/**
* 用户名长度验证
* @param string $username
* @return boolean
*/
function check_username_len($username)
{
$len = dstrlen($username);
if ($len > 15 || $len < 5) {
return FALSE;
} else {
return TRUE;
}
}
private function _check_post_length($message, $length)
{
if ($this->param['special'] || $this->thread['special'] || getstatus($this->thread['status'], 3) || !$length) {
return 0;
}
require_once libfile('function/discuzcode');
$langthread = lang('forum/thread');
$content = discuzcode($message);
$content = strip_tags($content);
$content = str_replace(array(',', '.', '?', '!', $langthread['t_question'], $langthread['t_exclamatory'], $langthread['t_period'], $langthread['t_comma'], '~', $langthread['t_suspension']), '', $content);
$content = preg_replace('/\\s+/', '', $content);
$realLength = dstrlen($content);
$checkQuote = preg_match("/\\s?\\[quote\\][\n\r]*(.+?)[\n\r]*\\[\\/quote\\]\\s?/is", $message) > 0 || preg_match("/\\[img=(\\d{1,4})[x|\\,](\\d{1,4})\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/i", $message) > 0 || preg_match("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/i", $message) > 0 || preg_match("/\\[attach\\](\\d+)\\[\\/attach\\]/i", $message) > 0;
if ($checkQuote || $realLength >= $length) {
return $realLength <= 0 ? 1 : $realLength;
} else {
return 0;
}
}
function check_username($username)
{
$guestexp = '^Guest';
$len = dstrlen($username);
if ($len < 3 || preg_match("/\\s+|^c:\\con\\con|[%,\\*\"\\s\\<\\>\\&]|{$guestexp}/is", $username)) {
return FALSE;
} else {
return TRUE;
}
}
function pick_reg($info)
{
$member = $info;
extract($info);
global $_G;
loaducenter();
require_once libfile('function/misc');
require_once libfile('function/profile');
include_once libfile('class/member');
$activation = array();
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
return milu_lang('too_short');
} elseif ($usernamelen > 15) {
return milu_lang('too_long');
}
$username = addslashes(trim(dstripslashes($username)));
$email = trim($email);
}
if (!$activation) {
$uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
return milu_lang('bad_word');
} elseif ($uid == -2) {
return milu_lang('system_bad_word');
} elseif ($uid == -3) {
return milu_lang('reged');
} elseif ($uid == -4) {
return milu_lang('wrong_email');
} elseif ($uid == -5) {
return milu_lang('bad_email');
} elseif ($uid == -6) {
return milu_lang('email_reged');
} else {
return milu_lang('unknow_error');
}
}
} else {
list($uid, $username, $email) = $activation;
}
if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) {
if (!$activation) {
uc_user_delete($uid);
}
return milu_lang('uid_reged');
}
$init_arr = explode(',', $_G['setting']['initcredits']);
$groupinfo['groupid'] = $_G['setting']['newusergroupid'];
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
//用户资料
$profile['constellation'] = get_constellation($birthmonth, $birthday);
$profile['zodiac'] = get_zodiac($birthyear);
$profile['gender'] = $gender == milu_lang('baomi') ? 0 : ($gender == milu_lang('man') ? 1 : 0);
$profile_field_arr = array('birthyear', 'birthmonth', 'birthday', 'birthprovince', 'birthcity', 'birthdist', 'birthcommunity', 'resideprovince', 'residecity', 'residedist', 'residecommunity', 'residesuite', 'site', 'bio', 'interest', 'idcardtype', 'idcard', 'bloodtype', 'height', 'weight', 'qq', 'msn', 'taobao', 'yahoo', 'icq', 'alipay', 'lookingfor', 'position', 'occupation', 'education', 'company', 'graduateschool', 'revenue', 'telephone', 'mobile', 'constellation', 'realname', 'zodiac', 'affectivestatus');
foreach ($profile_field_arr as $k => $v) {
$profile[$v] = ${$v};
}
$lastactivity = rand($regdate, $regdate + 3600 * 24 * 2);
if ($regipsql) {
DB::query($regipsql);
}
$credits = 0;
if (!empty($_G['setting']['creditsformula'])) {
eval("\$credits = round(" . $_G['setting']['creditsformula'] . ");");
}
$userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => $regdate, 'credits' => $credits, 'timeoffset' => 9999);
$status_data = array('uid' => $uid, 'regip' => $regip, 'lastip' => $lastip, 'lastvisit' => $lastvisit, 'lastactivity' => $lastactivity, 'lastpost' => $lastpost, 'lastsendmail' => 0);
$profile['uid'] = $uid;
$field_forum['uid'] = $uid;
$field_forum['sightml'] = $sightmlm;
$field_home['uid'] = $uid;
DB::insert('common_member', paddslashes($userdata));
DB::insert('common_member_status', paddslashes($status_data));
DB::insert('common_member_profile', paddslashes($profile));
DB::insert('common_member_field_forum', paddslashes($field_forum));
DB::insert('common_member_field_home', paddslashes($field_home));
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => $lastactivity);
DB::insert('common_member_verify_info', $setverify);
DB::insert('common_member_verify', array('uid' => $uid));
}
$count_data = array('uid' => $uid, 'oltime' => $oltime ? $oltime : 0, 'extcredits1' => $extcredits1 ? $extcredits1 : $init_arr[1], 'extcredits2' => $extcredits2 ? $extcredits2 : $init_arr[2], 'extcredits3' => $extcredits3 ? $extcredits3 : $init_arr[3], 'extcredits4' => $extcredits4 ? $extcredits4 : $init_arr[4], 'extcredits5' => $extcredits5 ? $extcredits5 : $init_arr[5], 'extcredits6' => $extcredits6 ? $extcredits6 : $init_arr[6], 'extcredits7' => $extcredits7 ? $extcredits7 : $init_arr[7], 'extcredits8' => $extcredits8 ? $extcredits8 : $init_arr[8]);
DB::insert('common_member_count', paddslashes($count_data));
DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true);
manyoulog('user', $uid, 'add');
$totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member'));
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => $username);
checkusergroup($uid);
//更新用户所在的用户组
save_syscache('userstats', $userstats);
$re_arr['uid'] = $uid;
return $re_arr;
}
function checkpost($subject, $message, $special = 0)
{
global $_G;
if (dstrlen($subject) > 80) {
return 'post_subject_toolong';
}
if (!$_G['group']['disablepostctrl'] && !$special) {
if ($_G['setting']['maxpostsize'] && strlen($message) > $_G['setting']['maxpostsize']) {
return 'post_message_toolong';
} elseif ($_G['setting']['minpostsize'] && strlen(preg_replace("/\\[quote\\].+?\\[\\/quote\\]/is", '', $message)) < $_G['setting']['minpostsize']) {
return 'post_message_tooshort';
}
}
return FALSE;
}
function search()
{
global $_G;
$and = '';
$url = URL . 'a=search';
$rs = array();
if ($_GET['kw']) {
$string = stripsearchkey(trim($_GET['kw']));
if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) {
msg('非法搜索关键字');
}
$string = safe_output($string);
if (dstrlen($string) < 2) {
msg('要搜索的关键字长度不能小于2');
}
$_GET[kw] = $string;
$and .= " AND title like '%{$string}%' ";
$url .= "&kw=" . urlencode_utf8($string);
$and .= " AND `check`=1 AND `hide`=0 ";
$and .= " AND ( end_time = 0 or end_time > " . TIMESTAMP . ")";
$sql = make_sql();
$size = 60;
$rs = D(array('and' => $and . $sql['and'], 'order' => $sql[order]), array('url' => $url . $sql[url], 'size' => $size));
