header("Location:index.php?mod=login&error_msg=微博登录授权失败,密码错误 :) ");
            }
        }
        break;
    case 'regpost':
        $yr_reg = option::get('yr_reg');
        if (!empty($yr_reg)) {
            isset($_POST['yr']) ? $invite = $_POST['yr'] : die("缺少需要的数据哟 invite :)");
            if ($invite != $yr_reg) {
                header("Location:index.php?mod=login&error_msg=邀请码错误!");
            }
        }
        isset($_POST['mail']) ? $email = addslashes($_POST['mail']) : die("缺少需要的数据哟 mail :)");
        isset($_POST['pwd']) ? $pwd = $_POST['pwd'] : die("缺少需要的数据哟 pwd :)");
        isset($_POST['name']) ? $username = addslashes($_POST['name']) : die("缺少需要的数据哟 uname :)");
        /*开始注册判定*/
        if (option::get('enable_reg') != '1') {
            msg('注册失败:该站点已关闭注册');
        }
        $x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$username}' OR `email` = '{$email}' LIMIT 1");
        $y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`");
        if ($x['total'] > 0) {
            msg('注册失败:用户名或邮箱已经被注册');
        }
        $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $username . '\', \'' . $pwd . '\', \'' . $email . '\', \'user\', \'' . getfreetable() . '\');');
        $id = $m->once_fetch_array("SELECT * FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$username}' ");
        setcookie("uid", $id['id'], time() + 999999);
        setcookie("pwd", substr(sha1(EncodePwd($pwd)), 4, 32), time() + 999999);
        header("Location:index.php");
        break;
}
function reg_supervise_yx()
{
    global $m;
    $name = isset($_POST['user']) ? addslashes(strip_tags($_POST['user'])) : '';
    $mail = isset($_POST['mail']) ? addslashes($_POST['mail']) : '';
    $pw = isset($_POST['pw']) ? addslashes(strip_tags($_POST['pw'])) : '';
    $role = 'banned';
    $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');');
    $ip = $_SERVER['REMOTE_ADDR'];
    setcookie("reg_check", date('d'), time() + 86400);
    $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'reg` (`ip`) VALUES (\'' . $ip . '\');');
    $key = sha1(md5(EncodePwd($pw) . date('Ymd') . option::get(salt)));
    $title = strip_tags(SYSTEM_NAME) . " - 注册验证";
    $text = "你在" . SYSTEM_URL . "   使用IP:" . $ip . "  用此邮箱注册了账号,账号:" . $name . ",密码" . $pw . "<br>点击以下链接完成安全验证,即可正常使用本站服务。如果显示禁止访问,使用浏览器隐身模式再打开链接即可<br><p>本邮件为系统自动发送,请勿回复。如果你没有进行此操作,可能是有人冒用了此邮箱,请不要点击链接</p><br>验证链接(当日有效):" . SYSTEM_URL . "index.php?pub_plugin=reg_supervise" . '&jh' . '&email=' . base64_encode($mail) . '&key=' . $key;
    $x = misc::mail($mail, $title, $text);
    if ($x != true) {
        $m->query("UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "users` SET `role` = 'user' WHERE email = '{$mail}'");
        $js = option::get('reg_jg');
        option::set('reg_jg', $js + 1);
        ReDirect(SYSTEM_URL . 'index.php?pub_plugin=reg_supervise&error_msg=验证邮件发送失败!已为你激活用户!请登录。');
        die;
    } else {
        option::set('reg_jg', 0);
        ReDirect(SYSTEM_URL . 'index.php?pub_plugin=reg_supervise&success_msg=请登录你的邮箱点击确认链接!否则无法登陆本站!');
    }
    die;
}
Example #3
0
function dl_invite_yz()
{
    global $m;
    if (option::get('enable_reg') != '1') {
        msg('注册失败:该站点已关闭注册');
    }
    $name = isset($_POST['user']) ? addslashes(strip_tags($_POST['user'])) : '';
    $mail = isset($_POST['mail']) ? addslashes(strip_tags($_POST['mail'])) : '';
    $pw = isset($_POST['pw']) ? addslashes(strip_tags($_POST['pw'])) : '';
    $yr = isset($_POST['invite']) ? addslashes(strip_tags($_POST['invite'])) : '';
    if (empty($name) || empty($mail) || empty($pw)) {
        msg('注册失败:请正确填写账户、密码或邮箱');
    }
    $x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE name='{$name}'");
    $z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE email='{$name}'");
    $y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`");
    if ($x['total'] > 0) {
        msg('注册失败:用户名已经存在');
    }
    if ($z['total'] > 0) {
        msg('注册失败:邮箱已经存在');
