'];
$profile['residecity'] = $_GPC['reside']['city'];
$profile['residedist'] = $_GPC['reside']['district'];
}
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
if (!in_array($row['field'], array('profile', 'resideprovince', 'birthyear'))) {
$profile[$row['field']] = $_GPC[$row['field']];
}
template('user/permission');
}
if ($do == 'deny') {
if ($_W['ispost'] && $_W['isajax']) {
$founders = explode(',', $_W['config']['setting']['founder']);
if (in_array($uid, $founders)) {
exit('管理员用户不能禁用.');
}
$somebody = array();
$somebody['uid'] = $uid;
if (intval($user['status']) == 2) {
$somebody['status'] = 1;
} else {
$somebody['status'] = 2;
}
if (user_update($somebody)) {
exit('success');
}
}
}
if ($do == 'select') {
$uid = intval($_GPC['uid']);
$condition = '';
$params = array();
if (!empty($_GPC['keyword'])) {
$condition = ' AND `name` LIKE :name';
$params[':name'] = "%{$_GPC['keyword']}%";
}
$pindex = max(1, intval($_GPC['page']));
$psize = 10;
$total = 0;
fclose($news_file);
// Add Blank Comment In The Active_Comments_File --- only for active/draft news
if ($postpone_draft != "postpone") {
$old_com_db = file(SERVDIR . "/cdata/comments.txt");
$new_com_db = fopen(SERVDIR . "/cdata/comments.txt", "w");
flock($new_com_db, LOCK_EX);
fwrite($new_com_db, "{$added_time}|>|\n");
foreach ($old_com_db as $line) {
fwrite($new_com_db, $line);
}
flock($new_com_db, LOCK_UN);
fclose($new_com_db);
}
// Increase By 1 The Number of Written News for Current User
$member_db[UDB_COUNT]++;
user_update($username, $member_db);
// Do backup news (x2 disk space)
if ($config_backup_news == 'yes') {
copy($decide_news_file, $decide_news_file . '.bak');
}
// Notifications
if ($member_db[UDB_ACL] == ACL_LEVEL_JOURNALIST) {
//user is journalist and the article needs to be approved, Notify !!!
if ($config_notify_unapproved == "yes" and $config_notify_status == "active") {
send_mail($config_notify_email, lang("CuteNews - Unapproved article was Added"), str_replace(array('%1', '%2'), array($member_db[UDB_NAME], $title), 'The user %1 (journalist) posted article %2 which needs first to be Approved'));
}
}
if ($postpone) {
msg("info", lang("News added (Postponed)"), lang("The news item was successfully added to the database as postponed. It will be activated at") . date(" Y-m-d H:i:s", $added_time), '#GOBACK');
} elseif (empty($preview_hmtl)) {
$source = '';
function buy_package($user, $package_id, $total = 1)
{
if (empty($user) || empty($user["uid"])) {
return error(-1, "用户不存在");
}
if ($total <= 0) {
return error(-1, "购买数必须大于1");
}
if (empty($user["credit2"]) || doubleval($user["credit2"]) < 0) {
return error(-1, "用户余额为0无法购买套餐.");
}
$group = kim_get_uni_group($package_id);
if (empty($group)) {
return error(-1, "模块不存在.");
}
$price = doubleval($group["price"]);
if (intval($user['groupid']) > 0) {
list($price, $discount) = check_price($price, intval($user['groupid']));
}
if (doubleval($user["credit2"]) < $price * $total) {
return error(-1, "用户余额不足.");
}
$st = get_settings();
$day = 30;
if (intval($st[package_day]) > 0) {
$day = intval($st[package_day]);
}
$package_price = $price * $total;
$package_time = $total * $day * 24 * 60 * 60;
load()->model("account");
$account = uni_fetch();
if (empty($account)) {
return error(-1, "公众号不存在.");
}
$settings = uni_setting($account["uniacid"], array('groupdata'));
$groupData = $settings['groupdata'] ? $settings['groupdata'] : array("endtime" => TIMESTAMP);
$package_endTime = $package_time;
if ($groupData["endtime"] - TIMESTAMP > 0) {
$package_endTime = $groupData["endtime"] - TIMESTAMP + $package_time;
}
$old_package = kim_get_uni_group($account["groupid"]);
try {
pdo_begin();
$endtime = date("Y-m-d", TIMESTAMP + $package_endTime);
load()->model('user');
$record = array();
$record['uid'] = $user["uid"];
$record['endtime'] = $endtime;
user_update($record);
$order_record = array("uniacid" => $account["uniacid"], "uid" => $user["uid"], "package" => $package_id, "buy_time" => TIMESTAMP, "expiration_time" => TIMESTAMP + $package_endTime);
pdo_insert("users_packages", $order_record);
$record_id = pdo_insertid();
