/**
* notice_list function.
*
* @access public
* @return void
*/
function notice_login()
{
$_arr_noticeGet = $this->obj_notice->notice_get("get");
if ($_arr_noticeGet["alert"] != "ok") {
$this->obj_notice->halt_re($_arr_noticeGet);
}
$_tm_now = time();
if ($_arr_noticeGet["time"] - $_tm_now > 300) {
$_arr_return = array("alert" => "x220213");
$this->obj_notice->halt_re($_arr_return);
}
$_arr_signature = $this->obj_sso->sso_verify($_arr_noticeGet["time"], $_arr_noticeGet["random"], $_arr_noticeGet["signature"]);
if ($_arr_signature["alert"] != "y050403") {
$this->obj_notice->halt_re($_arr_signature);
}
$_arr_decode = $this->obj_sso->sso_decode($_arr_noticeGet["code"], $_arr_noticeGet["key"]);
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_decode["user_id"]);
if ($_arr_adminRow["alert"] != "y020102") {
$this->obj_notice->halt_re($_arr_adminRow);
}
if ($_arr_adminRow["admin_status"] == "disable") {
$_arr_return = array("alert" => "x020401");
$this->obj_notice->halt_re($_arr_return);
}
$_str_rand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_decode["user_id"], $_str_rand);
fn_session("admin_id", "mk", $_arr_decode["user_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
$this->obj_notice->halt_re($_arr_adminRow);
}
/** 提交
* mdl_submit function.
*
* @access public
* @return void
*/
function mdl_submit($num_userId, $str_mail)
{
$_arr_verifyRow = $this->mdl_read($num_userId, "verify_user_id");
$_str_rand = fn_rand(6);
$_str_token = fn_rand(32);
$_str_tokenDo = fn_baigoEncrypt($_str_token, $_str_rand);
$_arr_verifyData = array("verify_user_id" => $num_userId, "verify_mail" => $str_mail, "verify_token" => $_str_token, "verify_rand" => $_str_rand, "verify_token_expire" => time() + BG_VERIFY_EXPIRE * 60, "verify_status" => "enable", "verify_time_refresh" => time());
if ($_arr_verifyRow["alert"] == "x120102") {
$_arr_verifyData["verify_time"] = time();
$_num_verifyId = $this->obj_db->insert(BG_DB_TABLE . "verify", $_arr_verifyData);
//更新数据
if ($_num_verifyId > 0) {
$_str_alert = "y120101";
//更新成功
} else {
return array("alert" => "x120101");
}
} else {
$_num_verifyId = $_arr_verifyRow["verify_id"];
$_num_mysql = $this->obj_db->update(BG_DB_TABLE . "verify", $_arr_verifyData, "verify_id=" . $_num_verifyId);
//更新数据
if ($_num_mysql > 0) {
$_str_alert = "y120103";
//更新成功
} else {
return array("alert" => "x120103");
}
}
return array("verify_id" => $_num_verifyId, "verify_token" => $_str_tokenDo, "alert" => $_str_alert);
}
/**
* fn_ssin_begin function.
*
* @access public
* @return void
*/
function fn_ssin_begin()
{
$_mdl_admin = new MODEL_ADMIN();
//设置管理员对象
$_mdl_group = new MODEL_GROUP();
//设置管理员对象
$_num_adminTimeDiff = fn_session("admin_ssin_time") + BG_DEFAULT_SESSION;
//session有效期
if (!fn_session("admin_id") || !fn_session("admin_ssin_time") || !fn_session("admin_hash") || $_num_adminTimeDiff < time()) {
fn_ssin_end();
$_arr_adminRow["alert"] = "x020402";
return $_arr_adminRow;
exit;
}
$_arr_adminRow = $_mdl_admin->mdl_read(fn_session("admin_id"));
if (fn_baigoEncrypt($_arr_adminRow["admin_time"], $_arr_adminRow["admin_rand"]) != fn_session("admin_hash")) {
fn_ssin_end();
$_arr_adminRow["alert"] = "x020403";
return $_arr_adminRow;
exit;
}
$_arr_groupRow = $_mdl_group->mdl_read($_arr_adminRow["admin_group_id"]);
if (isset($_arr_groupRow["group_status"]) && $_arr_groupRow["group_status"] == "disable") {
fn_ssin_end();
$_arr_adminRow["alert"] = "x040401";
return $_arr_adminRow;
exit;
}
$_arr_adminRow["groupRow"] = $_arr_groupRow;
fn_session("admin_ssin_time", "mk", time());
return $_arr_adminRow;
}
/**
* ctl_login function.