    }
    if (!checkMail($mail)) {
        msg('注册失败:邮箱格式不正确');
    }
    if (empty($yr)) {
        msg('注册失败:请输入邀请码');
    }
    $invite = $m->fetch_array($m->query('select * from `' . DB_NAME . '`.`' . DB_PREFIX . 'dl_invite` where `code` = "' . $yr . '"'));
    if (!empty($invite['code'])) {
        $dlyr = $invite['code'];
        $m->query('DELETE FROM `' . DB_NAME . '`.`' . DB_PREFIX . 'dl_invite` where `code` = "' . $dlyr . '"');
    } else {
        msg('注册失败:邀请码错误或已被使用');
    }
    if ($y['total'] <= 0) {
        $role = 'admin';
    } else {
        $role = 'user';
    }
    doAction('admin_reg_2');
    $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');');
    setcookie("wmzz_tc_user", $name);
    setcookie("wmzz_tc_pw", EncodePwd($pw));
    doAction('admin_reg_3');
    ReDirect('index.php');
    echo '}';
    die;
}
Example #4
0
    if (!empty($yr_reg)) {
        if (empty($yr)) {
            msg('注册失败:请输入邀请码');
        } else {
            if ($yr_reg != $yr) {
                msg('注册失败:邀请码错误');
            }
        }
    }
    if ($y['total'] <= 0) {
        $role = 'admin';
    } else {
        $role = 'user';
    }
    doAction('admin_reg_2');
    $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');');
    doAction('admin_reg_3');
    ReDirect('index.php?mod=login&msg=' . urlencode('成功注册,请输入账号信息登录本站 [ 账号为用户名或邮箱地址 ]'));
} elseif (SYSTEM_PAGE == 'login') {
    if (defined('ROLE')) {
        ReDirect('index.php');
    }
    define('ROLE', 'visitor');
    $i['user']['role'] = 'visitor';
    template('login');
    doAction('login_page_4');
    die;
} elseif (SYSTEM_PAGE == 'reg') {
    if (defined('ROLE')) {
        ReDirect('index.php');
    }
Example #5
0
function xy_invite_verify()
{
    global $m;
    if (option::get('enable_reg') != '1') {
        msg('注册失败:该站点已关闭注册');
    }
    $name = isset($_POST['user']) ? sqladds($_POST['user']) : '';
    $mail = isset($_POST['mail']) ? sqladds($_POST['mail']) : '';
    $pw = isset($_POST['pw']) ? sqladds($_POST['pw']) : '';
    $yr = isset($_POST['yr']) ? sqladds($_POST['yr']) : '';
    if (empty($name) || empty($mail) || empty($pw)) {
        msg('注册失败:请正确填写账户、密码或邮箱');
    }
    if ($_POST['pw'] != $_POST['rpw']) {
        msg('注册失败:两次输入的密码不一致,请重新输入');
    }
    if (!checkMail($mail)) {
        msg('注册失败:邮箱格式不正确');
    }
    $x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$name}' OR `email` = '{$mail}' LIMIT 1");
    if ($x['total'] > 0) {
        msg('注册失败:用户名或邮箱已经被注册');
    }
    $yr_reg = option::get('yr_reg');
    if (!empty($yr_reg)) {
        if (empty($yr)) {
            msg('注册失败:请输入邀请码');
        } else {
            $z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite`");
            if ($z['total'] <= 0) {
                msg('系统错误:邀请码不足,请联系管理员添加!');
            } else {
                $s = $m->query("SELECT * FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `code`='{$yr}'");
                if ($s->num_rows <= 0) {
                    msg('注册失败:邀请码错误!');
                } else {
                    $r = $s->fetch_array();
                    $r_num = (int) $r['num'];
                    if ($r_num == 1) {
                        $m->query("DELETE FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `id` = " . $r['id']);
                    } else {
                        if ($r_num > 1) {
                            $m->query("UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` SET `num`=num-1 WHERE `id`='" . $r['id'] . "';");
                        }
                    }
                }
            }
        }
    }
    $y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`");
    if ($y['total'] <= 0) {
        $role = 'admin';
    } else {
        $role = 'user';
    }
    doAction('admin_reg_2');
    $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');');
    doAction('admin_reg_3');
    ReDirect('index.php?mod=login&msg=' . urlencode('成功注册,请输入账号信息登录本站 [ 账号为用户名或邮箱地址 ]'));
    die;
}