//dump($and .$sql['and'],1);
} else {
if ($_GET['price1'] && $_GET['price2']) {
$sql = make_sql();
$size = 60;
$rs = D(array('and' => $and . $sql['and'], 'all' => true, 'order' => $sql[order], 'key' => 'search'), array('url' => $url . $sql[url], 'size' => $size));
}
}
seo($string . ' - 商品搜索');
$this->add($rs);
$this->show();
}
function checkpost($subject, $message, $special = 0)
{
global $_G;
if (dstrlen($subject) > 255) {
return 'post_subject_toolong';
}
if (!$_G['group']['disablepostctrl'] && !$special) {
if ($_G['setting']['maxpostsize'] && strlen($message) > $_G['setting']['maxpostsize']) {
return 'post_message_toolong';
} elseif ($_G['setting']['minpostsize']) {
$minpostsize = !IN_MOBILE || !$_G['setting']['minpostsize_mobile'] ? $_G['setting']['minpostsize'] : $_G['setting']['minpostsize_mobile'];
if (strlen(preg_replace("/\\[quote\\].+?\\[\\/quote\\]/is", '', $message)) < $minpostsize || strlen(preg_replace("/\\[postbg\\].+?\\[\\/postbg\\]/is", '', $message)) < $minpostsize) {
return 'post_message_tooshort';
}
}
}
return FALSE;
}
function stringtopic($value, $key = '', $force = false, $rlength = 0)
{
if ($key === '') {
$key = $value;
}
$basedir = !getglobal('setting/attachdir') ? './data/attachment' : getglobal('setting/attachdir');
$url = !getglobal('setting/attachurl') ? './data/attachment/' : getglobal('setting/attachurl');
$subdir1 = substr(md5($key), 0, 2);
$subdir2 = substr(md5($key), 2, 2);
$target = 'temp/' . $subdir1 . '/' . $subdir2 . '/';
$targetname = substr(md5($key), 8, 16) . '.png';
discuz_upload::check_dir_exists('temp', $subdir1, $subdir2);
if (!$force && file_exists($basedir . '/' . $target . $targetname)) {
return $url . $target . $targetname;
}
$value = str_replace("\n", '', $value);
$fontfile = $fontname = '';
$ttfenabled = false;
$size = 10;
$w = 130;
$rowh = 25;
$value = explode("\r", $value);
if ($rlength) {
$temp = array();
foreach ($value as $str) {
$strlen = dstrlen($str);
if ($strlen > $rlength) {
for ($i = 0; $i < $strlen; $i++) {
$sub = cutstr($str, $rlength, '');
$temp[] = $sub;
$str = substr($str, strlen($sub));
$strlen = $strlen - $rlength;
}
} else {
$temp[] = $str;
}
}
$value = $temp;
unset($temp);
}
if (function_exists('imagettftext')) {
$fontroot = DISCUZ_ROOT . './static/image/seccode/font/ch/';
$dirs = opendir($fontroot);
while ($entry = readdir($dirs)) {
if ($entry != '.' && $entry != '..' && in_array(strtolower(fileext($entry)), array('ttf', 'ttc'))) {
$fontname = $entry;
break;
}
}
if (!empty($fontname)) {
$fontfile = DISCUZ_ROOT . './static/image/seccode/font/ch/' . $fontname;
}
if ($fontfile) {
if (strtoupper(CHARSET) != 'UTF-8') {
include DISCUZ_ROOT . './source/class/class_chinese.php';
$cvt = new Chinese(CHARSET, 'utf8');
$value = $cvt->Convert(implode("\r", $value));
$value = explode("\r", $value);
}
$ttfenabled = true;
}
}
foreach ($value as $str) {
if ($ttfenabled) {
$box = imagettfbbox($size, 0, $fontfile, $str);
$height = max($box[1], $box[3]) - min($box[5], $box[7]);
$len = max($box[2], $box[4]) - min($box[0], $box[6]);
$rowh = max(array($height, $rowh));
} else {
$len = strlen($str) * 12;
}
$w = max(array($len, $w));
}
$h = $rowh * count($value) + count($value) * 2;
$im = @imagecreate($w, $h);
$background_color = imagecolorallocate($im, 255, 255, 255);
$text_color = imagecolorallocate($im, 60, 60, 60);
$h = $ttfenabled ? $rowh : 4;
foreach ($value as $str) {
if ($ttfenabled) {
imagettftext($im, $size, 0, 0, $h, $text_color, $fontfile, $str);
$h += 2;
} else {
imagestring($im, $size, 0, $h, $str, $text_color);
}
$h += $rowh;
}
imagepng($im, $basedir . '/' . $target . $targetname);
imagedestroy($im);
return $url . $target . $targetname;
}
function register()
{
/*{{{*/
require_once dirname(dirname(dirname(__FILE__))) . '/bigappjson.class.php';
require_once libfile('function/misc');
require_once libfile('function/member');
require_once libfile('class/member');
$userName = isset($_REQUEST["username"]) ? $_REQUEST["username"] : "";
$password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : "";
$email = isset($_REQUEST["email"]) ? strtolower($_REQUEST["email"]) : "";
global $_G;
if (function_exists('iconv')) {
$userName = iconv('UTF-8', CHARSET . '//ignore', $userName);
} else {
$userName = mb_convert_encoding($userName, CHARSET, 'UTF-8');
}
if (empty($userName) || empty($password) || empty($email)) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'empty_params'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'empty_params'))));
die(0);
}
$userNamelen = dstrlen($userName);
if ($userNamelen < 3) {
echo BIGAPPJSON::encode(array('error_code' => 3, 'error_msg' => lang('plugin/bigapp', 'username_short'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_short'))));
die(0);
}
if ($userNamelen > 15) {
echo BIGAPPJSON::encode(array('error_code' => 4, 'error_msg' => lang('plugin/bigapp', 'username_long'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_long'))));
die(0);
}
$ctlObj = new register_ctl();
$ctlObj->setting = $_G['setting'];
if (isset($ctlObj->setting['pwlength']) && $ctlObj->setting['pwlength']) {
if (strlen($password) < $ctlObj->setting['pwlength']) {
echo BIGAPPJSON::encode(array('error_code' => 5, 'error_msg' => lang('plugin/bigapp', 'password_length') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_not_equal') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]')));
die(0);
}
}
if (isset($ctlObj->setting['strongpw']) && $ctlObj->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $ctlObj->setting['strongpw']) && !preg_match("/\\d+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_number');
}
if (in_array(2, $ctlObj->setting['strongpw']) && !preg_match("/[a-z]+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_lowercase_char');
}
if (in_array(3, $ctlObj->setting['strongpw']) && !preg_match("/[A-Z]+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_uppercase_char');
}
if (in_array(4, $ctlObj->setting['strongpw']) && !preg_match("/[^a-zA-Z0-9]+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_charset');
}
if ($strongpw_str) {
echo BIGAPPJSON::encode(array('error_code' => 6, 'error_msg' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]')));
die(0);
}
}
/*
if(!isset($_G['setting']['mobile']['mobileregister']) || !$_G['setting']['mobile']['mobileregister']){
echo BIGAPPJSON::encode(array('error_code' => 7, 'error_msg' => lang('plugin/bigapp', 'forbid_mobreg'),
'Variables' => array('auth' => null),
'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_mobreg'))));
die(0);
}
*/
loaducenter();
if (!$ctlObj->setting['regclosed'] && (!$ctlObj->setting['regstatus'] || !$ctlObj->setting['ucactivation'])) {
if (!$ctlObj->setting['regstatus']) {
echo BIGAPPJSON::encode(array('error_code' => 8, 'error_msg' => lang('plugin/bigapp', 'forbid_registration'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_registration'))));