if ($record_id <= 0) {
throw new Exception("保存记录失败");
}
//VIP时间同步
$groupData["endtime"] = $groupData["endtime"] < TIMESTAMP ? TIMESTAMP : $groupData["endtime"];
$old_over_time = date("Y-m-d", $groupData["endtime"]);
$new_over_time = date("Y-m-d", TIMESTAMP + $package_endTime);
$log = array(0, sprintf("自动续费: %s 套餐续费,续费前:%s 到期; 续费后:%s 到期", $group["name"], $old_over_time, $new_over_time));
if (intval($account["groupid"]) != intval($package_id)) {
$surplus_price = $old_package["price"] * round(($groupData["endtime"] - TIMESTAMP) / 86400);
$surplus_price = $surplus_price / $day;
$surplus_time = round($surplus_price / $group["price"]) * $day;
$package_endTime = $surplus_time * 24 * 60 * 60 + $package_time;
$new_over_time = date("Y-m-d", TIMESTAMP + $package_endTime);
$log_text = sprintf("套餐变更: <p>A、原套餐: %s , %s 到期</p><p>B、变更后: %s , %s 到期.</p>", $old_package["name"], $old_over_time, $group["name"], $new_over_time);
$log = array(0, $log_text);
if (pdo_update('uni_account', array('groupid' => $package_id), array('uniacid' => $account["uniacid"])) <= 0) {
throw new Exception("更新套餐失败.");
}
}
$new_groupdata = array('groupdata' => iserializer(array('isexpire' => 1, 'endtime' => TIMESTAMP + $package_endTime, 'oldgroupid' => $old_package['id'], 'is_auto' => 1)));
if (pdo_update('uni_settings', $new_groupdata, array('uniacid' => $account["uniacid"])) <= 0) {
throw new Exception("更新套餐失败!");
}
$result = user_credits_update($user["uid"], "credit2", -$package_price, $log);
if (is_error($result)) {
throw new Exception($result["message"]);
}
$_W['account']['groupid'] = $account["uniacid"];
load()->model('module');
module_build_privileges();
pdo_update("users_packages", array("record_id" => $record_id, "status" => 1), array("id" => $record_id));
pdo_commit();
return true;
} catch (Exception $e) {
pdo_rollback();
return error(-1, $e->getMessage());
}
return error(-1, "错误操作.");
}
$getdata = http_build_query(array("query" => $q,'action' => 'article_list'));
$opts = array('http' =>array('method'=>'POST','header'=>'Content-type: application/x-www-form-urlencoded'));
$context = stream_context_create($opts);
$result = file_get_contents('http://'.$_SERVER['HTTP_HOST'].'/php/brainspell.php?'.$getdata, false, $context);
echo $result;
*/
} else {
if ($parts[1] == "about") {
about();
} else {
if ($parts[1] == "blog") {
blog();
} else {
if ($parts[1] == "download") {
download();
} else {
if ($parts[1] == "user") {
user_update($parts[2]);
} else {
home();
}
}
}
}
}
}
}
}
?>
function qq_login_create_user($username, $avatar_url_2, $openid)
{
global $conf, $time, $longip;
$arr = qq_login_read_user_by_openid($openid);
if ($arr) {
return xn_error(-2, '已经注册');
}
// 自动产生一个用户名
$r = user_read_by_username($username);
if ($r) {
$username = $username . '_' . $time;
$r = user_read_by_username($username);
if ($r) {
return xn_error(-1, '用户名被占用。');
}
}
// 自动产生一个 Email
$email = "qq_{$time}@qq.com";
$r = user_read_by_email($email);
if ($r) {
return xn_error(-1, 'Email 被占用');
}
// 随机密码
$password = md5(rand(1000000000, 9999999999) . $time);
$user = array('username' => $username, 'email' => $email, 'password' => $password, 'gid' => 101, 'salt' => rand(100000, 999999), 'create_date' => $time, 'create_ip' => $longip, 'avatar' => 0, 'logins' => 1, 'login_date' => $time, 'login_ip' => $longip);
$uid = user_create($user);
if (empty($uid)) {
return xn_error(-1, '注册失败');
}
$user = user_read($uid);
$r = db_exec("INSERT INTO bbs_user_open_plat SET uid='{$uid}', platid='1', openid='{$openid}'");
if (empty($uid)) {
return xn_error(-1, '注册失败');
}
runtime_set('users+', '1');
runtime_set('todayusers+', '1');
// 头像不重要,忽略错误。
if ($avatar_url_2) {
$filename = "{$uid}.png";
$dir = substr(sprintf("%09d", $uid), 0, 3) . '/';
$path = $conf['upload_path'] . 'avatar/' . $dir;
!is_dir($path) and mkdir($path, 0777, TRUE);
$data = file_get_contents($avatar_url_2);
file_put_contents($path . $filename, $data);
user_update($uid, array('avatar' => $time));
}
return $user;
}
