function attempt_login($login, $password)
{
$db = option('db_conn');
$stmt = $db->prepare('SELECT * FROM users WHERE login = :login');
$stmt->bindValue(':login', $login);
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (ip_banned()) {
login_log(false, $login, isset($user['id']) ? $user['id'] : null);
return ['error' => 'banned'];
}
if (user_locked($user)) {
login_log(false, $login, $user['id']);
return ['error' => 'locked'];
}
if (!empty($user) && calculate_password_hash($password, $user['salt']) == $user['password_hash']) {
login_log(true, $login, $user['id']);
return ['user' => $user];
} elseif (!empty($user)) {
login_log(false, $login, $user['id']);
return ['error' => 'wrong_password'];
} else {
login_log(false, $login);
return ['error' => 'wrong_login'];
}
}
include 'configuration.php';
include 'function.php';
set_time_limit(60);
//***********************************************************************************
//***********************************************************************************
if (PEERLIST_DISABLED == TRUE || TIMEKOIN_DISABLED == TRUE) {
// This has been disabled
exit;
}
//***********************************************************************************
//***********************************************************************************
// Open connection to database
mysql_connect(MYSQL_IP, MYSQL_USERNAME, MYSQL_PASSWORD);
mysql_select_db(MYSQL_DATABASE);
// Check for banned IP address
if (ip_banned($_SERVER['REMOTE_ADDR']) == TRUE) {
// Sorry, your IP address has been banned :(
exit;
}
//***********************************************************************************
//***********************************************************************************
// If Timekoin is NOT running, don't answer Peer Pings to avoid being left in
// active peer lists for a very long time
$main_heartbeat_active = mysql_result(mysql_query("SELECT * FROM `main_loop_status` WHERE `field_name` = 'main_heartbeat_active' LIMIT 1"), 0, "field_data");
if ($main_heartbeat_active == FALSE) {
exit;
}
//***********************************************************************************
//***********************************************************************************
// Answer poll challenge/ping
if ($_GET["action"] == "poll" && empty($_GET["challenge"]) == FALSE) {
public function isRemembor()
{
$remembor = $_COOKIE["remembor"];
if ($remembor && !$_SESSION["userInfo"]) {
$user_r = unserialize(stripcslashes($remembor));
//安全检测
if ($user_r["agent"] == $_SERVER["HTTP_USER_AGENT"]) {
$map["email"] = $user_r["email"];
$map["passwd"] = $user_r["passwd"];
$user = $this->where($map)->field("id,name")->find();
if ($user) {
//IP访问控制
$site_opts = TS_D("Option")->get();
ip_banned($site_opts["deny_ips"], $site_opts["allow_ips"]);
//修改最后一次登录IP
TS_D("LoginRecord")->record($user["id"]);
unset($user["active"]);
$_SESSION["userInfo"] = serialize($user);
}
}
}
}
/**
* Standard code module initialisation function.