die(0);
}
}
if ($ctlObj->setting['regverify']) {
if ($ctlObj->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($ctlObj->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$ctlObj->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctlObj->setting['regverify'] = 0;
break;
}
}
}
}
if ($ctlObj->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $ctlObj->setting['newusergroupid'];
}
if (!$password || $password != addslashes($password)) {
echo BIGAPPJSON::encode(array('error_code' => 9, 'error_msg' => lang('plugin/bigapp', 'password_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid_char'))));
die(0);
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($ctlObj->setting['censoruser'] = trim($ctlObj->setting['censoruser']), '/')) . ')$/i';
if ($ctlObj->setting['censoruser'] && @preg_match($censorexp, $userName)) {
echo BIGAPPJSON::encode(array('error_code' => 10, 'error_msg' => lang('plugin/bigapp', 'forbid_username'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_username'))));
die(0);
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$ctlObj->setting['regctrl'] = $ctlObj->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($ctlObj->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $ctlObj->setting['regctrl'] * 3600)) {
echo BIGAPPJSON::encode(array('error_code' => 11, 'error_msg' => lang('plugin/bigapp', 'forbid_ip'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip'))));
die(0);
}
}
$setregip = null;
if ($ctlObj->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $ctlObj->setting['regfloodctrl']) {
echo BIGAPPJSON::encode(array('error_code' => 12, 'error_msg' => lang('plugin/bigapp', 'forbid_ip_today'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip_today'))));
die(0);
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$uid = uc_user_register($userName, $password, $email, '', '', $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char'))));
} elseif ($uid == -2) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char'))));
} elseif ($uid == -3) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_used'))));
} elseif ($uid == -4) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email'))));
} elseif ($uid == -5) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email'))));
} elseif ($uid == -6) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'email_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email_used'))));
}
die(0);
}
$_G['username'] = $userName;
$password = md5(random(10));
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
$profile = $verifyarr = array();
$emailstatus = 0;
$init_arr = array('credits' => explode(',', $ctlObj->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $userName, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($ctlObj->setting['regctrl'] || $ctlObj->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($ctlObj->setting['regctrl'] > 72 ? $ctlObj->setting['regctrl'] : 72) * 3600);
if ($ctlObj->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
if ($ctlObj->setting['regverify'] == 1) {
$idstring = random(6);
$authstr = $ctlObj->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($uid, array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$uid}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $username, 'bbname' => $ctlObj->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
$_GET['regmessage'] = 'from bigapp client';
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($ctlObj->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
checkfollowfeed();
C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
////////////////////////////////////////////////
// 注册成功,绑定第三方openid
$plat = $_GET["platform"];
if ($plat == "qq") {
include_once CUR_PATH . "/../qqconnect/bind.php";
} else {
if ($plat == "wechat") {
include_once CUR_PATH . "/../wechatconnect/bind.php";
}
}
////////////////////////////////////////////////
echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'regist_succ'), 'Message' => array('messageval' => 'register_succeed', 'messagestr' => lang('plugin/bigapp', 'regist_succ')), 'Variables' => array('auth' => 'in order to be comapatible')));
die(0);
}
/**
*
* 更新或添加参赛记录
* @param ccvid int CC视频ID
* @param gid int 活动ID
* @param schedule int 参赛排期
*/
public function upload_ok()
{
$ccvid = $this->input->get_post('ccvid', true);
$gid = intval($this->input->get_post('gid', true));
$schedule = intval($this->input->get_post('schedule', true));
if (dstrlen($ccvid) == 32 && $gid > 0) {
$sid = intval($sid);
$period = intval($period);
$this->load->model('works_index_model', 'index_mod');
$where = array('vid' => $ccvid, 'userid' => $this->uid);
#参数视更新视频id 到关联表
$video = $this->video_m->get_video($where);
if ($video) {
$add_index = array();
$add_index['uid'] = $this->uid;
$add_index['wid'] = $video['id'];
$add_index['wtype'] = 1;
$add_index['gid'] = $gid;
$add_index['status'] = 1;
$add_index['create_time'] = time();
$w_index = array('gid' => $gid, 'uid' => $this->uid, 'schedule' => $schedule);
$is_work_index = $this->index_mod->get_index($w_index);
if (empty($is_work_index)) {
$ret_id = $this->index_mod->add_index($add_index);
$this->load->model('activity_model', 'activity_m');
$name = $this->activity_m->get_one_by_where(array('id' => $gid), 'name');
if ($ret_id && method_exists($this, "init_" . $name)) {
$this->{"init_" . $name}($gid, $ret_id, $schedule);
}
}
$updata['type'] = 1;
$updata['info'] = 1;
$updata['status'] = 1;
$updata['update'] = date("Y-m-d H:i:s");
$ret_up = $this->video_mod->up_video($updata, $where);
if ($ret_up) {
$this->echo_api(1, $is_work_index);
} else {
$this->echo_api(-3, "更新失败.");
}
} else {
$this->echo_api(-5, "视频信息不存在.");
}
} else {
if ($gid > 0) {
$this->echo_api(-2, "CC视频ID不存在.");
} else {
$this->echo_api(-4, "活动ID不存在.");
}
}
}
function goods()
{
global $_G;
$sql = make_sql();
$url = 'm=ajax&a=goods';
$size = $_G[setting][cate_page] ? $_G[setting][cate_page] : 120;
if ($_GET['field']) {
$sql['field'] = trim($_GET['field']);
}
$and = '';
if ($_GET['kw']) {
$string = stripsearchkey(trim($_GET['kw']));
if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) {
msg('非法搜索关键字');
}
$string = safe_output($string);
if (dstrlen($string) < 2) {
msg('要搜索的关键字长度不能小于2');
}
$_GET[kw] = $string;
$and .= " AND title like '%{$string}%' ";
$url .= "&kw=" . urlencode_utf8($string);
}
if ($_GET[tag]) {
$tag = trim_html($tag, 1);
$tag = daddslashes($_GET[tag]);
$and .= "AND FIND_IN_SET('" . $tag . "', keywords) ";
$url .= "&tag=" . urlencode_utf8($tag);
$sql['and'] .= $and;
$sql['url'] .= $url;
}
$rs = D(array('and' => $and . $sql['and'], 'all' => false, 'order' => $sql[order]), array('url' => $url . $sql[url], 'size' => $size));
$goods = array();
foreach ($rs['goods'] as $k => $v) {
$tmp = array();
$tmp['picurl'] = $v['picurl'];
$tmp['url'] = $v['url'];
$tmp['id_url'] = $v['id_url'];