# phpWebNotes - a php based note addition system
# Copyright (C) 2000-2002 Webnotes Team - webnotes-devel@sourceforge.net
# This program is distributed under the terms and conditions of the GPL
# See the files README and LICENSE for details
# --------------------------------------------------------
# $Id: admin_manage_users_update.php,v 1.6 2002/10/07 02:54:39 vboctor Exp $
# --------------------------------------------------------
require_once 'core' . DIRECTORY_SEPARATOR . 'api.php';
login_cookie_check();
access_ensure_check_action(ACTION_USERS_EDIT);
$f_user_id = gpc_get('f_user_id');
$f_email = gpc_get('f_email');
$f_password = gpc_get('f_password');
$f_password_confirm = gpc_get('f_password_confirm');
$f_access_level = gpc_get('f_access_level');
if ($f_password != $f_password_confirm) {
util_header_redirect($g_admin_manage_users_edit . '?f_user_id=' . $f_user_id);
}
if (isset($f_enabled)) {
$f_enabled = 1;
} else {
$f_enabled = 0;
}
if (isset($f_protected)) {
$f_protected = 1;
} else {
$f_protected = 0;
}
user_update($f_user_id, $f_email, $f_password, $f_access_level, $f_enabled, $f_protected);
util_header_redirect($g_admin_manage_users);
function listingUsers($db_connexion, $action = '')
{
$query = "SELECT * FROM `users` order by `id_user` ASC";
$statment = $db_connexion->query($query);
$resultats = $statment->fetchall();
if (empty($action)) {
$output = "";
$entete = array("Pseudo", "Email", "Nom", "Prénom", "Adresse", "Code Postal", "Date de création", "Date de dernière modif", "Actions");
$output .= "<table class='table table-striped table-hover table-bordered'>\r\n <thead>\r\n <tr>";
// boucle foreach pour créer des TH pour chaque valeur du tableau $entete
foreach ($entete as $key => $value) {
$output .= "<th>{$value}</th>";
}
$output .= "</tr></thead><tbody>";
foreach ($resultats as $resultat) {
$output .= "<tr>";
$output .= "<td>" . $resultat["user_name"] . "</td>";
$output .= "<td>" . $resultat["user_email"] . "</td>";
$output .= "<td>" . $resultat["user_firstname"] . "</td>";
$output .= "<td>" . $resultat["user_lastname"] . "</td>";
$output .= "<td>" . $resultat["user_adress"] . "</td>";
$output .= "<td>" . $resultat["user_zipcode"] . "</td>";
$output .= "<td>" . $resultat["last_login"] . "</td>";
$output .= "<td>" . $resultat["date_created"] . "</td>";
$output .= "<td>\r\n <ul>\r\n <li><a href='utilisateur.php?action=voir&id=" . $resultat["id_user"] . "'>Voir</a></li>\r\n <li><a href='utilisateur.php?action=modifier&id=" . $resultat["id_user"] . "'>Modifier</a></li>\r\n <li><a href='utilisateur.php?action=supprimer&id=" . $resultat["id_user"] . "'>Supprimer</a></li>\r\n </ul>\r\n </td>\r\n </tr>";
}
$output .= "</tbody>\r\n </table>";
} else {
$action = $_GET['action'];
if (isset($_GET["id"])) {
$userID = $_GET["id"];
switch ($action) {
case 'voir':
$output = "";
$user = user_edit($db_connexion, $userID);
$output .= file_exists("../upload/300x400_" . $user["user_pic"]) ? "<img src='../upload/300x400_" . $user["user_pic"] . "'><br/>" : "";
$output .= !empty($user["user_lastname"]) ? "Nom : " . $user["user_lastname"] . "<br/>" : "";
$output .= !empty($user["user_firstname"]) ? "Prénom : " . $user["user_firstname"] . "<br/>" : "";
$output .= "Pseudo : " . $user["user_name"] . "<br/>";
$output .= "Email : " . $user["user_email"] . "<br/>";
break;
case 'supprimer':
try {
$statement = $db_connexion->prepare("DELETE FROM users WHERE id_user=:id");
$statement->execute(array(":id" => $userID));
header("Location:utilisateur.php");
} catch (PDOException $e) {
echo $e->getMessage();
}
break;
case 'modifier':
$output = user_update($userID, $db_connexion);
$action = "?action=modifier&id=1&step=image";
$output .= user_image_upload($userID, $db_connexion, $action, false);
break;
}
}
}
return $output;
}
function crud_operations()
{
if (session_okay()) {
if (isset($_POST["user_add"])) {
user_create();
}
if (g("crud") == "d" && !isset($_POST["user_add"])) {
user_delete();
}
if (isset($_POST["user_update"])) {
user_update();
}
if (g("crud") == "u") {
crud_message_user_update();
}
}
}
$totalnum = $user['threads'];
$pages = pages('my-thread-{page}.htm', $totalnum, $page, $pagesize);
$threadlist = mythread_find_by_uid($uid, $page, $pagesize);