*/
function init__global2()
{
global $BOOTSTRAPPING, $CHECKING_SAFEMODE, $BAD_WORD_CHARS, $FIXED_WORD_CHARS, $FIXED_WORD_CHARS_HTML, $BROWSER_DECACHEING, $CHARSET, $TEMP_CHARSET, $RELATIVE_PATH, $CURRENTLY_HTTPS, $RUNNING_SCRIPT_CACHE, $SERVER_TIMEZONE, $HAS_SET_ERROR_HANDLER, $DYING_BADLY, $XSS_DETECT, $SITE_INFO, $JAVASCRIPTS, $JAVASCRIPT, $CSSS, $IN_MINIKERNEL_VERSION, $EXITING, $FILE_BASE, $MOBILE, $CACHE_TEMPLATES, $BASE_URL_HTTP, $BASE_URL_HTTPS, $WORDS_TO_FILTER, $FIELD_RESTRICTIONS, $VALID_ENCODING, $CONVERTED_ENCODING, $MICRO_BOOTUP, $MICRO_AJAX_BOOTUP, $QUERY_LOG, $_CREATED_FILES, $CURRENT_SHARE_USER, $CACHE_FIND_SCRIPT;
if (str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('output_buffering'))) == '1') {
@ob_end_clean();
}
if (array_key_exists('HTTP_X_REWRITE_URL', $_SERVER)) {
foreach ($_GET as $key => $val) {
if ($key[0] == '?') {
unset($_GET[$key]);
$_GET[substr($key, 1)] = $val;
}
}
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL'];
} elseif (!array_key_exists('REQUEST_URI', $_SERVER) && !array_key_exists('REQUEST_URI', $_ENV)) {
$_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'];
$first = true;
foreach ($_GET as $key => $val) {
$_SERVER['REQUEST_URI'] .= $first ? '?' : '&';
$_SERVER['REQUEST_URI'] .= urlencode($key) . '=' . urlencode($val);
$first = false;
}
}
if (array_key_exists('SCRIPT_FILENAME', $_SERVER) && !array_key_exists('PHP_SELF', $_SERVER)) {
$_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_FILENAME'];
} elseif (array_key_exists('SCRIPT_NAME', $_SERVER) && defined('HIPHOP_PHP')) {
$_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME'];
}
@header('Expires: Mon, 20 Dec 1998 01:00:00 GMT');
@header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
@header('Cache-Control: no-cache, max-age=0');
@header('Pragma: no-cache');
// for proxies, and also IE
if (is_file('closed.html') && get_param_integer('keep_force_open', 0) == 0) {
if (strpos($_SERVER['PHP_SELF'], 'upgrader.php') === false && strpos($_SERVER['PHP_SELF'], 'execute_temp.php') === false && (!isset($SITE_INFO['no_extra_closed_file']) || $SITE_INFO['no_extra_closed_file'] == '0')) {
if (@strpos($_SERVER['SERVER_SOFTWARE'], 'IIS') === false) {
header('HTTP/1.0 503 Service Temporarily Unavailable');
}
header('Location: ' . (is_file($RELATIVE_PATH . 'closed.html') ? 'closed.html' : '../closed.html'));
exit;
}
}
// Cover up holes in old PHP versions functionality
if (!function_exists('str_word_count')) {
/**
* Isolate the words in the input string.
*
* @param string String to count words in
* @param integer The format
* @set 0 1 2
* @return mixed Typically a list - the words of the input string
*/
function str_word_count($input, $format = 0)
{
//count words
$pattern = "/[^(\\w|\\d|\\'|\"|\\.|\\!|\\?|;|,|\\|\\/|\\-\\-|:|\\&|@)]+/";
$all_words = trim(preg_replace($pattern, ' ', $input));
$a = array();
$pos = 0;
while (true) {
$old_pos = $pos;
$pos = strpos($all_words, ' ', $pos);
if ($pos === false) {
$a[$old_pos] = substr($all_words, $old_pos);
break;
}
$a[$old_pos] = substr($all_words, $old_pos, $pos - $old_pos);
}
if ($format == 0) {
return count($a);
}
return $a;
}
}
if (!function_exists('html_entity_decode')) {
/**
* Decode the HTML entitity encoded input string.
*
* @param string The text to decode
* @param integer The quote style code
* @param ?string Character set to decode to (NULL: default)
* @return string The decoded text
*/
function html_entity_decode($input, $quote_style, $charset = NULL)
{
unset($quote_style);
unset($charset);
/* // NB:   does not go to <space>. It's not something you use with html escaping, it's for hard-space-formatting. URL's don't contain spaces, but that's due to URL escaping (%20)
$replace_array=array(
'&'=>'&',
'>'=>'>',
'<'=>'<',
'''=>'\'',
'"'=>'"',
);
foreach ($replace_array as $from=>$to)
{
$input=str_replace($from,$to,$input);
}
return $input;*/
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($input, $trans_tbl);
}
}
if (version_compare(phpversion(), '4.3.0') >= 0) {
if (!function_exists('unichrm_hex')) {
/**
* Convert a unicode character number to a unicode string. Callback for preg_replace.