*
* @access public
* @return void
*/
function ctl_login()
{
$_arr_adminLogin = $this->mdl_admin->input_login();
if ($_arr_adminLogin["alert"] != "ok") {
return $_arr_adminLogin;
exit;
}
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_adminLogin["admin_name"], "admin_name");
if ($_arr_adminRow["alert"] != "y020102") {
return $_arr_adminRow;
exit;
}
if (fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020207");
exit;
}
if ($_arr_adminRow["admin_status"] != "enable") {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020402");
exit;
}
$_str_adminRand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_adminRow["admin_id"], fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_str_adminRand), $_str_adminRand);
fn_session("admin_id", "mk", $_arr_adminRow["admin_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_adminRand));
return array("admin_id" => $_arr_adminLogin["admin_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020201");
}
/**
* ajax_submit function.
*
* @access public
* @return void
*/
function ajax_submit()
{
$_arr_adminSubmit = $this->mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_str_adminPassDo = "";
$_str_adminRand = "";
if ($_arr_adminSubmit["admin_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020303");
}
if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) {
$this->obj_ajax->halt_alert("x020306");
}
$_str_adminPass = fn_post("admin_pass");
if (!fn_isEmpty($_str_adminPass)) {
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020302");
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
$_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") {
$_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]);
$_str_targets = json_encode($_arr_targets);
if ($_arr_adminRow["alert"] == "y020101") {
$_type = "add";
} else {
$_type = "edit";
}
$_str_adminRow = json_encode($_arr_adminRow);
$_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin");
$this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]);
}
$this->obj_ajax->halt_alert($_arr_adminRow["alert"]);
}
function api_admin()
{
$this->check_db();
include_once BG_PATH_MODEL . "admin.class.php";
//载入管理帐号模型
$_mdl_admin = new MODEL_ADMIN();
$_arr_adminAdd = $_mdl_admin->api_add();
if ($_arr_adminAdd["alert"] != "ok") {
$this->obj_api->halt_re($_arr_adminAdd);
}
$_str_rand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_arr_adminAdd["admin_pass"], $_str_rand, true);
$_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_rand);
$this->obj_api->halt_re($_arr_adminRow);
}
function ajax_pass()
{
if (isset($this->adminLogged["admin_allow"]["pass"])) {
$this->obj_ajax->halt_alert("x020109");
}
$_arr_adminPass = $this->mdl_admin->input_pass();
if ($_arr_adminPass["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminPass["alert"]);
}
$_arr_adminRow = $this->mdl_admin->mdl_read($this->adminLogged["admin_id"]);
if ($_arr_adminRow["alert"] != "y020102") {
return $_arr_adminRow;
}
if (fn_baigoEncrypt($_arr_adminPass["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) {
$this->obj_ajax->halt_alert("x020207");
}
$_arr_adminRow = $this->mdl_admin->mdl_pass($this->adminLogged["admin_id"]);
$this->obj_ajax->halt_alert($_arr_adminRow["alert"]);
}
function fn_ssin_login($num_adminId)
{
$_mdl_admin = new MODEL_ADMIN();
//设置管理员对象
$_arr_adminRow = $_mdl_admin->mdl_read($num_adminId);
//本地数据库处理
if ($_arr_adminRow["alert"] != "y020102") {
return $_arr_adminRow;
}
if ($_arr_adminRow["admin_status"] == "disable") {
return array("alert" => "x020401");
}
$_str_rand = fn_rand(6);
$_mdl_admin->mdl_login($num_adminId, $_str_rand);
fn_session("admin_id", "mk", $num_adminId);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
return array("alert" => "ok");
}
function fn_ssin_begin()
{
$_mdl_admin = new MODEL_ADMIN();
//设置管理员模型
$_num_adminTimeDiff = fn_session("admin_ssin_time") + BG_DEFAULT_SESSION;
//session有效期
if (!fn_session("admin_id") || !fn_session("admin_ssin_time") || !fn_session("admin_hash") || $_num_adminTimeDiff < time()) {
fn_ssin_end();
$_arr_adminRow["alert"] = "x020401";
return $_arr_adminRow;
exit;
}
$_arr_adminRow = $_mdl_admin->mdl_read(fn_session("admin_id"));
//print_r($_arr_adminRow);
if (fn_baigoEncrypt($_arr_adminRow["admin_time"], $_arr_adminRow["admin_rand"]) != fn_session("admin_hash")) {
fn_ssin_end();
$_arr_adminRow["alert"] = "x020403";
return $_arr_adminRow;
exit;
}
fn_session("admin_ssin_time", "mk", time());
return $_arr_adminRow;
}
/**
* ctl_login function.
