Example #1
0
     }
     if (strlen($password) > $MOD['maxpassword'] || strlen($password) < $MOD['minpassword']) {
         message(lang($L['member_password_len'], array($MOD['minpassword'], $MOD['minpassword'])));
     }
     if ($password != $cpassword) {
         message($L['member_payword_match']);
     }
     $options = array('username', 'passport', 'email', 'mobile', 'company', 'qq', 'msn', 'ali', 'skype', 'userid');
     in_array($option, $options) or $option = 'username';
     $r = $db->get_one("SELECT username,groupid,passsalt FROM {$DT_PRE}member WHERE email='{$email}' AND `{$option}`='{$username}'");
     if ($r) {
         $username = $r['username'];
         if ($r['groupid'] == 4) {
             message($L['send_password_checking']);
         }
         $authvalue = dpassword($password, $r['passsalt']);
         $auth = make_auth($username);
         $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$authvalue}',authtime='{$DT_TIME}' WHERE username='******'");
         userclean($username);
         $authurl = $MOD['linkurl'] . 'send.php?auth=' . $auth;
         $title = $L['send_password_mail'];
         $content = ob_template('password', 'mail');
         send_mail($email, $title, stripslashes($content));
         dheader($MOD['linkurl'] . 'goto.php?action=password&email=' . $email);
     } else {
         message($L['send_password_error']);
     }
 } else {
     $head_title = $L['send_password_title'];
     include template('send', $module);
 }
Example #2
0
     if ($t['groupid'] == 2 || $t['groupid'] == 4) {
         exit('ko');
     }
     if (is_email($_SESSION['f_key'])) {
         $email = $_SESSION['f_key'];
         $email == $t['email'] or exit('ko');
         $_SESSION['email_code'] == md5($t['email'] . '|' . $code) or exit('ko');
         set_cookie('username', $email);
     } else {
         $mobile = $_SESSION['f_key'];
         $mobile == $t['mobile'] && $t['vmobile'] or exit('ko');
         $_SESSION['mobile_code'] == md5($t['mobile'] . '|' . $code) or exit('ko');
         set_cookie('username', $mobile);
     }
     $salt = random(8);
     $pass = dpassword($password, $salt);
     $db->query("UPDATE {$DT_PRE}member SET password='******',passsalt='{$salt}' WHERE userid='{$userid}'");
     session_destroy();
     exit('ok');
     break;
 case 'check':
     isset($type) or exit('ko');
     $captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
     $msg = captcha($captcha, 1, true);
     if ($msg) {
         exit('captcha');
     }
     if ($type == 'mobile') {
         $could_mobile or exit('ko');
         is_mobile($mobile) or exit('ko');
         $t = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1");
Example #3
0
if (in_array('capital', $_E)) {
    $_E[] = 'regunit';
}
$content_table = content_table(4, $_userid, is_file(DT_CACHE . '/4.part'), $DT_PRE . 'company_data');
$t = $db->get_one("SELECT * FROM {$content_table} WHERE userid={$_userid}");
if ($t) {
    $user['content'] = $content = $t['content'];
} else {
    $user['content'] = $content = '';
    $db->query("REPLACE INTO {$content_table} (userid,content) VALUES ('{$_userid}','')");
}
if ($submit) {
    if ($post['password'] && $user['password'] != dpassword($post['oldpassword'], $user['passsalt'])) {
        message($L['error_password']);
    }
    if ($post['payword'] && $user['payword'] != dpassword($post['oldpayword'], $user['paysalt'])) {
        message($L['error_payword']);
    }
    $post['groupid'] = $user['groupid'];
    $post['email'] = $user['email'];
    $post['passport'] = $user['passport'];
    $post['company'] = $user['company'];
    $post['domain'] = $user['domain'];
    $post['icp'] = $user['icp'];
    $post['skin'] = $user['skin'];
    $post['template'] = $user['template'];
    $post['edittime'] = $DT_TIME;
    $post['bank'] = $user['bank'];
    $post['banktype'] = $user['banktype'];
    $post['branch'] = $user['branch'];
    $post['account'] = $user['account'];
Example #4
0
         }
         if (strlen($password) < 6) {
             msg('新密码最少6位,请修改');
         }
         if ($password != $cpassword) {
             msg('两次输入的密码不一致,请检查');
         }
