/** * 用户名长度验证 * @param string $username * @return boolean */ function check_username_len($username) { $len = dstrlen($username); if ($len > 15 || $len < 5) { return FALSE; } else { return TRUE; } }
private function _check_post_length($message, $length) { if ($this->param['special'] || $this->thread['special'] || getstatus($this->thread['status'], 3) || !$length) { return 0; } require_once libfile('function/discuzcode'); $langthread = lang('forum/thread'); $content = discuzcode($message); $content = strip_tags($content); $content = str_replace(array(',', '.', '?', '!', $langthread['t_question'], $langthread['t_exclamatory'], $langthread['t_period'], $langthread['t_comma'], '~', $langthread['t_suspension']), '', $content); $content = preg_replace('/\\s+/', '', $content); $realLength = dstrlen($content); $checkQuote = preg_match("/\\s?\\[quote\\][\n\r]*(.+?)[\n\r]*\\[\\/quote\\]\\s?/is", $message) > 0 || preg_match("/\\[img=(\\d{1,4})[x|\\,](\\d{1,4})\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/i", $message) > 0 || preg_match("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/i", $message) > 0 || preg_match("/\\[attach\\](\\d+)\\[\\/attach\\]/i", $message) > 0; if ($checkQuote || $realLength >= $length) { return $realLength <= 0 ? 1 : $realLength; } else { return 0; } }
function check_username($username) { $guestexp = '^Guest'; $len = dstrlen($username); if ($len < 3 || preg_match("/\\s+|^c:\\con\\con|[%,\\*\"\\s\\<\\>\\&]|{$guestexp}/is", $username)) { return FALSE; } else { return TRUE; } }
function pick_reg($info) { $member = $info; extract($info); global $_G; loaducenter(); require_once libfile('function/misc'); require_once libfile('function/profile'); include_once libfile('class/member'); $activation = array(); if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { return milu_lang('too_short'); } elseif ($usernamelen > 15) { return milu_lang('too_long'); } $username = addslashes(trim(dstripslashes($username))); $email = trim($email); } if (!$activation) { $uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { return milu_lang('bad_word'); } elseif ($uid == -2) { return milu_lang('system_bad_word'); } elseif ($uid == -3) { return milu_lang('reged'); } elseif ($uid == -4) { return milu_lang('wrong_email'); } elseif ($uid == -5) { return milu_lang('bad_email'); } elseif ($uid == -6) { return milu_lang('email_reged'); } else { return milu_lang('unknow_error'); } } } else { list($uid, $username, $email) = $activation; } if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) { if (!$activation) { uc_user_delete($uid); } return milu_lang('uid_reged'); } $init_arr = explode(',', $_G['setting']['initcredits']); $groupinfo['groupid'] = $_G['setting']['newusergroupid']; $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; //用户资料 $profile['constellation'] = get_constellation($birthmonth, $birthday); $profile['zodiac'] = get_zodiac($birthyear); $profile['gender'] = $gender == milu_lang('baomi') ? 0 : ($gender == milu_lang('man') ? 1 : 0); $profile_field_arr = array('birthyear', 'birthmonth', 'birthday', 'birthprovince', 'birthcity', 'birthdist', 'birthcommunity', 'resideprovince', 'residecity', 'residedist', 'residecommunity', 'residesuite', 'site', 'bio', 'interest', 'idcardtype', 'idcard', 'bloodtype', 'height', 'weight', 'qq', 'msn', 'taobao', 'yahoo', 'icq', 'alipay', 'lookingfor', 'position', 'occupation', 'education', 'company', 'graduateschool', 'revenue', 'telephone', 'mobile', 'constellation', 'realname', 'zodiac', 'affectivestatus'); foreach ($profile_field_arr as $k => $v) { $profile[$v] = ${$v}; } $lastactivity = rand($regdate, $regdate + 3600 * 24 * 2); if ($regipsql) { DB::query($regipsql); } $credits = 0; if (!empty($_G['setting']['creditsformula'])) { eval("\$credits = round(" . $_G['setting']['creditsformula'] . ");"); } $userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => $regdate, 'credits' => $credits, 'timeoffset' => 9999); $status_data = array('uid' => $uid, 'regip' => $regip, 'lastip' => $lastip, 'lastvisit' => $lastvisit, 'lastactivity' => $lastactivity, 'lastpost' => $lastpost, 'lastsendmail' => 0); $profile['uid'] = $uid; $field_forum['uid'] = $uid; $field_forum['sightml'] = $sightmlm; $field_home['uid'] = $uid; DB::insert('common_member', paddslashes($userdata)); DB::insert('common_member_status', paddslashes($status_data)); DB::insert('common_member_profile', paddslashes($profile)); DB::insert('common_member_field_forum', paddslashes($field_forum)); DB::insert('common_member_field_home', paddslashes($field_home)); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => $lastactivity); DB::insert('common_member_verify_info', $setverify); DB::insert('common_member_verify', array('uid' => $uid)); } $count_data = array('uid' => $uid, 'oltime' => $oltime ? $oltime : 0, 'extcredits1' => $extcredits1 ? $extcredits1 : $init_arr[1], 'extcredits2' => $extcredits2 ? $extcredits2 : $init_arr[2], 'extcredits3' => $extcredits3 ? $extcredits3 : $init_arr[3], 'extcredits4' => $extcredits4 ? $extcredits4 : $init_arr[4], 'extcredits5' => $extcredits5 ? $extcredits5 : $init_arr[5], 'extcredits6' => $extcredits6 ? $extcredits6 : $init_arr[6], 'extcredits7' => $extcredits7 ? $extcredits7 : $init_arr[7], 'extcredits8' => $extcredits8 ? $extcredits8 : $init_arr[8]); DB::insert('common_member_count', paddslashes($count_data)); DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true); manyoulog('user', $uid, 'add'); $totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member')); $userstats = array('totalmembers' => $totalmembers, 'newsetuser' => $username); checkusergroup($uid); //更新用户所在的用户组 save_syscache('userstats', $userstats); $re_arr['uid'] = $uid; return $re_arr; }
function checkpost($subject, $message, $special = 0) { global $_G; if (dstrlen($subject) > 80) { return 'post_subject_toolong'; } if (!$_G['group']['disablepostctrl'] && !$special) { if ($_G['setting']['maxpostsize'] && strlen($message) > $_G['setting']['maxpostsize']) { return 'post_message_toolong'; } elseif ($_G['setting']['minpostsize'] && strlen(preg_replace("/\\[quote\\].+?\\[\\/quote\\]/is", '', $message)) < $_G['setting']['minpostsize']) { return 'post_message_tooshort'; } } return FALSE; }
function search() { global $_G; $and = ''; $url = URL . 'a=search'; $rs = array(); if ($_GET['kw']) { $string = stripsearchkey(trim($_GET['kw'])); if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) { msg('非法搜索关键字'); } $string = safe_output($string); if (dstrlen($string) < 2) { msg('要搜索的关键字长度不能小于2'); } $_GET[kw] = $string; $and .= " AND title like '%{$string}%' "; $url .= "&kw=" . urlencode_utf8($string); $and .= " AND `check`=1 AND `hide`=0 "; $and .= " AND ( end_time = 0 or end_time > " . TIMESTAMP . ")"; $sql = make_sql(); $size = 60; $rs = D(array('and' => $and . $sql['and'], 'order' => $sql[order]), array('url' => $url . $sql[url], 'size' => $size)); //dump($and .$sql['and'],1); } else { if ($_GET['price1'] && $_GET['price2']) { $sql = make_sql(); $size = 60; $rs = D(array('and' => $and . $sql['and'], 'all' => true, 'order' => $sql[order], 'key' => 'search'), array('url' => $url . $sql[url], 'size' => $size)); } } seo($string . ' - 商品搜索'); $this->add($rs); $this->show(); }
function checkpost($subject, $message, $special = 0) { global $_G; if (dstrlen($subject) > 255) { return 'post_subject_toolong'; } if (!$_G['group']['disablepostctrl'] && !$special) { if ($_G['setting']['maxpostsize'] && strlen($message) > $_G['setting']['maxpostsize']) { return 'post_message_toolong'; } elseif ($_G['setting']['minpostsize']) { $minpostsize = !IN_MOBILE || !$_G['setting']['minpostsize_mobile'] ? $_G['setting']['minpostsize'] : $_G['setting']['minpostsize_mobile']; if (strlen(preg_replace("/\\[quote\\].+?\\[\\/quote\\]/is", '', $message)) < $minpostsize || strlen(preg_replace("/\\[postbg\\].+?\\[\\/postbg\\]/is", '', $message)) < $minpostsize) { return 'post_message_tooshort'; } } } return FALSE; }
