/**
* 获取单条用户信息,如果查询参数多于一个字段,则查询满足所有字段的用户
* PS:密码字段不要加密
* @param array $member 要查询的用户字段,可以包括 uid, username, password, status
* @param bool 是否要同时获取状态信息
* @return array 完整的用户信息
*/
function hotel_member_single($member)
{
$sql = 'SELECT * FROM ' . tablename('hotel2_member') . " WHERE 1";
$params = array();
if (!empty($member['from_user'])) {
$sql .= ' AND `from_user`=:from_user';
$params[':from_user'] = $member['from_user'];
}
if (!empty($member['username'])) {
$sql .= ' AND `username`=:username';
$params[':username'] = $member['username'];
}
if (!empty($member['status'])) {
$sql .= " AND `status`=:status";
$params[':status'] = intval($member['status']);
}
$sql .= " LIMIT 1";
$record = pdo_fetch($sql, $params);
if (!$record) {
return false;
}
if (!empty($member['password'])) {
$password = hotel_member_hash($member['password'], $record['salt']);
if ($password != $record['password']) {
return false;
}
}
return $record;
}
public function doWebMember()
{
global $_GPC, $_W;
$op = $_GPC['op'];
if ($op == 'edit') {
$id = intval($_GPC['id']);
if (!empty($id)) {
$item = pdo_fetch("SELECT * FROM " . tablename('hotel2_member') . " WHERE id = :id", array(':id' => $id));
if (empty($item)) {
message('抱歉,用户不存在或是已经删除!', '', 'error');
}
}
if (checksubmit('submit')) {
$data = array('weid' => $_W['uniacid'], 'username' => $_GPC['username'], 'realname' => $_GPC['realname'], 'mobile' => $_GPC['mobile'], 'score' => $_GPC['score'], 'userbind' => $_GPC['userbind'], 'isauto' => $_GPC['isauto'], 'status' => $_GPC['status']);
if (!empty($_GPC['password'])) {
$data['salt'] = random(8);
$data['password'] = hotel_member_hash($_GPC['password'], $data['salt']);
//$data['password'] = md5($_GPC['password']);
}
if (empty($id)) {
$c = pdo_fetchcolumn("select count(*) from " . tablename('hotel2_member') . " where username=:username ", array(":username" => $data['username']));
if ($c > 0) {
message("用户名 " . $data['username'] . " 已经存在!", "", "error");
}
$data['createtime'] = time();
pdo_insert('hotel2_member', $data);
} else {
pdo_update('hotel2_member', $data, array('id' => $id));
}
message('用户信息更新成功!', $this->createWebUrl('member'), 'success');
}
include $this->template('member_form');
} else {
if ($op == 'delete') {
$id = intval($_GPC['id']);
pdo_delete('hotel2_member', array('id' => $id));
pdo_delete('hotel2_order', array('memberid' => $id));
message('删除成功!', referer(), 'success');
} else {
if ($op == 'deleteall') {
foreach ($_GPC['idArr'] as $k => $id) {
$id = intval($id);
pdo_delete('hotel2_member', array('id' => $id));
pdo_delete('hotel2_order', array('memberid' => $id));
}
$this->web_message('规则操作成功!', '', 0);
exit;
} else {
if ($op == 'showall') {
if ($_GPC['show_name'] == 'showall') {
$show_status = 1;
} else {
$show_status = 0;
}
foreach ($_GPC['idArr'] as $k => $id) {
$id = intval($id);
if (!empty($id)) {
pdo_update('hotel2_member', array('status' => $show_status), array('id' => $id));
}
}
$this->web_message('操作成功!', '', 0);
exit;
} else {
if ($op == 'status') {
$id = intval($_GPC['id']);
if (empty($id)) {
message('抱歉,传递的参数错误!', '', 'error');
}
$temp = pdo_update('hotel2_member', array('status' => $_GPC['status']), array('id' => $id));
if ($temp == false) {
message('抱歉,刚才操作数据失败!', '', 'error');
} else {
message('状态设置成功!', referer(), 'success');
}
} else {
$sql = "";
$params = array();
if (!empty($_GPC['realname'])) {
$sql .= ' AND `realname` LIKE :realname';
$params[':realname'] = "%{$_GPC['realname']}%";
}
if (!empty($_GPC['mobile'])) {
$sql .= ' AND `mobile` LIKE :mobile';
$params[':mobile'] = "%{$_GPC['mobile']}%";
}
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$list = pdo_fetchall("SELECT * FROM " . tablename('hotel2_member') . " WHERE weid = '{$_W['uniacid']}' {$sql} ORDER BY id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize, $params);
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('hotel2_member') . " WHERE weid = '{$_W['uniacid']}' {$sql}", $params);
$pager = pagination($total, $pindex, $psize);
include $this->template('member');
}
}
}
}
}
}
public function doMobileregister()
{
global $_GPC, $_W;
if (checksubmit()) {
$weid = $this->_weid;
$from_user = $this->_from_user;
$set = $this->_set_info;
$member = array();
$member['from_user'] = $from_user;
$member['username'] = $_GPC['username'];
$member['password'] = $_GPC['password'];
//print_r($_GPC);exit;
if (!preg_match(REGULAR_USERNAME, $member['username'])) {
die(json_encode(array("result" => 0, "error" => "必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。")));
}
if (!preg_match(REGULAR_USERNAME, $member['from_user'])) {
die(json_encode(array("result" => 0, "error" => "微信号码获取失败。")));
}
if (hotel_member_check(array('from_user' => $member['from_user'], 'weid' => $weid))) {
die(json_encode(array("result" => 0, "error" => "非常抱歉,此用微信号已经被注册,你可以直接使用注册时的用户名登录,或者更换微信号注册!")));
}
if (hotel_member_check(array('username' => $member['username'], 'weid' => $weid))) {
die(json_encode(array("result" => 0, "error" => "非常抱歉,此用户名已经被注册,你需要更换注册用户名!")));
}
if (istrlen($member['password']) < 6) {
die(json_encode(array("result" => 0, "error" => "必须输入密码,且密码长度不得低于6位。")));
}
$member['salt'] = random(8);
$member['password'] = hotel_member_hash($member['password'], $member['salt']);
$member['weid'] = $weid;
$member['mobile'] = $_GPC['mobile'];
$member['realname'] = $_GPC['realname'];
$member['createtime'] = time();
$member['status'] = 1;
$member['isauto'] = 0;
pdo_insert('hotel2_member', $member);
$member['id'] = pdo_insertid();
$member['user_set'] = $set['user'];
//注册成功
hotel_set_userinfo(1, $member);
$url = $this->createMobileUrl('search');
die(json_encode(array("result" => 1, "url" => $url)));
} else {
//$css_url = $this->_css_url;
include $this->template('register');
}
}