         $r = $db->get_one("SELECT password,passsalt FROM {$DT_PRE}member WHERE userid='{$_userid}'");
         if ($r['password'] != dpassword($oldpassword, $r['passsalt'])) {
             msg('现有密码错误,请检查');
         }
         if ($password == $oldpassword) {
             msg('新密码不能与现有密码相同');
         }
         $passsalt = random(8);
         $password = dpassword($password, $passsalt);
         $db->query("UPDATE {$DT_PRE}member SET password='******',passsalt='{$passsalt}' WHERE userid='{$_userid}'");
         userclean($_username);
         msg('管理员密码修改成功', '?action=main');
     } else {
         include tpl('password');
     }
     break;
 case 'side':
     include tpl('side');
     break;
 case 'cron':
     include DT_ROOT . '/api/cron.inc.php';
     break;
 case 'main':
     if ($submit) {
Example #5
0
<?php

defined('DT_ADMIN') or exit('Access Denied');
$menus = array(array('登录日志', '?moduleid=' . $moduleid . '&file=' . $file), array('日志清理', '?moduleid=' . $moduleid . '&file=' . $file . '&action=clear', 'onclick="if(!confirm(\'为了系统安全,系统仅删除30天之前的日志\\n此操作不可撤销,请谨慎操作\')) return false"'));
switch ($action) {
    case 'clear':
        $time = $today_endtime - 30 * 86400;
        $db->query("DELETE FROM {$DT_PRE}login WHERE logintime<{$time}");
        dmsg('清理成功', $forward);
        break;
    case 'cp':
        $r = $db->get_one("SELECT password,passsalt FROM {$DT_PRE}login WHERE logid='{$logid}'");
        echo $r['password'] == dpassword($password, $r['passsalt']) ? '匹配' : '不匹配';
        exit;
        break;
    default:
        $sfields = array('按条件', '结果', '会员', '密码', 'IP', '客户端');
        $dfields = array('message', 'message', 'username', 'password', 'loginip', 'agent');
        isset($admin) or $admin = -1;
        isset($fields) && isset($dfields[$fields]) or $fields = 0;
        $ip = isset($ip) ? $ip : '';
        $username = isset($username) ? $username : '';
        $fromdate = isset($fromdate) ? $fromdate : '';
        $fromtime = is_date($fromdate) ? strtotime($fromdate . ' 0:0:0') : 0;
        $todate = isset($todate) ? $todate : '';
        $totime = is_date($todate) ? strtotime($todate . ' 23:59:59') : 0;
        $fields_select = dselect($sfields, 'fields', '', $fields);
        $condition = '1';
        if ($keyword) {
            $condition .= " AND {$dfields[$fields]} LIKE '%{$keyword}%'";
        }
Example #6
0
 function login_log($username, $password, $salt, $admin = 0, $message = '')
 {
     global $DT_TIME, $DT_IP, $L;
     $password = dpassword($password, $salt);
     $agent = addslashes(dhtmlspecialchars(strip_sql($_SERVER['HTTP_USER_AGENT'])));
     $message or $message = $L['member_login_ok'];
     if ($message == $L['member_login_ok']) {
         cache_delete($DT_IP . '.php', 'ban');
     }
     $this->db->query("INSERT INTO {$this->db->pre}login (username,password,passsalt,admin,loginip,logintime,message,agent) VALUES ('{$username}','{$password}','{$salt}','{$admin}','{$DT_IP}','{$DT_TIME}','{$message}','{$agent}')");
 }
Example #7
0
                 } else {
                     message('密码错误,请重试');
                 }
             } else {
                 message('Ucenter密码错误,请用Ucenter密码登录');
             }
         } else {
             if ($uid == -3) {
                 /* Ucenter 安全提问错 */
                 message('如果需要同步登录Ucenter,请取消Ucenter安全提问');
             } else {
                 if ($uid > 0) {
                     /* Ucenter 验证成功 */
                     $api_msg = uc_user_synlogin($uid);
                     if ($user) {
                         $vpassword = dpassword($password, $user['passsalt']);
                         /* 同步DT密码 */
                         if ($user['password'] != $vpassword) {
                             $db->query("UPDATE {$DT_PRE}member SET password='******' WHERE username='******'");
                         }
                     } else {
                         /* 会员不存在 */
                         $auth = encrypt($username . '|' . $rt_password . '|' . $rt_email, DT_KEY . 'UC');
                         message('请激活您的账号', $MOD['linkurl'] . $DT['file_register'] . '?auth=' . $auth);
                     }
                 }
             }
         }
     }
     break;
 case 'logout':