function user_login($uid)
{
$member = getuserbyuid($uid);
$cookietime = 1296000;
require_once libfile('function/member');
setloginstatus($member, $cookietime);
}
function common()
{
if ($_GET['openid']) {
$binduser = C::t('#aljwsq#aljwsq_user')->fetch($_GET['openid']);
if (empty($binduser) && file_exists(DISCUZ_ROOT . './source/plugin/wechat/wechat.lib.class.php')) {
$binduser = DB::fetch_first('SELECT * FROM %t WHERE openid=%s', array('common_member_wechat', $_GET['openid']));
}
//debug($binduser);
//debug($_GET['openid']);
if ($binduser) {
$user = C::t('common_member')->fetch_by_username($binduser['username']);
require_once libfile('function/member');
setloginstatus($user, 2592000);
}
}
}
function connect_login($connect_member)
{
global $_G;
if (!($member = getuserbyuid($connect_member['uid'], 1))) {
return false;
} else {
if (isset($member['_inarchive'])) {
C::t('common_member_archive')->move_to_master($member['uid']);
}
}
require_once libfile('function/member');
$cookietime = 1296000;
setloginstatus($member, $cookietime);
dsetcookie('connect_login', 1, $cookietime);
dsetcookie('connect_is_bind', '1', 31536000);
dsetcookie('connect_uin', $connect_member['conopenid'], 31536000);
return true;
}
function xwb_setSiteUserLogin($uid)
{
global $_G;
if (empty($uid)) {
return false;
}
//登录
$member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $uid . "'");
if (!$member) {
return false;
}
setloginstatus($member, time() + 60 * 60 * 24 ? 2592000 : 0);
DB::query("UPDATE " . DB::table('common_member_status') . " SET lastip='" . $_G['clientip'] . "', lastvisit='" . time() . "' WHERE uid='{$uid}'");
include_once libfile('function/stat');
updatestat('login');
updatecreditbyaction('daylogin', $uid);
checkusergroup($uid);
return true;
}
public function register()
{
if ($this->memberID > 0) {
$this->redirect($this->referer ? $this->referer : 'Member/index');
}
if (IS_POST) {
$membersModel = D('Members');
if ($membersModel->create()) {
if ($insertId = $membersModel->add()) {
$info = $membersModel->where("id='{$insertId}'")->find();
setloginstatus($info);
$this->success('register success', $this->referer ? $this->referer : U('Member/index'));
}
} else {
$this->error($membersModel->getError());
}
} else {
$this->display();
}
}
private function _qqInfo($res, $openId, $oauthToken, $platformId)
{
global $_G;
$password = MOBCENT_HACKER_PASSWORD;
require_once libfile('function/member');
if (!empty($platformId) && $platformId == 20) {
$qqUserInfo = $this->_getQQinfoByOpenId($openId);
if (isset($qqUserInfo) && !empty($qqUserInfo)) {
$userInfo = UserUtils::getUserInfo($qqUserInfo['uid']);
setloginstatus($userInfo, $_GET['cookietime'] ? 2592000 : 0);
C::t('common_member_status')->update($userInfo['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
$ipArray = explode('.', $_G['clientip']);
$sid = FileUtils::getRandomFileName('', 6);
$data = array('sid' => $sid, 'ip1' => $ipArray[0], 'ip2' => $ipArray[1], 'ip3' => $ipArray[2], 'ip4' => $ipArray[3], 'uid' => $userInfo['uid'], 'username' => $userInfo['username'], 'groupid' => $userInfo['groupid'], 'invisible' => '0', 'action' => '', 'lastactivity' => time(), 'fid' => '0', 'tid' => '0', 'lastolupdate' => '0');
$comSess = DzCommonSession::getComSessByUid($userInfo['uid']);
if (!empty($comSess)) {
DzCommonSession::delComSess($userInfo['uid']);
}
DzCommonSession::insertComSess($data);
$userAccess = AppbymeUserAccess::loginProcess($userInfo['uid'], $password);
$res['body']['register'] = 0;
$res['body']['uid'] = (int) $userInfo['uid'];
$res['body']['userName'] = (string) $userInfo['username'];
$res['body']['avatar'] = (string) UserUtils::getUserAvatar($userInfo['uid']);
$res['body']['token'] = (string) $userAccess['token'];
$res['body']['secret'] = (string) $userAccess['secret'];
return $res;
} else {
$res['body']['register'] = 1;
$res['body']['openId'] = (string) $openId;
$res['body']['oauthToken'] = (string) $oauthToken;
$res['body']['platformId'] = (int) $platformId;
return $res;
}
}
// 客户端参数不正确
return $this->makeErrorInfo($res, 'mobcent_error_params');
}
function on_login()
{
global $_G;
empty($mrefreshtime) && ($mrefreshtime = 2000);
if ($_G['uid']) {
$ucsynlogin = uc_user_synlogin($_G['uid']);
$param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['member']['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1));
}
if (!($_G['member_loginperm'] = logincheck())) {
showmessage('login_strike');
}
if (!submitcheck('loginsubmit', 1)) {
$_G['referer'] = dreferer();
$cookietimecheck = !empty($_G['cookie']['cookietime']) ? 'checked="checked"' : '';
$username = !empty($_G['cookie']['loginuser']) ? htmlspecialchars($_G['cookie']['loginuser']) : '';
include template('member/login');
} else {
$_G['uid'] = $_G['member']['uid'] = 0;
$_G['username'] = $_G['member']['username'] = $_G['member']['password'] = '';
$result = userlogin($_G['gp_username'], $_G['gp_password'], null, null, 'auto');
if ($result['status'] > 0) {
setloginstatus($result['member'], $_G['gp_cookietime'] ? 2592000 : 0);
$ucsynlogin = uc_user_synlogin($_G['uid']);
$message = 1;
$param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1));
} else {
$password = preg_replace("/^(.{" . round(strlen($_G['gp_password']) / 4) . "})(.+?)(.{" . round(strlen($_G['gp_password']) / 6) . "})\$/s", "\\1***\\3", $_G['gp_password']);
$errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : dstripslashes($_G['gp_username'])) . "\t" . $password . "\t" . "Ques #" . intval($_G['gp_questionid']) . "\t" . $_G['clientip']);
writelog('illegallog', $errorlog);
loginfailed($_G['member_loginperm']);
$fmsg = $result['ucresult']['uid'] == '-3' ? empty($_G['gp_questionid']) || $answer == '' ? 'login_question_empty' : 'login_question_invalid' : 'login_invalid';
showmessage($fmsg, '', array('loginperm' => $_G['member_loginperm']));
}
}
}
if ($result['status'] <= 0) {
loginfailed($_GET['username']);
failedip();
showmessage('login_invalid', '', array('loginperm' => $loginperm - 1));
}
if (!$_G['wechat']['setting']['wechat_qrtype']) {
if ($wechatuser) {
if ($result['member']['uid'] != $wechatuser['uid']) {
showmessage('wechat:wechat_openid_exists');
}
wechat_setloginstatus($result['member']['uid'], true);
} else {
WeChatHook::bindOpenId($result['member']['uid'], $openid);
wsq::report('bind');
}
setloginstatus($result['member'], 1296000);
showmessage('wechat:wechat_member_bind_succeed', $selfurl . 'bind');
} else {
C::t('#wechat#common_member_wechatmp')->insert(array('uid' => $result['member']['uid'], 'openid' => $_GET['wxopenid'], 'status' => 1), false, true);
wsq::report('bind');
$url = wsq::wxuserregisterUrl($result['member']['uid']);
showmessage('wechat:wechat_member_bind_succeed', $url);
}
} elseif (($ac == 'register' && submitcheck('submit') || $ac == 'wxregister') && $_G['wechat']['setting']['wechat_allowregister']) {