*
* @access public
* @return void
*/
function ctl_login()
{
$_arr_adminLogin = $this->input_login();
if ($_arr_adminLogin["alert"] != "ok") {
return $_arr_adminLogin;
exit;
}
$_arr_ssoLogin = $this->obj_sso->sso_login($_arr_adminLogin["admin_name"], $_arr_adminLogin["admin_pass"]);
//sso验证
if ($_arr_ssoLogin["alert"] != "y010401") {
$_arr_ssoLogin["forward"] = $_arr_adminLogin["forward"];
return $_arr_ssoLogin;
exit;
}
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_ssoLogin["user_id"]);
//本地数据库处理
if ($_arr_adminRow["alert"] != "y020102") {
$_arr_adminRow["forward"] = $_arr_adminLogin["forward"];
return $_arr_adminRow;
exit;
}
if ($_arr_adminRow["admin_status"] == "disable") {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020401");
exit;
}
$_str_rand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_ssoLogin["user_id"], $_str_rand);
fn_session("admin_id", "mk", $_arr_ssoLogin["user_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
if (defined("BG_SSO_SYNLOGON") && BG_SSO_SYNLOGON == "on") {
$_arr_sync = $this->obj_sso->sso_sync_login($_arr_ssoLogin["user_id"]);
echo $_arr_sync["html"];
}
exit;
return array("admin_id" => $_arr_ssoLogin["user_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020401");
}
function ajax_submit()
{
$_arr_userSubmit = $this->mdl_user->input_submit();
$_str_userPassDo = "";
$_str_userRand = "";
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_userSubmit["alert"]);
}
if ($_arr_userSubmit["user_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["user"]["edit"])) {
$this->obj_ajax->halt_alert("x010303");
}
$_str_userPass = fn_post("user_pass");
if ($_str_userPass) {
$_str_userRand = fn_rand(6);
$_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["user"]["add"])) {
$this->obj_ajax->halt_alert("x010302");
}
$_arr_userPass = validateStr(fn_post("user_pass"), 1, 0);
switch ($_arr_userPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x010212");
break;
case "ok":
$_str_userPass = $_arr_userPass["str"];
break;
}
$_str_userRand = fn_rand(6);
$_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand);
}
$_arr_userRow = $this->mdl_user->mdl_submit($_str_userPassDo, $_str_userRand);
$this->obj_ajax->halt_alert($_arr_userRow["alert"]);
}
function ctl_mailbox()
{
$_num_verifyId = fn_getSafe(fn_get("verify_id"), "int", 0);
$_str_verifyToken = fn_getSafe(fn_get("verify_token"), "txt", "");
if ($_num_verifyId < 1) {
return array("alert" => "x120201");
}
if (fn_isEmpty($_str_verifyToken)) {
return array("alert" => "x120202");
}
$_arr_verifyRow = $this->mdl_verify->mdl_read($_num_verifyId);
if ($_arr_verifyRow["alert"] != "y120102") {
return $_arr_verifyRow;
}
if ($_arr_verifyRow["verify_status"] != "enable") {
return array("alert" => "x120203");
}
if ($_arr_verifyRow["verify_token_expire"] < time()) {
return array("alert" => "x120204");
}
if (fn_baigoEncrypt($_arr_verifyRow["verify_token"], $_arr_verifyRow["verify_rand"]) != $_str_verifyToken) {
return array("alert" => "x120205");
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_verifyRow["verify_user_id"]);
if ($_arr_userRow["alert"] != "y010102") {
return $_arr_userRow;
}
$_arr_verifyRow["verify_token"] = $_str_verifyToken;
$_arr_tplData = array("userRow" => $_arr_userRow, "verifyRow" => $_arr_verifyRow);
$this->obj_tpl->tplDisplay("reg_mailbox.tpl", $_arr_tplData);
return array("alert" => "y010102");
}
/**
* api_mailbox function.
