function CheckOpenID()
{
global $DB, $Prefix, $AppID, $OauthObject, $TimeStamp, $SALT, $Config, $CurUserID, $Lang;
$OauthUserID = $DB->single("SELECT UserID FROM " . $Prefix . "app_users \n\t\tWHERE AppID=:AppID AND OpenID = :OpenID", array('AppID' => $AppID, 'OpenID' => $OauthObject->OpenID));
// 当前openid已存在,直接登陆
if ($OauthUserID) {
$OauthUserInfo = $DB->row("SELECT * FROM " . $Prefix . "users WHERE ID = :UserID", array("UserID" => $OauthUserID));
$TemporaryUserExpirationTime = 30 * 86400 + $TimeStamp;
//默认保持30天登陆状态
SetCookies(array('UserID' => $OauthUserID, 'UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($OauthUserInfo['Password'] . $OauthUserInfo['Salt'] . $TemporaryUserExpirationTime . $SALT)), 30);
header('location: ' . $Config['WebsitePath'] . '/');
exit;
} elseif ($CurUserID) {
// 如果已登陆,直接绑定当前账号
//Insert App user
if ($DB->query('INSERT INTO `' . $Prefix . 'app_users`
(`ID`, `AppID`, `OpenID`, `AppUserName`, `UserID`, `Time`)
VALUES (:ID, :AppID, :OpenID, :AppUserName, :UserID, :Time)', array('ID' => null, 'AppID' => $AppID, 'OpenID' => $OauthObject->OpenID, 'AppUserName' => htmlspecialchars($OauthObject->NickName), 'UserID' => $CurUserID, 'Time' => $TimeStamp))) {
AlertMsg($Lang['Binding_Success'], $Lang['Binding_Success']);
} else {
AlertMsg($Lang['Binding_Failure'], $Lang['Binding_Failure']);
}
}
}
}
$DBUser = $DB->row("SELECT ID,UserName,Salt,Password,UserRoleID,UserMail,UserIntro FROM " . $Prefix . "users WHERE UserName = :UserName", array("UserName" => $UserName));
if (!$DBUser) {
$Error = $Lang['User_Does_Not_Exist'];
$ErrorCode = 101003;
break;
}
if (!HashEquals($DBUser['Password'], md5($Password . $DBUser['Salt']))) {
$Error = $Lang['Password_Error'];
$ErrorCode = 101004;
break;
}
UpdateUserInfo(array('LastLoginTime' => $TimeStamp, 'UserLastIP' => CurIP()), $DBUser['ID']);
$TemporaryUserExpirationTime = $Expires * 86400 + $TimeStamp;
if (!$IsApp) {
SetCookies(array('UserID' => $DBUser['ID'], 'UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($DBUser['Password'] . $DBUser['Salt'] . $TemporaryUserExpirationTime . $SALT)), $Expires);
if ($ReturnUrl) {
header('location: ' . $ReturnUrl);
exit('logined');
} else {
header('location: ' . $Config['WebsitePath'] . '/');
exit('logined');
}
}
} while (false);
}
$DB->CloseConnection();
// 页面变量
$PageTitle = $Lang['Log_In'];
$ContentFile = $TemplatePath . 'login.php';
include $TemplatePath . 'layout.php';
function GetCookie($Key, $DefaultValue = false)
{
global $Config, $IsApp;
if (!$IsApp) {
if (!empty($_COOKIE[$Config['CookiePrefix'] . $Key])) {
return $_COOKIE[$Config['CookiePrefix'] . $Key];
} else {
if ($DefaultValue) {
SetCookies(array($Key => $DefaultValue));
return $DefaultValue;
}
}
} else {
return Request("Request", "Auth" . $Key, $DefaultValue);
}
return false;
}
function GetCookie($Key, $DefaultValue = false)
{
global $Config;
if (isset($_COOKIE[$Config['CookiePrefix'] . $Key])) {
return $_COOKIE[$Config['CookiePrefix'] . $Key];
} else {
if ($DefaultValue) {
SetCookies(array($Key => $DefaultValue));
return $DefaultValue;
} else {
return false;
}
}
}
if (IsEmail($Email)) {
session_start();
if (isset($_SESSION[$Prefix . 'VerificationCode']) && $VerifyCode === intval($_SESSION[$Prefix . 'VerificationCode'])) {
$UserExist = $DB->single("SELECT ID FROM " . $Prefix . "users WHERE UserName = :UserName", array('UserName' => $UserName));
if (!$UserExist) {
$NewUserSalt = mt_rand(100000, 999999);
$NewUserPassword = md5(md5($Password) . $NewUserSalt);
$NewUserData = array('ID' => null, 'UserName' => $UserName, 'Salt' => $NewUserSalt, 'Password' => $NewUserPassword, 'UserMail' => $Email, 'UserHomepage' => '', 'PasswordQuestion' => '', 'PasswordAnswer' => '', 'UserSex' => 0, 'NumFavUsers' => 0, 'NumFavTags' => 0, 'NumFavTopics' => 0, 'NewMessage' => 0, 'Topics' => 0, 'Replies' => 0, 'Followers' => 0, 'DelTopic' => 0, 'GoodTopic' => 0, 'UserPhoto' => '', 'UserMobile' => '', 'UserLastIP' => $CurIP, 'UserRegTime' => $TimeStamp, 'LastLoginTime' => $TimeStamp, 'LastPostTime' => $TimeStamp, 'BlackLists' => '', 'UserFriend' => '', 'UserInfo' => '', 'UserIntro' => '', 'UserIM' => '', 'UserRoleID' => 1, 'UserAccountStatus' => 1, 'Birthday' => date("Y-m-d", $TimeStamp));