*
* @param array Regular expression match array.
* @return ~string Converted data (false: could not convert).
*/
function unichrm_hex($matches)
{
return unichr(hexdec($matches[1]));
}
}
if (!function_exists('unichrm')) {
/**
* Convert a unicode character number to a unicode string. Callback for preg_replace.
*
* @param array Regular expression match array.
* @return ~string Converted data (false: could not convert).
*/
function unichrm($matches)
{
return unichr(intval($matches[1]));
}
}
if (!function_exists('unichr')) {
/**
* Convert a unicode character number to a HTML-entity enabled string, using lower ASCII characters where possible.
*
* @param integer Character number.
* @return ~string Converted data (false: could not convert).
*/
function unichr($c)
{
if ($c <= 0x7f) {
return chr($c);
} else {
return '#&' . strval($c) . ';';
}
}
}
}
$BOOTSTRAPPING = 1;
$CHECKING_SAFEMODE = false;
$BAD_WORD_CHARS = array(chr(128), chr(130), chr(131), chr(132), chr(133), chr(134), chr(135), chr(136), chr(137), chr(138), chr(139), chr(140), chr(142), chr(145), chr(146), chr(147), chr(148), chr(149), chr(150), chr(151), chr(152), chr(153), chr(154), chr(155), chr(156), chr(158), chr(159));
$FIXED_WORD_CHARS = array('(EUR-)', ',', '{f.}', '"', '...', '-|-', '=|=', '^', '{%o}', '{~S}', '<', 'CE', '{~Z}', "'", "'", '"', '"', '-', '-', '--', '~', '(TM)', '{~s}', '>', 'ce', '{~z}', '{.Y.}');
// some of these are Comcode shortcuts. We can't use entities as we can't assume we're converting into Comcode.
$FIXED_WORD_CHARS_HTML = array('€', '‚', 'ƒ', '„', '…', '†', '‡', 'ˆ', '‰', 'Š', '‹', 'Œ', 'Ž', "‘", "’", '“', '”', '•', '–', '—', '˜', '™', 'š', '›', 'œ', 'ž', 'Ÿ');
$RUNNING_SCRIPT_CACHE = array();
$BROWSER_DECACHEING = NULL;
$CHARSET = NULL;
$TEMP_CHARSET = NULL;
$CURRENTLY_HTTPS = NULL;
$CACHE_FIND_SCRIPT = array();
error_reporting(E_ALL);
@ini_set('html_errors', '1');
@ini_set('docref_root', 'http://www.php.net/manual/en/');
@ini_set('docref_ext', '.php');
$SERVER_TIMEZONE = function_exists('date_default_timezone_get') ? @date_default_timezone_get() : ini_get('date.timezone');
@ini_set('date.timezone', 'UTC');
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set('UTC');
}
// Needed for HPHP
$HAS_SET_ERROR_HANDLER = false;
$DYING_BADLY = false;
// If ocPortal is bailing out uncontrollably, setting this will make sure the error hander does not try and suppress
$XSS_DETECT = function_exists('ocp_mark_as_escaped');
$GLOBALS['DEBUG_MODE'] = (!array_key_exists('debug_mode', $SITE_INFO) || $SITE_INFO['debug_mode'] == '1') && (is_dir(get_file_base() . '/.svn') || is_dir(get_file_base() . '/.git') || function_exists('ocp_mark_as_escaped')) && (!array_key_exists('keep_no_debug_mode', $_GET) || $_GET['keep_no_debug_mode'] == '0');
$GLOBALS['SEMI_DEBUG_MODE'] = (!array_key_exists('debug_mode', $SITE_INFO) || $SITE_INFO['debug_mode'] == '1') && (is_dir(get_file_base() . '/.svn') || is_dir(get_file_base() . '/.git') || function_exists('ocp_mark_as_escaped'));
if (function_exists('set_time_limit')) {
@set_time_limit(60);
}
if ($GLOBALS['DEBUG_MODE']) {
if (function_exists('set_time_limit')) {
@set_time_limit(10);
}