function stringtopic($value, $key = '', $force = false, $rlength = 0) { if ($key === '') { $key = $value; } $basedir = !getglobal('setting/attachdir') ? './data/attachment' : getglobal('setting/attachdir'); $url = !getglobal('setting/attachurl') ? './data/attachment/' : getglobal('setting/attachurl'); $subdir1 = substr(md5($key), 0, 2); $subdir2 = substr(md5($key), 2, 2); $target = 'temp/' . $subdir1 . '/' . $subdir2 . '/'; $targetname = substr(md5($key), 8, 16) . '.png'; discuz_upload::check_dir_exists('temp', $subdir1, $subdir2); if (!$force && file_exists($basedir . '/' . $target . $targetname)) { return $url . $target . $targetname; } $value = str_replace("\n", '', $value); $fontfile = $fontname = ''; $ttfenabled = false; $size = 10; $w = 130; $rowh = 25; $value = explode("\r", $value); if ($rlength) { $temp = array(); foreach ($value as $str) { $strlen = dstrlen($str); if ($strlen > $rlength) { for ($i = 0; $i < $strlen; $i++) { $sub = cutstr($str, $rlength, ''); $temp[] = $sub; $str = substr($str, strlen($sub)); $strlen = $strlen - $rlength; } } else { $temp[] = $str; } } $value = $temp; unset($temp); } if (function_exists('imagettftext')) { $fontroot = DISCUZ_ROOT . './static/image/seccode/font/ch/'; $dirs = opendir($fontroot); while ($entry = readdir($dirs)) { if ($entry != '.' && $entry != '..' && in_array(strtolower(fileext($entry)), array('ttf', 'ttc'))) { $fontname = $entry; break; } } if (!empty($fontname)) { $fontfile = DISCUZ_ROOT . './static/image/seccode/font/ch/' . $fontname; } if ($fontfile) { if (strtoupper(CHARSET) != 'UTF-8') { include DISCUZ_ROOT . './source/class/class_chinese.php'; $cvt = new Chinese(CHARSET, 'utf8'); $value = $cvt->Convert(implode("\r", $value)); $value = explode("\r", $value); } $ttfenabled = true; } } foreach ($value as $str) { if ($ttfenabled) { $box = imagettfbbox($size, 0, $fontfile, $str); $height = max($box[1], $box[3]) - min($box[5], $box[7]); $len = max($box[2], $box[4]) - min($box[0], $box[6]); $rowh = max(array($height, $rowh)); } else { $len = strlen($str) * 12; } $w = max(array($len, $w)); } $h = $rowh * count($value) + count($value) * 2; $im = @imagecreate($w, $h); $background_color = imagecolorallocate($im, 255, 255, 255); $text_color = imagecolorallocate($im, 60, 60, 60); $h = $ttfenabled ? $rowh : 4; foreach ($value as $str) { if ($ttfenabled) { imagettftext($im, $size, 0, 0, $h, $text_color, $fontfile, $str); $h += 2; } else { imagestring($im, $size, 0, $h, $str, $text_color); } $h += $rowh; } imagepng($im, $basedir . '/' . $target . $targetname); imagedestroy($im); return $url . $target . $targetname; }
function register() { /*{{{*/ require_once dirname(dirname(dirname(__FILE__))) . '/bigappjson.class.php'; require_once libfile('function/misc'); require_once libfile('function/member'); require_once libfile('class/member'); $userName = isset($_REQUEST["username"]) ? $_REQUEST["username"] : ""; $password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : ""; $email = isset($_REQUEST["email"]) ? strtolower($_REQUEST["email"]) : ""; global $_G; if (function_exists('iconv')) { $userName = iconv('UTF-8', CHARSET . '//ignore', $userName); } else { $userName = mb_convert_encoding($userName, CHARSET, 'UTF-8'); } if (empty($userName) || empty($password) || empty($email)) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'empty_params'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'empty_params')))); die(0); } $userNamelen = dstrlen($userName); if ($userNamelen < 3) { echo BIGAPPJSON::encode(array('error_code' => 3, 'error_msg' => lang('plugin/bigapp', 'username_short'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_short')))); die(0); } if ($userNamelen > 15) { echo BIGAPPJSON::encode(array('error_code' => 4, 'error_msg' => lang('plugin/bigapp', 'username_long'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_long')))); die(0); } $ctlObj = new register_ctl(); $ctlObj->setting = $_G['setting']; if (isset($ctlObj->setting['pwlength']) && $ctlObj->setting['pwlength']) { if (strlen($password) < $ctlObj->setting['pwlength']) { echo BIGAPPJSON::encode(array('error_code' => 5, 'error_msg' => lang('plugin/bigapp', 'password_length') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_not_equal') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]'))); die(0); } } if (isset($ctlObj->setting['strongpw']) && $ctlObj->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $ctlObj->setting['strongpw']) && !preg_match("/\\d+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_number'); } if (in_array(2, $ctlObj->setting['strongpw']) && !preg_match("/[a-z]+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_lowercase_char'); } if (in_array(3, $ctlObj->setting['strongpw']) && !preg_match("/[A-Z]+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_uppercase_char'); } if (in_array(4, $ctlObj->setting['strongpw']) && !preg_match("/[^a-zA-Z0-9]+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_charset'); } if ($strongpw_str) { echo BIGAPPJSON::encode(array('error_code' => 6, 'error_msg' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]'))); die(0); } } /* if(!isset($_G['setting']['mobile']['mobileregister']) || !$_G['setting']['mobile']['mobileregister']){ echo BIGAPPJSON::encode(array('error_code' => 7, 'error_msg' => lang('plugin/bigapp', 'forbid_mobreg'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_mobreg')))); die(0); } */ loaducenter(); if (!$ctlObj->setting['regclosed'] && (!$ctlObj->setting['regstatus'] || !$ctlObj->setting['ucactivation'])) { if (!$ctlObj->setting['regstatus']) { echo BIGAPPJSON::encode(array('error_code' => 8, 'error_msg' => lang('plugin/bigapp', 'forbid_registration'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_registration')))); die(0); } } if ($ctlObj->setting['regverify']) { if ($ctlObj->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($ctlObj->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $ctlObj->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctlObj->setting['regverify'] = 0; break; } } } } if ($ctlObj->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $ctlObj->setting['newusergroupid']; } if (!$password || $password != addslashes($password)) { echo BIGAPPJSON::encode(array('error_code' => 9, 'error_msg' => lang('plugin/bigapp', 'password_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid_char')))); die(0); } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($ctlObj->setting['censoruser'] = trim($ctlObj->setting['censoruser']), '/')) . ')$/i'; if ($ctlObj->setting['censoruser'] && @preg_match($censorexp, $userName)) { echo BIGAPPJSON::encode(array('error_code' => 10, 'error_msg' => lang('plugin/bigapp', 'forbid_username'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_username')))); die(0); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $ctlObj->setting['regctrl'] = $ctlObj->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($ctlObj->setting['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $ctlObj->setting['regctrl'] * 3600)) { echo BIGAPPJSON::encode(array('error_code' => 11, 'error_msg' => lang('plugin/bigapp', 'forbid_ip'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip')))); die(0); } } $setregip = null; if ($ctlObj->setting['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $ctlObj->setting['regfloodctrl']) { echo BIGAPPJSON::encode(array('error_code' => 12, 'error_msg' => lang('plugin/bigapp', 'forbid_ip_today'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip_today')))); die(0); } else { $setregip = 1; } } else { $setregip = 2; } } $uid = uc_user_register($userName, $password, $email, '', '', $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char')))); } elseif ($uid == -2) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char')))); } elseif ($uid == -3) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_used')))); } elseif ($uid == -4) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email')))); } elseif ($uid == -5) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email')))); } elseif ($uid == -6) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'email_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email_used')))); } die(0); } $_G['username'] = $userName; $password = md5(random(10)); if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } $profile = $verifyarr = array(); $emailstatus = 0; $init_arr = array('credits' => explode(',', $ctlObj->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus); C::t('common_member')->insert($uid, $userName, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($ctlObj->setting['regctrl'] || $ctlObj->setting['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($ctlObj->setting['regctrl'] > 72 ? $ctlObj->setting['regctrl'] : 72) * 3600); if ($ctlObj->setting['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } if ($ctlObj->setting['regverify'] == 1) { $idstring = random(6); $authstr = $ctlObj->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('common_member_field_forum')->update($uid, array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$uid}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $username, 'bbname' => $ctlObj->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); $_GET['regmessage'] = 'from bigapp client'; $regmessage = dhtmlspecialchars($_GET['regmessage']); if ($ctlObj->setting['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); checkfollowfeed(); C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); //////////////////////////////////////////////// // 注册成功,绑定第三方openid $plat = $_GET["platform"]; if ($plat == "qq") { include_once CUR_PATH . "/../qqconnect/bind.php"; } else { if ($plat == "wechat") { include_once CUR_PATH . "/../wechatconnect/bind.php"; } } //////////////////////////////////////////////// echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'regist_succ'), 'Message' => array('messageval' => 'register_succeed', 'messagestr' => lang('plugin/bigapp', 'regist_succ')), 'Variables' => array('auth' => 'in order to be comapatible'))); die(0); }