*
* @access public
* @return void
*/
function api_mailbox()
{
$this->app_check("post");
if (!isset($this->appAllow["user"]["mailbox"])) {
//无权限并记录日志
$_arr_return = array("alert" => "x050308");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$_arr_logType = array("user", "mailbox");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userSubmit = $this->mdl_user->input_mail_api();
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userSubmit);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userSubmit["user_str"], $_arr_userSubmit["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] != "enable") {
$_arr_return = array("alert" => "x010401");
$this->obj_api->halt_re($_arr_return);
}
if ($_arr_userSubmit["user_mail_new"] == $_arr_userRow["user_mail"]) {
$_arr_return = array("alert" => "x010223");
$this->obj_api->halt_re($_arr_return);
}
$_is_pass = false;
if ($_arr_userSubmit["user_check_pass"] == true) {
if (fn_baigoEncrypt($_arr_userSubmit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) {
$_arr_return = array("alert" => "x010213");
$this->obj_api->halt_re($_arr_return);
} else {
$_is_pass = true;
}
}
if (!isset($this->appAllow["user"]["global"]) && !$_is_pass) {
$_arr_belongRow = $this->mdl_belong->mdl_read($_arr_userRow["user_id"], $this->appRequest["app_id"]);
if ($_arr_belongRow["alert"] != "y070102") {
$_arr_return = array("alert" => "x050308");
$this->obj_api->halt_re($_arr_return);
}
}
if ((BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") && $_arr_userSubmit["user_mail_new"]) {
$_arr_userRowChk = $this->mdl_user->mdl_read($_arr_userSubmit["user_mail_new"], "user_mail", $_arr_userRow["user_id"]);
//检查邮箱
if ($_arr_userRowChk["alert"] == "y010102") {
$_arr_return = array("alert" => "x010211");
$this->obj_api->halt_re($_arr_return);
}
}
//file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);
if (BG_REG_CONFIRM == "on") {
$_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]);
if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") {
$_arr_return = array("alert" => "x010405");
$this->obj_api->halt_re($_arr_return);
}
$_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=mailbox&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"];
$_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>";
$_str_html = str_replace("{verify_url}", $_str_url, $this->obj_api->mail["mailbox"]["content"]);
if (fn_mailSend($_arr_userSubmit["user_mail_new"], $this->obj_api->mail["mailbox"]["subject"], $_str_html)) {
$_arr_returnRow["alert"] = "y010406";
} else {
$_arr_returnRow["alert"] = "x010406";
}
} else {
$_arr_returnRow = $this->mdl_user->mdl_mail($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]);
}
$_arr_returnRow["user_id"] = $_arr_userRow["user_id"];
$_arr_returnRow["user_name"] = $_arr_userRow["user_name"];
$_str_key = fn_rand(6);
$_str_code = $this->obj_api->api_encode($_arr_returnRow, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key);
//通知
$_arr_notice = $_arr_return;
$_arr_notice["act_post"] = "mailbox";
$this->obj_api->api_notice($_arr_notice, $this->appRows);
$_arr_return["alert"] = $_arr_returnRow["alert"];
$this->obj_api->halt_re($_arr_return);
}
function mdl_convert()
{
$_num_errChk = 0;
$_arr_csvRows = $this->mdl_import();
/*print_r($this->userConvert["user_list"]["convert"]);
exit;*/
foreach ($_arr_csvRows as $_key_row => $_value_row) {
foreach ($this->userConvert["user_convert"] as $_key_cel => $_value_cel) {
$_arr_userRow = $this->mdl_read($_value_row["user_name"], "user_name");
if ($_arr_userRow["alert"] == "x010102") {
$_str_rand = fn_rand(6);
$_arr_userData["user_rand"] = $_str_rand;
switch ($_value_cel) {
case "user_pass":
$_str_userPass = fn_baigoEncrypt($_value_row[$_key_cel], $_str_rand, true);
$_arr_userData["user_pass"] = $_str_userPass;
break;
case "abort":
break;
default:
$_arr_userData[$_value_cel] = $_value_row[$_key_cel];
break;
}
}
}
//print_r($_arr_userData);
$_num_userId = 0;
if ($_key_row > 0) {
$_num_userId = $this->obj_db->insert(BG_DB_TABLE . "user", $_arr_userData);
}
if ($_num_userId > 0) {
//数据库插入是否成功
$_num_errChk++;
}
unset($_arr_userData["user_abort"]);
}
if ($_num_errChk > 0) {
$_str_alert = "y010402";
} else {
$_str_alert = "x010402";
}
return array("user_id" => $_num_userId, "alert" => $_str_alert);
}
function ajax_admin()
{
$this->check_db();
include_once BG_PATH_MODEL . "admin.class.php";
//载入管理帐号模型
$_mdl_admin = new MODEL_ADMIN();
$_arr_adminSubmit = $_mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0);
switch ($_arr_adminPassConfirm["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020211");
break;
case "ok":
$_str_adminPassConfirm = $_arr_adminPassConfirm["str"];
break;
}
if ($_str_adminPass != $_str_adminPassConfirm) {
$this->obj_ajax->halt_alert("x020206");
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
$_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
$this->obj_ajax->halt_alert("y030407");
}
/**
* ajax_submit function.