@ini_set('ocproducts.type_strictness', '1');
@ini_set('ocproducts.xss_detect', '1');
}
if ($GLOBALS['DEBUG_MODE']) {
require_code('developer_tools');
}
$JAVASCRIPTS = array('javascript' => 1, 'javascript_thumbnails' => 1);
if ($GLOBALS['CURRENT_SHARE_USER'] !== NULL || get_domain() == 'myocp.com') {
$JAVASCRIPTS['javascript_ajax'] = 1;
}
$CSSS = array('no_cache' => 1, 'global' => 1);
// Try and make the PHP environment as we need it
if (function_exists('set_magic_quotes_runtime')) {
@set_magic_quotes_runtime(0);
}
// @'d because it's deprecated and PHP 5.3 may give an error
@ini_set('auto_detect_line_endings', '0');
@ini_set('include_path', '');
@ini_set('default_socket_timeout', '60');
@ini_set('allow_url_fopen', '0');
@ini_set('suhosin.executor.disable_emodifier', '1');
// Extra security if suhosin is available
@ini_set('suhosin.executor.multiheader', '1');
// Extra security if suhosin is available
@ini_set('suhosin.executor.disable_eval', '0');
@ini_set('suhosin.executor.eval.whitelist', '');
@ini_set('suhosin.executor.func.whitelist', '');
// Load most basic config
$IN_MINIKERNEL_VERSION = 0;
$EXITING = 0;
if (array_key_exists('use_ocf', $_GET) && running_script('upgrader')) {
$SITE_INFO['forum_type'] = 'ocf';
$SITE_INFO['ocf_table_prefix'] = $SITE_INFO['table_prefix'];
}
$CACHE_TEMPLATES = true;
// The URL to our install (no trailing /)
$BASE_URL_HTTP = NULL;
$BASE_URL_HTTPS = NULL;
$WORDS_TO_FILTER = NULL;
$FIELD_RESTRICTIONS = NULL;
$VALID_ENCODING = false;
$CONVERTED_ENCODING = false;
if (!isset($MICRO_BOOTUP)) {
$MICRO_BOOTUP = 0;
}
if (!isset($MICRO_AJAX_BOOTUP)) {
$MICRO_AJAX_BOOTUP = 0;
}
require_code_no_override('version');
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0) {
//@header('X-Powered-By: ocPortal '.ocp_version_full().' (PHP '.phpversion().')');
@header('X-Powered-By: ocPortal');
// Better to keep it vague, for security reasons
$QUERY_LOG = false;
if (isset($_REQUEST['special_page_type']) && $_REQUEST['special_page_type'] == 'query') {
$QUERY_LOG = true;
}
}
// Most critical things
require_code('support');
// A lot of support code is present in this
srand(make_seed());
mt_srand(make_seed());
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0) {
if (running_script('index') && count($_POST) == 0) {
$bot_type = get_bot_type();
if ($bot_type !== NULL && isset($SITE_INFO['fast_spider_cache']) && $SITE_INFO['fast_spider_cache'] != '0') {
fast_spider_cache(true);
}
}
}
require_code('caches');
// Recently taken out of 'support' so makes sense to load it here
require_code('database');
// There's nothing without the database
if ((!isset($SITE_INFO['known_suexec']) || $SITE_INFO['known_suexec'] == '0') && !is_writable_wrap(get_file_base() . '/.htaccess')) {
require_code('support2');
if (ip_banned(get_ip_address())) {
critical_error('BANNED');
}
}
if (running_script('messages') && get_param('action', 'new') == 'new' && get_param_integer('routine_refresh', 0) == 0) {
require_code('chat_poller');
chat_poller();
}
if ($MICRO_BOOTUP == 0) {
load_user_stuff();
}
// For any kind of niceness we need these. The order is chosen for complex dependency reasons - don't mess with it