include './flarum/view/my_thread.htm';
} elseif ($action == 'agree') {
$page = param(2, 1);
$pagesize = 20;
// $conf['pagesize']
$totalnum = $user['myagrees'];
$pages = pages('my-agree-{page}.htm', $totalnum, $page, $pagesize);
$threadlist = myagree_find_by_uid($uid, $page, $pagesize);
include './flarum/view/my_agree.htm';
} elseif ($action == 'uploadavatar') {
$upfile = param('upfile', '', FALSE);
empty($upfile) and message(-1, 'upfile 数据为空');
$json = xn_json_decode($upfile);
empty($json) and message(-1, '数据有问题: json 为空');
$name = $json['name'];
$width = $json['width'];
$height = $json['height'];
$data = base64_decode($json['data']);
$size = strlen($data);
$filename = "{$uid}.png";
$dir = substr(sprintf("%09d", $uid), 0, 3) . '/';
$path = $conf['upload_path'] . 'avatar/' . $dir;
$url = $conf['upload_url'] . 'avatar/' . $dir . $filename;
!IN_SAE and !is_dir($path) and (mkdir($path, 0777, TRUE) or message(-2, '目录创建失败'));
file_put_contents($path . $filename, $data) or message(-1, '写入文件失败');
user_update($uid, array('avatar' => $time));
message(0, $url);
}
$res .= $lang['results']['users'][user_change_field($username, 'blocked', '0')];
}
}
rcms_showAdminMessage($res);
}
if (!empty($_POST['delete']) && is_array($_POST['delete'])) {
$res = '';
foreach ($_POST['delete'] as $username => $delete) {
if ($delete) {
$res .= $lang['results']['users'][user_delete($username)];
}
}
rcms_showAdminMessage($res);
}
if (!empty($_POST['edit']) && !empty($_POST['save'])) {
rcms_showAdminMessage($lang['results']['users'][user_update($_POST['edit'], false, '', '', $_POST['email'], @$_POST['userdata'], true)]);
}
if (!empty($_POST['rights']) && !empty($_POST['save'])) {
rcms_showAdminMessage($lang['results']['users'][user_set_rights($_POST['rights'], @$_POST['rootuser'], @$_POST['_rights'])]);
}
/******************************************************************************
* Interface *
******************************************************************************/
$frm = new InputForm("", "post", $lang['general']['submit']);
$frm->addbreak($lang['admincp']['users']['profiles']['title']);
$frm->addrow($lang['users']['usersearch'], $frm->text_box('search', @$_POST['search']));
$frm->show();
if (!empty($_POST['edit']) && ($userdata = load_user_info($_POST['edit']))) {
$frm = new InputForm("", "post", $lang['general']['submit']);
$frm->resetButton($lang['general']['reset']);
$frm->addbreak($lang['admincp']['users']['profiles']['edit'] . $userdata['username']);
function user_update_group($uid)
{
global $conf, $grouplist;
$user = user_read_cache($uid);
if ($user['gid'] < 100) {
return FALSE;
}
// 遍历 agrees 范围,调整用户组
foreach ($grouplist as $group) {
if ($group['gid'] < 100) {
continue;
}
$n = $user['agrees'] + $user['threads'] + $user['posts'];
if ($n > $group['agreesfrom'] && $n < $group['agreesto']) {
$user['gid'] = $group['gid'];
user_update($uid, array('gid' => $group['gid']));
return TRUE;
}
}
return FALSE;
}
/* 決済方法登録 */
} else {
if (isset($_POST["pay_method_redist_submit"])) {
$pay_method_redist = isset($_POST['pay_method_redist']) ? htmlspecialchars($_POST['pay_method_redist']) : null;
require "admin_redist.php";
$anser = pay_method_redist($pay_method_redist);
echo $anser;
}
}
}
/* ユーザ変更 */
if (isset($_POST['user_update_submit'])) {
$user_name_update = isset($_POST['user_name_update']) ? htmlspecialchars($_POST['user_name_update']) : null;
$user_pass_update = isset($_POST['user_pass_update']) ? htmlspecialchars($_POST['user_pass_update']) : null;
require "../../php/admin/admin_update.php";
$anser = user_update($user_name_update, $user_pass_update);
echo $anser;
/* 種類変更 */
} else {
if (isset($_POST["kind_update_submit"])) {
$kind_update = isset($_POST['kind_update']) ? htmlspecialchars($_POST['kind_update']) : null;
require "../../php/admin/admin_update.php";
$anser = kind_update($kind_update);
echo $anser;
/* 決済方法変更 */
} else {
if (isset($_POST["pay_method_update_submit"])) {
$pay_method_update = isset($_POST['pay_method_update']) ? htmlspecialchars($_POST['pay_method_update']) : null;