*
* @access public
* @return void
*/
function api_add()
{
$this->app_check("post");
$_arr_adminAdd = $this->mdl_admin->api_add();
if ($_arr_adminAdd["alert"] != "ok") {
$this->obj_api->halt_re($_arr_adminAdd);
}
$_str_rand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_arr_adminAdd["admin_pass"], $_str_rand, true);
$_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_rand);
$_str_key = fn_rand(6);
$_str_code = $this->obj_api->api_encode($_arr_adminRow, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key);
$_arr_return["alert"] = $_arr_adminRow["alert"];
$this->obj_api->halt_re($_arr_return);
}
/** api 编辑
* input_edit_api function.
*
* @access public
* @return void
*/
function input_edit_api()
{
$_arr_userGet = $this->input_get_by("post");
if ($_arr_userGet["alert"] != "ok") {
return $_arr_userGet;
}
$this->apiEdit = $_arr_userGet;
$this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", "");
if ($this->apiEdit["user_check_pass"] == true) {
$_arr_userPass = $this->chk_user_pass(fn_post("user_pass"));
if ($_arr_userPass["alert"] != "ok") {
return $_arr_userPass;
}
$this->apiEdit["user_pass"] = $_arr_userPass["user_pass"];
}
if (fn_post("user_pass_new")) {
$this->apiEdit["user_pass_new"] = fn_post("user_pass_new");
$this->apiEdit["user_rand"] = fn_rand(6);
$this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true);
}
if (fn_post("user_mail_new")) {
$_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new"));
if ($_arr_userMailNew["alert"] != "ok") {
return $_arr_userMailNew;
}
$this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"];
}
$_arr_userNick = $this->chk_user_nick(fn_post("user_nick"));
if ($_arr_userNick["alert"] != "ok") {
return $_arr_userNick;
}
$this->apiEdit["user_nick"] = $_arr_userNick["user_nick"];
$this->apiEdit["alert"] = "ok";
return $this->apiEdit;
}
/** api 编辑表单验证
* input_edit_api function.