if ($MICRO_AJAX_BOOTUP == 0) {
require_code('themes');
// Output needs to know about themes
require_code('templates');
// So that we can do error templates
require_code('tempcode');
// Output is done with tempcode
if ($MICRO_BOOTUP == 0) {
require_code('comcode');
// Much output goes through comcode
}
}
require_code('zones');
// Zone is needed because zones are where all ocPortal pages reside
require_code('config');
// Config is needed for much active stuff
if (get_option('collapse_user_zones', true) === '1' && $RELATIVE_PATH == 'site') {
get_base_url();
/*force calculation first*/
$RELATIVE_PATH = '';
}
require_code('users');
// Users are important due to permissions
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0) {
if (running_script('index') && count($_POST) == 0) {
if (isset($SITE_INFO['any_guest_cached_too']) && $SITE_INFO['any_guest_cached_too'] == '1' && is_guest(NULL, true)) {
fast_spider_cache(false);
}
}
}
$CACHE_TEMPLATES = (get_option('is_on_template_cache') == '1' || get_param_integer('keep_cache', 0) == 1 || get_param_integer('cache', 0) == 1) && get_param_integer('keep_cache', NULL) !== 0 && get_param_integer('cache', NULL) !== 0;
if ($MICRO_AJAX_BOOTUP == 0) {
require_code('temporal');
// Date/time functions
require_code('files');
// Contains fix_permissions, needed for 'lang'
require_code('lang');
// So that we can do language stuff (e.g. errors)
convert_data_encodings();
if ($MICRO_BOOTUP == 0) {
require_code('permissions');
// So we can check access
}
}
// At this point we can display errors nicely
$GLOBALS['SUPPRESS_ERROR_DEATH'] = false;
set_error_handler('ocportal_error_handler');
if (function_exists('error_get_last')) {
register_shutdown_function('catch_fatal_errors');
}
$HAS_SET_ERROR_HANDLER = true;
if ($MICRO_BOOTUP == 0) {
if (method_exists($GLOBALS['FORUM_DRIVER'], 'forum_layer_initialise')) {
$GLOBALS['FORUM_DRIVER']->forum_layer_initialise();
}
}
if ($MICRO_AJAX_BOOTUP == 0) {
$JAVASCRIPT = new ocp_tempcode();
}
if ($MICRO_BOOTUP == 0) {
if ($IN_MINIKERNEL_VERSION != 1 && $MICRO_AJAX_BOOTUP == 0) {
has_cookies();
// Will determine at early point whether we have cookie support
get_num_users_site();
// Will kill site if there are too many users
}
}
require_code('urls');
// URL building is crucial
@header('Content-type: text/html; charset=' . get_charset());
if ($MICRO_AJAX_BOOTUP == 0 && $MICRO_BOOTUP == 0) {
// Before anything gets outputted
handle_logins();
require_code('site');
// This powers the site (top level page generation)
// Are we installed?
get_option('site_name');
}
// Our logging (change false to true for temporarily changing it so staff get logging)
if (get_option('log_php_errors') == '1') {
@ini_set('log_errors', '1');
if (addon_installed('errorlog')) {
@ini_set('error_log', get_custom_file_base() . '/data_custom/errorlog.php');
}
}
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0 && (get_option('display_php_errors') == '1' || running_script('upgrader') || has_specific_permission(get_member(), 'see_php_errors'))) {
@ini_set('display_errors', '1');
} elseif (!$GLOBALS['DEBUG_MODE']) {
@ini_set('display_errors', '0');
}
// G-zip?