if ($wechatuser) {
showmessage('wechat:wechat_openid_exists');
} else {
if ($ac == 'wxregister') {
loaducenter();
$user = uc_get_user($_GET['username']);
if (!empty($user)) {
function register()
{
/*{{{*/
require_once dirname(dirname(dirname(__FILE__))) . '/bigappjson.class.php';
require_once libfile('function/misc');
require_once libfile('function/member');
require_once libfile('class/member');
$userName = isset($_REQUEST["username"]) ? $_REQUEST["username"] : "";
$password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : "";
$email = isset($_REQUEST["email"]) ? strtolower($_REQUEST["email"]) : "";
global $_G;
if (function_exists('iconv')) {
$userName = iconv('UTF-8', CHARSET . '//ignore', $userName);
} else {
$userName = mb_convert_encoding($userName, CHARSET, 'UTF-8');
}
if (empty($userName) || empty($password) || empty($email)) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'empty_params'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'empty_params'))));
die(0);
}
$userNamelen = dstrlen($userName);
if ($userNamelen < 3) {
echo BIGAPPJSON::encode(array('error_code' => 3, 'error_msg' => lang('plugin/bigapp', 'username_short'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_short'))));
die(0);
}
if ($userNamelen > 15) {
echo BIGAPPJSON::encode(array('error_code' => 4, 'error_msg' => lang('plugin/bigapp', 'username_long'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_long'))));
die(0);
}
$ctlObj = new register_ctl();
$ctlObj->setting = $_G['setting'];
if (isset($ctlObj->setting['pwlength']) && $ctlObj->setting['pwlength']) {
if (strlen($password) < $ctlObj->setting['pwlength']) {
echo BIGAPPJSON::encode(array('error_code' => 5, 'error_msg' => lang('plugin/bigapp', 'password_length') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_not_equal') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]')));
die(0);
}
}
if (isset($ctlObj->setting['strongpw']) && $ctlObj->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $ctlObj->setting['strongpw']) && !preg_match("/\\d+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_number');
}
if (in_array(2, $ctlObj->setting['strongpw']) && !preg_match("/[a-z]+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_lowercase_char');
}
if (in_array(3, $ctlObj->setting['strongpw']) && !preg_match("/[A-Z]+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_uppercase_char');
}
if (in_array(4, $ctlObj->setting['strongpw']) && !preg_match("/[^a-zA-Z0-9]+/", $password)) {
$strongpw_str[] = lang('plugin/bigapp', 'password_charset');
}
if ($strongpw_str) {
echo BIGAPPJSON::encode(array('error_code' => 6, 'error_msg' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]')));
die(0);
}
}
/*
if(!isset($_G['setting']['mobile']['mobileregister']) || !$_G['setting']['mobile']['mobileregister']){
echo BIGAPPJSON::encode(array('error_code' => 7, 'error_msg' => lang('plugin/bigapp', 'forbid_mobreg'),
'Variables' => array('auth' => null),
'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_mobreg'))));
die(0);
}
*/
loaducenter();
if (!$ctlObj->setting['regclosed'] && (!$ctlObj->setting['regstatus'] || !$ctlObj->setting['ucactivation'])) {
if (!$ctlObj->setting['regstatus']) {
echo BIGAPPJSON::encode(array('error_code' => 8, 'error_msg' => lang('plugin/bigapp', 'forbid_registration'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_registration'))));
die(0);
}
}
if ($ctlObj->setting['regverify']) {
if ($ctlObj->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($ctlObj->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$ctlObj->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctlObj->setting['regverify'] = 0;
break;
}
}
}
}
if ($ctlObj->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $ctlObj->setting['newusergroupid'];
}
if (!$password || $password != addslashes($password)) {
echo BIGAPPJSON::encode(array('error_code' => 9, 'error_msg' => lang('plugin/bigapp', 'password_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid_char'))));
die(0);
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($ctlObj->setting['censoruser'] = trim($ctlObj->setting['censoruser']), '/')) . ')$/i';
if ($ctlObj->setting['censoruser'] && @preg_match($censorexp, $userName)) {
echo BIGAPPJSON::encode(array('error_code' => 10, 'error_msg' => lang('plugin/bigapp', 'forbid_username'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_username'))));
die(0);
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$ctlObj->setting['regctrl'] = $ctlObj->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($ctlObj->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $ctlObj->setting['regctrl'] * 3600)) {
echo BIGAPPJSON::encode(array('error_code' => 11, 'error_msg' => lang('plugin/bigapp', 'forbid_ip'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip'))));
die(0);
}
}
$setregip = null;
if ($ctlObj->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $ctlObj->setting['regfloodctrl']) {
echo BIGAPPJSON::encode(array('error_code' => 12, 'error_msg' => lang('plugin/bigapp', 'forbid_ip_today'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip_today'))));
die(0);
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$uid = uc_user_register($userName, $password, $email, '', '', $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char'))));
} elseif ($uid == -2) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char'))));
} elseif ($uid == -3) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_used'))));
} elseif ($uid == -4) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email'))));
} elseif ($uid == -5) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email'))));
} elseif ($uid == -6) {
echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'email_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email_used'))));
}
die(0);
}
$_G['username'] = $userName;
$password = md5(random(10));
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
$profile = $verifyarr = array();
$emailstatus = 0;
$init_arr = array('credits' => explode(',', $ctlObj->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $userName, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($ctlObj->setting['regctrl'] || $ctlObj->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($ctlObj->setting['regctrl'] > 72 ? $ctlObj->setting['regctrl'] : 72) * 3600);
if ($ctlObj->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
if ($ctlObj->setting['regverify'] == 1) {
$idstring = random(6);
$authstr = $ctlObj->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($uid, array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$uid}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $username, 'bbname' => $ctlObj->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
$_GET['regmessage'] = 'from bigapp client';
