Example #1
0
 public function doPassword()
 {
     global $_W, $_GPC;
     if (checksubmit('submit')) {
         if (!empty($_GPC['title-new'])) {
             foreach ($_GPC['title-new'] as $index => $row) {
                 $data = array('weid' => $_W['weid'], 'name' => $_GPC['title-new'][$index], 'password' => member_hash($_GPC['password-new'][$index], ''));
                 pdo_insert('card_password', $data);
             }
         }
         if (!empty($_GPC['title'])) {
             foreach ($_GPC['title'] as $index => $row) {
                 $data = array('name' => $_GPC['title'][$index]);
                 if (!empty($_GPC['password'][$index])) {
                     $data['password'] = member_hash($_GPC['password'][$index], '');
                 }
                 pdo_update('card_password', $data, array('id' => $index));
             }
         }
         if (!empty($_GPC['delete'])) {
             pdo_query("DELETE FROM " . tablename('card_password') . " WHERE id IN (" . implode(',', $_GPC['delete']) . ")");
         }
         message('消费密码更新成功!', referer(), 'success');
     }
     $list = pdo_fetchall("SELECT * FROM " . tablename('card_password') . " WHERE weid = :weid", array(':weid' => $_W['weid']));
     include $this->template('password');
 }
Example #2
0
 public function doMobileUseCoupon()
 {
     global $_W, $_GPC;
     checkauth();
     $id = intval($_GPC['id']);
     $item = pdo_fetch("SELECT id, status, couponid, consumetime FROM " . tablename('card_members_coupon') . " WHERE weid = :weid AND from_user = :from_user AND id = :id", array(':weid' => $_W['weid'], ':from_user' => $_W['fans']['from_user'], ':id' => $id));
     if (empty($item)) {
         message('您尚未领取该优惠券!');
     }
     $coupon = pdo_fetch("SELECT * FROM " . tablename('card_coupon') . " WHERE id = :id", array(':id' => $item['couponid']));
     if (!empty($coupon['starttime']) && $coupon['starttime'] > TIMESTAMP) {
         message('此优惠券还未开始!');
     }
     if (!empty($coupon['endtime']) && $coupon['endtime'] < TIMESTAMP) {
         message('此优惠券已经结束!');
     }
     if (checksubmit('submit')) {
         if (empty($_GPC['password'])) {
             message('请输入验证密码!');
         }
         $password = member_hash($_GPC['password'], '');
         $row = pdo_fetch("SELECT id, name FROM " . tablename('card_password') . " WHERE password = :password", array(':password' => $password));
         if (!empty($row)) {
             pdo_update('card_members_coupon', array('status' => 2, 'receiver' => $row['name'], 'consumetime' => TIMESTAMP), array('weid' => $_W['weid'], 'from_user' => $_W['fans']['from_user'], 'id' => $id));
             message('消费成功!', $this->createMobileUrl('entrycoupon'), 'success');
         } else {
             message('消费密码验证失败,请重试!', $this->createMobileUrl('entrycoupon'), 'error');
         }
     }
     include $this->template('usecoupon');
 }
Example #3
0
<?php

/**
 * [WeEngine System] Copyright (c) 2013 WE7.CC
 */
defined('IN_IA') or exit('Access Denied');
$do = !empty($_GPC['do']) && in_array($_GPC['do'], array('profile')) ? $_GPC['do'] : 'profile';
if ($do == 'profile') {
    if (checksubmit('submit')) {
        $sql = "SELECT username, password, salt FROM " . tablename('members') . " WHERE `username` = '{$_GPC['name']}'";
        $user = pdo_fetch($sql);
        if (empty($user)) {
            message('抱歉,用户不存在或是已经被删除!', create_url('setting/profile'), 'error');
        }
        if (empty($_GPC['name']) || empty($_GPC['pw']) || empty($_GPC['pw2'])) {
            message('管理账号或者密码不能为空,请重新填写!', create_url('setting/profile'), 'error');
        }
        if ($_GPC['pw'] == $_GPC['pw2']) {
            message('新密码与原密码一致,请检查!', create_url('setting/admin'), 'right');
        }
        $password_old = member_hash($_GPC['pw'], $user['salt']);
        if ($user['password'] != $password_old) {
            message('原密码错误,请重新填写!', create_url('setting/profile'), 'error');
        }
        $result = '';
        $members = array('username' => $_GPC['name'], 'password' => member_hash($_GPC['pw2'], $user['salt']));
        $result = pdo_update('members', $members, array('uid' => $_W['uid']));
        message('修改成功!', create_url('index'), 'success');
    }
    template('setting/profile');
}
Example #4
0
/**
 * 更新用户资料
 * PS:密码字段需要加密
 * @param array $member 用户的资料数据, 需要的字段可以包括password, status, lastvisit, lastip, remark 必须包括 uid
 * @return bool
 */
function member_update($member)
{
    if (empty($member['uid'])) {
        return false;
    }
    $params = array();
    if ($member['password']) {
        $params['password'] = member_hash($member['password'], $member['salt']);
    }
    if ($member['lastvisit']) {
        $params['lastvisit'] = strlen($member['lastvisit']) == 10 ? $member['lastvisit'] : strtotime($member['lastvisit']);
    }
    if ($member['lastip']) {
        $params['lastip'] = $member['lastip'];
    }
    if (isset($member['joinip'])) {
        $params['joinip'] = $member['joinip'];
    }
    if (isset($member['remark'])) {
        $params['remark'] = $member['remark'];
    }
    if (isset($member['status'])) {
        $params['status'] = $member['status'];
    }
    if (isset($member['groupid'])) {
        $params['groupid'] = $member['groupid'];
    }
    if (empty($params)) {
        return false;
    }
    return pdo_update('members', $params, array('uid' => intval($member['uid'])));
}
Example #5
0
defined('IN_IA') or exit('Access Denied');

$do = !empty($_GPC['do']) && in_array($_GPC['do'], array('profile')) ? $_GPC['do'] : 'profile';

if ($do == 'profile') {
	if (checksubmit('submit')) {
		$sql = "SELECT username, password, salt FROM " . tablename('members') . ' ORDER BY `uid` DESC';
		$user = pdo_fetch($sql);
		if (empty($user)) {
			message('抱歉,用户不存在或是已经被删除!', create_url('setting/profile'), 'error');
		}
		if (empty($_GPC['name']) || empty($_GPC['pw']) || empty($_GPC['pw2'])) {
			message('管理账号或者密码不能为空,请重新填写!', create_url('setting/profile'), 'error');
		}
		if ($_GPC['pw'] == $_GPC['pw2']) {
			message('新密码与原密码一致,请检查!', create_url('setting/admin'), 'right');
		}
		$password_old = member_hash($_GPC['pw'], $user['salt']);
		if ($user['password'] != $password_old) {
			message('原密码错误,请重新填写!', create_url('setting/profile'), 'error');
		}
		$result = '';
		$members = array(
			'username' => $_GPC['name'],
			'password' => member_hash($_GPC['pw2'], $user['salt']),
		);
		$result = pdo_update('members', $members, array('uid' => $_W['uid']));
		message('修改成功!', create_url('setting/profile'), 'success');
	}
	template('setting/profile');	
}