@ini_set('zlib.output_compression', get_option('gzip_output') == '1' ? 'On' : 'Off');
if (function_exists('setlocale') && $MICRO_AJAX_BOOTUP == 0) {
$locales = explode(',', do_lang('locale'));
setlocale(LC_ALL, $locales[0]);
@setlocale(LC_ALL, $locales);
unset($locales);
}
if ($MICRO_AJAX_BOOTUP == 0 && $MICRO_BOOTUP == 0 && (!isset($SITE_INFO['no_installer_checks']) || $SITE_INFO['no_installer_checks'] == '0')) {
if (is_file(get_file_base() . '/install.php') && !is_file(get_file_base() . '/install_ok') && running_script('index')) {
warn_exit(do_lang_tempcode('MUST_DELETE_INSTALLER'));
}
}
if ($MICRO_AJAX_BOOTUP == 0 && $MICRO_BOOTUP == 0) {
$changed_base_url = !array_key_exists('base_url', $SITE_INFO) && get_long_value('last_base_url') !== get_base_url(false);
if (running_script('index') && (is_browser_decacheing() || $changed_base_url)) {
require_code('view_modes');
erase_tempcode_cache();
erase_cached_templates(!$changed_base_url);
erase_comcode_cache();
erase_cached_language();
persistant_cache_empty();
if ($changed_base_url) {
require_lang('zones');
require_code('zones3');
erase_comcode_page_cache();
set_long_value('last_base_url', get_base_url(false));
}
}
if (has_zone_access(get_member(), 'adminzone')) {
$JAVASCRIPTS['javascript_staff'] = 1;
$JAVASCRIPTS['javascript_ajax'] = 1;
if (addon_installed('occle')) {
$JAVASCRIPTS['javascript_button_occle'] = 1;
}
}
if (addon_installed('realtime_rain') && get_option('bottom_show_realtime_rain_button', true) === '1') {
$JAVASCRIPTS['javascript_button_realtime_rain'] = 1;
}
}
/*ocp_memory_profile('startup');
$func=get_defined_functions();
print_r($func['user']);*/
if (tacit_https() || is_page_https(get_zone_name(), get_page_name())) {
@header('Cache-Control: private');
@header('Pragma: private');
}
$BOOTSTRAPPING = 0;
if ($GLOBALS['SEMI_DEBUG_MODE'] && $MICRO_AJAX_BOOTUP == 0) {
if ($GLOBALS['SEMI_DEBUG_MODE']) {
/*if ((mt_rand(0,2)==1) && ($GLOBALS['DEBUG_MODE']) && (running_script('index'))) We know this works now, so let's stop messing up our development speed
{
require_code('view_modes');
erase_cached_templates(true); // Stop anything trying to read a template cache item (E.g. CSS, JS) that might not exist!
}*/
if (strpos(ocp_srv('HTTP_REFERER'), ocp_srv('HTTP_HOST')) !== false && strpos(ocp_srv('HTTP_REFERER'), 'keep_devtest') !== false && !running_script('attachment') && !running_script('upgrader') && strpos(ocp_srv('HTTP_REFERER'), 'login') === false && is_null(get_param('keep_devtest', NULL))) {
$_GET['keep_devtest'] = '1';
fatal_exit('URL not constructed properly: development mode in use but keep_devtest was not specified. This indicates that links have been made without build_url (in PHP) or keep_stub (in Javascript). Whilst not fatal this time, failure to use these functions can cause problems when your site goes live. See the ocPortal codebook for more details.');
} else {
$_GET['keep_devtest'] = '1';
}
}
if (browser_matches('true_xhtml') && get_value('html5') !== '1' && get_value('html5') !== '_true' && get_param_integer('keep_no_xhtml', 0) == 0 && !running_script('upgrader')) {
@header('Content-type: application/xhtml+xml; charset=' . get_charset());
}
if (isset($_CREATED_FILES)) {
/**
* Run after-tests for debug mode, to make sure coding standards are met.
*/
function debug_mode_aftertests()
{
global $_CREATED_FILES, $_MODIFIED_FILES;
// Use the info from ocProduct's custom PHP version to make sure that all files that were created/modified got synched as they should have been.