/** * * 更新或添加参赛记录 * @param ccvid int CC视频ID * @param gid int 活动ID * @param schedule int 参赛排期 */ public function upload_ok() { $ccvid = $this->input->get_post('ccvid', true); $gid = intval($this->input->get_post('gid', true)); $schedule = intval($this->input->get_post('schedule', true)); if (dstrlen($ccvid) == 32 && $gid > 0) { $sid = intval($sid); $period = intval($period); $this->load->model('works_index_model', 'index_mod'); $where = array('vid' => $ccvid, 'userid' => $this->uid); #参数视更新视频id 到关联表 $video = $this->video_m->get_video($where); if ($video) { $add_index = array(); $add_index['uid'] = $this->uid; $add_index['wid'] = $video['id']; $add_index['wtype'] = 1; $add_index['gid'] = $gid; $add_index['status'] = 1; $add_index['create_time'] = time(); $w_index = array('gid' => $gid, 'uid' => $this->uid, 'schedule' => $schedule); $is_work_index = $this->index_mod->get_index($w_index); if (empty($is_work_index)) { $ret_id = $this->index_mod->add_index($add_index); $this->load->model('activity_model', 'activity_m'); $name = $this->activity_m->get_one_by_where(array('id' => $gid), 'name'); if ($ret_id && method_exists($this, "init_" . $name)) { $this->{"init_" . $name}($gid, $ret_id, $schedule); } } $updata['type'] = 1; $updata['info'] = 1; $updata['status'] = 1; $updata['update'] = date("Y-m-d H:i:s"); $ret_up = $this->video_mod->up_video($updata, $where); if ($ret_up) { $this->echo_api(1, $is_work_index); } else { $this->echo_api(-3, "更新失败."); } } else { $this->echo_api(-5, "视频信息不存在."); } } else { if ($gid > 0) { $this->echo_api(-2, "CC视频ID不存在."); } else { $this->echo_api(-4, "活动ID不存在."); } } }
function goods() { global $_G; $sql = make_sql(); $url = 'm=ajax&a=goods'; $size = $_G[setting][cate_page] ? $_G[setting][cate_page] : 120; if ($_GET['field']) { $sql['field'] = trim($_GET['field']); } $and = ''; if ($_GET['kw']) { $string = stripsearchkey(trim($_GET['kw'])); if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) { msg('非法搜索关键字'); } $string = safe_output($string); if (dstrlen($string) < 2) { msg('要搜索的关键字长度不能小于2'); } $_GET[kw] = $string; $and .= " AND title like '%{$string}%' "; $url .= "&kw=" . urlencode_utf8($string); } if ($_GET[tag]) { $tag = trim_html($tag, 1); $tag = daddslashes($_GET[tag]); $and .= "AND FIND_IN_SET('" . $tag . "', keywords) "; $url .= "&tag=" . urlencode_utf8($tag); $sql['and'] .= $and; $sql['url'] .= $url; } $rs = D(array('and' => $and . $sql['and'], 'all' => false, 'order' => $sql[order]), array('url' => $url . $sql[url], 'size' => $size)); $goods = array(); foreach ($rs['goods'] as $k => $v) { $tmp = array(); $tmp['picurl'] = $v['picurl']; $tmp['url'] = $v['url']; $tmp['id_url'] = $v['id_url']; $tmp['num_iid'] = $v['num_iid']; $tmp['aid'] = $v['aid']; $tmp['yh_price'] = $v['yh_price']; $tmp['sum'] = $v['sum']; $tmp['like'] = $v['like']; $tmp['title'] = $v['title']; $tmp['username'] = $v['username']; $goods[] = $tmp; } json(array('data' => $goods, 'status' => 'success')); }
$skype = replaceparting(dhtmlspecialchars(trim($_G['sr_skype']))); $tel = replaceparting(dhtmlspecialchars(trim($_G['sr_tel']))); } else { $qq = dhtmlspecialchars(trim($_G['sr_qq'])); $tel = dhtmlspecialchars(trim($_G['sr_tel'])); } $address = dhtmlspecialchars(trim($_G['sr_address'])); $mappos = dhtmlspecialchars(trim($_G['sr_mappos'])); $weburl = 'http://' . str_replace('http://', '', dhtmlspecialchars(trim($_G['sr_weburl']))); if (dstrlen($propaganda) > 1000) { showmessage(srlang('post_propaganda_toolong')); } if (dstrlen($introduction) > 4000) { showmessage(srlang('post_introduction_toolong')); } if (dstrlen($contact) > 1000) { showmessage(srlang('post_contact_toolong')); } if ($cateid < 1) { showmessage(srlang('nocateid')); } if (empty($name)) { showmessage(srlang('noname')); } $caid = intval($_G['sr_caid']); if ($caid < 1 && $bid < 1) { showmessage(srlang('inputposter')); } $attachment = C::t('#sanree_brand#sanree_brand_attachment')->fetch_firstbyaid($caid); if (!$attachment) { showmessage(srlang('inputposter'));
function sub_str($str, $start, $end) { $str = preg_replace("/\\s+/", '', $str); $start = preg_replace("/\\s+/", '', $start); if ($end != -1) { $end = preg_replace("/\\s+/", '', $end); } $s = strpos($str, $start); $str1 = substr($str, $s + dstrlen($start)); $e = $end == -1 ? dstrlen($str1) : strpos($str1, $end); return substr($str1, 0, $e); }
private function api_get($add_page) { global $_G; $url = URL . 'm=list'; if ($_G['fid'] > 0) { $url .= "&fid=" . $_G['fid']; } $channel = $_G['channel']; $cid = 0; $arr = array(); if ($_GET['cid']) { $cid = intval($_GET['cid']); $cates = (include libfile('config/taobao_cate')); $cate = array(); foreach ($cates as $k => $v) { if ($v['cid'] == $cid) { $cate = $v; break; } elseif ($v['sub']) { foreach ($v['sub'] as $k1 => $v2) { if ($v2['cid'] == $cid) { $cate = $v2; break; } } } } if (!$cate['cid']) { msg('分类ID不存在'); } $title = $cate['name']; } elseif ($channel) { $cid = intval($channel['classname']); $title = $channel[name]; } if ($cid > 0) { $arr['cid'] = $cid; } if ($_GET['kw']) { $string = stripsearchkey(trim($_GET['kw'])); if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) { msg('非法搜索关键字'); } $string = safe_output($string); if (dstrlen($string) < 2) { msg('要搜索的关键字长度不能小于2'); } $_GET[kw] = $string; $arr['keyword'] = $string; $url .= "&kw=" . $string; $title .= " " . $string; unset($arr['cid']); } if ($_GET['sort']) { $order_in = array('price_asc', 'sales_desc', 'credit_desc'); if (in_array($_GET['sort'], $order_in)) { $arr['sort'] = $_GET['sort']; $url .= "&sort = " . $_GET['sort']; unset($_GET['sort']); } } if (!$_GET[kw]) { unset($_GET['kw']); } if (!$arr[keyword] && !$arr['cid']) { $arr[keyword] = '特价'; } $arr['start_price'] = 1; $arr['end_price'] = 99999; if ($_GET['price1']) { $_GET['price1'] = $arr['start_price'] = floatval($_GET['price1']); $url .= "&price1=" . $arr['start_price']; } if ($_GET['price2']) { $_GET['price2'] = $arr['end_price'] = floatval($_GET['price2']); $url .= "&price2=" . $arr['end_price']; } if ($_GET['sort']) { $sort_arr = array("price_desc", "price_asc", "credit_desc", "credit_asc", "commission_num_desc", "commission_rate_asc"); if (in_array($_GET['sort'], $sort_arr)) { $arr['sort'] = $_GET['sort']; $url .= "&sort=" . $arr['sort']; } } //分页大小,优站 40 淘客 40 - 100 $size = $channel['page'] > 0 ? intval($channel['page']) : $_G['setting'][cate_page]; if ($size > 100) { $size = 100; } $arr[page_no] = $add_page ? $_G[page] + $add_page : $_G[page]; $arr[page_size] = $size; $key = md5(http_build_query($arr)); $size = 40; $rs = memory('get', $key); //接口类型 1 = 优站 2= 淘客 if (!$rs) { if ($goods) { $rs = array('showpage' => $showpage, 'count' => $count, 'goods' => $goods); memory('set', $key, $rs, 3600); } } return $rs; }
function checkProposalField($param) { if (empty($param['contact'])) { $reault = array(-1, '联系方式不能为空'); return $reault; } $param['contact'] = trim($param['contact']); if (!is_numeric($param['contact']) || strlen($param['contact']) > 15) { $reault = array(-2, '联系方式必须是整形且长度不超过15个数字'); return $reault; } if (empty($param['funtions']) || dstrlen($param['funtions']) > 30) { $reault = array(-3, '请输入功能点且长度不大于15个中文字符'); return $reault; } if (empty($param['backgrounds']) || dstrlen($param['backgrounds']) > 2000) { $reault = array(-4, '请输入需求背景且长度不大于1000'); return $reault; } if (empty($param['description']) || dstrlen($param['description']) > 2000) { $reault = array(-5, '请输入功能描述且长度不大于1000'); return $reault; } $reault = array(1, '成功'); return $reault; }
