function update()
{
$user = $this->dao;
$_POST['password'] = $_POST['pwd'] ? sysmd5($_POST['pwd']) : $_POST['opwd'];
if (!empty($_POST['id'])) {
if (false !== $user->save($_POST)) {
$ru['user_id'] = $_POST['id'];
$ru['role_id'] = $_POST['groupid'];
$roleuser = M('RoleUser');
$roleuser->where('user_id=' . $_POST['id'])->delete();
$roleuser->where('user_id=' . $_POST['id'])->add($ru);
$this->success(L('edit_ok'));
} else {
$this->error(L('edit_error') . $user->getDbError());
}
} else {
$this->error(L('do_error'));
}
}
public function backcode()
{
$code = $_REQUEST["code"];
$user_config = $this->wxconfig;
//print_r($user_config);exit;
if ($user_config) {
//echo "code:".$code."\n";
////////////////防止为空///////////////
if (empty($user_config['appid'])) {
echo "商户APPID为空,请联系该商户!";
exit;
}
if (empty($user_config['appsecret'])) {
echo "商户APPSECRET为空,请联系该商户!";
exit;
}
if (empty($code)) {
echo "CODE返回为空";
exit;
}
/////////////方式1/////////begin////////
$r = $this->get_access_token($code, $user_config['appid'], $user_config['appsecret']);
//获取到access_token
$wd = json_decode($r, ture);
//print_r($wd);exit;
$openid = $wd['openid'];
// session("wx_openid",$openid);
$token = $this->wechatObj->token($user_config["appid"], $user_config["appsecret"]);
//获取用户信息
$rr = $this->get_userinfo($openid, $token);
//拉取用户信息(需scope为 snsapi_userinfo)snsapi_base只能获取到openid
$wuser = json_decode($rr, ture);
/*屏蔽*/
// print_r($wuser);exit;
if (empty($openid)) {
echo "用户openid获取不到!查看appsecret是否正确设置!";
exit;
} else {
session('wx_openid', $openid);
}
//缓存记录用户信息
$count = M("gzuser")->where("openid='" . $openid . "'")->count();
//echo sysmd5($openid);
$userid = M("user")->where("wxid='" . sysmd5($openid) . "'")->getField('id');
//echo "uid:".$userid;
if ($userid > 0) {
$wuser['userid'] = $userid;
}
// print_r($wuser);exit;
if ($count <= 0) {
M("gzuser")->add($wuser);
} else {
M("gzuser")->where("openid='" . $openid . "'")->save($wuser);
}
///////////////////////////////
$access_token = $wd['access_token'];
} else {
echo "该用户未设置基本接入信息!";
exit;
}
/*
*/
if (!empty($openid)) {
$this->adduser($openid);
M("user")->where("wxid='" . sysmd5($openid) . "'")->setField('realname', $wuser['nickname']);
M("user")->where("wxid='" . sysmd5($openid) . "'")->setField('avatar', $wuser['headimgurl']);
$map['wx'] = $openid;
$login = A("User/Login");
$login->dologin(1, $map);
// $url=$this->Config["site_url"]."/index.php?g=User";
// header('Location: '.$url);
} else {
echo "openid获取失败";
}
exit;
//;
}
/**
* 提交登录
*
*/
public function doLogin()
{
$dao = M('User');
$ip = get_client_ip();
if (empty($this->sysConfig['ADMIN_ACCESS'])) {
$this->error(L('NO SYSTEM CONFIG FILE'));
}
$username = get_safe_replace(trim($_POST['username']));
$password = get_safe_replace(trim($_POST['password']));
$verifyCode = trim($_POST['verifyCode']);
if (empty($username) || empty($password)) {
$this->error(L('empty_username_empty_password'));
} elseif ($_SESSION['verify'] && $this->sysConfig['ADMIN_VERIFY'] && md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$time = time();
$logwhere = array();
$logwhere['time'] = array('EGT', $time - 1800);
$logwhere['ip'] = array('eq', $ip);
$logwhere['error'] = 1;
$lognum = M('Log')->where($logwhere)->count();