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($ctlObj->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
checkfollowfeed();
C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
////////////////////////////////////////////////
// 注册成功,绑定第三方openid
$plat = $_GET["platform"];
if ($plat == "qq") {
include_once CUR_PATH . "/../qqconnect/bind.php";
} else {
if ($plat == "wechat") {
include_once CUR_PATH . "/../wechatconnect/bind.php";
}
}
////////////////////////////////////////////////
echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'regist_succ'), 'Message' => array('messageval' => 'register_succeed', 'messagestr' => lang('plugin/bigapp', 'regist_succ')), 'Variables' => array('auth' => 'in order to be comapatible')));
die(0);
}
function common()
{
global $_G;
if (!defined('IN_MOBILE_API')) {
return;
}
if (!$_G['setting']['mobile']['allowmobile']) {
mobile_core::result(array('error' => 'mobile_is_closed'));
}
if (!empty($_GET['tpp'])) {
$_G['tpp'] = intval($_GET['tpp']);
}
if (!empty($_GET['ppp'])) {
$_G['ppp'] = intval($_GET['ppp']);
}
$_G['pluginrunlist'] = array('mobile', 'qqconnect', 'wechat');
$_G['siteurl'] = preg_replace('/api\\/mobile\\/$/', '', $_G['siteurl']);
$_G['setting']['msgforward'] = '';
$_G['setting']['cacheindexlife'] = $_G['setting']['cachethreadlife'] = false;
if (!$_G['setting']['mobile']['nomobileurl'] && function_exists('diconv') && !empty($_GET['charset'])) {
$_GET = mobile_core::diconv_array($_GET, $_GET['charset'], $_G['charset']);
}
if ($_GET['_auth']) {
require_once DISCUZ_ROOT . './source/plugin/wechat/wsq.class.php';
$uid = wsq::decodeauth($_GET['_auth']);
$disablesec = false;
if ($uid) {
require_once libfile('function/member');
$member = getuserbyuid($uid, 1);
if ($_GET['module'] != 'login') {
setloginstatus($member, 1296000);
$disablesec = true;
} else {
$disablesec = logincheck($member['username']);
}
} elseif ($_GET['module'] == 'login') {
$disablesec = logincheck($_GET['username']);
}
if ($disablesec) {
$_G['setting']['seccodedata'] = array();
$_G['setting']['seccodestatus'] = 0;
$_G['setting']['secqaa'] = array();
unset($_GET['force']);
define('IN_MOBILE_AUTH', $uid);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$_GET['formhash'] = $_G['formhash'];
}
}
}
if (class_exists('mobile_api', false) && method_exists('mobile_api', 'common')) {
mobile_api::common();
}
}
function on_register()
{
global $_G;
$_GET['username'] = $_GET['' . $this->setting['reginput']['username']];
$_GET['password'] = $_GET['' . $this->setting['reginput']['password']];
$_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']];
$_GET['email'] = $_GET['' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
if ($this->setting['regconnect']) {
dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
}
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_GET['username']) ? $_GET['username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if (!$invitestatus) {
$invite = getinvite();
}
$sendurl = $this->setting['sendregisterurl'] ? true : false;
if ($sendurl) {
if (!empty($_GET['hash'])) {
$_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']);
$hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
$sendurl = false;
}
}
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_GET['action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
$sendurl = false;
}
if (!$sendurl) {
if ($fromuid) {
$member = getuserbyuid($fromuid);
if (!empty($member)) {
$fromuser = dhtmlspecialchars($member['username']);
} else {
dsetcookie('promotion');
}
}
if ($_GET['action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$activationauth = array();
if (isset($_GET['activationauth']) && $_GET['activationauth']) {
$activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
if ($activationauth[1] != FORMHASH) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$sendurl = false;
}
if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
checkemail($_GET['email']);
}
if ($sendurl) {
$hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey']));
$registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}";
$email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl));
if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) {
runlog('sendmail', "{$_GET['email']} sendmail failed.");
}
showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
}
$emailstatus = 0;
if ($this->setting['sendregisterurl'] && !$sendurl) {
$_GET['email'] = strtolower($hash[0]);
$this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
if (!$this->setting['regverify']) {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$emailstatus = 1;
}
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
}
}
if ($this->setting['pwlength']) {
if (strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
if ($this->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
}
}
$email = strtolower(trim($_GET['email']));
if (empty($email) && $_G['setting']['forgeemail']) {
$_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST'];
}
if (empty($this->setting['ignorepassword'])) {
if ($_GET['password'] !== $_GET['password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$setregip = null;
if ($this->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_GET['' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (getuserbyuid($uid, 1)) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($emailstatus) {
updatecreditbyaction('realemail', $uid);
}
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
C::t('common_member_verify_info')->insert($setverify);
C::t('common_member_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600);
if ($this->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($this->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
if (!$result) {
C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
function connect_login($connect_member)
{
global $_G;
$member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='{$connect_member['uid']}'");
if (!$member) {
return false;
}
require_once libfile('function/member');
$cookietime = 1296000;
setloginstatus($member, $cookietime);
dsetcookie('connect_login', 1, $cookietime);
dsetcookie('connect_is_bind', '1', 31536000);
dsetcookie('connect_uin', $connect_member['conopenid'], 31536000);
include_once libfile('function/stat');
updatestat('login', 1);
updatestat('connectlogin', 1);
updatecreditbyaction('daylogin', $_G['uid']);
checkusergroup($_G['uid']);
return true;
}
public function login()
{
global $_G;
$validate_error = array();
//数据验证
$validate_error_rules = $this->rules();
if ($validate_error_rules !== true) {
return $validate_error_rules;
}
require_once libfile('function/member');
$input_email = $_POST['email'];
$input_password = $_POST['password'];
$input_rememberme = $_POST['rememberme'];
if (!($_G['member_loginperm'] = logincheck($input_email))) {