$tmp['num_iid'] = $v['num_iid'];
$tmp['aid'] = $v['aid'];
$tmp['yh_price'] = $v['yh_price'];
$tmp['sum'] = $v['sum'];
$tmp['like'] = $v['like'];
$tmp['title'] = $v['title'];
$tmp['username'] = $v['username'];
$goods[] = $tmp;
}
json(array('data' => $goods, 'status' => 'success'));
}
$skype = replaceparting(dhtmlspecialchars(trim($_G['sr_skype'])));
$tel = replaceparting(dhtmlspecialchars(trim($_G['sr_tel'])));
} else {
$qq = dhtmlspecialchars(trim($_G['sr_qq']));
$tel = dhtmlspecialchars(trim($_G['sr_tel']));
}
$address = dhtmlspecialchars(trim($_G['sr_address']));
$mappos = dhtmlspecialchars(trim($_G['sr_mappos']));
$weburl = 'http://' . str_replace('http://', '', dhtmlspecialchars(trim($_G['sr_weburl'])));
if (dstrlen($propaganda) > 1000) {
showmessage(srlang('post_propaganda_toolong'));
}
if (dstrlen($introduction) > 4000) {
showmessage(srlang('post_introduction_toolong'));
}
if (dstrlen($contact) > 1000) {
showmessage(srlang('post_contact_toolong'));
}
if ($cateid < 1) {
showmessage(srlang('nocateid'));
}
if (empty($name)) {
showmessage(srlang('noname'));
}
$caid = intval($_G['sr_caid']);
if ($caid < 1 && $bid < 1) {
showmessage(srlang('inputposter'));
}
$attachment = C::t('#sanree_brand#sanree_brand_attachment')->fetch_firstbyaid($caid);
if (!$attachment) {
showmessage(srlang('inputposter'));
function sub_str($str, $start, $end)
{
$str = preg_replace("/\\s+/", '', $str);
$start = preg_replace("/\\s+/", '', $start);
if ($end != -1) {
$end = preg_replace("/\\s+/", '', $end);
}
$s = strpos($str, $start);
$str1 = substr($str, $s + dstrlen($start));
$e = $end == -1 ? dstrlen($str1) : strpos($str1, $end);
return substr($str1, 0, $e);
}
private function api_get($add_page)
{
global $_G;
$url = URL . 'm=list';
if ($_G['fid'] > 0) {
$url .= "&fid=" . $_G['fid'];
}
$channel = $_G['channel'];
$cid = 0;
$arr = array();
if ($_GET['cid']) {
$cid = intval($_GET['cid']);
$cates = (include libfile('config/taobao_cate'));
$cate = array();
foreach ($cates as $k => $v) {
if ($v['cid'] == $cid) {
$cate = $v;
break;
} elseif ($v['sub']) {
foreach ($v['sub'] as $k1 => $v2) {
if ($v2['cid'] == $cid) {
$cate = $v2;
break;
}
}
}
}
if (!$cate['cid']) {
msg('分类ID不存在');
}
$title = $cate['name'];
} elseif ($channel) {
$cid = intval($channel['classname']);
$title = $channel[name];
}
if ($cid > 0) {
$arr['cid'] = $cid;
}
if ($_GET['kw']) {
$string = stripsearchkey(trim($_GET['kw']));
if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) {
msg('非法搜索关键字');
}
$string = safe_output($string);
if (dstrlen($string) < 2) {
msg('要搜索的关键字长度不能小于2');
}
$_GET[kw] = $string;
$arr['keyword'] = $string;
$url .= "&kw=" . $string;
$title .= " " . $string;
unset($arr['cid']);
}
if ($_GET['sort']) {
$order_in = array('price_asc', 'sales_desc', 'credit_desc');
if (in_array($_GET['sort'], $order_in)) {
$arr['sort'] = $_GET['sort'];
$url .= "&sort = " . $_GET['sort'];
unset($_GET['sort']);
}
}
if (!$_GET[kw]) {
unset($_GET['kw']);
}
if (!$arr[keyword] && !$arr['cid']) {
$arr[keyword] = '特价';
}
$arr['start_price'] = 1;
$arr['end_price'] = 99999;
if ($_GET['price1']) {
$_GET['price1'] = $arr['start_price'] = floatval($_GET['price1']);
$url .= "&price1=" . $arr['start_price'];
}
if ($_GET['price2']) {
$_GET['price2'] = $arr['end_price'] = floatval($_GET['price2']);
$url .= "&price2=" . $arr['end_price'];
}
if ($_GET['sort']) {
$sort_arr = array("price_desc", "price_asc", "credit_desc", "credit_asc", "commission_num_desc", "commission_rate_asc");
if (in_array($_GET['sort'], $sort_arr)) {
$arr['sort'] = $_GET['sort'];
$url .= "&sort=" . $arr['sort'];
}
}
//分页大小,优站 40 淘客 40 - 100
$size = $channel['page'] > 0 ? intval($channel['page']) : $_G['setting'][cate_page];
if ($size > 100) {
$size = 100;
}
$arr[page_no] = $add_page ? $_G[page] + $add_page : $_G[page];
$arr[page_size] = $size;
$key = md5(http_build_query($arr));
$size = 40;
$rs = memory('get', $key);
//接口类型 1 = 优站 2= 淘客
if (!$rs) {
if ($goods) {
$rs = array('showpage' => $showpage, 'count' => $count, 'goods' => $goods);
memory('set', $key, $rs, 3600);
}
}
return $rs;
}
function checkProposalField($param)
{
if (empty($param['contact'])) {
$reault = array(-1, '联系方式不能为空');
return $reault;
}
$param['contact'] = trim($param['contact']);
if (!is_numeric($param['contact']) || strlen($param['contact']) > 15) {
$reault = array(-2, '联系方式必须是整形且长度不超过15个数字');
return $reault;
}
if (empty($param['funtions']) || dstrlen($param['funtions']) > 30) {
$reault = array(-3, '请输入功能点且长度不大于15个中文字符');
return $reault;
}
if (empty($param['backgrounds']) || dstrlen($param['backgrounds']) > 2000) {
$reault = array(-4, '请输入需求背景且长度不大于1000');
return $reault;
}
if (empty($param['description']) || dstrlen($param['description']) > 2000) {
$reault = array(-5, '请输入功能描述且长度不大于1000');
return $reault;
}
$reault = array(1, '成功');
return $reault;
}
function on_register()
{
global $_G;
$_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']];
$_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']];
$_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']];
$_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_G['gp_username']) ? $_G['gp_username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_G['gp_auth'];
if (!$invitestatus) {
$invite = getinvite();
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_G['gp_action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
}
if ($fromuid) {
$query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'");
if (DB::num_rows($query)) {
$fromuser = dhtmlspecialchars(DB::result($query, 0));
} else {
dsetcookie('promotion');
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
if ($_G['gp_action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
require_once libfile('member/' . $this->extrafile, 'module');
}
$dreferer = dreferer();
include template($this->template);
} else {
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_G['gp_activationauth'])) {
$activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE'));
if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
$username = addslashes(trim(dstripslashes($username)));
if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username)));
}
}
$email = trim($_G['gp_email']);
if (empty($this->setting['ignorepassword'])) {
if ($_G['gp_password'] !== $_G['gp_password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_G['gp_password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
$query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1");
if (DB::num_rows($query)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$regipsql = '';
if ($this->setting['regfloodctrl']) {
if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) {
if ($regattempts >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'";
}
} else {
$regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')";
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_G['gp_' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