require "../../php/admin/admin_update.php";
$anser = pay_method_update($pay_method_update);
echo $anser;
function _login($forward = '')
{
global $_GPC, $_W;
load()->model('user');
$member = array();
$username = trim($_GPC['username']);
pdo_query('DELETE FROM' . tablename('users_failed_login') . ' WHERE lastupdate < :timestamp', array(':timestamp' => TIMESTAMP - 300));
$failed = pdo_get('users_failed_login', array('username' => $username, 'ip' => CLIENT_IP));
if ($failed['count'] >= 5) {
message('输入密码错误次数超过5次,请在5分钟后再登录', referer(), 'info');
}
if (!empty($_W['setting']['copyright']['verifycode'])) {
$verify = trim($_GPC['verify']);
if (empty($verify)) {
message('请输入验证码');
}
$result = checkcaptcha($verify);
if (empty($result)) {
message('输入验证码错误');
}
}
if (empty($username)) {
message('请输入要登录的用户名');
}
$member['username'] = $username;
$member['password'] = $_GPC['password'];
if (empty($member['password'])) {
message('请输入密码');
}
$record = user_single($member);
$now = time();
$now = date("Y-m-d", $now);
//计算天数
$day1 = $now;
$day2 = date("Y-m-d", $record['endtime']);
$diff = diffBetweenTwoDays($day1, $day2);
$oldday = 16 - $diff;
if (0 >= $oldday) {
$oldday = 0;
}
if (!empty($record)) {
if ($record['status'] == 1) {
message('您的账号正在审核或是已经被系统禁止,请联系网站管理员解决!');
}
if ($record['status'] != 0) {
if ($day1 >= $day2) {
if ($oldday == 0) {
message('您的账号已经过期15天了,不幸的是:您属于体验会员,已经自动了删除账号!');
} else {
message('您的账号已经到期,不幸的是:您属于体验会员,' . $oldday . '天后将自动删除账号!');
}
}
}
$founders = explode(',', $_W['config']['setting']['founder']);
$_W['isfounder'] = in_array($record['uid'], $founders);
if (!empty($_W['siteclose']) && empty($_W['isfounder'])) {
message('站点已关闭,关闭原因:' . $_W['setting']['copyright']['reason']);
}
$cookie = array();
$cookie['uid'] = $record['uid'];
$cookie['lastvisit'] = $record['lastvisit'];
$cookie['lastip'] = $record['lastip'];
$cookie['hash'] = md5($record['password'] . $record['salt']);
$session = base64_encode(json_encode($cookie));
isetcookie('__session', $session, !empty($_GPC['rember']) ? 7 * 86400 : 0);
$status = array();
$status['uid'] = $record['uid'];
$status['lastvisit'] = TIMESTAMP;
$status['lastip'] = CLIENT_IP;
user_update($status);
if (empty($forward)) {
$forward = $_GPC['forward'];
}
if (empty($forward)) {
$forward = './index.php?c=account&a=display';
}
if ($record['uid'] != $_GPC['__uid']) {
isetcookie('__uniacid', '', -7 * 86400);
isetcookie('__uid', '', -7 * 86400);
}
pdo_delete('users_failed_login', array('id' => $failed['id']));
message("欢迎回来,{$record['username']},您还可以使用{$diff}天。", $forward);
} else {
if (empty($failed)) {
pdo_insert('users_failed_login', array('ip' => CLIENT_IP, 'username' => $username, 'count' => '1', 'lastupdate' => TIMESTAMP));
} else {
pdo_update('users_failed_login', array('count' => $failed['count'] + 1, 'lastupdate' => TIMESTAMP), array('id' => $failed['id']));
}
message('登录失败,请检查您输入的用户名和密码!');
}
}
}
echo proc_tpl('editusers/user', array('CSRF' => $CSRF, 'user_arr[2]' => $user_arr[2], 'user_arr[4]' => $user_arr[4], 'user_arr[5]' => $user_arr[5], 'user_arr[6]' => $user_arr[6], 'user_date' => date("r", $user_arr[0]), 'edit_level' => $edit_level, 'last_login' => empty($user_arr[UDB_LAST]) ? lang('never') : date('r', $user_arr[UDB_LAST]), 'id' => $id));
} elseif ($action == "doedituser") {
CSRFCheck();
list($id, $editemail, $editpassword, $editlevel) = GET('id,editemail,editpassword,editlevel');
if (empty($id)) {
die(lang("This is not a valid user"));
}
if (false === ($the_user = user_search($id))) {
die(lang("This is not a valid user"));
}
if (check_email($editemail) == false) {
die(lang("Invalid email"));
}
// In case if email already exists, and email not eq. --> error
$find_email = user_search($editemail, 'email');
if ($find_email && $find_email[UDB_EMAIL] != $the_user[UDB_EMAIL]) {
die(lang("User with this email already exists"));
}
// Change password if present
if (!empty($editpassword)) {
$hmet = hash_generate($editpassword);
$the_user[UDB_PASS] = $hmet[count($hmet) - 1];
send_cookie();
}
// Change user level anywhere
$the_user[UDB_EMAIL] = $editemail;
$the_user[UDB_ACL] = $editlevel;