if ($lognum >= 100) {
$this->error(L('Login_error_count'));
}
$condition = array();
$condition['username'] = array('eq', $username);
import('@.ORG.RBAC');
$authInfo = RBAC::authenticate($condition);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$data = array();
$data['username'] = $username;
$data['ip'] = $ip;
$data['time'] = $time;
$data['note'] = L('empty_userid');
$data['error'] = 1;
M('Log')->add($data);
$this->error(L('empty_userid'));
} else {
if ($authInfo['password'] != sysmd5($password)) {
$data = array();
$data['username'] = $username;
$data['ip'] = $ip;
$data['time'] = $time;
$data['note'] = L('password_error') . ':' . $password;
$data['error'] = 1;
M('Log')->add($data);
$this->error(L('password_error'));
}
$_SESSION['username'] = $authInfo['username'];
$_SESSION['adminid'] = $_SESSION['userid'] = $authInfo['id'];
$_SESSION['groupid'] = $authInfo['groupid'];
$_SESSION['adminaccess'] = C('ADMIN_ACCESS');
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['email'] = $authInfo['email'];
$_SESSION['lastLoginTime'] = $authInfo['last_logintime'];
$_SESSION['login_count'] = $authInfo['login_count'] + 1;
if ($authInfo['groupid'] == 1) {
$_SESSION[C('ADMIN_AUTH_KEY')] = true;
}
//保存登录信息
$data = array();
$data['id'] = $authInfo['id'];
$data['last_logintime'] = $time;
$data['last_ip'] = get_client_ip();
$data['login_count'] = array('exp', 'login_count+1');
$dao->save($data);
// 缓存访问权限
RBAC::saveAccessList();
$data = array();
$data['username'] = $username;
$data['ip'] = $ip;
$data['time'] = $time;
$data['note'] = L('login_ok');
M('Log')->add($data);
if ($_POST['ajax']) {
$this->ajaxReturn($authInfo, L('login_ok'), 1);
} else {
$this->assign('jumpUrl', U('Index/index'));
$this->success(L('login_ok'));
}
}
}
public function doreg()
{
$username = get_safe_replace($_POST['username']);
$password = get_safe_replace($_POST['password']);
$email = get_safe_replace($_POST['email']);
$verifyCode = $_POST['verifyCode'];
if (empty($username) || empty($password) || empty($email)) {
$this->error(L('empty_username_empty_password_empty_email'));
}
if ($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$status = $this->member_config['member_registecheck'] ? 0 : 1;
if ($this->member_config['member_emailcheck']) {
$status = 1;
$groupid = 5;
}
$groupid = $groupid ? $groupid : 3;
$data = array();
$data['username'] = $username;
$data['email'] = $email;
$data['groupid'] = $groupid;
$data['login_count'] = 1;
$data['createtime'] = time();
$data['updatetime'] = time();
$data['last_logintime'] = time();
$data['reg_ip'] = get_client_ip();
$data['status'] = $status;
$authInfo['password'] = $data['password'] = sysmd5($password);
if ($r = $this->dao->create($data)) {
if (false !== $this->dao->add()) {
$authInfo['id'] = $uid = $this->dao->getLastInsID();
$authInfo['groupid'] = $ru['role_id'] = $data['groupid'];
$ru['user_id'] = $uid;
$roleuser = M('RoleUser');
$roleuser->add($ru);
if ($this->member_config['member_emailcheck']) {
$yourphp_auth = authcode($uid . "-" . $username . "-" . $email, 'ENCODE', $this->sysConfig['ADMIN_ACCESS'], 3600 * 24 * 3);
//3天有效期
$url = 'http://' . $_SERVER['HTTP_HOST'] . U('User/Login/regcheckemail?code=' . $yourphp_auth);