$validate_error['password'] = '******';
return $validate_error;
}
$result = userlogin($input_email, $input_password, 0, 0, 'email', $_G['clientip']);
if ($result['status'] <= 0) {
$password = preg_replace("/^(.{" . round(strlen($input_password) / 4) . "})(.+?)(.{" . round(strlen($input_password) / 6) . "})\$/s", "\\1***\\3", $input_password);
$errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : $input_email) . "\t" . $password . "\t" . "Ques #" . intval($_GET['questionid']) . "\t" . $_G['clientip']);
writelog('illegallog', $errorlog);
loginfailed($input_email);
failedip();
if ($_G['member_loginperm'] > 1) {
$loginperm = $_G['member_loginperm'] - 1;
$validate_error['password'] = '******' . $loginperm . ' 次';
return $validate_error;
} elseif ($_G['member_loginperm'] == -1) {
$validate_error['password'] = '******';
return $validate_error;
} else {
$validate_error['password'] = '******';
return $validate_error;
}
} else {
setloginstatus($result['member'], $_GET['rememberme'] ? 2592000 : 0);
//是否记住密码,自动登录
if ($_G['member']['lastip'] && $_G['member']['lastvisit']) {
dsetcookie('lip', $_G['member']['lastip'] . ',' . $_G['member']['lastvisit']);
}
C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'port' => $_G['remoteport'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
//是否Ucenter同步登录
return true;
}
}
function login()
{
global $_G;
$userName = null;
$password = null;
if (isset($_REQUEST['username'])) {
$userName = $_REQUEST['username'];
}
if (isset($_REQUEST['password'])) {
$password = $_REQUEST['password'];
}
if (isset($_REQUEST['questionid'])) {
$questionid = intval($_REQUEST['questionid']);
} else {
$questionid = 0;
}
if (isset($_REQUEST['answer'])) {
$answer = $_REQUEST['answer'];
} else {
$answer = '';
}
if (function_exists('iconv')) {
$userName = iconv('UTF-8', CHARSET . '//ignore', $userName);
$answer = iconv('UTF-8', CHARSET . '//ignore', $answer);
} else {
$userName = mb_convert_encoding($userName, CHARSET, 'UTF-8');
$answer = mb_convert_encoding($answer, CHARSET, 'UTF-8');
}
$_G['uid'] = $_G['member']['uid'] = 0;
$_G['username'] = $_G['member']['username'] = $_G['member']['password'] = '';
if (empty($userName) || empty($password) || $password != addslashes($password)) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'invalid_param'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_param'))));
die(0);
}
require_once dirname(dirname(dirname(__FILE__))) . '/bigappjson.class.php';
require_once libfile('function/misc');
require_once libfile('function/mail');
loaducenter();
if (!($_G['member_loginperm'] = logincheck($userName))) {
echo BIGAPPJSON::encode(array('error_code' => 3, 'error_msg' => lang('plugin/bigapp', 'too_many_errors'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'too_many_errors'))));
die(0);
}
$result = userlogin($userName, $password, $questionid, $answer, 'username', $_G['clientip']);
if ($result['ucresult']['uid'] == '-3') {
/*
$sql = 'SELECT * FROM ' . DB::table('common_member') . " WHERE username = '******'";
$query = DB::query($sql);
$userInfo = array();
while($tmp = DB::fetch($query)) {
$userInfo = $tmp;
break;
}
if(empty($userInfo)){
echo BIGAPPJSON::encode(array('error_code' => 4, 'error_msg' => lang('plugin/bigapp', 'user_not_exists'),
'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'user_not_exists'))));
die(0);
}else */
//if(!empty($answer)){
echo BIGAPPJSON::encode(array('error_code' => 9, 'error_msg' => lang('plugin/bigapp', 'user_seq_question'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'user_seq_question'))));
die(0);
//}
/*
$result['ucresult']['uid'] = $userInfo['uid'];
$result['member'] = $userInfo;
$result['status'] = 1;
*/
}
$uid = $_G['uid'] = $result['ucresult']['uid'];
$userName = $result['ucresult']['username'];
$userAvatar = avatar($_G['uid'], 'big', true);
$userAvatar = str_replace("\r", '', $userAvatar);
$userAvatar = str_replace("\n", '', $userAvatar);
$ctlObj = new logging_ctl();
$ctlObj->setting = $_G['setting'];
if ($result['status'] == -1) {
if (!$ctlObj->setting['fastactivation']) {
echo BIGAPPJSON::encode(array('error_code' => 5, 'error_msg' => lang('plugin/bigapp', 'activate_first'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'login_failed'))));
die(0);
}
$init_arr = explode(',', $ctlObj->setting['initcredits']);
$groupid = $ctlObj->setting['regverify'] ? 8 : $ctlObj->setting['newusergroupid'];
C::t('common_member')->insert($uid, $result['ucresult']['username'], md5(random(10)), $result['ucresult']['email'], $_G['clientip'], $groupid, $init_arr);
$result['member'] = getuserbyuid($uid);
$result['status'] = 1;
}
if ($result['status'] > 0) {
if ($ctlObj->extrafile && file_exists($ctlObj->extrafile)) {
require_once $ctlObj->extrafile;
}
setloginstatus($result['member'], $_GET['cookietime'] ? 2592000 : 0);
checkfollowfeed();
C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
if (isset($result['member']['password'])) {
unset($result['member']['password']);
}
if (isset($result['member']['credits'])) {
unset($result['member']['credits']);
}
echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'login_succ'), 'data' => $result['member'], 'Message' => array('messageval' => 'login_succeed', 'messagestr' => lang('plugin/bigapp', 'login_succ')), 'Variables' => array('auth' => 'in order to be comapatible')));
die(0);
}
if ($_G['member_loginperm'] > 1) {
echo BIGAPPJSON::encode(array('error_code' => 6, 'error_msg' => lang('plugin/bigapp', 'login_failed'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'login_failed'))));
} elseif ($_G['member_loginperm'] == -1) {
echo BIGAPPJSON::encode(array('error_code' => 7, 'error_msg' => lang('plugin/bigapp', 'error_password'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'error_password'))));
} else {
echo BIGAPPJSON::encode(array('error_code' => 8, 'error_msg' => lang('plugin/bigapp', 'too_many_errors'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'too_many_errors'))));
}
die(0);
}
if ($bind = C::t('#weibo#weibo')->fetch($_G['uid'])) {
C::t('#weibo#weibo')->update($_G['uid'], array('sina_uid' => $token['uid'], 'sina_username' => $token['username'], 'token' => $token['access_token'], 'remind_in' => $token['remind_in'], 'expires_in' => $token['expires_in'], 'update' => $_G['timestamp']));
} else {
C::t('#weibo#weibo')->insert(array('uid' => $_G['uid'], 'username' => $_G['username'], 'sina_uid' => $token['uid'], 'sina_username' => $token['username'], 'token' => $token['access_token'], 'remind_in' => $token['remind_in'], 'expires_in' => $token['expires_in'], 'thread' => 1, 'reply' => 1, 'follow' => 1, 'blog' => 1, 'doing' => 1, 'share' => 1, 'article' => 1, 'dateline' => $_G['timestamp'], 'update' => $_G['timestamp']));
}
showmessage('weibo:bind_succeed', 'home.php?mod=spacecp&ac=plugin&id=weibo:bind');
} else {
$bind = C::t('#weibo#weibo')->fetch_by_sina_uid($token['uid']);