*
* @access public
* @return void
*/
function input_edit_api()
{
$_arr_userGet = $this->input_get_by("post");
if ($_arr_userGet["alert"] != "ok") {
return $_arr_userGet;
}
$this->apiEdit = $_arr_userGet;
$this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", "");
if ($this->apiEdit["user_check_pass"] == true) {
$_arr_userPass = $this->chk_user_pass(fn_post("user_pass"));
if ($_arr_userPass["alert"] != "ok") {
return $_arr_userPass;
}
$this->apiEdit["user_pass"] = $_arr_userPass["user_pass"];
}
if (fn_post("user_pass_new")) {
$this->apiEdit["user_pass_new"] = fn_post("user_pass_new");
$this->apiEdit["user_rand"] = fn_rand(6);
$this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true);
}
if (fn_post("user_mail_new")) {
$_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new"));
if ($_arr_userMailNew["alert"] != "ok") {
return $_arr_userMailNew;
}
$this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"];
}
$_arr_userNick = $this->chk_user_nick(fn_post("user_nick"));
if ($_arr_userNick["alert"] != "ok") {
return $_arr_userNick;
}
$this->apiEdit["user_nick"] = $_arr_userNick["user_nick"];
$_str_userContact = fn_getSafe(fn_post("user_contact"), "txt", "");
$this->apiEdit["user_contactStr"] = $_str_userContact;
$_str_userContact = fn_htmlcode($_str_userContact, "decode", "json");
$_arr_userContact = json_decode($_str_userContact, true);
$this->apiEdit["user_contact"] = fn_jsonEncode($_arr_userContact, "encode");
$_str_userExtend = fn_getSafe(fn_post("user_extend"), "txt", "");
$this->apiEdit["user_extendStr"] = $_str_userExtend;
$_str_userExtend = fn_htmlcode($_str_userExtend, "decode", "json");
$_arr_userExtend = json_decode($_str_userExtend, true);
$this->apiEdit["user_extend"] = fn_jsonEncode($_arr_userExtend, "encode");
$this->apiEdit["alert"] = "ok";
return $this->apiEdit;
}
/** api 编辑
* api_edit function.
*
* @access public
* @return void
*/
function api_edit()
{
$_arr_userGet = $this->input_get_by("post");
if ($_arr_userGet["alert"] != "ok") {
return $_arr_userGet;
exit;
}
$this->apiEdit = $_arr_userGet;
if (fn_post("user_mail")) {
$_arr_userMail = $this->input_mail_chk(fn_post("user_mail"));
if ($_arr_userMail["alert"] != "ok") {
return $_arr_userMail;
exit;
}
$this->apiEdit["user_mail"] = $_arr_userMail["user_mail"];
if (defined("BG_ACC_MAIL") && strlen(BG_ACC_MAIL)) {
if (!fn_regChk($this->apiEdit["user_mail"], BG_ACC_MAIL)) {
return array("alert" => "x010209");
exit;
}
} else {
if (defined("BG_BAD_MAIL") && strlen(BG_BAD_MAIL)) {
if (fn_regChk($this->apiEdit["user_mail"], BG_BAD_MAIL)) {
return array("alert" => "x010210");
exit;
}
}
}
}
$this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", "");
if ($this->apiEdit["user_check_pass"] == true) {
$_arr_userPass = $this->input_pass_chk(fn_post("user_pass"));
if ($_arr_userPass["alert"] != "ok") {
return $_arr_userPass;
exit;
}
$this->apiEdit["user_pass"] = $_arr_userPass["user_pass"];
}
if (fn_post("user_pass_new")) {
$this->apiEdit["user_pass_new"] = fn_post("user_pass_new");
$this->apiEdit["user_rand"] = fn_rand(6);
$this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true);
}
$_arr_userNick = $this->input_nick_chk(fn_post("user_nick"));
if ($_arr_userNick["alert"] != "ok") {
return $_arr_userNick;
exit;
}
$this->apiEdit["user_nick"] = $_arr_userNick["user_nick"];
$this->apiEdit["alert"] = "ok";
return $this->apiEdit;
}
/** 修改密码表单验证
* input_pass function.
*
* @access public
* @return void
*/
function input_pass()
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030102");
exit;
}
$_arr_adminPassOld = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPassOld["status"]) {
case "too_short":
return array("alert" => "x020210");
exit;
break;
case "ok":
$this->adminPass["admin_pass"] = $_arr_adminPassOld["str"];
break;
}
$_arr_adminPassNew = validateStr(fn_post("admin_pass_new"), 1, 0);
switch ($_arr_adminPassNew["status"]) {
case "too_short":
return array("alert" => "x020213");
exit;
break;
case "ok":
$this->adminPass["admin_pass_new"] = $_arr_adminPassNew["str"];
break;
}
$_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0);
switch ($_arr_adminPassConfirm["status"]) {
case "too_short":
return array("alert" => "x020215");
exit;
break;
case "ok":
$this->adminPass["admin_pass_confirm"] = $_arr_adminPassConfirm["str"];
break;
}
if ($this->adminPass["admin_pass_new"] != $this->adminPass["admin_pass_confirm"]) {
return array("alert" => "x020211");
exit;
}
$this->adminPass["admin_rand"] = fn_rand(6);
$this->adminPass["admin_pass_do"] = fn_baigoEncrypt($this->adminPass["admin_pass_new"], $this->adminPass["admin_rand"]);
$this->adminPass["alert"] = "ok";
return $this->adminPass;
}
/**
* api_edit function.