$click = "<a href=\"{$url}\" target=\"_blank\">" . L('CLICK_THIS') . "</a>";
$message = str_replace(array('{click}', '{url}', '{sitename}'), array($click, $url, $this->Config['site_name']), $this->member_config['member_emailchecktpl']);
$r = sendmail($email, L('USER_REGISTER_CHECKEMAIL') . '-' . $this->Config['site_name'], $message, $this->Config);
$this->assign('send_ok', 1);
$this->assign('username', $username);
$this->assign('email', $email);
$this->display('Login:emailcheck');
exit;
}
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode($authInfo['id'] . "-" . $authInfo['groupid'] . "-" . $authInfo['password'], 'ENCODE', $yourphp_auth_key);
$authInfo['username'] = $data['username'];
$authInfo['email'] = $data['email'];
cookie('auth', $yourphp_auth, $cookietime);
cookie('username', $authInfo['username'], $cookietime);
cookie('groupid', $authInfo['groupid'], $cookietime);
cookie('userid', $authInfo['id'], $cookietime);
cookie('email', $authInfo['email'], $cookietime);
$this->assign('jumpUrl', $this->forward);
$this->success(L('reg_ok'));
} else {
$this->error(L('reg_error'));
}
} else {
$this->error($this->dao->getError());
}
}
function editpic()
{
$id = intval($_REQUEST['id']);
$fid = intval($_REQUEST['fid']);
if (!$id) {
$this->error(L('do_empty'));
}
$slide = D('Slide')->find($fid);
//isadmin,more,isthumb,file_limit,file_types,file_size,moduleid,
$yourphp_auth_key = sysmd5(C('ADMIN_ACCESS') . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode('1-1-0-10-jpeg,jpg,png,gif-5-230', 'ENCODE', $yourphp_auth_key);
$this->assign('yourphp_auth', $yourphp_auth);
$vo = D('Slide_data')->find($id);
$this->assign('fid', $fid);
$this->assign('vo', $vo);
$this->assign('slide', $slide);
$this->display();
}
function repassword()
{
if ($_POST['dosubmit']) {
$verifyCode = trim($_POST['verify']);
if (md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
if (trim($_POST['repassword']) != trim($_POST['password'])) {
$this->error(L('password_repassword'));
}
list($userid, $username, $email) = explode("-", authcode($_POST['code'], 'DECODE', $this->sysConfig['ADMIN_ACCESS']));
$user = M('User');
//判断邮箱是用户是否正确
$data = $user->where("id={$userid} and username='******' and email='{$email}'")->find();
if ($data) {
$user->password = sysmd5(trim($_POST['password']));
$user->updatetime = time();
$user->last_ip = get_client_ip();
$user->save();
$this->assign('jumpUrl', U('User/login/index'));
$this->assign('waitSecond', 3);
$this->success(L('do_repassword_success'));
} else {
$this->error(L('check_url_error'));
}
exit;
}
$code = str_replace(' ', '+', $_REQUEST['code']);
$this->assign('code', $code);
$this->display();
}
public function _initialize()
{
$this->sysConfig = F('sys.config');
$this->module = F('Module');
$this->Role = F('Role');
$this->Type = F('Type');
$this->mod = F('Mod');
$this->moduleid = $this->mod[MODULE_NAME];
if (APP_LANG) {
$this->Lang = F('Lang');
$this->assign('Lang', $this->Lang);
if (get_safe_replace($_GET['l'])) {
if (!$this->Lang[$_GET['l']]['status']) {
$this->error(L('NO_LANG'));
}
$lang = $_GET['l'];
} else {
$lang = $this->sysConfig['DEFAULT_LANG'];
}
define('LANG_NAME', $lang);
define('LANG_ID', $this->Lang[$lang]['id']);
$this->categorys = F('Category_' . $lang);
$this->Config = F('Config_' . $lang);