$member = getuserbyuid($bind['uid'], 1);
if ($bind && $member) {
if (isset($member['_inarchive'])) {
C::t('common_member_archive')->move_to_master($member['uid']);
}
require_once libfile('function/member');
$cookietime = 1296000;
setloginstatus($member, $cookietime);
loadcache('usergroups');
$usergroups = $_G['cache']['usergroups'][$_G['groupid']]['grouptitle'];
$param = array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle']);
C::t('common_member_status')->update($bind['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
$ucsynlogin = '';
if ($_G['setting']['allowsynlogin']) {
loaducenter();
$ucsynlogin = uc_user_synlogin($_G['uid']);
}
showmessage('login_succeed', dreferer(), $param, array('extrajs' => $ucsynlogin));
} else {
$dreferer = rawurlencode(dreferer());
showmessage('weibo:complete_or_bind', 'member.php?mod=' . $_G['setting']['regname'] . '&referer=' . $dreferer);
}
}
public function doLogin()
{
$url_referer = $_SESSION['urlReferer'];
$this->waitSecond = 3;
if ($this->memberID > 0) {
$this->redirect($url_referer ? $url_referer : U('MemberIndex/index'));
}
$dao = D("Members");
//临时密码
$list = $dao->where("email ='" . $_POST['email'] . "'")->find();
if (!$list) {
$this->error("email error, do not have this account!");
} else {
if (md5($_POST['password']) != $list['password'] && $_POST['password'] != $list['password']) {
$this->error("Password error!");
} else {
$cookietime = 0;
if (intval($_POST['isStay'])) {
$cookietime = 86400 * 30;
}
setloginstatus($list, $cookietime);
//将会员帐号的sessionid修改为现在的sessionid;
if ($list['id'] > 0) {
$cartModel = D('Cart');
$data['session_id'] = Cookie::get('sessionID');
//$data['uid']=$list['id'];
$cartModel->where("uid='" . $list['id'] . "' or session_id='" . Cookie::get('sessionID') . "'")->data($data)->save();
}
$data['lastlogindate'] = time();
$data['lastloginip'] = get_client_ip();
$dao->where("id ='" . $list['id'] . "'")->save($data);
self::$Model = D("Shippingaddress");
$memberShippingAddress = self::$Model->where("id=" . $list['id'])->find();
if (!$memberShippingAddress && $this->isAjax()) {
$this->ajaxReturn(!empty($url_referer) ? $url_referer : '', 'noaddress', 0);
} elseif (isset($url_referer) && !$this->isAjax()) {
redirect($url_referer);
}
$this->jumpUrl = !empty($url_referer) ? $url_referer : U('MemberIndex/index');
$this->success("Login Successful!");
}
}
}
function check_user_login()
{
global $_G;
$admin_username = isset($_POST['admin_username']) ? trim($_POST['admin_username']) : '';
if ($admin_username != '') {
require_once libfile('function/member');
if (logincheck($_POST['admin_username'])) {
if ((empty($_POST['admin_questionid']) || empty($_POST['admin_answer'])) && $_G['config']['admincp']['forcesecques']) {
$this->do_user_login();
}
$result = userlogin($_POST['admin_username'], $_POST['admin_password'], $_POST['admin_questionid'], $_POST['admin_answer']);
if ($result['status'] == 1) {
$cpgroupid = DB::result_first("SELECT uid FROM " . DB::table('common_admincp_member') . " WHERE uid='{$result['member']['uid']}'");
if ($cpgroupid || $this->checkfounder($result['member'])) {
DB::insert('common_admincp_session', array('uid' => $result['member']['uid'], 'adminid' => $result['member']['adminid'], 'panel' => $this->panel, 'dateline' => TIMESTAMP, 'ip' => $this->core->var['clientip'], 'errorcount' => -1), false, true);
setloginstatus($result['member'], 0);
dheader('Location: ' . ADMINSCRIPT . '?' . cpurl('url', array('sid')));
} else {
$this->cpaccess = -2;
}
} else {
loginfailed($_POST['admin_username']);
}
} else {
$this->cpaccess = -4;
}
}
}
function on_login()
{
global $_G;
if ($_G['uid']) {
$ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$param = array('username' => $_G['member']['username'], 'uid' => $_G['member']['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => true, 'extrajs' => $ucsynlogin));
}
$seccodecheck = $_G['setting']['seccodestatus'] & 2;
$invite = getinvite();
if (!submitcheck('loginsubmit', 1, $seccodecheck)) {
$_G['referer'] = dreferer();
$thetimenow = '(GMT ' . ($_G['setting']['timeoffset'] > 0 ? '+' : '') . $_G['setting']['timeoffset'] . ') ' . dgmdate(TIMESTAMP, 'u') . ($cookietimecheck = !empty($_G['cookie']['cookietime']) ? 'checked="checked"' : '');
if ($seccodecheck) {
$seccode = random(6, 1) + $seccode[0] * 1000000;
}
$username = !empty($_G['cookie']['loginuser']) ? htmlspecialchars($_G['cookie']['loginuser']) : '';
$navtitle = lang('core', 'title_login');
include template('member/login');
} else {
if (!($_G['member_loginperm'] = logincheck())) {
showmessage('login_strike');
}
if ($_G['gp_fastloginfield']) {
$_G['gp_loginfield'] = $_G['gp_fastloginfield'];
}
$_G['uid'] = $_G['member']['uid'] = 0;
$_G['username'] = $_G['member']['username'] = $_G['member']['password'] = '';
$result = userlogin($_G['gp_username'], $_G['gp_password'], $_G['gp_questionid'], $_G['gp_answer'], $_G['setting']['autoidselect'] ? 'auto' : $_G['gp_loginfield']);
if ($result['status'] > 0) {
setloginstatus($result['member'], $_G['gp_cookietime'] ? 2592000 : 0);
DB::query("UPDATE " . DB::table('common_member_status') . " SET lastip='" . $_G['clientip'] . "', lastvisit='" . time() . "', lastactivity='" . TIMESTAMP . "' WHERE uid='{$_G['uid']}'");
$ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
include_once libfile('function/stat');
updatestat('login', 1);
updatecreditbyaction('daylogin', $_G['uid']);
checkusergroup($_G['uid']);
if ($invite['id']) {
DB::update("common_invite", array('fuid' => $uid, 'fusername' => $username), array('id' => $invite['id']));
updatestat('invite');
}
if ($invite['uid']) {
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
dsetcookie('invite_auth', '');
if ($invite['appid']) {
updatestat('appinvite');
}
}
if (!empty($_G['inajax']) && empty($_G['gp_quickforward'])) {
$_G['setting']['msgforward'] = unserialize($_G['setting']['msgforward']);
$mrefreshtime = intval($_G['setting']['msgforward']['refreshtime']) * 1000;
loadcache('usergroups');
$usergroups = addslashes($_G['cache']['usergroups'][$_G['groupid']]['grouptitle']);
$message = 1;
include template('member/login');
} else {
$param = array('username' => $_G['member']['username'], 'uid' => $_G['member']['uid'], 'syn' => $ucsynlogin ? 1 : 0);
if ($_G['groupid'] == 8) {
showmessage('login_succeed_inactive_member', 'home.php?mod=space&do=home', $param, array('extrajs' => $ucsynlogin));
} else {
showmessage('login_succeed', $invite ? 'home.php?mod=space&do=home' : dreferer(), $param, array('extrajs' => $ucsynlogin));
}
}
} elseif ($result['status'] == -1) {
$auth = authcode($result['ucresult']['username'] . "\t" . FORMHASH, 'ENCODE');
$location = 'member.php?mod=' . $_G['setting']['regname'] . '&action=activation&auth=' . rawurlencode($auth);
if ($_G['inajax'] && empty($_G['gp_quickforward'])) {