require_once libfile('class/upload');
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($regipsql) {
DB::query($regipsql);
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = explode(',', $this->setting['initcredits']);
$userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999);
$status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0);
$profile['uid'] = $uid;
$field_forum['uid'] = $uid;
$field_home['uid'] = $uid;
if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
require_once libfile('member/' . $this->extrafile, 'module');
}
DB::insert('common_member', $userdata);
DB::insert('common_member_status', $status_data);
DB::insert('common_member_profile', $profile);
DB::insert('common_member_field_forum', $field_forum);
DB::insert('common_member_field_home', $field_home);
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP);
DB::insert('common_member_verify_info', $setverify);
DB::insert('common_member_verify', array('uid' => $uid));
}
$count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]);
DB::insert('common_member_count', $count_data);
DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true);
manyoulog('user', $uid, 'add');
$totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member'));
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username));
save_syscache('userstats', $userstats);
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED');
if ($this->setting['regctrl']) {
DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')");
}
}
$regmessage = dhtmlspecialchars($_G['gp_regmessage']);
if ($this->setting['regverify'] == 2) {
DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')");
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'");
if (!$result) {
DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id']));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle));
$welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
loadcache('setting', true);
$_G['setting']['lastmember'] = stripslashes($username);
$settingnew = $_G['setting'];
$settingnew['pluginhooks'] = array();
save_syscache('setting', $settingnew);
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'");
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message);
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$url_forward = dreferer();
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
$url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
$url_forward = dreferer();
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
function cutstr($string, $length, $dot = ' ...') {
/*vot*/ if(dstrlen($string) <= $length) {
return $string;
}
//vot return mb_substr($string,0,$length);
$pre = chr(1);
$end = chr(1);
$string = str_replace(array('&', '"', '<', '>'), array($pre.'&'.$end, $pre.'"'.$end, $pre.'<'.$end, $pre.'>'.$end), $string);
$strcut = '';
if(strtolower(CHARSET) == 'utf-8') {
$n = $tn = $noc = 0;
while($n < strlen($string)) {
$t = ord($string[$n]);
if($t == 9 || $t == 10 || (32 <= $t && $t <= 126)) {
$tn = 1; $n++; $noc++;
} elseif(194 <= $t && $t <= 223) {
$tn = 2; $n += 2; $noc += 2;
} elseif(224 <= $t && $t <= 239) {
$tn = 3; $n += 3; $noc += 2;
} elseif(240 <= $t && $t <= 247) {
$tn = 4; $n += 4; $noc += 2;
} elseif(248 <= $t && $t <= 251) {
$tn = 5; $n += 5; $noc += 2;
} elseif($t == 252 || $t == 253) {
$tn = 6; $n += 6; $noc += 2;
} else {
$n++;
}
if($noc >= $length) {
break;
}
}
if($noc > $length) {
$n -= $tn;
}
$strcut = substr($string, 0, $n);
} else {
$_length = $length - 1;
for($i = 0; $i < $length; $i++) {
if(ord($string[$i]) <= 127) {
$strcut .= $string[$i];
} else if($i < $_length) {
$strcut .= $string[$i].$string[++$i];
}
}
}
$strcut = str_replace(array($pre.'&'.$end, $pre.'"'.$end, $pre.'<'.$end, $pre.'>'.$end), array('&', '"', '<', '>'), $strcut);
$pos = strrpos($strcut, chr(1));
if($pos !== false) {
$strcut = substr($strcut,0,$pos);
}
return $strcut.$dot;
}
function on_register()
{
global $_G;
$_GET['username'] = $_GET['' . $this->setting['reginput']['username']];
$_GET['password'] = $_GET['' . $this->setting['reginput']['password']];
$_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']];
$_GET['email'] = $_GET['' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
if ($this->setting['regconnect']) {
dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
}
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_GET['username']) ? $_GET['username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if (!$invitestatus) {
$invite = getinvite();
}
$sendurl = $this->setting['sendregisterurl'] ? true : false;
if ($sendurl) {
if (!empty($_GET['hash'])) {
$_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']);
$hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
$sendurl = false;
}
}
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_GET['action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
$sendurl = false;
}
if (!$sendurl) {
if ($fromuid) {
$member = getuserbyuid($fromuid);
if (!empty($member)) {
$fromuser = dhtmlspecialchars($member['username']);
} else {
dsetcookie('promotion');
}
}
if ($_GET['action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$activationauth = array();
if (isset($_GET['activationauth']) && $_GET['activationauth']) {
$activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
if ($activationauth[1] != FORMHASH) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$sendurl = false;
}
if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
checkemail($_GET['email']);
}
if ($sendurl) {
$hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey']));
$registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}";
$email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl));
if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) {
runlog('sendmail', "{$_GET['email']} sendmail failed.");
}
showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
}
$emailstatus = 0;
if ($this->setting['sendregisterurl'] && !$sendurl) {
$_GET['email'] = strtolower($hash[0]);
$this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
if (!$this->setting['regverify']) {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$emailstatus = 1;
}
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
}
}
if ($this->setting['pwlength']) {
if (strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
if ($this->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
}
}
$email = strtolower(trim($_GET['email']));
if (empty($email) && $_G['setting']['forgeemail']) {
$_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST'];
}
if (empty($this->setting['ignorepassword'])) {
if ($_GET['password'] !== $_GET['password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$setregip = null;
if ($this->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_GET['' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (getuserbyuid($uid, 1)) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($emailstatus) {