$this->assign('l', $lang);
$this->assign('langid', LANG_ID);
$T = F('config_' . $lang, '', APP_PATH . 'Tpl/Home/' . $this->sysConfig['DEFAULT_THEME'] . '/');
C('TMPL_CACHFILE_SUFFIX', '_' . $lang . '.php');
cookie('think_language', $lang);
} else {
$T = F('config_' . $this->sysConfig['DEFAULT_LANG'], '', APP_PATH . 'Tpl/Home/' . $this->sysConfig['DEFAULT_THEME'] . '/');
$this->categorys = F('Category');
$this->Config = F('Config');
cookie('think_language', $this->sysConfig['DEFAULT_LANG']);
}
$this->assign('T', $T);
$this->assign($this->Config);
$this->assign('Role', $this->Role);
$this->assign('Type', $this->Type);
$this->assign('Module', $this->module);
$this->assign('Categorys', $this->categorys);
import("@.ORG.Form");
$this->assign('form', new Form());
C('HOME_ISHTML', $this->sysConfig['HOME_ISHTML']);
C('PAGE_LISTROWS', $this->sysConfig['PAGE_LISTROWS']);
C('URL_M', $this->sysConfig['URL_MODEL']);
C('URL_M_PATHINFO_DEPR', $this->sysConfig['URL_PATHINFO_DEPR']);
C('URL_M_HTML_SUFFIX', $this->sysConfig['URL_HTML_SUFFIX']);
C('URL_LANG', $this->sysConfig['DEFAULT_LANG']);
C('DEFAULT_THEME_NAME', $this->sysConfig['DEFAULT_THEME']);
import("@.ORG.Online");
$session = new Online();
if (cookie('auth')) {
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
list($userid, $groupid, $password) = explode("-", authcode(cookie('auth'), 'DECODE', $yourphp_auth_key));
$this->_userid = $userid;
$this->_username = cookie('username');
$this->_groupid = $groupid;
$this->_email = cookie('email');
} else {
$this->_groupid = cookie('groupid') ? cookie('groupid') : 4;
$this->_userid = 0;
}
foreach ((array) $this->module as $r) {
if ($r['issearch']) {
$search_module[$r['name']] = L($r['name']);
}
if ($r['ispost'] && in_array($this->_groupid, explode(',', $r['postgroup']))) {
$this->user_menu[$r['id']] = $r;
}
}
if (GROUP_NAME == 'User') {
$langext = $lang ? '_' . $lang : '';
$this->member_config = F('member.config' . $langext);
$this->assign('member_config', $this->member_config);
$this->assign('user_menu', $this->user_menu);
if ($this->_groupid == '5' && MODULE_NAME != 'Login') {
$this->assign('jumpUrl', URL('User-Login/emailcheck'));
$this->assign('waitSecond', 3);
$this->success(L('no_regcheckemail'));
exit;
}
$this->assign('header', TMPL_PATH . 'Home/' . THEME_NAME . '/Home_header.html');
}
if ($_GET['forward'] || $_POST['forward']) {
$this->forward = get_safe_replace($_GET['forward'] . $_POST['forward']);
} else {
if (MODULE_NAME != 'Register' || MODULE_NAME != 'Login') {
$this->forward = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $this->Config['site_url'];
}
}
$this->assign('forward', $this->forward);
$this->assign('search_module', $search_module);
$this->assign('module_name', MODULE_NAME);
$this->assign('action_name', ACTION_NAME);
}
public function password()
{
if ($_POST['dosubmit']) {
if (md5($_POST['verify']) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
if ($_POST['password'] != $_POST['repassword']) {
$this->error(L('password_repassword'));
}
$map = array();
$map['id'] = $this->_userid;
//检查用户
$user = $this->dao->field("password")->where("id=" . $this->_userid)->find();
if ($user["password"]) {
$map['password'] = array('eq', sysmd5($_POST['oldpassword']));