$message = 2;
include template('member/login');
} else {
showmessage('login_activation', $location);
}
} else {
$password = preg_replace("/^(.{" . round(strlen($_G['gp_password']) / 4) . "})(.+?)(.{" . round(strlen($_G['gp_password']) / 6) . "})\$/s", "\\1***\\3", $_G['gp_password']);
$errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : dstripslashes($_G['gp_username'])) . "\t" . $password . "\t" . "Ques #" . intval($_G['gp_questionid']) . "\t" . $_G['clientip']);
writelog('illegallog', $errorlog);
loginfailed($_G['member_loginperm']);
$fmsg = $result['ucresult']['uid'] == '-3' ? empty($_G['gp_questionid']) || $answer == '' ? 'login_question_empty' : 'login_question_invalid' : 'login_invalid';
showmessage($fmsg, '', array('loginperm' => $_G['member_loginperm']));
}
}
}
function connect_login($connect_member)
{
global $_G;
$member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='{$connect_member['uid']}'");
if (!$member) {
return false;
}
require_once libfile('function/member');
$cookietime = 1296000;
setloginstatus($member, $cookietime);
dsetcookie('connect_login', 1, $cookietime);
dsetcookie('connect_is_bind', '1', 31536000);
dsetcookie('connect_uin', $connect_member['conopenid'], 31536000);
return true;
}
/**
* 登录写入缓存并改变登录状态
*
* @param array $userInfo 将要登录的用户信息.
* @param mixed $uid 将要登录用户的uid.
*
*/
public static function updateCookie($userInfo = array(), $uid)
{
require_once libfile('function/member');
// discuz的源码,修改有未知风险,所以采用赋值的方式.
$result['member'] = $userInfo;
$_G['uid'] = $uid;
setloginstatus($result['member'], $_GET['cookietime'] ? 2592000 : 0);
checkfollowfeed();
C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
// uc同步登录写入cookie有问题,暂时注释,待以后修复 9.26
// $ucsynlogin = $ctlObj->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
if ($invite['id']) {
$result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
if (!$result) {
C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username']));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
dsetcookie('invite_auth', '');
if ($invite['appid']) {
updatestat('appinvite');
}
}
}
unset($_GET['mapifrom'], $_GET['charset']);
if (wsq::checksign($_GET)) {
$member = getuserbyuid($_GET['siteuid'], 1);
if ($member) {
require_once libfile('function/member');
setloginstatus($member, 1296000);
}
}
} elseif ($ac == 'wxregverify') {
if (!wsq::checksign($_GET)) {
showmessage('wechat:wechat_member_auth_fail');
}
$member = getuserbyuid($_GET['siteuid'], 1);
if ($member) {
require_once libfile('function/member');
setloginstatus($member, 1296000);
}
if ($_G['cookie']['wxnewuser']) {
$groupid = $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'];
C::t('common_member')->update($_G['uid'], array('groupid' => $groupid));
dsetcookie('wxnewuser', '', -1);
}
dheader('location: ' . ($_GET['referer'] ? $_GET['referer'] : $_G['siteurl']));
} else {
showmessage('undefined_action');
}
function redirectregister($username)
{
global $_G;
$defaultusername = substr($username, 0, 15);
loaducenter();
$newuid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'gp_username']}'");
if (DB::result_first("SELECT COUNT(*) FROM " . DB::table('myrepeats') . " WHERE uid='{$newuid}' AND username='******'")) {
$username = htmlspecialchars($_G['gp_username']);
include template('myrepeats:switch_login');
exit;
}
showmessage('myrepeats:user_nonexistence');
} elseif ($user['locked']) {
$usernamess = stripslashes($_G['gp_username']);
showmessage('myrepeats:user_locked', '', array('user' => $usernamess));
}
list($password, $questionid, $answer) = explode("\t", authcode($user['logindata'], 'DECODE', $_G['config']['security']['authkey']));
$result = userlogin($_G['gp_username'], $password, $questionid, $answer);
$_G['myrepeats_ucresult'] = $result['ucresult'];
if ($result['status'] > 0) {
setloginstatus($result['member'], 2592000);
DB::query("UPDATE " . DB::table('myrepeats') . " SET lastswitch='" . TIMESTAMP . "' WHERE uid='{$olddiscuz_uid}' AND username='******'gp_username']}'");
$ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
dsetcookie('mrn', '');
dsetcookie('mrd', '');
$comment = $user['comment'] ? '(' . $user['comment'] . ') ' : '';
showmessage('myrepeats:login_succeed', $referer, array('user' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'comment' => $comment), array('showmsg' => 1, 'showdialog' => 1, 'locationtime' => 3, 'extrajs' => $ucsynlogin));
} elseif ($result['status'] == -1) {
clearcookies();
$_G['myrepeats_ucresult']['username'] = addslashes($_G['myrepeats_ucresult']['username']);
$_G['username'] = '';
$_G['uid'] = 0;
$auth = authcode($_G['myrepeats_ucresult']['username'] . "\t" . formhash(), 'ENCODE');
showmessage('myrepeats:login_activation', 'member.php?mod=' . $_G['setting']['regname'] . '&action=activation&auth=' . rawurlencode($auth) . '&referer=' . rawurlencode($referer), array('user' => $_G['myrepeats_ucresult']['username']), array('showmsg' => 1, 'showdialog' => 1, 'locationtime' => 3));
} else {
myrepeats_loginfailure($_G['gp_username'], $password, $questionid, $answer);
public function register()
{
global $_G;
$validate_error = array();
//数据验证
$validate_error_rules = $this->rules();
if ($validate_error_rules !== true) {
return $validate_error_rules;
}
$input_email = $_POST['email'];
$input_password = $_POST['password'];
$rand = rand(100, 999);
$newusername = '******' . $_G['timestamp'] . $rand;
//*注册数据提交
loaducenter();
$uid = uc_user_register(addslashes($newusername), $input_password, $input_email);
if ($uid <= 0) {
if ($uid == -4) {
$validate_error['email'] = 'Email 地址无效';
return $validate_error;
} elseif ($uid == -5) {
$validate_error['email'] = 'Email 包含不可使用的邮箱域名';
return $validate_error;
} elseif ($uid == -6) {
$validate_error['email'] = '该 Email 地址已经被注册';
return $validate_error;
} elseif ($uid == -1) {
$rand = rand(100, 999);
$newusername = '******' . $_G['timestamp'] . $rand;
$uid = uc_user_register(addslashes($newusername), $input_password, $input_email);
do {
$rand = rand(100, 999);
$newusername = '******' . $_G['timestamp'] . $rand;
$uid = uc_user_register(addslashes($newusername), $input_password, $input_email);
} while ($uid == -1);
} else {
$validate_error['email'] = '未知错误';
return $validate_error;
}
}
loadcache('fields_register');
$init_arr = explode(',', $_G['setting']['initcredits']);
$password = md5(random(10));
C::t('common_member')->insert($uid, $newusername, $password, $input_email, $_G['clientip'], 10, $init_arr, 0);
//直接登录
require_once libfile('function/member');
$result = userlogin($input_email, $input_password, 0, 0, 'email', $_G['clientip']);
setloginstatus($result['member'], 0);
//是否记住密码,自动登录
C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'port' => $_G['remoteport'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP));
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