foreach ($_CREATED_FILES as $file) {
if (substr($file, 0, strlen(get_file_base())) == get_file_base() && substr($file, -4) != '.log' && basename($file) != 'permissioncheckslog.php') {
@exit(escape_html('File not permission-synched: ' . $file));
}
}
foreach ($_MODIFIED_FILES as $file) {
if (strpos($file, '_cache') === false && substr($file, 0, strlen(get_file_base())) == get_file_base() && substr($file, -4) != '.log' && basename($file) != 'permissioncheckslog.php') {
@exit(escape_html('File not change-synched: ' . $file));
}
}
global $TITLE_CALLED, $SCREEN_TEMPLATE_CALLED, $EXITING;
if (is_null($SCREEN_TEMPLATE_CALLED) && $EXITING == 0 && strpos(ocp_srv('PHP_SELF'), 'index.php') !== false) {
@exit(escape_html('No screen template called.'));
}
if (!$TITLE_CALLED && (is_null($SCREEN_TEMPLATE_CALLED) || $SCREEN_TEMPLATE_CALLED != '') && $EXITING == 0 && strpos(ocp_srv('PHP_SELF'), 'index.php') !== false) {
@exit(escape_html('No title used on screen.'));
}
}
register_shutdown_function('debug_mode_aftertests');
}
if (ocp_srv('SCRIPT_FILENAME') != '' && $GLOBALS['DEBUG_MODE'] && strpos(ocp_srv('SCRIPT_FILENAME'), 'data_custom') === false) {
if (@strlen(file_get_contents(ocp_srv('SCRIPT_FILENAME'), FILE_TEXT)) > 4500) {
fatal_exit('Entry scripts (front controllers) should not be shoved full of code.');
}
}
}
// FirePHP console support, only for administrators
if ((get_param_integer('keep_firephp', 0) == 1 || get_param_integer('keep_queries', 0) == 1) && ($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) || $GLOBALS['IS_ACTUALLY_ADMIN'])) {
require_code('firephp');
}
$default_memory_limit = get_value('memory_limit');
if (is_null($default_memory_limit) || $default_memory_limit == '' || $default_memory_limit == '0' || $default_memory_limit == '-1') {
$default_memory_limit = '64M';
}
@ini_set('memory_limit', $default_memory_limit);
if (isset($GLOBALS['FORUM_DRIVER']) && $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
if (get_param_integer('keep_avoid_memory_limit', 0) == 1) {
disable_php_memory_limit();
}
$memory_test = get_param_integer('keep_memory_limit_test', 0);
if ($memory_test != 0 && $memory_test <= 32) {
@ini_set('memory_limit', strval($memory_test) . 'M');
}
}
if (get_option('sitewide_im', true) === '1' && running_script('index') && get_param('type', 'misc', true) != 'room') {
require_code('chat');
enter_chat_lobby();
}
// Startup hooks
if (!running_script('upgrader')) {
$startup_hooks = find_all_hooks('systems', 'startup');
foreach (array_keys($startup_hooks) as $hook) {
require_code('hooks/systems/startup/' . filter_naughty_harsh($hook));
$ob = object_factory('Hook_startup_' . filter_naughty_harsh($hook), true);
if ($ob === NULL) {
continue;
}
$ob->run($MICRO_BOOTUP, $MICRO_AJAX_BOOTUP, 0);
}
if ($CURRENT_SHARE_USER !== NULL && float_to_raw_string(ocp_version_number()) != get_value('version')) {
require_code('upgrade');
clear_caches_2();
version_specific();
upgrade_modules();
ocf_upgrade();
}
}
}
/**
* doReg
*
* 注册
*
* @return void
*/
public function doReg()
{
//IP访问控制
$site_opts = $this->api->option_get();
ip_banned($site_opts["deny_ips"], $site_opts["allow_ips"]);
//是否关闭注册
if ($site_opts["reg_close"] == "1") {
$this->error("注册已经关闭!");
}
//注册验证码