function on_register() { global $_G; $_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']]; $_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']]; $_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']]; $_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']]; if ($_G['uid']) { $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $url_forward = dreferer(); if (strpos($url_forward, $this->setting['regname']) !== false) { $url_forward = 'forum.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin)); } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) { if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; if ($this->setting['regverify']) { if ($this->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $this->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $this->setting['regverify'] = 0; break; } } } } $invitestatus = false; if ($this->setting['regstatus'] == 2) { if ($this->setting['inviteconfig']['inviteareawhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $invitestatus = true; } } } if ($this->setting['inviteconfig']['inviteipwhite']) { foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $invitestatus = true; break; } } } } $groupinfo = array(); if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = $this->setting['secqaa']['status'] & 1; $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0; $username = isset($_G['gp_username']) ? $_G['gp_username'] : ''; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_G['gp_auth']; if (!$invitestatus) { $invite = getinvite(); } if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) { if ($_G['gp_action'] == 'activation') { $auth = explode("\t", authcode($auth, 'DECODE')); if (FORMHASH != $auth[1]) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $username = $auth[0]; $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE'); } if ($fromuid) { $query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'"); if (DB::num_rows($query)) { $fromuser = dhtmlspecialchars(DB::result($query, 0)); } else { dsetcookie('promotion'); } } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); if ($_G['gp_action'] == 'activation') { $auth = dhtmlspecialchars($auth); } if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) { require_once libfile('member/' . $this->extrafile, 'module'); } $dreferer = dreferer(); include template($this->template); } else { if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } $activation = array(); if (isset($_G['gp_activationauth'])) { $activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE')); if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } } if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong'); } $username = addslashes(trim(dstripslashes($username))); if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) { if ($_G['inajax']) { showmessage('profile_username_duplicate'); } else { showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username))); } } $email = trim($_G['gp_email']); if (empty($this->setting['ignorepassword'])) { if ($_G['gp_password'] !== $_G['gp_password2']) { showmessage('profile_passwd_notmatch'); } if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) { showmessage('profile_passwd_illegal'); } $password = $_G['gp_password']; } else { $password = md5(random(10)); } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i'; if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) { showmessage('profile_required_info_invalid'); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $this->setting['regctrl'] = $this->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($this->setting['regctrl']) { $query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1"); if (DB::num_rows($query)) { showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl'])); } } $regipsql = ''; if ($this->setting['regfloodctrl']) { if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) { if ($regattempts >= $this->setting['regfloodctrl']) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl'])); } else { $regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'"; } } else { $regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')"; } } $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { if (defined('IN_MOBILE')) { break; } $field_key = $field['fieldid']; $field_val = $_G['gp_' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } if (!$activation) { $uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } } else { list($uid, $username, $email) = $activation; } $_G['username'] = $username; if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) { if (!$activation) { uc_user_delete($uid); } showmessage('profile_uid_duplicate', '', array('uid' => $uid)); } $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { require_once libfile('class/upload'); $upload = new discuz_upload(); foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attach['attachment']; } else { $profile[$key] = $attach['attachment']; } } } } } if ($regipsql) { DB::query($regipsql); } if ($invite && $this->setting['inviteconfig']['invitegroupid']) { $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid']; } $init_arr = explode(',', $this->setting['initcredits']); $userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999); $status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0); $profile['uid'] = $uid; $field_forum['uid'] = $uid; $field_home['uid'] = $uid; if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) { require_once libfile('member/' . $this->extrafile, 'module'); } DB::insert('common_member', $userdata); DB::insert('common_member_status', $status_data); DB::insert('common_member_profile', $profile); DB::insert('common_member_field_forum', $field_forum); DB::insert('common_member_field_home', $field_home); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP); DB::insert('common_member_verify_info', $setverify); DB::insert('common_member_verify', array('uid' => $uid)); } $count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]); DB::insert('common_member_count', $count_data); DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true); manyoulog('user', $uid, 'add'); $totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member')); $userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username)); save_syscache('userstats', $userstats); if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) { DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED'); if ($this->setting['regctrl']) { DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')"); } } $regmessage = dhtmlspecialchars($_G['gp_regmessage']); if ($this->setting['regverify'] == 2) { DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')"); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); if ($invite['id']) { $result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'"); if (!$result) { DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id'])); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { if ($this->setting['inviteconfig']['inviteaddcredit']) { updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit'])); } if ($this->setting['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle)); $welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt)); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array(), 1); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array(), 1); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', ''); } dsetcookie('loginuser', ''); dsetcookie('activationauth', ''); dsetcookie('invite_auth', ''); loadcache('setting', true); $_G['setting']['lastmember'] = stripslashes($username); $settingnew = $_G['setting']; $settingnew['pluginhooks'] = array(); save_syscache('setting', $settingnew); switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'"); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message); $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $url_forward = dreferer(); break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; $url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; $url_forward = dreferer(); break; } $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'forum.php'; } $href = str_replace("'", "\\'", $url_forward); $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false); showmessage($message, $url_forward, $param, $extra); } }