}
if (!$this->dao->where($map)->field('id')->find()) {
$this->error(L('error_oldpassword'));
} else {
$this->dao->email = $_POST['email'];
$this->dao->id = $this->_userid;
$this->dao->update_time = time();
$this->dao->password = sysmd5($_POST['password']);
$r = $this->dao->save();
$this->assign('jumpUrl', U('User/Index/password'));
if ($r) {
$this->success(L('do_success'));
} else {
$this->error(L('do_error'));
}
}
exit;
}
if ($this->Config["wap"] && is_mobile()) {
/*开启手机访问*/
$tmp = TMPL_PATH . 'User/' . C('DEFAULT_THEME') . "/wap/" . MODULE_NAME . '_' . ACTION_NAME . ".html";
}
$this->display($tmp);
}
public function sendnews($from, $to, $data, $url = "", $type)
{
$item = "";
$config = $this->config;
$url = $url != "" ? $url : $config["site_url"];
foreach ($data as $key => $v) {
if ($v["thumb"] != "") {
if (!(strpos($v["thumb"], 'http') === FALSE)) {
$thumb = $v["thumb"];
} else {
$thumb = $url . thumb($v["thumb"], 365, 169, 0);
}
} else {
$thumb = $url . $config["logo"];
}
if (!(strpos($v["url"], 'http') === FALSE)) {
$d_url = $v["url"];
} else {
$d_url = $url . $v["url"];
}
if (strpos($d_url, "?") !== false) {
$urlx = $d_url . "&wxid=" . sysmd5($from);
$urlx = str_replace("?&", "?", $urlx);
} else {
$urlx = $d_url . "?wxid=" . sysmd5($from);
}
$urlx = str_replace("&", "&", $urlx);
$item .= "<item>\r\n\t<Title><![CDATA[" . $v["title"] . "]]></Title> \r\n\t<Description><![CDATA[" . $v["description"] . "]]></Description>\r\n\t<PicUrl><![CDATA[" . $thumb . "]]></PicUrl>\r\n\t<Url><![CDATA[" . $urlx . "]]></Url>\r\n\t</item>";
}
$newsTpl = "<xml>\r\n<ToUserName><![CDATA[" . $from . "]]></ToUserName>\r\n<FromUserName><![CDATA[" . $to . "]]></FromUserName>\r\n<CreateTime>" . time() . "</CreateTime>\r\n<MsgType><![CDATA[news]]></MsgType>\r\n<ArticleCount>" . count($data) . "</ArticleCount>\r\n<Articles>\r\n" . $item . " </Articles><FuncFlag>1</FuncFlag></xml> ";
echo $newsTpl;
exit;
}
public function index()
{
$auth = str_replace(' ', '+', $_REQUEST['auth']);
$postd = array('isadmin', 'more', 'isthumb', 'file_limit', 'file_types', 'file_size', 'moduleid');
foreach ((array) $_REQUEST as $key => $res) {
if (in_array($key, $postd)) {
$postdata[$key] = $res;
}
}
$upsetup = implode('-', $postdata);
$yourphp_auth_key = sysmd5(C('ADMIN_ACCESS') . $_SERVER['HTTP_USER_AGENT']);
$enupsetup = authcode($auth, 'DECODE', $yourphp_auth_key);
// echo $enupsetup."<br/>";
// echo $upsetup;
// exit;
if (!$enupsetup || $upsetup != $enupsetup) {
$this->error(L('do_empty'));
}
$sessid = time();
$count = $this->dao->where('status=0 and userid =' . $this->userid)->count();
$this->assign('no_use_files', $count);
$this->assign('small_upfile_limit', $_REQUEST['file_limit'] - $count);
$types = '*.' . str_replace(",", ";*.", $_REQUEST['file_types']);
$this->assign('moduleid', $_REQUEST['moduleid']);
$this->assign('file_size', $_REQUEST['file_size']);
$this->assign('file_limit', $_REQUEST['file_limit']);
$this->assign('file_types', $types);
$this->assign('isthumb', $_REQUEST['isthumb']);
$this->assign('isadmin', $this->isadmin);
$this->assign('sessid', $sessid);
$this->assign('lang', LANG_NAME);
$this->assign('userid', $this->userid);
$swf_auth_key = sysmd5($sessid . $this->userid);