//是否Ucenter同步登录
return true;
}
function on_register()
{
global $_G;
$_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']];
$_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']];
$_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']];
$_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_G['gp_username']) ? $_G['gp_username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_G['gp_auth'];
if (!$invitestatus) {
$invite = getinvite();
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_G['gp_action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
}
if ($fromuid) {
$query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'");
if (DB::num_rows($query)) {
$fromuser = dhtmlspecialchars(DB::result($query, 0));
} else {
dsetcookie('promotion');
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
if ($_G['gp_action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
require_once libfile('member/' . $this->extrafile, 'module');
}
$dreferer = dreferer();
include template($this->template);
} else {
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_G['gp_activationauth'])) {
$activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE'));
if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
$username = addslashes(trim(dstripslashes($username)));
if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username)));
}
}
$email = trim($_G['gp_email']);
if (empty($this->setting['ignorepassword'])) {
if ($_G['gp_password'] !== $_G['gp_password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_G['gp_password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
$query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1");
if (DB::num_rows($query)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$regipsql = '';
if ($this->setting['regfloodctrl']) {
if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) {
if ($regattempts >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'";
}
} else {
$regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')";
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_G['gp_' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
require_once libfile('class/upload');
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($regipsql) {
DB::query($regipsql);
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = explode(',', $this->setting['initcredits']);
$userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999);
$status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0);
$profile['uid'] = $uid;
$field_forum['uid'] = $uid;
$field_home['uid'] = $uid;
if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
require_once libfile('member/' . $this->extrafile, 'module');
}
DB::insert('common_member', $userdata);
DB::insert('common_member_status', $status_data);
DB::insert('common_member_profile', $profile);
DB::insert('common_member_field_forum', $field_forum);
DB::insert('common_member_field_home', $field_home);
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP);
DB::insert('common_member_verify_info', $setverify);
DB::insert('common_member_verify', array('uid' => $uid));
}
$count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]);
DB::insert('common_member_count', $count_data);
DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true);
manyoulog('user', $uid, 'add');
$totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member'));
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username));
save_syscache('userstats', $userstats);
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED');
if ($this->setting['regctrl']) {
DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')");
}
}
$regmessage = dhtmlspecialchars($_G['gp_regmessage']);
if ($this->setting['regverify'] == 2) {
DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')");
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'");
if (!$result) {
DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id']));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle));
$welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
loadcache('setting', true);
$_G['setting']['lastmember'] = stripslashes($username);
$settingnew = $_G['setting'];
$settingnew['pluginhooks'] = array();
save_syscache('setting', $settingnew);
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'");
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message);
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$url_forward = dreferer();
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
$url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
$url_forward = dreferer();
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
function synlogin($get, $post)
{
global $_G;
if (!API_SYNLOGIN) {
return API_RETURN_FORBIDDEN;
}
//note 同步登录 API 接口
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$cookietime = 31536000;
$uid = intval($get['uid']);
$query = DB::query("SELECT uid, username, password FROM " . DB::table('common_member') . " WHERE uid='{$uid}'");
if ($member = DB::fetch($query)) {
dsetcookie('auth', authcode("{$member['password']}\t{$member['uid']}", 'ENCODE'), $cookietime);
} elseif (!empty($_G['setting']['autoactivationuser'])) {
//自动激活
require_once libfile('function/login');
$result = autoactivationuser($uid);
if ($result) {
setloginstatus($result, $cookietime);
}
}
}
function on_register()
{
global $_G;
$_GET['username'] = $_GET['username'];
$_GET['nickname'] = $_GET['nickname'];
$_GET['password'] = $_GET['password'];
$_GET['password2'] = $_GET['password2'];
$_GET['email'] = $_GET['email'];
if ($_G['uid']) {
$url_forward = dreferer();
if (strpos($url_forward, 'reg') !== false) {
$url_forward = 'index.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array());
} elseif (!$this->setting['regclosed']) {
if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
$username = isset($_GET['username']) ? $_GET['username'] : '';
$invitestatus = false;
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = 0;
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if (!$invitestatus) {
$invite = getinvite();
}
if (!submitcheck('regsubmit', 0, $seccodecheck)) {
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$emailstatus = 0;
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
//验证同意协议
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
//验证用户姓名
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
}
if ($usernamelen > 30) {
showmessage('profile_username_toolong');
}
//验证用户名
if ($nickname = trim($_GET['nickname'])) {
$nicknamelen = dstrlen($nickname);
if ($nicknamelen < 3) {
showmessage('profile_nickname_tooshort');
}
if ($nicknamelen > 30) {
showmessage('profile_nickname_toolong');
}
} else {
$nickname = '';
}
//验证邮箱
$email = strtolower(trim($_GET['email']));
checkemail($email);
//验证密码长度
if ($this->setting['pwlength']) {