user_update($id, $the_user);
echo proc_tpl('editusers/doedituser/saved');
}
$role_perms = array();
$user_perms = array();
if (!empty($item)) {
if ($item['uid'] == $_W['uid']) {
message('无法修改自己的权限!', referer(), 'error');
}
$role = pdo_fetch("SELECT * FROM " . tablename('ewei_shop_perm_role') . " WHERE id =:id and deleted=0 and uniacid=:uniacid limit 1", array(':uniacid' => $_W['uniacid'], ':id' => $item['roleid']));
if (!empty($role)) {
$role_perms = explode(',', $role['perms']);
}
$user_perms = explode(',', $item['perms']);
}
if ($_W['isajax'] && $_W['ispost']) {
$data = array('uniacid' => $_W['uniacid'], 'username' => trim($_GPC['username']), 'realname' => trim($_GPC['realname']), 'mobile' => trim($_GPC['mobile']), 'password' => user_hash($_GPC['password'], random(8)), 'roleid' => intval($_GPC['roleid']), 'status' => intval($_GPC['status']), 'perms' => is_array($_GPC['perms']) ? implode(',', $_GPC['perms']) : '');
if (!empty($id)) {
user_update(array('uid' => $data['uid'], 'password' => $_GPC['password']));
pdo_update('ewei_shop_perm_user', $data, array('id' => $id, 'uniacid' => $_W['uniacid']));
plog('perm.user.edit', "编辑操作员 ID: {$id} 用户名: {$data['username']} ");
} else {
if (user_check(array('username' => $data['username']))) {
die(json_encode(array('result' => 0, 'message' => '非常抱歉,此用户名已经被注册,你需要更换注册名称!')));
}
$data['uid'] = user_register(array('username' => $data['username'], 'password' => $_GPC['password']));
pdo_insert('ewei_shop_perm_user', $data);
pdo_insert('uni_account_users', array('uid' => $data['uid'], 'uniacid' => $data['uniacid'], 'role' => 'operator'));
$id = pdo_insertid();
plog('perm.user.add', "添加操作员 ID: {$id} 用户名: {$data['username']} ");
}
die(json_encode(array('result' => 1)));
}
} elseif ($operation == 'delete') {
echo "<div class='wrapper2'>" . $loginerror . "</div>";
echo "</div>";
$success = false;
}
if ($success and strpos($_POST['youtube'], '.')) {
// Reshow the form with an error
$loginerror = 'Your youtube name is incorrect';
echo "<div class='wrapper'>";
include 'update_form.inc.php';
echo "<div class='wrapper2'>" . $loginerror . "</div>";
echo "</div>";
$success = false;
}
if ($success) {
// Try and login with the given username & pass
$result = user_update($_POST['email'], $_POST['password'], $_POST['youtube'], $_POST['category'], $username);
if ($result != 'Correct') {
// Reshow the form with the error
$loginerror = 'An error has occured';
echo "<div class='wrapper'>";
include 'update_form.inc.php';
echo "</div>";
exit;
} else {
?>
<script type='text/javascript'>
window.location = 'settings.php?f=sf';
</script>
<?php
}
}
function braincatalogue($args)
{
global $connection;
if (count($args) == 0 || $args[1] == "index.html" || $args[1] == "index.htm") {
$html = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/templates/home.html");
$specimen = returnimages($_SERVER['DOCUMENT_ROOT'] . "/data");
$tmp = str_replace("<!--SPECIMENS-->", $specimen, $html);
$html = $tmp;
header('HTTP/1.1 200 OK');
header("Status: 200 OK");
print $html;
} else {
if ($args[1] == "blog") {
$html = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/templates/blog.html");
$blog = file_get_contents("http://braincatalogue.org/php/blog.php");
$tmp = str_replace("<!--Core-->", $blog, $html);
$html = $tmp;
header('HTTP/1.1 200 OK');
header("Status: 200 OK");
print $html;
} else {
if ($args[1] == "user") {
user_update($args[2]);
} else {
if ($args[1] == "atlasMaker") {
$specimen = $args[2];
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/" . $specimen)) {
$html = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/templates/atlasMaker.html");
$tmp = str_replace("<!--SPECIMEN-->", $specimen, $html);
$html = $tmp;
header('HTTP/1.1 200 OK');
header("Status: 200 OK");
print $html;
}
} else {
/*
This bit of code permits to have MRI directories that
do not appear in the front page.
It works by looking from the end of the url if the
directory exists. If it doesn't, it may be because
the user is asking for a segmentation atlas. In that
case, the code tries eliminating the last part.