$this->assign('swf_auth_key', $swf_auth_key);
$this->assign('more', $_GET['more']);
$this->display();
}
public function password()
{
if ($_POST['dosubmit']) {
if (md5($_POST['verify']) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
if ($_POST['password'] != $_POST['repassword']) {
$this->error(L('password_repassword'));
}
$map = array();
$map['password'] = sysmd5($_POST['oldpassword']);
if (isset($_POST['username'])) {
$map['username'] = $_POST['username'];
} elseif (isset($_SESSION['adminid'])) {
$map['id'] = $_SESSION['adminid'];
}
//检查用户
$User = M("user");
if (!$User->where($map)->field('id')->find()) {
$this->error(L('error_oldpassword'));
} else {
$User->updatetime = time();
$User->password = sysmd5($_POST['password']);
$User->save();
$this->success(L('do_success'));
}
} else {
$this->display();
}
}
public function password()
{
if ($_POST['dosubmit']) {
if (md5($_POST['verify']) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
if ($_POST['password'] != $_POST['repassword']) {
$this->error(L('password_repassword'));
}
$map = array();
$map['password'] = array('eq', sysmd5($_POST['oldpassword']));
$map['id'] = $this->_userid;
//检查用户
if (!$this->dao->where($map)->field('id')->find()) {
$this->error(L('error_oldpassword'));
} else {
$this->dao->email = $_POST['email'];
$this->dao->id = $this->_userid;
$this->dao->update_time = time();
$this->dao->password = sysmd5($_POST['password']);
$r = $this->dao->save();
$this->assign('jumpUrl', U('User/Index/password'));
if ($r) {
$this->success(L('do_success'));
} else {
$this->error(L('do_error'));
}
}
exit;
}
$this->display();
}
public function edit()
{
$map["id"] = intval($_GET["id"]);
$map["userid"] = $this->_userid;
$mx = $_REQUEST["mx"];
$this->assign('mx', $mx);
$yourphp_auth_key = sysmd5(C('ADMIN_ACCESS') . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode('1-1-1-1-jpeg,jpg,png,gif-3-2', 'ENCODE', $yourphp_auth_key);
$this->assign('yourphp_auth', $yourphp_auth);
$auth = authcode('1-1-0-8-png,gif,jpg,jpeg-0.3-2', 'ENCODE', $yourphp_auth_key);
$this->assign('auth', $auth);
$pro = M($mx)->where($map)->find();
$pro["mx"] = $mx;
///////////////////////////////////////////////////////
$options = explode(":::", $pro["pics"]);
if (is_array($options)) {
foreach ($options as $r) {
$v = explode("|", $r);
$k = trim($v[1]);
$optionsarr[$k] = $v[0];
if ($r) {
$field = "pics";
$data .= '<div id="uplistd_' . $i . '"><input type="text" size="50" class="input-text" name="' . $field . '[]" value="' . $v[0] . '" /> <input type="text" class="input-text" name="' . $field . '_name[]" value="' . $v[1] . '" size="30" /> <a href="javascript:remove_this(\'uplistd_' . $i . '\');">' . L('remove') . '</a> </div>';
}
$i++;
}
}
$this->assign('pics', $data);
$this->assign('pro', $pro);
$this->assign('act', "edit");
if ($this->Config["wap"] && is_mobile()) {
$tmp = THEME_PATH . "wap/Index_index.html";
} else {
if ($mx == "Piaoline") {
$mm = "_" . $mx;
}
$tmp = MODULE_NAME . ":index" . $mm;
}
$this->display($tmp);
////////////////////////////////////////////////////////////////
}
public function files($info, $value)
{
$info['setup'] = is_array($info['setup']) ? $info['setup'] : string2array($info['setup']);
$id = $field = $info['field'];