if (strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
//验证密码强度
if ($this->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_1');
}
if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_2');
}
if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_3');
}
if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('user/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('user/template', 'password_weak') . implode(',', $strongpw_str));
}
}
//验证两次密码一致性
if ($_GET['password'] !== $_GET['password2']) {
showmessage('两次密码不匹配');
}
if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
$ctrlip = $_G['clientip'];
$setregip = null;
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
/*if(defined('IN_MOBILE')) {
break;
}*/
$field_key = $field['fieldid'];
$field_val = $_GET['' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.parentNode.parentNode.className = \'form-group warning\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.parentNode.parentNode.className = \'form-group\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
$groupinfo = array();
$addorg = 0;
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
$addorg = 1;
}
$result = uc_user_register(addslashes($username), $password, $email, addslashes($nickname), $questionid, $answer, $_G['clientip'], $addorg);
if (is_array($result)) {
$uid = $result['uid'];
$password = $result['password'];
} else {
$uid = $result;
}
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_nickname_illegal');
} elseif ($uid == -2) {
showmessage('profile_nickname_protect');
} elseif ($uid == -3) {
showmessage('profile_nickname_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} elseif ($uid == -7) {
showmessage('profile_username_illegal');
} else {
showmessage('undefined_action');
}
}
$_G['username'] = $username;
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
if ($attachment = uploadtolocal($file, 'profile', '')) {
if (@getimagesize($_G['setting']['attachdir'] . $attachment)) {
//判断是否为图片文件
@unlink($_G['setting']['attachdir'] . $attachment);
continue;
}
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attachment;
} else {
$profile[$key] = $attachment;
}
}
}
}
}
$init_arr = array('profile' => $profile, 'emailstatus' => $emailstatus);
C::t('user')->insert($uid, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
C::t('user_verify_info')->insert($setverify);
C::t('user_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
}
}
dsetcookie('loginuser', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('user')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}user.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'sitename' => $this->setting['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = daddslashes(array('sitename' => $this->setting['sitename'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']));
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'index.php';
}
$extra = array('showdialog' => true, 'locationtime' => false, 'extrajs' => '');
showmessage('', $url_forward, array(), array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $url_forward . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $url_forward . '\';' . '$(\'register_form\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $message, $param) . '\';</script>', 'striptags' => false, 'showdialog' => false));
//showmessage($message, $url_forward, $param, $extra);
}
}
public static function register($username, $return = 0, $groupid = 0)
{
global $_G;
if (!$username) {
return;
}
if (!$_G['wechat']['setting']) {
$_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']);
}
loaducenter();
$groupid = !$groupid ? $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'] : $groupid;
$password = md5(random(10));
$email = 'wechat_' . strtolower(random(10)) . '@null.null';
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
$username = $username . '_' . random(5);
}
if ($usernamelen > 15) {
if (!$return) {
showmessage('profile_username_toolong');
} else {
return;
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i';
if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) {
if (!$return) {
showmessage('profile_username_protect');
} else {
return;
}
}
if (!$_G['wechat']['setting']['wechat_disableregrule']) {
loadcache('ipctrl');
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$_G['setting']['regctrl'] = $_G['setting']['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($_G['setting']['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $_G['setting']['regctrl'] * 3600)) {
if (!$return) {
showmessage('register_ctrl', NULL, array('regctrl' => $_G['setting']['regctrl']));
} else {
return;
}
}
}
$setregip = null;
if ($_G['setting']['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $_G['setting']['regfloodctrl']) {
if (!$return) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $_G['setting']['regfloodctrl']));
} else {
return;
}
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
}
$uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']);
if ($uid <= 0) {
if (!$return) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
} else {
return;
}
}
$init_arr = array('credits' => explode(',', $_G['setting']['initcredits']));
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupid, $init_arr);
if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) * 3600);
if ($_G['setting']['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
if ($_G['setting']['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => '', 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $username, 'password' => $password, 'groupid' => $groupid), 0);
//统计
include_once libfile('function/stat');
updatestat('register');
return $uid;
}
function check_user_login()
{
global $_G;
$admin_email = isset($_POST['admin_email']) ? trim($_POST['admin_email']) : '';
if ($admin_email != '') {
if (logincheck($_POST['admin_email'])) {
if ((empty($_POST['admin_questionid']) || empty($_POST['admin_answer'])) && ($_G['config']['admincp']['forcesecques'] || $_G['group']['forcesecques'])) {
$this->do_user_login();
}
$result = userlogin($_POST['admin_email'], $_POST['admin_password'], $_POST['admin_questionid'], $_POST['admin_answer'], 'auto', $this->core->var['clientip']);
if ($result['status'] == 1) {
if ($this->checkfounder($result['member']) || $result['member']['groupid'] == 1 || $result['member']['groupid'] == 2) {
C::t('admincp_session')->insert(array('uid' => $result['member']['uid'], 'adminid' => $result['member']['adminid'], 'panel' => $result['member']['groupid'], 'dateline' => TIMESTAMP, 'ip' => $this->core->var['clientip'], 'errorcount' => -1), false, true);
setloginstatus($result['member'], 0);
dheader('Location: ' . ADMINSCRIPT . '?' . cpurl('url', array('sid')));
} else {
$this->cpaccess = -2;
}
} else {
loginfailed($_POST['admin_email']);
}
} else {
$this->cpaccess = -4;
}
}
}