*/
$found = false;
for ($i = count($args); $i > 0; $i--) {
$specimen = join("/", array_slice($args, 0, $i));
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/" . $specimen)) {
$found = true;
break;
}
}
if ($found) {
//var_dump($args);
//echo "[".$specimen."] ".$found;
if ($i < count($args)) {
/*
Query for atlas
*/
$atlas = $args[count($args)];
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/" . $specimen . "/" . $atlas . ".nii.gz")) {
header('HTTP/1.1 200 OK');
header("Status: 200 OK");
$html = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/templates/atlasMaker.html");
$tmp = str_replace("<!--SPECIMEN-->", $specimen, $html);
$html = $tmp;
$tmp = str_replace("<!--ATLAS-->", $atlas, $html);
$html = $tmp;
print $html;
} else {
/*
header('HTTP/1.1 404 Not Found');
echo "We don't have an atlas <i>".$atlas."</i> for specimen <i>".$specimen."</i>, yet...";
*/
header('HTTP/1.1 200 OK');
header("Status: 200 OK");
$html = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/templates/atlasMaker.html");
$tmp = str_replace("<!--SPECIMEN-->", $specimen, $html);
$html = $tmp;
$tmp = str_replace("<!--ATLAS-->", $atlas, $html);
$html = $tmp;
print $html;
}
} else {
/*
Query for specimen info
*/
header('HTTP/1.1 200 OK');
header("Status: 200 OK");
$html = file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/templates/specimen.html");
// Configure specimen
//--------------------
$tmp = str_replace("<!--SPECIMEN-->", $specimen, $html);
$html = $tmp;
// Configure atlases
//------------------
$info = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/" . $specimen . "/info.txt"));
$tmp = str_replace("<!--INFO-->", mysqli_real_escape_string($connection, json_encode($info)), $html);
$html = $tmp;
print $html;
}
} else {
header('HTTP/1.1 404 Not Found');
echo "We don't have data for {$specimen}, yet...";
}
}
}
}
}
}
<?php
////////////////////////////////////////////////////////////////////////////////
// Copyright (C) 2004 ReloadCMS Development Team //
// http://reloadcms.sf.net //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY, without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
// //
// This product released under GNU General Public License v2 //
////////////////////////////////////////////////////////////////////////////////
if (!empty($_POST['profile_form']) && LOGGED_IN) {
$result = user_update($system->user['username'], false, $_POST['password'], $_POST['confirmation'], $_POST['email'], @$_POST['userdata']);
$system->config['pagename'] = $lang['users']['profileupdate'];
$system->showModuleWindow($lang['users']['profileupdate'], $lang['results']['users'][$result]);
} elseif (!empty($_POST['registration_form']) && !LOGGED_IN) {
$result = user_update($_POST['username'], true, $_POST['password'], $_POST['confirmation'], $_POST['email'], @$_POST['userdata']);
$system->config['pagename'] = $lang['users']['registration'];
$system->showModuleWindow($lang['users']['registration'], $lang['results']['users'][$result], 'center');
} elseif (!LOGGED_IN) {
$system->config['pagename'] = $lang['users']['registration'];
$system->showModuleWindow($lang['users']['registration'], rcms_parse_module_template('user-profile.tpl', array('mode' => 'registration_form', 'fields' => $system->data['apf'])));
} elseif (LOGGED_IN) {
$system->config['pagename'] = $lang['users']['profileupdate'];
$system->showModuleWindow($lang['users']['profileupdate'], rcms_parse_module_template('user-profile.tpl', array('mode' => 'profile_form', 'fields' => $system->data['apf'], 'values' => $system->user)));
}
$uid = intval($_GPC['uid']);
$groupid = intval($_GPC['groupid']);
$uniacid = intval($_GPC['uniacid']);
if (!empty($uid)) {
pdo_delete('uni_account_users', array('uniacid' => $uniacid, 'role' => 'owner'));
$account_users = array('uniacid' => $uniacid, 'uid' => $uid, 'role' => 'owner');
pdo_insert('uni_account_users', $account_users);
}
$user = array('uid' => $uid, 'groupid' => $groupid);
if ($_GPC['is-set-endtime'] == 1 && !empty($_GPC['endtime'])) {
$user['endtime'] = strtotime($_GPC['endtime']);
} else {
$user['endtime'] = 0;
}
if (!empty($user)) {
user_update($user);
}
if (!empty($_GPC['signature']) || intval($_GPC['balance']) >= 0) {
$notify = array();
$notify['sms']['balance'] = intval($_GPC['balance']);
$notify['sms']['signature'] = trim($_GPC['signature']);
pdo_update('uni_settings', array('notify' => iserializer($notify)), array('uniacid' => $uniacid));
}
pdo_delete('uni_account_group', array('uniacid' => $uniacid));
if (!empty($_GPC['package'])) {
$group = pdo_get('users_group', array('id' => $groupid));
$group['package'] = iunserializer($group['package']);
if (!is_array($group['package']) || !in_array('-1', $group['package'])) {
foreach ($_GPC['package'] as $packageid) {
if (!empty($packageid)) {