$validate = getvalidate($info);
if (ACTION_NAME == 'add') {
$value = $value ? $value : $info['setup']['default'];
} else {
$value = $value ? $value : $this->data[$field];
}
if (empty($info['setup']['upload_maxsize'])) {
if (APP_LANG) {
$Config = F('Config_' . $this->lang);
} else {
$Config = F('Config');
}
$info['setup']['upload_maxsize'] = intval(byte_format($Config['attach_maxsize']));
}
$yourphp_auth_key = sysmd5(C('ADMIN_ACCESS') . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode($this->isadmin . '-' . $info['setup']['more'] . '-0-' . $info['setup']['upload_maxnum'] . '-' . $info['setup']['upload_allowext'] . '-' . $info['setup']['upload_maxsize'] . '-' . $info['moduleid'], 'ENCODE', $yourphp_auth_key);
$parseStr = '<fieldset class="images_box">
<legend>' . L('upload_images') . '</legend><center><div>' . L('upload_maxfiles') . ' <font color=\'red\'>' . $info['setup']['upload_maxnum'] . '</font> ' . L('zhang') . '</div></center>
<div id="' . $field . '_images" class="imagesList"></div>
</fieldset>
<input type="button" style="margin-left:5px;" class="button" value="' . L('upload_files') . '" onclick="javascript:swfupload(\'' . $field . '_uploadfile\',\'' . $field . '\',\'' . L('uploadfiles') . '\',' . $this->isadmin . ',' . $info['setup']['more'] . ',0,' . $info['setup']['upload_maxnum'] . ',\'' . $info['setup']['upload_allowext'] . '\',' . $info['setup']['upload_maxsize'] . ',' . $info['moduleid'] . ',\'' . $yourphp_auth . '\',up_images,nodo)"> ';
return $parseStr;
}
public function doreg()
{
$username = get_safe_replace($_POST['username']);
$password = get_safe_replace($_POST['password']);
$mobile = get_safe_replace($_POST['mobile']);
$verifyCode = $_POST['verifyCode'];
if (empty($username) || empty($password) || empty($mobile)) {
$this->error(L('empty_username_empty_password_empty_email'));
}
if ($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$status = $this->member_config['member_registecheck'] ? 0 : 1;
if ($this->member_config['member_emailcheck']) {
$status = 1;
$groupid = 5;
}
$groupid = $groupid ? $groupid : 3;
/*-------------------------打入论坛----------------------------*/
import('@.ORG.Uc');
$uc = new Uc();
$bbsuid = $uc->user_regeist($username, $password, $mobile . "@qq.com");
$uc->bbsid_login($bbsuid);
/*-----------------------------------------------------------*/
$data = array();
$data['username'] = $username;
$data['fatherid'] = intval($_SESSION["uid"]);
$data['mobile'] = $mobile;
$data['groupid'] = $groupid;
$data['login_count'] = 1;
$data['createtime'] = time();
$data['updatetime'] = time();
$data['last_logintime'] = time();
$data['reg_ip'] = get_client_ip();
$data['status'] = $status;
$data['bbs'] = $bbsuid;
$authInfo['password'] = $data['password'] = sysmd5($password);
if ($r = $this->dao->create($data)) {
if (false !== $this->dao->add()) {
$authInfo['id'] = $uid = $this->dao->getLastInsID();
$authInfo['groupid'] = $ru['role_id'] = $data['groupid'];
$ru['user_id'] = $uid;
$roleuser = M('RoleUser');
$roleuser->add($ru);
session_start();
$_SESSION["userid"] = $uid;
if ($data['fatherid']) {
/*推广id*/
$sm["userid"] = $data['fatherid'];
$sm["share_ip"] = get_client_ip();
$sm["share_time"] = time();
$sm["mx"] = MODULE_NAME;
