exit(); } /*-------------------------------- 更改密码 function __UserEdit() ---------------------------------*/ else if($action=='edit'){ if($newuserpwd==''||!TestStringSafe($newuserpwd)){ echo "用户密码为空或存在非法字符串!"; exit(); } if(strlen($newuserpwd)>24){ echo "用户密码长度不能超过24位!"; exit(); } $newuserpwd = GetEncodePwd($newuserpwd); Z_OpenSql(); $cfg_ndsql->ExecuteNoneQuery("Update #@__member set pwd='$newuserpwd' where userid like '$userid' "); Z_CloseSql(); echo 'OK!'; } /*-------------------------------- 退出系统 function __UserExit() ---------------------------------*/ else if($action=='exit'){ $backString = "0"; echo 'OK!'.$backString; exit(); } /*--------------------------------
$win->AddMsgItem("请输入充值点数:<input type='text' name='money' size='10' value='$upmoney'>",60); $winform = $win->GetWindow("ok"); $win->Display(); } /*---------------- function __EditUser() 更改会员 ----------------*/ else if($dopost=="edituser") { CheckPurview('member_Edit'); $dsql = new DedeSql(false); $uptime = GetMkTime($uptime); $edpwd = ''; if($newpwd!=''){ $newpwd = GetEncodePwd($newpwd); $edpwd = "pwd='$newpwd',"; } $query1 = "update #@__member set {$edpwd} membertype = '$membertype', uptime = '$uptime', exptime = '$exptime', money = '$money', scores = '$scores', email = '$email', uname = '$uname', sex = '$sex', mybb = '$mybb', spacename = '$spacename', news = '$news'
else if($cfg_pwdtype=='dd'){ if($newtype=='dd' && $newsign==$cfg_ddsign){ $dsql->Close(); ShowMsg("你指定的类型和系统目前的类型一致,不需要转换!","javascript:;"); exit(); } $oosign = $cfg_ddsign; $cfg_pwdtype = $newtype; $cfg_md5len = $newmd5len; $cfg_ddsign = $newsign; $dsql->SetQuery("Select ID,pwd From #@__member "); $dsql->Execute(); while($row = $dsql->GetArray()){ $ID = $row['ID']; $pwd = DdPwdDecode($row['pwd'],$oosign); $pwd = addslashes(GetEncodePwd($pwd)); $dsql->ExecuteNoneQuery("Update #@__member set pwd='$pwd' where ID='$ID' "); } $dsql->Close(); ShowMsg("成功完成 {$dd} 条数据的转换!","javascript:;"); exit(); } //旧密码为md5密码 else if($cfg_pwdtype=='md5'){ if($newtype!='md5'){ $dsql->Close(); ShowMsg("你原来的数据类型为MD5类型,系统无法转换你的数据为非MD5类型!","javascript:;"); exit(); } if($newmd5len > $cfg_md5len){ $dsql->Close();
$fieldsql = ''; $fieldsql = "$userfield,$pwdfield"; if($emailfield!='') $fieldsql .= ",$emailfield"; if($unamefield!='') $fieldsql .= ",$unamefield"; if($sexfield!='') $fieldsql .= ",$sexfield"; $dsql->SetQuery("Select $fieldsql From $exptable "); $dsql->Execute(); $cfg_db_language = $oldchar; $dsql2 = new DedeSql(false); $c = 0; while($row = $dsql->GetArray()){ $userid = addslashes($row[$userfield]); if($tgtype=='none') $pwd = GetEncodePwd($row[$pwdfield]); else if($tgtype=='md5'){ if($cfg_md5len < $tgmd5len) $pwd = substr($row[$pwdfield],0,$cfg_md5len); else $pwd = $row[$pwdfield]; }else if($tgtype=='md5m16'){ $pwd = $row[$pwdfield]; } $pwd = addslashes($pwd); if(empty($unamefield)) $uname = $userid; else $uname = addslashes($row[$unamefield]); if(empty($emailfield)) $email = ''; else $email = addslashes($row[$emailfield]); if(empty($sexfield)) $sex = '';
$ID = $row['ID']; Z_CloseSql(); echo 'OK!'.$ID; exit(); } /*-------------------------------- 会员登录 function __UserLogin() ---------------------------------*/ else if($action=='login'){ Z_OpenSql(); $row = $cfg_ndsql->GetOne("Select ID,pwd From #@__member where userid like '{$userid}$ppName' "); $loginip = Z_GetIP(); if(!is_array($row)){ $userpwd = chr(mt_rand(ord('A'),ord('Z'))).chr(mt_rand(ord('a'),ord('z'))).chr(mt_rand(ord('A'),ord('Z'))).chr(mt_rand(ord('A'),ord('Z'))).chr(mt_rand(ord('a'),ord('z'))).mt_rand(1000,9999).chr(mt_rand(ord('A'),ord('Z'))); $userpwd = GetEncodePwd($userpwd); $ppuserid = $userid.$ppName; $uname = $ppuserid; $inQuery1 = " INSERT INTO `#@__member` (`userid` , `pwd` , `type` , `uname` , `membertype` , `uptime` , `exptime` , `money` , `email` , `jointime` , `joinip` , `logintime` , `loginip` , `c1` , `c2` , `c3` , `matt` , `guestbook` , `spaceshow` , `pageshow` , `spacestyle` , `spacename` , `spaceimage` , `news` , `mybb` , `listnum` , `scores` ) VALUES ('$ppuserid', '$userpwd', '0', '$uname', '10', '0', '0', '0', '', '$ntime', '$loginip', '$ntime', '$loginip', '0', '0', '0', '0', '0', '0', '0', '', '', '', '', '', '20', '1000'); ";