$DB->query('INSERT INTO `' . $Prefix . 'users`(`ID`, `UserName`, `Salt`, `Password`, `UserMail`, `UserHomepage`, `PasswordQuestion`, `PasswordAnswer`, `UserSex`, `NumFavUsers`, `NumFavTags`, `NumFavTopics`, `NewMessage`, `Topics`, `Replies`, `Followers`, `DelTopic`, `GoodTopic`, `UserPhoto`, `UserMobile`, `UserLastIP`, `UserRegTime`, `LastLoginTime`, `LastPostTime`, `BlackLists`, `UserFriend`, `UserInfo`, `UserIntro`, `UserIM`, `UserRoleID`, `UserAccountStatus`, `Birthday`) VALUES (:ID, :UserName, :Salt, :Password, :UserMail, :UserHomepage, :PasswordQuestion, :PasswordAnswer, :UserSex, :NumFavUsers, :NumFavTags, :NumFavTopics, :NewMessage, :Topics, :Replies, :Followers, :DelTopic, :GoodTopic, :UserPhoto, :UserMobile, :UserLastIP, :UserRegTime, :LastLoginTime, :LastPostTime, :BlackLists, :UserFriend, :UserInfo, :UserIntro, :UserIM, :UserRoleID, :UserAccountStatus, :Birthday)', $NewUserData);
$CurUserID = $DB->lastInsertId();
//更新全站统计数据
$NewConfig = array("NumUsers" => $Config["NumUsers"] + 1, "DaysUsers" => $Config["DaysUsers"] + 1);
UpdateConfig($NewConfig);
$TemporaryUserExpirationTime = 30 * 86400 + $TimeStamp;
//默认保持30天登陆状态
SetCookies(array('UserID' => $CurUserID, 'UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($NewUserPassword . $NewUserSalt . $TemporaryUserExpirationTime . $SALT)), 30);
if ($CurUserID == 1) {
$DB->query("UPDATE `" . $Prefix . "users` SET UserRoleID=5 WHERE `ID`=?", array($CurUserID));
}
if (extension_loaded('gd')) {
require dirname(__FILE__) . "/includes/MaterialDesign.Avatars.class.php";
$Avatar = new MDAvtars(mb_substr($UserName, 0, 1, "UTF-8"), 256);
$Avatar->Save('upload/avatar/large/' . $CurUserID . '.png', 256);
$Avatar->Save('upload/avatar/middle/' . $CurUserID . '.png', 48);
$Avatar->Save('upload/avatar/small/' . $CurUserID . '.png', 24);
$Avatar->Free();
}
header('location: ' . $Config['WebsitePath'] . '/');
} else {
$Message = $Lang['This_User_Name_Already_Exists'];
}
if (HashEquals(md5($UserInfo['Password'] . $UserInfo['Salt'] . md5($TokenExpirationTime) . md5($SALT)), $Token)) {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//重设密码
$Password = Request('Post', 'Password');
$Password2 = Request('Post', 'Password2');
$VerifyCode = intval(Request('Post', 'VerifyCode'));
if ($Password && $Password2 && $VerifyCode) {
if ($Password === $Password2) {
session_start();
if (isset($_SESSION[$Prefix . 'VerificationCode']) && $VerifyCode === intval($_SESSION[$Prefix . 'VerificationCode'])) {
$NewSalt = $UserInfo['Salt'];
$NewPasswordHash = md5(md5($Password) . $NewSalt);
if (UpdateUserInfo(array('Salt' => $NewSalt, 'Password' => $NewPasswordHash), $UserInfo['ID'])) {
$TemporaryUserExpirationTime = 30 * 86400 + $TimeStamp;
//默认保持30天登陆状态
SetCookies(array('UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($NewPasswordHash . $NewSalt . $TemporaryUserExpirationTime . $SALT)), 30);
$CurUserInfo['Salt'] = $NewSalt;
$CurUserInfo['Password'] = $NewPasswordHash;
AlertMsg($Lang['Reset_Password_Success'], $Lang['Reset_Password_Success']);
} else {
AlertMsg($Lang['Reset_Password_Failure'], $Lang['Reset_Password_Failure']);
}
} else {
$Message = $Lang['VerificationCode_Error'];
}
unset($_SESSION[$Prefix . 'VerificationCode']);
} else {
$Message = $Lang['Passwords_Inconsistent'];
}
} else {
$Message = $Lang['Forms_Can_Not_Be_Empty'];
if ($wrong_login_or_password) {
RemoveCookies();
}
switch ($action) {
case "logout":
RemoveCookies();
break;
case "deleteuser":
if ($userid == $_GET['id']) {
RemoveCookies();
}
break;
case "updatepwd":
if ($userid == $_GET['id'] && $newpassword != "") {
SetCookies($userlogin, $newpassword, $userpersist);
}
break;
default:
# Refresh the cookie so it doesn't time out
if ($userid != 0) {
SetCookies($userlogin, $userpassword, $userpersist);
}
break;
}
/*
# Debugging aids:
echo "userlogin = $userlogin<br>";
echo "userpassword = $userpassword<br>";
echo "userpersist = $userpersist<br>";
echo "userid = $userid<br>";
*/
function LogOut()
{
global $CurUserID;
SetCookies(array('UserID' => '', 'CurUserExpirationTime' => '', 'UserCode' => ''), 1);
$CurUserID = 0;
}