function cutstr($string, $length, $dot = ' ...') { /*vot*/ if(dstrlen($string) <= $length) { return $string; } //vot return mb_substr($string,0,$length); $pre = chr(1); $end = chr(1); $string = str_replace(array('&', '"', '<', '>'), array($pre.'&'.$end, $pre.'"'.$end, $pre.'<'.$end, $pre.'>'.$end), $string); $strcut = ''; if(strtolower(CHARSET) == 'utf-8') { $n = $tn = $noc = 0; while($n < strlen($string)) { $t = ord($string[$n]); if($t == 9 || $t == 10 || (32 <= $t && $t <= 126)) { $tn = 1; $n++; $noc++; } elseif(194 <= $t && $t <= 223) { $tn = 2; $n += 2; $noc += 2; } elseif(224 <= $t && $t <= 239) { $tn = 3; $n += 3; $noc += 2; } elseif(240 <= $t && $t <= 247) { $tn = 4; $n += 4; $noc += 2; } elseif(248 <= $t && $t <= 251) { $tn = 5; $n += 5; $noc += 2; } elseif($t == 252 || $t == 253) { $tn = 6; $n += 6; $noc += 2; } else { $n++; } if($noc >= $length) { break; } } if($noc > $length) { $n -= $tn; } $strcut = substr($string, 0, $n); } else { $_length = $length - 1; for($i = 0; $i < $length; $i++) { if(ord($string[$i]) <= 127) { $strcut .= $string[$i]; } else if($i < $_length) { $strcut .= $string[$i].$string[++$i]; } } } $strcut = str_replace(array($pre.'&'.$end, $pre.'"'.$end, $pre.'<'.$end, $pre.'>'.$end), array('&', '"', '<', '>'), $strcut); $pos = strrpos($strcut, chr(1)); if($pos !== false) { $strcut = substr($strcut,0,$pos); } return $strcut.$dot; }
function on_register() { global $_G; $_GET['username'] = $_GET['' . $this->setting['reginput']['username']]; $_GET['password'] = $_GET['' . $this->setting['reginput']['password']]; $_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']]; $_GET['email'] = $_GET['' . $this->setting['reginput']['email']]; if ($_G['uid']) { $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $url_forward = dreferer(); if (strpos($url_forward, $this->setting['regname']) !== false) { $url_forward = 'forum.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin)); } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) { if ($_GET['action'] == 'activation' || $_GET['activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { if ($this->setting['regconnect']) { dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple'); } showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; if ($this->setting['regverify']) { if ($this->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $this->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $this->setting['regverify'] = 0; break; } } } } $invitestatus = false; if ($this->setting['regstatus'] == 2) { if ($this->setting['inviteconfig']['inviteareawhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $invitestatus = true; } } } if ($this->setting['inviteconfig']['inviteipwhite']) { foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $invitestatus = true; break; } } } } $groupinfo = array(); if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = $this->setting['secqaa']['status'] & 1; $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0; $username = isset($_GET['username']) ? $_GET['username'] : ''; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_GET['auth']; if (!$invitestatus) { $invite = getinvite(); } $sendurl = $this->setting['sendregisterurl'] ? true : false; if ($sendurl) { if (!empty($_GET['hash'])) { $_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']); $hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey'])); if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) { $sendurl = false; } } } if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) { if ($_GET['action'] == 'activation') { $auth = explode("\t", authcode($auth, 'DECODE')); if (FORMHASH != $auth[1]) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $username = $auth[0]; $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE'); $sendurl = false; } if (!$sendurl) { if ($fromuid) { $member = getuserbyuid($fromuid); if (!empty($member)) { $fromuser = dhtmlspecialchars($member['username']); } else { dsetcookie('promotion'); } } if ($_GET['action'] == 'activation') { $auth = dhtmlspecialchars($auth); } if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); $dreferer = dreferer(); include template($this->template); } else { $activationauth = array(); if (isset($_GET['activationauth']) && $_GET['activationauth']) { $activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE')); if ($activationauth[1] != FORMHASH) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $sendurl = false; } if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) { checkemail($_GET['email']); } if ($sendurl) { $hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey'])); $registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}"; $email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl)); if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) { runlog('sendmail', "{$_GET['email']} sendmail failed."); } showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10)); } $emailstatus = 0; if ($this->setting['sendregisterurl'] && !$sendurl) { $_GET['email'] = strtolower($hash[0]); $this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify']; if (!$this->setting['regverify']) { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $emailstatus = 1; } if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } $activation = array(); if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) { if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } } if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong'); } if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) { if ($_G['inajax']) { showmessage('profile_username_duplicate'); } else { showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username)); } } if ($this->setting['pwlength']) { if (strlen($_GET['password']) < $this->setting['pwlength']) { showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength'])); } } if ($this->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_1'); } if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_2'); } if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_3'); } if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str)); } } $email = strtolower(trim($_GET['email'])); if (empty($email) && $_G['setting']['forgeemail']) { $_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST']; } if (empty($this->setting['ignorepassword'])) { if ($_GET['password'] !== $_GET['password2']) { showmessage('profile_passwd_notmatch'); } if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) { showmessage('profile_passwd_illegal'); } $password = $_GET['password']; } else { $password = md5(random(10)); } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i'; if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) { showmessage('profile_required_info_invalid'); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $this->setting['regctrl'] = $this->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($this->setting['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) { showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl'])); } } $setregip = null; if ($this->setting['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $this->setting['regfloodctrl']) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl'])); } else { $setregip = 1; } } else { $setregip = 2; } } $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { if (defined('IN_MOBILE')) { break; } $field_key = $field['fieldid']; $field_val = $_GET['' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } if (!$activation) { $uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } } else { list($uid, $username, $email) = $activation; } $_G['username'] = $username; if (getuserbyuid($uid, 1)) { if (!