pdo_insert('uni_account_group', array('uniacid' => $uniacid, 'groupid' => $packageid));
} elseif ($action == 'resetpw') {
$email = online_get('reset_email');
$verifycode = online_get('reset_verifycode');
empty($email) || empty($verifycode) and message(0, '数据为空,请返回上一步重新填写。');
$_user = user_read_by_email($email);
empty($_user) and message(0, '用户不存在');
$_uid = $_user['uid'];
if ($method == 'GET') {
$header['title'] = '重置密码';
include './flarum/view/user_resetpw.htm';
} else {
if ($method == 'POST') {
$password = param('password');
$salt = $_user['salt'];
$password = md5($password . $salt);
user_update($_uid, array('password' => $password));
online_unset('reset_email');
online_unset('reset_verifycode');
message(0, '修改成功');
}
}
} else {
$_uid = param(1, 0);
$pid = param(2, 0);
// 接受 pid,通过 pid 查询 userip
if ($_uid == 0) {
$post = post_read($pid);
$_ip = long2ip($post['userip']);
$_ip_url = xn_urlencode($_ip);
$banip = banip_read_by_ip($_ip);
$_user = user_guest();
$edithidemail = $edithidemail ? 1 : 0;
$pack = user_search($username);
// editing password (with confirm)
if ($editpassword) {
if ($confirmpassword == $editpassword) {
$hashs = hash_generate($editpassword);
$pack[UDB_PASS] = $hashs[count($hashs) - 1];
} else {
msg('error', lang('Error!'), lang('Confirm password not match'), "#GOBACK");
}
}
$pack[UDB_NICK] = $editnickname;
$pack[UDB_EMAIL] = $editmail;
$pack[UDB_CBYEMAIL] = $edithidemail;
$pack[UDB_AVATAR] = $change_avatar;
user_update($username, $pack);
msg("info", lang("Changes Saved"), lang("Your personal information was saved"), "#GOBACK");
} elseif ($action == "templates") {
if ($member_db[UDB_ACL] != ACL_LEVEL_ADMIN) {
msg("error", lang("Access Denied"), lang("You don't have permissions for this type of action"), '#GOBACK');
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Detect all template packs we have
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
$templates_list = array();
if (!($handle = opendir(SERVDIR . "/cdata"))) {
die("Can not open directory " . SERVDIR . "/cdata ");
}
while (false !== ($file = readdir($handle))) {
if (preg_replace('/^.*\\.(.*?)$/', '\\1', $file) == 'tpl') {
$file_arr = explode(".", $file);
}
} else {
message(-1, '不支持的 type');
}
$r = $db->find_one("SELECT * FROM `bbs_user` LIMIT 1");
!empty($r) and !$force and message(5, '已经安装过了。');
!is_dir('./upload/avatar') and mkdir('./upload/avatar', 0777);
!is_dir('./upload/forum') and mkdir('./upload/forum', 0777);
!is_dir('./upload/attach') and mkdir('./upload/attach', 0777);
$conf['auth_key'] = md5(time()) . md5(uniqid());
file_put_contents('./conf/conf.php', "<?php\r\nreturn " . var_export($conf, true) . ";\r\n?>");
write_database('./install/install.sql');
$salt = rand(100000, 999999);
$pwd = md5(md5($adminpass) . $salt);
$admin = array('username' => $adminuser, 'email' => $adminemail, 'password' => $pwd, 'salt' => $salt, 'create_ip' => $longip, 'create_date' => $time);
user_update(1, $admin);
/*friendlink_create(array(
'name' => 'Xiuno BBS',
'url' => 'http://bbs.xiuno.com/',
'rank' => 0,
'create_date' => $time,
));*/
$setting = array('sitebrief' => '', 'seo_title' => '', 'seo_keywords' => '', 'seo_description' => '', 'footer_code' => '');
kv_set('setting', $setting);
// 写测试数据
if ($test_data == 1) {
runtime_truncate();
runtime_init();
online_init();
for ($i = 0; $i < 5; $i++) {
$subject = '欢迎使用 Xiuno BBS 3.0 新一代论坛系统。' . $i;
//$username AND !is_username($username, $err) AND message(3, $err);
if ($mobile and $old['mobile'] != $mobile) {
$user = user_read_by_mobile($mobile);
$user and message(1, '用户手机已经存在');
}
if ($username and $old['username'] != $username) {
$user = user_read_by_username($username);
$user and message(3, '用户已经存在');
}
$arr['mobile'] = $mobile;
$arr['username'] = $username;
$arr['gid'] = $gid;
if ($password) {
!is_password($password, $err) and message(4, $err);
$salt = mt_rand(10000000, 9999999999);
$arr['password'] = md5($password . $salt);
$arr['salt'] = $salt;
}
}
$r = user_update($uid, $arr);
$r !== FALSE ? message(0, '更新成功') : message(11, '更新失败');
}
} elseif ($action == 'delete') {
if ($method != 'POST') {
message(-1, 'Method Error.');
}
$uid = param('uid', 0);
$state = user_delete($uid);
$state === FALSE and message(11, '删除失败');
message(0, '删除成功');
}
function user_update_received($id)
{
$name = stripslashes(trim($_POST['name']));
$passwd = stripslashes($_POST['passwd']);
$passwd_confirm = stripslashes($_POST['passwd_confirm']);
$email = stripslashes($_POST['email']);
if ($passwd != '' && $passwd != $passwd_confirm) {
add_info('Ошибка подтверждения пароля.');
return false;
}
$groups = new CVCAppendingList();
$groups->Init('groups');
$groups->ReceiveItemsUsed();
if (user_update($id, $name, $email, $_POST['acgroup'], $groups->GetItemsUsed(), $passwd)) {
$_POST = array();
}
}
