* ===========================================
*/
include "common.inc.php";
include "functions.php";
$data = array();
$act = "";
if (isset($_GET['act'])) {
$act = $_GET['act'];
}
if ($act == "upload") {
$uid = form_input($_GET["uid"]);
if ($uid == "" || $uid == nul) {
throwJSON(array("status" => "error", "code" => 301, "msg" => "uid can not be null"));
exit;
}
if (!isUserExist($uid)) {
throwJSON(array("status" => "error", "code" => 302, "msg" => "user not exist"));
exit;
}
$sql = "select regdate from disc_common_user where uid='{$uid}'";
$res = $db->Execute($sql);
$regdate = $res->fields["regdate"] ? $res->fields["regdate"] : time();
handleUpload("avatar", $uid, $regdate);
//处理头像上传
$y = date("Y", $regdate);
$m = date("m", $regdate);
$d = date("d", $regdate);
$server = $_SERVER["SERVER_NAME"];
$uid2 = $uid;
if ($uid < 10) {
$uid2 = "0" . $uid;
* Developer: 51fabu
* Lasmod: 2015年7月12日09:45:08 by xudong
* ===========================================
*/
include "init.inc.php";
$data = array();
$now = time();
$act = "";
if (isset($_GET['act'])) {
$act = form_input($_GET['act']);
}
if ($act == "publish") {
//动态发布成功,奖励积分
$uid = form_input($_POST['fromuid']);
//发布人uid
if (isUserExist($uid)) {
addCredit($uid, "publishblog");
$credit = getCredit("publishblog");
throwJSON(array("status" => "ok", "code" => 200, "msg" => "发布动态,奖励信用,威望,贡献", "credit" => $credit));
} else {
throwJSON(array("status" => "error", "code" => 300, "msg" => "uid不存在"));
}
} else {
if ($act == "add") {
//发布日志
$uid = form_input($_POST['fromuid']);
//发布人uid
if (isNull($uid)) {
$result = array("status" => "error", "code" => 301, "msg" => "fromuid field requird");
throwJSON($result);
exit;
include 'User.php';
session_start();
$dblocation = "localhost";
$dbname = "USERS";
$dbuser = "******";
$dbpasswd = "a1216)";
$link = mysqli_connect('localhost', 'root', 'a1216)', 'USERS');
/* База данных для запросов по умолчанию */
if (!empty($_POST)) {
//если запрос не содержит пустого значения
header("Content-type: text/txt; charset=UTF-8");
switch ($_POST["action"]) {
case "authorization":
$login = clearStr($_POST["login"]);
$password = clearStr($_POST["password"]);
if (!isUserExist($login, $password)) {
unset($login);
// удаление переменной
unset($password);
echo "<result>Wrong login or password</result>";
} else {
$_SESSION["userlogin"] = $login;
echo "<result>ok</result>";
}
break;
case "registration":
$login = clearStr($_POST["login"]);
$password = clearStr($_POST["password"]);
$name = clearStr($_POST["name"]);
$country = clearStr($_POST["country"]);
$email = clearStr($_POST["email"]);
setAlertMsg("Passwords don't match!");
header("Location:../register.php?username={$usr}");
exit;
}
//check username input validation:
if (!lib_name_validate($usr)) {
setAlertMsg("Username can only contain letters, numbers and underscore, and the first character must be a letter!");
header("Location:../register.php?username={$usr}");
exit;
}
//check password input validation:
if (!lib_psw_validate($psw)) {
setAlertMsg("Password can only contain letters and numbers!");
header("Location:../register.php?username={$usr}");
exit;
}
//check if name is avalable:
if (isUserExist($usr, $psw)) {
setAlertMsg("This username has been taken!");
header("Location:../register.php?username={$usr}");
exit;
}
//proceed registeration:
insertNewUser($usr, $psw);
$_SESSION["username"] = $usr;
$_SESSION["password"] = $psw;
$_SESSION["admin"] = 0;
$_SESSION["id"] = getUserID($usr, $psw);
setAlertMsg("Thank you, {$usr}! Your registeration has been completed!");
header("Location:../index.php");
exit;
$username = trim($_POST['username']);
$pass = trim($_POST['pass']);
$error = array();
if (mb_strlen($username) < 3) {
$error[] = '<p>Името е прекалено късо</p>';
}
if (mb_strlen($pass) < 3) {
$error[] = '<p>Паролата е прекалено къса</p>';
}
if (count($error) > 0) {
foreach ($error as $er) {
echo $er;
}
} else {
$username = mysqli_real_escape_string($link, $username);
if (isUserExist($link, $username)) {
echo '<p>Има потребител с това име въведете друго име!</p>';
} else {
$pass = mysqli_real_escape_string($link, $pass);
$hash_pass = password_hash($pass, PASSWORD_BCRYPT);
$q = mysqli_query($link, 'INSERT INTO users (username,pass) VALUE ("' . $username . '","' . $hash_pass . '")');
if (mysqli_error($link)) {
echo mysqli_error($link);
}
$data = array();
if (mysqli_affected_rows($link)) {
echo '<p>Регистрацията е успешна</p>';
}
}
}
}
<?php
include_once '../lib/glob.php';
include_once '../lib/lib.php';
if (isset($_POST["username"])) {
$usr = $_POST["username"];
echo isUserExist($usr);
}
mysql_close();