$activation) { uc_user_delete($uid); } showmessage('profile_uid_duplicate', '', array('uid' => $uid)); } $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { $upload = new discuz_upload(); foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attach['attachment']; } else { $profile[$key] = $attach['attachment']; } } } } } if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } if ($invite && $this->setting['inviteconfig']['invitegroupid']) { $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid']; } $init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($emailstatus) { updatecreditbyaction('realemail', $uid); } if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP); C::t('common_member_verify_info')->insert($setverify); C::t('common_member_verify')->insert(array('uid' => $uid)); } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600); if ($this->setting['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } $regmessage = dhtmlspecialchars($_GET['regmessage']); if ($this->setting['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); if ($invite['id']) { $result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid); if (!$result) { C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2)); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { if ($this->setting['inviteconfig']['inviteaddcredit']) { updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit'])); } if ($this->setting['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = replacesitevar($welcomemsgtitle); $welcomemsgtxt = replacesitevar($welcomemsgtxt); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', ''); } dsetcookie('loginuser', ''); dsetcookie('activationauth', ''); dsetcookie('invite_auth', ''); $url_forward = dreferer(); $refreshtime = 3000; switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $refreshtime = 10000; break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; break; } $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'forum.php'; } $href = str_replace("'", "\\'", $url_forward); $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false); showmessage($message, $url_forward, $param, $extra); } }
DB::insert('common_domain', array('domain' => $domain, 'domainroot' => addslashes($_G['setting']['domain']['root']['group']), 'id' => $_G['fid'], 'idtype' => 'group')); } } $forumarr['domain'] = $domain; updatecreditbyaction('modifydomain'); } if ($_G['gp_name'] && !empty($specialswitch['allowchangename']) || $_G['gp_fup'] && !empty($specialswitch['allowchangetype'])) { if ($_G['uid'] != $_G['forum']['founderuid'] && $_G['adminid'] != 1) { showmessage('group_edit_only_founder'); } if (isset($_G['gp_name'])) { //vot $_G['gp_name'] = censor(addslashes(dhtmlspecialchars(cutstr(stripslashes(trim($_G['gp_name'])), 20, '')))); /*vot*/ $name = stripslashes(trim($_G['gp_name'])); /*vot*/ if (dstrlen($name) < 2 || dstrlen($name) > 80) { // Name length in Characters showmessage('group_name_oversize'); } /*vot*/ $name = addslashes(dhtmlspecialchars($name)); /*vot*/ if (strlen($name) > 255) { // Name length in Bytes showmessage('group_name_oversize'); } /*vot*/ if (empty($name)) { showmessage('group_name_empty'); } /*vot*/
include template('common/header_ajax'); include template('forum/ajax_secondgroup'); include template('common/footer_ajax'); dexit(); } elseif ($_G['gp_action'] == 'displaysearch_adv') { $display = $_G['gp_display'] == 1 ? 1 : ''; dsetcookie('displaysearch_adv', $display); } elseif ($_G['gp_action'] == 'checkgroupname') { $groupname = stripslashes(trim($_G['gp_groupname'])); if (empty($groupname)) { showmessage('group_name_empty', '', array(), array('msgtype' => 3)); } //vot $tmpname = cutstr($groupname, 20, ''); //vot if($tmpname != $groupname) { /*vot*/ if (dstrlen($groupname) < 2 || dstrlen($groupname) > 80) { showmessage('group_name_oversize', '', array(), array('msgtype' => 3)); } if (DB::result_first("SELECT fid FROM " . DB::table('forum_forum') . " WHERE name='" . addslashes($groupname) . "'")) { showmessage('group_name_exist', '', array(), array('msgtype' => 3)); } showmessage('', '', array(), array('msgtype' => 3)); include template('common/header_ajax'); include template('common/footer_ajax'); dexit(); } elseif ($_G['gp_action'] == 'getthreadtypes') { include template('common/header_ajax'); if (empty($_G['gp_selectname'])) { $_G['gp_selectname'] = 'threadtypeid'; } echo '<select name="' . $_G['gp_selectname'] . '">';
function pay_setting() { global $_G; if ($_GET[onsubmit] && check()) { $url = URL . "m=home&a=pay_setting"; $qq = implode(',', $_G['setting']['qq']); $arr = array(); if (isset($_GET[postdb][order_number])) { if ($_G['member']['order_number']) { msg('您当前已绑定了订单号,无法修改,如有疑问请咨询在线客服qq ' . $qq); } $number = trim($_GET[postdb][order_number]); if (!is_numeric($number)) { msg('订单号码只能为4位或16位纯数字'); } $len = dstrlen($number); if ($len == 4) { $arr[order_number] = $number; } else { if ($len == 16) { $number = substr($number, -4); } else { msg('订单号码只能为4位或16位纯数字'); } } $arr[order_number] = $number; $count = getcount('member', "order_number='{$number}'"); if ($count > 0) { msg('订单号已被绑定,请更换新的淘宝账号'); } } if (isset($_GET[postdb][alipay])) { $alipay = trim($_GET[postdb][alipay]); if (!is_email($alipay) && !is_phone($alipay)) { msg('支付宝账号只能为邮箱或手机号码,请重新输入'); } if ($_G['member']['alipay']) { msg('您当前已绑定了支付宝,无法修改,如有疑问请咨询在线客服qq ' . $qq); } $member = DB::fetch_first("SELECT * FROM " . DB::table('member') . " WHERE alipay='{$alipay}'"); if ($member['uid'] > 0) { msg('当前支付宝已绑定了账号' . $member['username']); } $arr[alipay] = $alipay; } if (isset($_GET[postdb][alipay_name])) { $arr[alipay_name] = trim($_GET[postdb][alipay_name]); } if (count($arr) == 0) { msg('您提交的数据为空'); } $arr = daddslashes($arr); update_member($arr); msg("修改成功", 'success', $url); } $this->show(); }
cpmsg($upload->errormessage(), '', 'error'); } $_GET['data']['pic'] = (preg_match('/^http:/', $_G['setting']['attachurl']) ? '' : $_G['siteurl']) . $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment']; $_GET['data']['local'] = $upload->attach['attachment']; } else { $_GET['data']['pic'] = $_GET['pic']; } $data = array('name' => $_GET['name'], 'data' => $_GET['data']); C::t('#wechat#mobile_wechat_resource')->insert($data); cpmsg('setting_update_succeed', RSELF, 'succeed'); } elseif (submitcheck('editsubmit')) { $resource = C::t('#wechat#mobile_wechat_resource')->fetch($_GET['id']); if (!$resource) { cpmsg(lang('plugin/wechat', 'resource_msg_nofound'), '', 'error'); } if (dstrlen($_GET['data']['desc'], CHARSET) > 120) { cpmsg(lang('plugin/wechat', 'resource_msg_desc_toolong'), '', 'error'); } if ($_FILES['pic']['tmp_name']) { $upload = new discuz_upload(); if (!getimagesize($_FILES['pic']['tmp_name']) || !$upload->init($_FILES['pic'], 'common', random(3, 1), random(8)) || !$upload->save()) { cpmsg($upload->errormessage(), '', 'error'); } $_GET['data']['pic'] = (preg_match('/^http:/', $_G['setting']['attachurl']) ? '' : $_G['siteurl']) . $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment']; $_GET['data']['local'] = $upload->attach['attachment']; @unlink($_G['setting']['attachdir'] . 'common/' . $resource['data']['local']); } else { $_GET['data']['pic'] = $_GET['pic']; } $data = array('name' => $_GET['name'], 'data' => $_GET['data']); C::t('#wechat#mobile_wechat_resource')->update($_GET['id'], $data);
function on_register() { global $_G; $_GET['username'] = $_GET['username']; $_GET['nickname'] = $_GET['nickname']; $_GET['password'] = $_GET['password']; $_GET['password2'] = $_GET['password2']; $_GET['email'] = $_GET['email']; if ($_G['uid']) { $url_forward = dreferer(); if (strpos($url_forward, 'reg') !== false) { $url_forward = 'index.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array()); } elseif (!$this->setting['regclosed']) { if ($_GET['action'] == 'activation' || $_GET['activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; $username = isset($_GET['username']) ? $_GET['username'] : ''; $invitestatus = false; $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = 0; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_GET['auth']; if (!$invitestatus) { $invite = getinvite(); } if (!submitcheck('regsubmit', 0, $seccodecheck)) { if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); $dreferer = dreferer(); include template($this->template); } else { $emailstatus = 0; if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } //验证同意协议 if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } //验证用户姓名 $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } if ($usernamelen > 30) { showmessage('profile_username_toolong'); } //验证用户名 if ($nickname = trim($_GET['nickname'])) { $nicknamelen = dstrlen($nickname); if ($nicknamelen < 3) { showmessage('profile_nickname_tooshort'); } if ($nicknamelen > 30) { showmessage('profile_nickname_toolong'); } } else { $nickname = ''; } //验证邮箱 $email = strtolower(trim($_GET['email'])); checkemail($email); //验证密码长度 if ($this->setting['pwlength']) { if (strlen($_GET['password']) < $this->setting['pwlength']) { showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength'])); } } //验证密码强度 if ($this->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_1'); } if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_2'); } if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_3'); } if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('user/template', 'password_weak') . implode(',', $strongpw_str)); } } //验证两次密码一致性 if ($_GET['password'] !