*
* @access public
* @return void
*/
function api_edit()
{
$this->app_check("post");
if (!isset($this->appAllow["user"]["edit"])) {
$_arr_return = array("alert" => "x050308");
$_arr_logTarget[] = array("app_id" => $this->appGet["app_id"]);
$_arr_logType = array("user", "edit");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userEdit = $this->mdl_user->api_input_edit();
if ($_arr_userEdit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userEdit);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userEdit["user_str"], $_arr_userEdit["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if (!isset($this->appAllow["user"]["global"])) {
$_arr_appBelongRow = $this->mdl_appBelong->mdl_read($_arr_userRow["user_id"], $this->appGet["app_id"]);
if ($_arr_appBelongRow["alert"] != "y070102") {
$_arr_return = array("alert" => "x050308");
$this->obj_api->halt_re($_arr_return);
}
}
if ($_arr_userEdit["user_check_pass"] == true) {
if (fn_baigoEncrypt($_arr_userEdit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) {
$_arr_return = array("alert" => "x010213");
$this->obj_api->halt_re($_arr_return);
}
}
if ($_arr_userRow["user_status"] != "enable") {
return array("alert" => "x010401");
exit;
}
if (BG_REG_ONEMAIL == "false" && BG_REG_NEEDMAIL == "on" && $_arr_userEdit["user_mail"]) {
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userEdit["user_mail"], "user_mail", $_arr_userRow["user_id"]);
if ($_arr_userRow["alert"] == "y010102") {
$_arr_return = array("alert" => "x010211");
$this->obj_api->halt_re($_arr_return);
}
}
//file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);
$_str_key = fn_rand(6);
$_arr_userUpdate = $this->mdl_user->mdl_edit($_arr_userRow["user_id"]);
$_arr_userUpdate["user_name"] = $_arr_userRow["user_name"];
$_str_code = $this->obj_api->api_encode($_arr_userUpdate, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key);
//通知
$_arr_notice = $_arr_return;
$_arr_notice["act_post"] = "edit";
$this->obj_api->api_notice($_arr_notice, $this->appRows);
$_arr_return["alert"] = $_arr_userUpdate["alert"];
$this->obj_api->halt_re($_arr_return);
}
function ajax_confirm()
{
$_arr_verifySubmit = $this->mdl_verify->input_verify();
if ($_arr_verifySubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_verifySubmit["alert"]);
}
$_arr_verifyRow = $this->mdl_verify->mdl_read($_arr_verifySubmit["verify_id"]);
if ($_arr_verifyRow["alert"] != "y120102") {
$this->obj_ajax->halt_alert($_arr_verifyRow["alert"]);
}
if ($_arr_verifyRow["verify_status"] != "enable") {
$this->obj_ajax->halt_alert("x120203");
}
if ($_arr_verifyRow["verify_token_expire"] < time()) {
$this->obj_ajax->halt_alert("x120204");
}
if (fn_baigoEncrypt($_arr_verifyRow["verify_token"], $_arr_verifyRow["verify_rand"]) != $_arr_verifySubmit["verify_token"]) {
$this->obj_ajax->halt_alert("x120205");
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_verifyRow["verify_user_id"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_ajax->halt_alert($_arr_userRow["alert"]);
}
$_arr_returnRow = $this->mdl_user->mdl_confirm($_arr_userRow["user_id"]);
if ($_arr_returnRow["alert"] == "y010103") {
$_str_alert = "y010409";
} else {
$_str_alert = "x010409";
}
$this->mdl_verify->mdl_disable();
$this->obj_ajax->halt_alert($_str_alert);
}
/**
* api_mailbox function.