updatecreditbyaction('realemail', $uid);
}
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
C::t('common_member_verify_info')->insert($setverify);
C::t('common_member_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600);
if ($this->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($this->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
if (!$result) {
C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
DB::insert('common_domain', array('domain' => $domain, 'domainroot' => addslashes($_G['setting']['domain']['root']['group']), 'id' => $_G['fid'], 'idtype' => 'group'));
}
}
$forumarr['domain'] = $domain;
updatecreditbyaction('modifydomain');
}
if ($_G['gp_name'] && !empty($specialswitch['allowchangename']) || $_G['gp_fup'] && !empty($specialswitch['allowchangetype'])) {
if ($_G['uid'] != $_G['forum']['founderuid'] && $_G['adminid'] != 1) {
showmessage('group_edit_only_founder');
}
if (isset($_G['gp_name'])) {
//vot $_G['gp_name'] = censor(addslashes(dhtmlspecialchars(cutstr(stripslashes(trim($_G['gp_name'])), 20, ''))));
/*vot*/
$name = stripslashes(trim($_G['gp_name']));
/*vot*/
if (dstrlen($name) < 2 || dstrlen($name) > 80) {
// Name length in Characters
showmessage('group_name_oversize');
}
/*vot*/
$name = addslashes(dhtmlspecialchars($name));
/*vot*/
if (strlen($name) > 255) {
// Name length in Bytes
showmessage('group_name_oversize');
}
/*vot*/
if (empty($name)) {
showmessage('group_name_empty');
}
/*vot*/
include template('common/header_ajax');
include template('forum/ajax_secondgroup');
include template('common/footer_ajax');
dexit();
} elseif ($_G['gp_action'] == 'displaysearch_adv') {
$display = $_G['gp_display'] == 1 ? 1 : '';
dsetcookie('displaysearch_adv', $display);
} elseif ($_G['gp_action'] == 'checkgroupname') {
$groupname = stripslashes(trim($_G['gp_groupname']));
if (empty($groupname)) {
showmessage('group_name_empty', '', array(), array('msgtype' => 3));
}
//vot $tmpname = cutstr($groupname, 20, '');
//vot if($tmpname != $groupname) {
/*vot*/
if (dstrlen($groupname) < 2 || dstrlen($groupname) > 80) {
showmessage('group_name_oversize', '', array(), array('msgtype' => 3));
}
if (DB::result_first("SELECT fid FROM " . DB::table('forum_forum') . " WHERE name='" . addslashes($groupname) . "'")) {
showmessage('group_name_exist', '', array(), array('msgtype' => 3));
}
showmessage('', '', array(), array('msgtype' => 3));
include template('common/header_ajax');
include template('common/footer_ajax');
dexit();
} elseif ($_G['gp_action'] == 'getthreadtypes') {
include template('common/header_ajax');
if (empty($_G['gp_selectname'])) {
$_G['gp_selectname'] = 'threadtypeid';
}
echo '<select name="' . $_G['gp_selectname'] . '">';
function pay_setting()
{
global $_G;
if ($_GET[onsubmit] && check()) {
$url = URL . "m=home&a=pay_setting";
$qq = implode(',', $_G['setting']['qq']);
$arr = array();
if (isset($_GET[postdb][order_number])) {
if ($_G['member']['order_number']) {
msg('您当前已绑定了订单号,无法修改,如有疑问请咨询在线客服qq ' . $qq);
}
$number = trim($_GET[postdb][order_number]);
if (!is_numeric($number)) {
msg('订单号码只能为4位或16位纯数字');
}
$len = dstrlen($number);
if ($len == 4) {
$arr[order_number] = $number;
} else {
if ($len == 16) {
$number = substr($number, -4);
} else {
msg('订单号码只能为4位或16位纯数字');
}
}
$arr[order_number] = $number;
$count = getcount('member', "order_number='{$number}'");
if ($count > 0) {
msg('订单号已被绑定,请更换新的淘宝账号');
}
}
if (isset($_GET[postdb][alipay])) {
$alipay = trim($_GET[postdb][alipay]);
if (!is_email($alipay) && !is_phone($alipay)) {
msg('支付宝账号只能为邮箱或手机号码,请重新输入');
}
if ($_G['member']['alipay']) {
msg('您当前已绑定了支付宝,无法修改,如有疑问请咨询在线客服qq ' . $qq);
}
$member = DB::fetch_first("SELECT * FROM " . DB::table('member') . " WHERE alipay='{$alipay}'");
if ($member['uid'] > 0) {
msg('当前支付宝已绑定了账号' . $member['username']);
}
$arr[alipay] = $alipay;
}
if (isset($_GET[postdb][alipay_name])) {
$arr[alipay_name] = trim($_GET[postdb][alipay_name]);
}
if (count($arr) == 0) {
msg('您提交的数据为空');
}
$arr = daddslashes($arr);
update_member($arr);
msg("修改成功", 'success', $url);
}
$this->show();
}
cpmsg($upload->errormessage(), '', 'error');
}
$_GET['data']['pic'] = (preg_match('/^http:/', $_G['setting']['attachurl']) ? '' : $_G['siteurl']) . $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment'];
$_GET['data']['local'] = $upload->attach['attachment'];
} else {
$_GET['data']['pic'] = $_GET['pic'];
}
$data = array('name' => $_GET['name'], 'data' => $_GET['data']);
C::t('#wechat#mobile_wechat_resource')->insert($data);
cpmsg('setting_update_succeed', RSELF, 'succeed');
} elseif (submitcheck('editsubmit')) {
$resource = C::t('#wechat#mobile_wechat_resource')->fetch($_GET['id']);
if (!$resource) {
cpmsg(lang('plugin/wechat', 'resource_msg_nofound'), '', 'error');
}
if (dstrlen($_GET['data']['desc'], CHARSET) > 120) {
cpmsg(lang('plugin/wechat', 'resource_msg_desc_toolong'), '', 'error');
}
if ($_FILES['pic']['tmp_name']) {
$upload = new discuz_upload();
if (!getimagesize($_FILES['pic']['tmp_name']) || !$upload->init($_FILES['pic'], 'common', random(3, 1), random(8)) || !$upload->save()) {
cpmsg($upload->errormessage(), '', 'error');
}
$_GET['data']['pic'] = (preg_match('/^http:/', $_G['setting']['attachurl']) ? '' : $_G['siteurl']) . $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment'];
$_GET['data']['local'] = $upload->attach['attachment'];
@unlink($_G['setting']['attachdir'] . 'common/' . $resource['data']['local']);
} else {
$_GET['data']['pic'] = $_GET['pic'];
}
$data = array('name' => $_GET['name'], 'data' => $_GET['data']);
C::t('#wechat#mobile_wechat_resource')->update($_GET['id'], $data);
function on_register()
{
global $_G;
$_GET['username'] = $_GET['username'];
$_GET['nickname'] = $_GET['nickname'];
$_GET['password'] = $_GET['password'];
$_GET['password2'] = $_GET['password2'];
$_GET['email'] = $_GET['email'];
if ($_G['uid']) {
$url_forward = dreferer();
if (strpos($url_forward, 'reg') !== false) {
$url_forward = 'index.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array());
} elseif (!$this->setting['regclosed']) {
if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
$username = isset($_GET['username']) ? $_GET['username'] : '';
$invitestatus = false;
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = 0;
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if (!$invitestatus) {
$invite = getinvite();
}
if (!submitcheck('regsubmit', 0, $seccodecheck)) {
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$emailstatus = 0;
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
//验证同意协议
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
//验证用户姓名
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
}
if ($usernamelen > 30) {
showmessage('profile_username_toolong');
}
//验证用户名
if ($nickname = trim($_GET['nickname'])) {