== $_GET['password2']) { showmessage('两次密码不匹配'); } if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) { showmessage('profile_passwd_illegal'); } $password = $_GET['password']; $ctrlip = $_G['clientip']; $setregip = null; $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { /*if(defined('IN_MOBILE')) { break; }*/ $field_key = $field['fieldid']; $field_val = $_GET['' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.parentNode.parentNode.className = \'form-group warning\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.parentNode.parentNode.className = \'form-group\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } $groupinfo = array(); $addorg = 0; if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; $addorg = 1; } $result = uc_user_register(addslashes($username), $password, $email, addslashes($nickname), $questionid, $answer, $_G['clientip'], $addorg); if (is_array($result)) { $uid = $result['uid']; $password = $result['password']; } else { $uid = $result; } if ($uid <= 0) { if ($uid == -1) { showmessage('profile_nickname_illegal'); } elseif ($uid == -2) { showmessage('profile_nickname_protect'); } elseif ($uid == -3) { showmessage('profile_nickname_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } elseif ($uid == -7) { showmessage('profile_username_illegal'); } else { showmessage('undefined_action'); } } $_G['username'] = $username; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { if ($attachment = uploadtolocal($file, 'profile', '')) { if (@getimagesize($_G['setting']['attachdir'] . $attachment)) { //判断是否为图片文件 @unlink($_G['setting']['attachdir'] . $attachment); continue; } if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attachment; } else { $profile[$key] = $attachment; } } } } } $init_arr = array('profile' => $profile, 'emailstatus' => $emailstatus); C::t('user')->insert($uid, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP); C::t('user_verify_info')->insert($setverify); C::t('user_verify')->insert(array('uid' => $uid)); } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = replacesitevar($welcomemsgtitle); $welcomemsgtxt = replacesitevar($welcomemsgtxt); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); } } dsetcookie('loginuser', ''); dsetcookie('invite_auth', ''); $url_forward = dreferer(); $refreshtime = 3000; switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('user')->update($_G['uid'], array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}user.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'sitename' => $this->setting['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $refreshtime = 10000; break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; break; } $param = daddslashes(array('sitename' => $this->setting['sitename'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid'])); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'index.php'; } $extra = array('showdialog' => true, 'locationtime' => false, 'extrajs' => ''); showmessage('', $url_forward, array(), array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $url_forward . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $url_forward . '\';' . '$(\'register_form\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $message, $param) . '\';</script>', 'striptags' => false, 'showdialog' => false)); //showmessage($message, $url_forward, $param, $extra); } }
if ($_GET['password'] && $_GET['password'] !== $_GET['password2']) { showmessage('profile_passwd_notmatch'); } $setarr = array(); if ($_GET['password']) { $password = preg_match('/^\\w{32}$/', $_GET['password']) ? $_GET['password'] : md5($_GET['password']); $setarr['password'] = md5($password . $member['salt']); } $email = strtolower(trim($_GET['email'])); if ($email && $email != $member['email']) { checkemail($_GET['email']); $setarr['email'] = $email; } //验证用户名 if ($nickname = trim($_GET['nickname'])) { $nicknamelen = dstrlen($nickname); if ($nicknamelen < 3) { showmessage('profile_nickname_tooshort'); } if ($nicknamelen > 30) { showmessage('profile_nickname_toolong'); } if (!check_username(addslashes(trim(stripslashes($nickname))))) { showmessage('profile_nickname_illegal'); } if ($nickname != $member['nickname'] && C::t('user')->fetch_by_nickname($nickname)) { showmessage('用户名已经被注册'); } $setarr['nickname'] = trim($_GET['nickname']); } else { $setarr['nickname'] = '';
$usernamelen = dstrlen($_GET['username']); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 30) { showmessage('profile_username_toolong'); } elseif (!check_username(addslashes(trim(stripslashes($username))))) { showmessage('profile_username_illegal'); } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i'; if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } //用户名验证 $nickname = trim($_GET['nickname']); if ($nickname) { $nicknamelen = dstrlen($_GET['nickname']); if ($nicknamelen < 3) { showmessage('profile_nickname_tooshort'); } elseif ($nicknamelen > 30) { showmessage('profile_nickname_toolong'); } elseif (!check_username(addslashes(trim(stripslashes($nickname))))) { showmessage('profile_nickname_illegal'); } //如果输入用户名,检查用户名不能重复 if ($nickname != $user['nickname']) { if (C::t('user')->fetch_by_nickname($nickname)) { showmessage('该用户名已经被注册,请更换用户名再试'); } if ($_G['setting']['censoruser'] && @preg_match($censorexp, $nickname)) { showmessage('profile_username_protect'); }
<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: forum_ajax.php 33772 2013-08-12 06:49:20Z nemohou $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } define('NOROBOT', TRUE); if ($_GET['action'] == 'checkusername') { $username = trim($_GET['username']); $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort', '', array(), array('handle' => false)); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong', '', array(), array('handle' => false)); } loaducenter(); $ucresult = uc_user_checkname($username); if ($ucresult == -1) { showmessage('profile_username_illegal', '', array(), array('handle' => false)); } elseif ($ucresult == -2) { showmessage('profile_username_protect', '', array(), array('handle' => false)); } elseif ($ucresult == -3) { if (C::t('common_member')->fetch_by_username($username) || C::t('common_member_archive')->fetch_by_username($username)) { showmessage('register_check_found', '', array(), array('handle' => false)); } else { showmessage('register_activation', '', array(), array('handle' => false));
/** * 用户注册 * * @author HanPengyu * @param string $username 用户名. * @param string $password 用户密码. * @param string $email 用户邮件. * @param string $type 注册类型,默认general. * @return array . */ public static function register($username, $password, $email, $type = 'general') { global $_G; require_once libfile('function/member'); require libfile('class/member'); require_once libfile('function/misc'); loaducenter(); $ctlObj = new register_ctl(); $ctlObj->setting = $_G['setting']; // 客户端是否开启注册功能 $mobAllowReg = WebUtils::getDzPluginAppbymeAppConfig('mobile_allow_register'); if ($mobAllowReg === '0') { return self::errorInfo(Webutils::t('客户端不允许注册')); } // 客户端是否开启跳转web页注册 // 系统是否允许注册 if (!$ctlObj->setting['regclosed'] && (!$ctlObj->setting['regstatus'] || !$ctlObj->setting['ucactivation'])) { if (!$ctlObj->setting['regstatus']) { $message = !