public function __construct()
{
parent::__construct();
if (!check_hash_key() && $GLOBALS['action'] == 'send_mobile_verify_code') {
showErr("非法请求!", 1);
}
}
public function __construct()
{
parent::__construct();
if (!check_hash_key()) {
showErr("非法请求!", 1);
}
}
public function dologin()
{
if (!$_POST) {
app_redirect("404.html");
exit;
}
foreach ($_POST as $k => $v) {
$_POST[$k] = htmlspecialchars(addslashes($v));
}
$ajax = intval($_REQUEST['ajax']);
if (!check_hash_key()) {
showErr("非法请求!", $ajax);
}
$_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd']));
require_once APP_ROOT_PATH . "system/libs/user.php";
if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) {
$result = do_login_user($_POST['email'], $_POST['user_pwd']);
} else {
showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "manageagency#login"));
}
if ($result['status']) {
$s_user_info = es_session::get("user_info");
$jump_url = url("index", "manageagency#account");
$s_user_info = es_session::get("manageagency_info");
if ($ajax == 1) {
$return['status'] = 1;
$return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS'];
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
} else {
if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_EXIST'];
}
if ($result['data'] == ACCOUNT_PASSWORD_ERROR) {
$err = $GLOBALS['lang']['PASSWORD_ERROR'];
}
if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_VERIFY'];
if (app_conf("MAIL_ON") == 1 && $ajax == 0) {
$GLOBALS['tmpl']->assign("page_title", $err);
$GLOBALS['tmpl']->assign("user_info", $result['user']);
$GLOBALS['tmpl']->display("verify_user.html");
exit;
}
}
showErr($err, $ajax);
}
}
public function dologin()
{
if (!$_POST) {
app_redirect("404.html");
exit;
}
foreach ($_POST as $k => $v) {
$_POST[$k] = htmlspecialchars(addslashes($v));
}
$ajax = intval($_REQUEST['ajax']);
if (!check_hash_key()) {
showErr("非法请求!", $ajax);
}
//验证码
if (app_conf("VERIFY_IMAGE") == 1) {
$verify = md5(trim($_REQUEST['verify']));
$session_verify = es_session::get('verify');
if ($verify != $session_verify) {
showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'], $ajax, url("shop", "user#login"));
}
}
require_once APP_ROOT_PATH . "system/libs/user.php";
$_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd']));
if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) {
$result = do_login_user($_POST['email'], $_POST['user_pwd']);
} else {
showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "user#login"));
}
if ($result['status']) {
$s_user_info = es_session::get("user_info");
if (intval($_POST['auto_login']) == 1) {
//自动登录,保存cookie
$user_data = $s_user_info;
es_cookie::set("user_name", $user_data['email'], 3600 * 24 * 30);
es_cookie::set("user_pwd", md5($user_data['user_pwd'] . "_EASE_COOKIE"), 3600 * 24 * 30);
}
if ($ajax == 0 && trim(app_conf("INTEGRATE_CODE")) == '') {
$redirect = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : url("index");
app_redirect($redirect);
} else {
$jump_url = get_gopreview();
$s_user_info = es_session::get("user_info");
if ($s_user_info['ips_acct_no'] == "" && app_conf("OPEN_IPS")) {
if ($ajax == 1) {
$return['status'] = 2;
$return['info'] = "本站需绑定第三方托管账户,是否马上去绑定";
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
$return['jump1'] = APP_ROOT . "/index.php?ctl=collocation&act=CreateNewAcct&user_type=0&user_id=" . $s_user_info['id'];
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
} else {
if ($ajax == 1) {
$return['status'] = 1;
$return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS'];
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
}
}
} else {
if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_EXIST'];
}
if ($result['data'] == ACCOUNT_PASSWORD_ERROR) {
$err = $GLOBALS['lang']['PASSWORD_ERROR'];
}
if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_VERIFY'];
if (app_conf("MAIL_ON") == 1 && $ajax == 0) {
$GLOBALS['tmpl']->assign("page_title", $err);
$GLOBALS['tmpl']->assign("user_info", $result['user']);
$GLOBALS['tmpl']->display("verify_user.html");
exit;
}
}
showErr($err, $ajax);
}
}
public function save_pwd()
{
if (!check_hash_key()) {
showErr("非法请求!", $ajax);
}
$GLOBALS['authorized_info'] = $this->checkLogin();
require_once APP_ROOT_PATH . 'system/libs/user.php';
foreach ($_REQUEST as $k => $v) {
$_REQUEST[$k] = htmlspecialchars(addslashes(trim($v)));
}
if ($_REQUEST['sta'] == 1) {
$sms_code = trim($_REQUEST['sms_code']);
$phone = $GLOBALS['authorized_info']['mobile'];
//print_r($GLOBALS['authorized_info']);die;
$code = $GLOBALS['db']->getOne("SELECT verify_code FROM " . DB_PREFIX . "mobile_verify_code where mobile='" . $phone . "'");
if ($sms_code != $code) {
showErr("验证码输出错误!", intval($_REQUEST['is_ajax']));
}
}
$_REQUEST['id'] = intval($GLOBALS['authorized_info']['id']);
$_REQUEST["user_type"] = 3;
$res = save_user($_REQUEST, 'UPDATE');
if ($res['status'] == 1) {
$s_user_info = es_session::get("authorized_info");
$user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = '" . intval($s_user_info['id']) . "'");
es_session::set("authorized_info", $user_info);
if (intval($_REQUEST['is_ajax']) == 1) {
showSuccess($GLOBALS['lang']['SUCCESS_TITLE'], 1);
} else {
app_redirect(url("index", "authorized#index"));
}
} else {
$error = $res['data'];
if (!$error['field_show_name']) {
$error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])];
}
if ($error['error'] == EMPTY_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == FORMAT_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == EXIST_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']);
}
showErr($error_msg, intval($_REQUEST['is_ajax']));
}
}