$nicknamelen = dstrlen($nickname);
if ($nicknamelen < 3) {
showmessage('profile_nickname_tooshort');
}
if ($nicknamelen > 30) {
showmessage('profile_nickname_toolong');
}
} else {
$nickname = '';
}
//验证邮箱
$email = strtolower(trim($_GET['email']));
checkemail($email);
//验证密码长度
if ($this->setting['pwlength']) {
if (strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
//验证密码强度
if ($this->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_1');
}
if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_2');
}
if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_3');
}
if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('user/template', 'password_weak') . implode(',', $strongpw_str));
}
}
//验证两次密码一致性
if ($_GET['password'] !== $_GET['password2']) {
showmessage('两次密码不匹配');
}
if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
$ctrlip = $_G['clientip'];
$setregip = null;
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
/*if(defined('IN_MOBILE')) {
break;
}*/
$field_key = $field['fieldid'];
$field_val = $_GET['' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.parentNode.parentNode.className = \'form-group warning\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.parentNode.parentNode.className = \'form-group\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
$groupinfo = array();
$addorg = 0;
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
$addorg = 1;
}
$result = uc_user_register(addslashes($username), $password, $email, addslashes($nickname), $questionid, $answer, $_G['clientip'], $addorg);
if (is_array($result)) {
$uid = $result['uid'];
$password = $result['password'];
} else {
$uid = $result;
}
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_nickname_illegal');
} elseif ($uid == -2) {
showmessage('profile_nickname_protect');
} elseif ($uid == -3) {
showmessage('profile_nickname_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} elseif ($uid == -7) {
showmessage('profile_username_illegal');
} else {
showmessage('undefined_action');
}
}
$_G['username'] = $username;
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
if ($attachment = uploadtolocal($file, 'profile', '')) {
if (@getimagesize($_G['setting']['attachdir'] . $attachment)) {
//判断是否为图片文件
@unlink($_G['setting']['attachdir'] . $attachment);
continue;
}
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attachment;
} else {
$profile[$key] = $attachment;
}
}
}
}
}
$init_arr = array('profile' => $profile, 'emailstatus' => $emailstatus);
C::t('user')->insert($uid, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
C::t('user_verify_info')->insert($setverify);
C::t('user_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
}
}
dsetcookie('loginuser', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('user')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}user.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'sitename' => $this->setting['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = daddslashes(array('sitename' => $this->setting['sitename'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']));
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'index.php';
}
$extra = array('showdialog' => true, 'locationtime' => false, 'extrajs' => '');
showmessage('', $url_forward, array(), array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $url_forward . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $url_forward . '\';' . '$(\'register_form\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $message, $param) . '\';</script>', 'striptags' => false, 'showdialog' => false));
//showmessage($message, $url_forward, $param, $extra);
}
}
if ($_GET['password'] && $_GET['password'] !== $_GET['password2']) {
showmessage('profile_passwd_notmatch');
}
$setarr = array();
if ($_GET['password']) {
$password = preg_match('/^\\w{32}$/', $_GET['password']) ? $_GET['password'] : md5($_GET['password']);
$setarr['password'] = md5($password . $member['salt']);
}
$email = strtolower(trim($_GET['email']));
if ($email && $email != $member['email']) {
checkemail($_GET['email']);
$setarr['email'] = $email;
}
//验证用户名
if ($nickname = trim($_GET['nickname'])) {
$nicknamelen = dstrlen($nickname);
if ($nicknamelen < 3) {
showmessage('profile_nickname_tooshort');
}
if ($nicknamelen > 30) {
showmessage('profile_nickname_toolong');
}
if (!check_username(addslashes(trim(stripslashes($nickname))))) {
showmessage('profile_nickname_illegal');
}
if ($nickname != $member['nickname'] && C::t('user')->fetch_by_nickname($nickname)) {
showmessage('用户名已经被注册');
}
$setarr['nickname'] = trim($_GET['nickname']);
} else {
$setarr['nickname'] = '';
$usernamelen = dstrlen($_GET['username']);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 30) {
showmessage('profile_username_toolong');
} elseif (!check_username(addslashes(trim(stripslashes($username))))) {
showmessage('profile_username_illegal');
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i';
if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
//用户名验证
$nickname = trim($_GET['nickname']);
if ($nickname) {
$nicknamelen = dstrlen($_GET['nickname']);
if ($nicknamelen < 3) {
showmessage('profile_nickname_tooshort');
} elseif ($nicknamelen > 30) {
showmessage('profile_nickname_toolong');
} elseif (!check_username(addslashes(trim(stripslashes($nickname))))) {
showmessage('profile_nickname_illegal');
}
//如果输入用户名,检查用户名不能重复
if ($nickname != $user['nickname']) {
if (C::t('user')->fetch_by_nickname($nickname)) {
showmessage('该用户名已经被注册,请更换用户名再试');
}
if ($_G['setting']['censoruser'] && @preg_match($censorexp, $nickname)) {
showmessage('profile_username_protect');
}
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: forum_ajax.php 33772 2013-08-12 06:49:20Z nemohou $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
define('NOROBOT', TRUE);
if ($_GET['action'] == 'checkusername') {
$username = trim($_GET['username']);
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort', '', array(), array('handle' => false));
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong', '', array(), array('handle' => false));
}
loaducenter();
$ucresult = uc_user_checkname($username);
if ($ucresult == -1) {
showmessage('profile_username_illegal', '', array(), array('handle' => false));
} elseif ($ucresult == -2) {
showmessage('profile_username_protect', '', array(), array('handle' => false));
} elseif ($ucresult == -3) {
if (C::t('common_member')->fetch_by_username($username) || C::t('common_member_archive')->fetch_by_username($username)) {
showmessage('register_check_found', '', array(), array('handle' => false));
} else {
showmessage('register_activation', '', array(), array('handle' => false));
/**
* 用户注册
*
* @author HanPengyu
* @param string $username 用户名.
* @param string $password 用户密码.
* @param string $email 用户邮件.
* @param string $type 注册类型,默认general.
* @return array .