$ctlObj->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $ctlObj->setting['regclosemessage']); return self::errorInfo(lang('message', $message)); } } // $username = isset($username) ? trim(WebUtils::t($username)) : ''; $password = isset($password) ? $password : ''; // $password2 = isset($password2) ? $password2 : ''; $email = strtolower(trim($email)); if ($ctlObj->setting['regverify']) { // 对注册 IP 的限制 if ($ctlObj->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($ctlObj->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $ctlObj->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctlObj->setting['regverify'] = 0; break; } } } } if ($ctlObj->setting['regverify'] && $type == 'general') { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $ctlObj->setting['newusergroupid']; } // 在插件中设置的用户组 date:2015.01.15 $registerGroup = WebUtils::getDzPluginAppbymeAppConfig('mobile_register_group'); if ($registerGroup) { $groupinfo['groupid'] = $registerGroup; } $usernamelen = dstrlen($username); if ($usernamelen < 3) { return self::errorInfo(lang('message', 'profile_username_tooshort')); } elseif ($usernamelen > 15) { return self::errorInfo(lang('message', 'profile_username_toolong')); } if ($ctlObj->setting['pwlength']) { if (strlen($password) < $ctlObj->setting['pwlength']) { // 密码最小的长度 return self::errorInfo(lang('message', 'profile_password_tooshort', array('pwlength' => $ctlObj->setting['pwlength']))); } } // 密码复杂度的限制 if ($ctlObj->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $ctlObj->setting['strongpw']) && !preg_match("/\\d+/", $password)) { $strongpw_str[] = lang('member/template', 'strongpw_1'); } if (in_array(2, $ctlObj->setting['strongpw']) && !preg_match("/[a-z]+/", $password)) { $strongpw_str[] = lang('member/template', 'strongpw_2'); } if (in_array(3, $ctlObj->setting['strongpw']) && !preg_match("/[A-Z]+/", $password)) { $strongpw_str[] = lang('member/template', 'strongpw_3'); } if (in_array(4, $ctlObj->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $password)) { $strongpw_str[] = lang('member/template', 'strongpw_4'); } if ($strongpw_str) { // 密码太弱,密码中必须包含什么 return self::errorInfo(lang('member/template', 'password_weak') . implode(',', $strongpw_str)); } } // if($password !== $password2) { // // 两次输入的密码不同 // return WebUtils::makeErrorInfo_oldVersion($res, lang('message', 'profile_passwd_notmatch')); // } if (!$password || $password != addslashes($password)) { // 密码有特殊的字符 return self::errorInfo(lang('message', 'profile_passwd_illegal')); } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($ctlObj->setting['censoruser'] = trim($ctlObj->setting['censoruser']), '/')) . ')$/i'; if ($ctlObj->setting['censoruser'] && @preg_match($censorexp, $username)) { // 用户名包含被系统屏蔽的字符 return self::errorInfo(lang('message', 'profile_username_protect')); } // 这里是对ip注册的限制 if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $ctlObj->setting['regctrl'] = $ctlObj->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } // ip在一定时间内不能注册 if ($ctlObj->setting['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $ctlObj->setting['regctrl'] * 3600)) { return self::errorInfo(lang('message', 'register_ctrl', array('regctrl' => $ctlObj->setting['regctrl']))); } } // IP 地址在 24 小时内只能注册几次 $setregip = null; if ($ctlObj->setting['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $ctlObj->setting['regfloodctrl']) { return self::errorInfo(lang('message', 'register_flood_ctrl', array('regfloodctrl' => $ctlObj->setting['regfloodctrl']))); } else { $setregip = 1; } } else { $setregip = 2; } } $uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { // 用户名包含敏感字符 return self::errorInfo(lang('message', 'profile_username_illegal')); } elseif ($uid == -2) { // 用户名包含被系统屏蔽的字符 return self::errorInfo(lang('message', 'profile_username_protect')); } elseif ($uid == -3) { // 该用户名已被注册 return self::errorInfo(lang('message', 'profile_username_duplicate')); } elseif ($uid == -4) { // Email 地址无效 return self::errorInfo(lang('message', 'profile_email_illegal')); } elseif ($uid == -5) { // 抱歉,Email 包含不可使用的邮箱域名 return self::errorInfo(lang('message', 'profile_email_domain_illegal')); } elseif ($uid == -6) { // 该 Email 地址已被注册 return self::errorInfo(lang('message', 'profile_email_duplicate')); } } $_G['username'] = $username; $password = md5(random(10)); if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } $profile = $verifyarr = array(); $emailstatus = 0; $init_arr = array('credits' => explode(',', $ctlObj->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($ctlObj->setting['regctrl'] || $ctlObj->setting['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($ctlObj->setting['regctrl'] > 72 ? $ctlObj->setting['regctrl'] : 72) * 3600); if ($ctlObj->setting['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } if ($ctlObj->setting['regverify'] == 1) { $idstring = random(6); $authstr = $ctlObj->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('common_member_field_forum')->update($uid, array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$uid}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $username, 'bbname' => $ctlObj->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } } // [add]更新欢迎注册等 data:2015.01.04 require_once libfile('cache/userstats', 'function'); build_cache_userstats(); $_GET['regmessage'] = Webutils::t('来自手机客户端注册'); $regmessage = dhtmlspecialchars($_GET['regmessage']); if ($ctlObj->setting['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); // 统计用户表 include_once libfile('function/stat'); updatestat('register'); return self::errorInfo('', 0, array('uid' => $uid)); }
public static function register($username, $return = 0, $groupid = 0) { global $_G; if (!$username) { return; } if (!$_G['wechat']['setting']) { $_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']); } loaducenter(); $groupid = !$groupid ? $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'] : $groupid; $password = md5(random(10)); $email = 'wechat_' . strtolower(random(10)) . '@null.null'; $usernamelen = dstrlen($username); if ($usernamelen < 3) { $username = $username . '_' . random(5); } if ($usernamelen > 15) { if (!$return) { showmessage('profile_username_toolong'); } else { return; } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i'; if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) { if (!$return) { showmessage('profile_username_protect'); } else { return; } } if (!$_G['wechat']['setting']['wechat_disableregrule']) { loadcache('ipctrl'); if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $_G['setting']['regctrl'] = $_G['setting']['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($_G['setting']['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $_G['setting']['regctrl'] * 3600)) { if (!$return) { showmessage('register_ctrl', NULL, array('regctrl' => $_G['setting']['regctrl'])); } else { return; } } } $setregip = null; if ($_G['setting']['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $_G['setting']['regfloodctrl']) { if (!$return) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $_G['setting']['regfloodctrl'])); } else { return; } } else { $setregip = 1; } } else { $setregip = 2; } } if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } } $uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']); if ($uid <= 0) { if (!$return) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } else { return; } } $init_arr = array('credits' => explode(',', $_G['setting']['initcredits'])); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupid, $init_arr); if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) * 3600); if ($_G['setting']['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } if ($_G['setting']['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => '', 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $username, 'password' => $password, 'groupid' => $groupid), 0); //统计 include_once libfile('function/stat'); updatestat('register'); return $uid; }
} else { if (!$multiset) { $_GET['multinew'] = array(0 => array('single' => 1)); } $pluginvars = array(); require_once libfile('function/delete'); foreach ($_GET['multinew'] as $k => $row) { if (empty($row['single'])) { foreach ($row as $key => $value) { $_GET['' . $key] = $value; } $fid = $_GET['multi'][$k]; } $forum = $mforum[$k]; /*jaideejung007*/ if (dstrlen($_GET['namenew']) > 150) { cpmsg('forums_name_toolong', '', 'error'); } if (!$multiset) { if (!checkformulaperm($_GET['formulapermnew'])) { cpmsg('forums_formulaperm_error', '', 'error'); } $formulapermary[0] = $_GET['formulapermnew']; $formulapermary[1] = preg_replace(array("/(digestposts|posts|threads|oltime|extcredits[1-8])/", "/(regdate|regday|regip|lastip|buyercredit|sellercredit|field\\d+)/"), array("getuserprofile('\\1')", "\$memberformula['\\1']"), $_GET['formulapermnew']); $formulapermary['message'] = $_GET['formulapermmessagenew']; } else { $formulapermary = dunserialize($forum['formulaperm']); } $formulapermary['medal'] = $_GET['medalnew']; $formulapermary['users'] = $_GET['formulapermusersnew']; $_GET['formulapermnew'] = serialize($formulapermary);