$verify_allow = unserialize($site_opts["verify"]);
$reg_verify_allow = $verify_allow['reg'];
if ($reg_verify_allow) {
if (md5($_POST['verify']) != $_SESSION['verify']) {
$this->error('验证码错误!');
}
}
if (empty($_POST['email']) || empty($_POST['name'])) {
$this->error('邮箱或用户名不能为空!');
}
if (strlen($_POST['name']) > 20) {
$this->error('用户名不能太长!');
}
if (strlen($_POST['passwd']) <= 5 || $_POST['passwd'] != $_POST['repasswd']) {
$this->error('密码不正确,建议您得密码设置为五位以上!');
}
//看是否注册过了
$map_xx["email"] = t($_REQUEST["email"]);
$user_count = D("User")->where($map_xx)->count();
//if($user_count != 0) $this->error("你的Email已经被注册过了!");
$current = explode(",", $_POST["ts_areaval"]);
$_POST["current_province"] = $current[0];
$_POST["current_city"] = $current[1];
$_POST["current_area"] = $current[2];
$_POST["passwd"] = md5($_POST["passwd"]);
$userDao = D("User");
$userDao->create();
$privacy = $_POST["baseinfoprivacy"];
$userDao->cTime = time();
$userDao->active = "1" == $site_opts['reg_email'] ? 0 : 1;
$uid = $userDao->add();
$this->__addUserSearch($uid);
$code = $_POST['code'];
if ($uid && $site_opts["reg_email"] == "1") {
$this->jihuo($uid, $_POST["email"], $code);
} else {
//登陆
$userInfo["id"] = $uid;
$userInfo["name"] = $userDao->name;
$_SESSION["userInfo"] = serialize($userInfo);
$this->relation($code, $uid);
//默认关联系统操作
//跳转
$msg = "注册成功!";
$jump_url = __APP__ . "/Info/face";
$this->assign('jumpUrl', $jump_url);
$this->success($msg);
}
}
final function init()
{
//实例化视图类和初始化变量
$this->tsSetInt();
//广告。这样子类可以调用同样的方法,稍微修改一下传入参数。就可以调出自己应用的广告
$this->tsSetAdd($this->opts);
$this->setSiteOpts($this->opts);
//查看站点是否关闭了.
$this->tsSiteClose();
//登录检测
$this->__checkLogin();
//获取用户登陆ID
$this->mid = $this->api->user_getLoggedInUser();
$this->uid = intval($_GET["uid"]) ? intval($_GET["uid"]) : $this->mid;
$this->assign("uid", $this->uid);
//获得当前应用的appId
$this->appId = $this->setAppId(APP_NAME);
if (!$this->mid) {
//游客权限设置
$this->tsSetGuest();
} else {
//已登陆用户
//禁止IP访问
ip_banned($this->opts["deny_ips"], $this->opts["allow_ips"]);
//用户添加的应用
$user_app_ids = $this->api->UserApp_getUserAppId($this->mid);
//除了核心应用和管理页面需要取得当前的应用ID
if (APP_NAME != 'thinksns' && APP_NAME != 'admin') {
//检测当前应用的appId
$this->checkAppId($this->appId, $user_app_ids);
}
$this->my_name = $this->api->user_getLoggedInName();
//记录在线状态
// $this->api->UserOnline_recordOnline($this->mid,$this->my_name);
$spaceAppList = $this->api->App_getUserAppList('place', $user_app_ids);
$appInfo = $this->api->App_getAppInfo($this->appId);
$this->assign('APPINFO', $appInfo);
$this->assign('user_apps', $this->api->App_getUserAppList());
$spaceAppList = $this->api->App_getUserAppList('place', $user_app_ids);
$userlevel = $this->api->User_getLoggedInUserLevel();
$groupType = $this->api->SystemGroup_getGroupType($userlevel);
if ($groupType == 'admin') {
$this->assign('isAdmin', true);
}
//左侧菜单:left_nav,顶部菜单top_navs
$this->assign($spaceAppList);
$this->assign('TS_NEED_LOGIN', '1');
//edit by sam
$this->assign("mid", $this->mid);
$this->assign("my_name", $this->my_name);
$this->assign('notify_num', $notify_num);
//上部的计数
}
//敏感字过滤
$this->tsFilterSensitive();
//控制器初始化
//设置顶部
isset($appInfo) && ($this->app_title = $appInfo['APP_CNNAME']);
$this->setTitle();
}