*
* @access public
* @return void
*/
function api_mailbox()
{
$this->app_check("post");
if (!isset($this->appAllow["user"]["mailbox"])) {
//无权限并记录日志
$_arr_return = array("alert" => "x050308");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$_arr_logType = array("user", "mailbox");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userSubmit = $this->mdl_user->input_mail_api();
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userSubmit);
}
$_arr_sign = array("act_post" => $GLOBALS["act_post"], $_arr_userSubmit["user_by"] => $_arr_userSubmit["user_str"], "user_mail_new" => $_arr_userSubmit["user_mail_new"]);
if (isset($_arr_userSubmit["user_check_pass"]) && $_arr_userSubmit["user_check_pass"] == true) {
$_arr_sign["user_check_pass"] = true;
$_arr_sign["user_pass"] = $_arr_userSubmit["user_pass"];
} else {
$_arr_sign["user_check_pass"] = false;
}
if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
$_arr_return = array("alert" => "x050403");
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userSubmit["user_str"], $_arr_userSubmit["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] == "disable") {
$_arr_return = array("alert" => "x010401");
$this->obj_api->halt_re($_arr_return);
}
if ($_arr_userSubmit["user_mail_new"] == $_arr_userRow["user_mail"]) {
$_arr_return = array("alert" => "x010223");
$this->obj_api->halt_re($_arr_return);
}
$_is_pass = false;
if ($_arr_userSubmit["user_check_pass"] == true) {
if (fn_baigoEncrypt($_arr_userSubmit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) {
$_arr_return = array("alert" => "x010213");
$this->obj_api->halt_re($_arr_return);
} else {
$_is_pass = true;
}
}
if (!isset($this->appAllow["user"]["global"]) && !$_is_pass) {
$_arr_belongRow = $this->mdl_belong->mdl_read($_arr_userRow["user_id"], $this->appRequest["app_id"]);
if ($_arr_belongRow["alert"] != "y070102") {
$_arr_return = array("alert" => "x050308");
$this->obj_api->halt_re($_arr_return);
}
}
if ((BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") && isset($_arr_userSubmit["user_mail_new"]) && $_arr_userSubmit["user_mail_new"]) {
$_arr_userRowChk = $this->mdl_user->mdl_read($_arr_userSubmit["user_mail_new"], "user_mail", $_arr_userRow["user_id"]);
//检查邮箱
if ($_arr_userRowChk["alert"] == "y010102") {
$_arr_return = array("alert" => "x010211");
$this->obj_api->halt_re($_arr_return);
}
}
//file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);
if (BG_REG_CONFIRM == "on") {
$_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]);
if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") {
$_arr_return = array("alert" => "x010405");
$this->obj_api->halt_re($_arr_return);
}
$_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=mailbox&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"];
$_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>";
$_str_html = str_ireplace("{verify_url}", $_str_url, $this->obj_api->mail["mailbox"]["content"]);
$_str_html = str_ireplace("{user_name}", $_arr_userRow["user_name"], $_str_html);
$_str_html = str_ireplace("{user_mail}", $_arr_userRow["user_mail"], $_str_html);
$_str_html = str_ireplace("{user_mail_new}", $_arr_userSubmit["user_mail_new"], $_str_html);
if (fn_mailSend($_arr_userSubmit["user_mail_new"], $this->obj_api->mail["mailbox"]["subject"], $_str_html)) {
$_arr_returnRow["alert"] = "y010406";
} else {
$_arr_returnRow["alert"] = "x010406";
}
} else {
$_arr_returnRow = $this->mdl_user->mdl_mail($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]);
}
$_arr_returnRow["user_id"] = $_arr_userRow["user_id"];
$_arr_returnRow["user_name"] = $_arr_userRow["user_name"];
//unset($_arr_returnRow["alert"]);
$_str_src = fn_jsonEncode($_arr_returnRow, "encode");
$_str_code = $this->obj_crypt->encrypt($_str_src, $this->appRow["app_key"]);
$_arr_return = array("code" => $_str_code);
$_tm_time = time();
//通知
foreach ($this->appRows as $_key => $_value) {
$_arr_data = array("act_post" => "mailbox", "code" => $this->obj_crypt->encrypt($_str_src, $_value["app_key"]), "time" => $_tm_time, "app_id" => $_value["app_id"], "app_key" => $_value["app_key"]);
$_arr_data["signature"] = $this->obj_sign->sign_make($_arr_data);
if (stristr($_value["app_url_notify"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
fn_http($_value["app_url_notify"] . $_str_conn . "mod=notify", $_arr_data, "post");
}
$_arr_return["alert"] = $_arr_returnRow["alert"];
$this->obj_api->halt_re($_arr_return);
}