*/
public static function register($username, $password, $email, $type = 'general')
{
global $_G;
require_once libfile('function/member');
require libfile('class/member');
require_once libfile('function/misc');
loaducenter();
$ctlObj = new register_ctl();
$ctlObj->setting = $_G['setting'];
// 客户端是否开启注册功能
$mobAllowReg = WebUtils::getDzPluginAppbymeAppConfig('mobile_allow_register');
if ($mobAllowReg === '0') {
return self::errorInfo(Webutils::t('客户端不允许注册'));
}
// 客户端是否开启跳转web页注册
// 系统是否允许注册
if (!$ctlObj->setting['regclosed'] && (!$ctlObj->setting['regstatus'] || !$ctlObj->setting['ucactivation'])) {
if (!$ctlObj->setting['regstatus']) {
$message = !$ctlObj->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $ctlObj->setting['regclosemessage']);
return self::errorInfo(lang('message', $message));
}
}
// $username = isset($username) ? trim(WebUtils::t($username)) : '';
$password = isset($password) ? $password : '';
// $password2 = isset($password2) ? $password2 : '';
$email = strtolower(trim($email));
if ($ctlObj->setting['regverify']) {
// 对注册 IP 的限制
if ($ctlObj->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($ctlObj->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$ctlObj->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctlObj->setting['regverify'] = 0;
break;
}
}
}
}
if ($ctlObj->setting['regverify'] && $type == 'general') {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $ctlObj->setting['newusergroupid'];
}
// 在插件中设置的用户组 date:2015.01.15
$registerGroup = WebUtils::getDzPluginAppbymeAppConfig('mobile_register_group');
if ($registerGroup) {
$groupinfo['groupid'] = $registerGroup;
}
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
return self::errorInfo(lang('message', 'profile_username_tooshort'));
} elseif ($usernamelen > 15) {
return self::errorInfo(lang('message', 'profile_username_toolong'));
}
if ($ctlObj->setting['pwlength']) {
if (strlen($password) < $ctlObj->setting['pwlength']) {
// 密码最小的长度
return self::errorInfo(lang('message', 'profile_password_tooshort', array('pwlength' => $ctlObj->setting['pwlength'])));
}
}
// 密码复杂度的限制
if ($ctlObj->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $ctlObj->setting['strongpw']) && !preg_match("/\\d+/", $password)) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if (in_array(2, $ctlObj->setting['strongpw']) && !preg_match("/[a-z]+/", $password)) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if (in_array(3, $ctlObj->setting['strongpw']) && !preg_match("/[A-Z]+/", $password)) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if (in_array(4, $ctlObj->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $password)) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if ($strongpw_str) {
// 密码太弱,密码中必须包含什么
return self::errorInfo(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
}
}
// if($password !== $password2) {
// // 两次输入的密码不同
// return WebUtils::makeErrorInfo_oldVersion($res, lang('message', 'profile_passwd_notmatch'));
// }
if (!$password || $password != addslashes($password)) {
// 密码有特殊的字符
return self::errorInfo(lang('message', 'profile_passwd_illegal'));
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($ctlObj->setting['censoruser'] = trim($ctlObj->setting['censoruser']), '/')) . ')$/i';
if ($ctlObj->setting['censoruser'] && @preg_match($censorexp, $username)) {
// 用户名包含被系统屏蔽的字符
return self::errorInfo(lang('message', 'profile_username_protect'));
}
// 这里是对ip注册的限制
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$ctlObj->setting['regctrl'] = $ctlObj->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
// ip在一定时间内不能注册
if ($ctlObj->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $ctlObj->setting['regctrl'] * 3600)) {
return self::errorInfo(lang('message', 'register_ctrl', array('regctrl' => $ctlObj->setting['regctrl'])));
}
}
// IP 地址在 24 小时内只能注册几次
$setregip = null;
if ($ctlObj->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $ctlObj->setting['regfloodctrl']) {
return self::errorInfo(lang('message', 'register_flood_ctrl', array('regfloodctrl' => $ctlObj->setting['regfloodctrl'])));
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
// 用户名包含敏感字符
return self::errorInfo(lang('message', 'profile_username_illegal'));
} elseif ($uid == -2) {
// 用户名包含被系统屏蔽的字符
return self::errorInfo(lang('message', 'profile_username_protect'));
} elseif ($uid == -3) {
// 该用户名已被注册
return self::errorInfo(lang('message', 'profile_username_duplicate'));
} elseif ($uid == -4) {
// Email 地址无效
return self::errorInfo(lang('message', 'profile_email_illegal'));
} elseif ($uid == -5) {
// 抱歉,Email 包含不可使用的邮箱域名
return self::errorInfo(lang('message', 'profile_email_domain_illegal'));
} elseif ($uid == -6) {
// 该 Email 地址已被注册
return self::errorInfo(lang('message', 'profile_email_duplicate'));
}
}
$_G['username'] = $username;
$password = md5(random(10));
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
$profile = $verifyarr = array();
$emailstatus = 0;
$init_arr = array('credits' => explode(',', $ctlObj->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($ctlObj->setting['regctrl'] || $ctlObj->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($ctlObj->setting['regctrl'] > 72 ? $ctlObj->setting['regctrl'] : 72) * 3600);
if ($ctlObj->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
if ($ctlObj->setting['regverify'] == 1) {
$idstring = random(6);
$authstr = $ctlObj->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($uid, array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$uid}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $username, 'bbname' => $ctlObj->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
}
// [add]更新欢迎注册等 data:2015.01.04
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
$_GET['regmessage'] = Webutils::t('来自手机客户端注册');
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($ctlObj->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
// 统计用户表
include_once libfile('function/stat');
updatestat('register');
return self::errorInfo('', 0, array('uid' => $uid));
}
public static function register($username, $return = 0, $groupid = 0)
{
global $_G;
if (!$username) {
return;
}
if (!$_G['wechat']['setting']) {
$_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']);
}
loaducenter();
$groupid = !$groupid ? $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'] : $groupid;
$password = md5(random(10));
$email = 'wechat_' . strtolower(random(10)) . '@null.null';
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
$username = $username . '_' . random(5);
}
if ($usernamelen > 15) {
if (!$return) {
showmessage('profile_username_toolong');
} else {
return;
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i';
if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) {
if (!$return) {
showmessage('profile_username_protect');
} else {
return;
}
}
if (!$_G['wechat']['setting']['wechat_disableregrule']) {
loadcache('ipctrl');
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$_G['setting']['regctrl'] = $_G['setting']['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($_G['setting']['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $_G['setting']['regctrl'] * 3600)) {
if (!$return) {
showmessage('register_ctrl', NULL, array('regctrl' => $_G['setting']['regctrl']));
} else {
return;
}
}
}
$setregip = null;
if ($_G['setting']['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $_G['setting']['regfloodctrl']) {
if (!$return) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $_G['setting']['regfloodctrl']));
} else {
return;
}
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
}
$uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']);
if ($uid <= 0) {
if (!$return) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
} else {
return;
}
}
$init_arr = array('credits' => explode(',', $_G['setting']['initcredits']));
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupid, $init_arr);
if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) * 3600);
if ($_G['setting']['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
if ($_G['setting']['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => '', 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $username, 'password' => $password, 'groupid' => $groupid), 0);
//统计
include_once libfile('function/stat');
updatestat('register');
return $uid;
}
} else {
if (!$multiset) {
$_GET['multinew'] = array(0 => array('single' => 1));
}
$pluginvars = array();
require_once libfile('function/delete');
foreach ($_GET['multinew'] as $k => $row) {
if (empty($row['single'])) {
foreach ($row as $key => $value) {
$_GET['' . $key] = $value;
}
$fid = $_GET['multi'][$k];
}
$forum = $mforum[$k];
/*jaideejung007*/
if (dstrlen($_GET['namenew']) > 150) {
cpmsg('forums_name_toolong', '', 'error');
}
if (!$multiset) {
if (!checkformulaperm($_GET['formulapermnew'])) {
cpmsg('forums_formulaperm_error', '', 'error');
}
$formulapermary[0] = $_GET['formulapermnew'];
$formulapermary[1] = preg_replace(array("/(digestposts|posts|threads|oltime|extcredits[1-8])/", "/(regdate|regday|regip|lastip|buyercredit|sellercredit|field\\d+)/"), array("getuserprofile('\\1')", "\$memberformula['\\1']"), $_GET['formulapermnew']);
$formulapermary['message'] = $_GET['formulapermmessagenew'];
} else {
$formulapermary = dunserialize($forum['formulaperm']);
}
$formulapermary['medal'] = $_GET['medalnew'];
$formulapermary['users'] = $_GET['formulapermusersnew'];
$_GET['formulapermnew'] = serialize($formulapermary);