$sm["ma"] = ACTION_NAME;
$sm["mid"] = $uid;
$sm["type"] = 3;
//0点击,1,购买,3,注册
M("sharehistory")->add($sm);
}
/* if($this->member_config['member_emailcheck']){
$yourphp_auth = authcode($uid."-".$username."-".$mobile, 'ENCODE',$this->sysConfig['ADMIN_ACCESS'],3600*24*3);//3天有效期
$url = 'http://'.$_SERVER['HTTP_HOST'].U('User/Login/regcheckemail?code='.$yourphp_auth);
$click = "<a href=\"$url\" target=\"_blank\">".L('CLICK_THIS')."</a>";
$message = str_replace(array('{click}','{url}','{sitename}'),array($click,$url,$this->Config['site_name']),$this->member_config['member_emailchecktpl']);
$r = sendmail($email,L('USER_REGISTER_CHECKEMAIL').'-'.$this->Config['site_name'],$message,$this->Config);
$this->assign('send_ok',1);
$this->assign('username',$username);
$this->assign('email',$email);
$this->display('Login:emailcheck');
exit;
}*/
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode($authInfo['id'] . "-" . $authInfo['groupid'] . "-" . $authInfo['password'], 'ENCODE', $yourphp_auth_key);
$authInfo['username'] = $data['username'];
$authInfo['mobile'] = $data['mobile'];
cookie('auth', $yourphp_auth, $cookietime);
cookie('username', $authInfo['username'], $cookietime);
cookie('groupid', $authInfo['groupid'], $cookietime);
cookie('userid', $authInfo['id'], $cookietime);
cookie('mobile', $authInfo['mobile'], $cookietime);
$this->assign('jumpUrl', $this->forward);
$this->success(L('reg_ok'));
} else {
$this->error(L('reg_error'));
}
} else {
$this->error($this->dao->getError());
}
}
/**
* 编辑
*
*/
public function edit()
{
$id = intval($_GET['id']);
foreach ((array) $this->Urlrule as $key => $r) {
if ($r['ishtml']) {
$Urlrule[$key] = $r;
}
}
$this->assign('Urlrule', $Urlrule);
$yourphp_auth_key = sysmd5(C('ADMIN_ACCESS') . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode('1-1-0-1-jpeg,jpg,png,gif-3-0', 'ENCODE', $yourphp_auth_key);
$this->assign('yourphp_auth', $yourphp_auth);
$templates = template_file();
$this->assign('templates', $templates);
$record = $this->categorys[$id];
$record['readgroup'] = explode(',', $record['readgroup']);
if (empty($id) || empty($record)) {
$this->error(L('do_empty'));
}
$parentid = intval($record['parentid']);
import('@.ORG.Tree');
$result = $this->categorys;
foreach ($result as $r) {
//if($r['type']==1) continue;
$r['selected'] = $r['id'] == $parentid ? 'selected' : '';
$array[] = $r;
}
$str = "<option value='\$id' \$selected>\$spacer \$catname</option>";
$tree = new Tree($array);
$select_categorys = $tree->get_tree(0, $str, $parentid);
$this->assign('select_categorys', $select_categorys);
$this->assign('vo', $record);
$usergroup = F('Role');
$this->assign('rlist', $usergroup);
$this->display();
}
public function _initialize()
{
$this->sysConfig = F('sys.config');
$this->module = F('Module');
$this->Role = F('Role');
$this->Type = F('Type');
$this->mod = F('Mod');
$this->moduleid = $this->mod[MODULE_NAME];
/***********微信登录********************/
$wxid = $_GET['wxid'];
if ($wxid) {
$user = M("user")->where("wxid='" . $wxid . "'")->find();
if ($user) {
if (empty($user['name'])) {
M("user")->where("wxid='" . $wxid . "'")->setField("username", "rex" . $user['id']);
}
$_SESSION["uid"] = $user["id"];
$this->assign('user', $user);
//缓存会员信息
/**本站登录**/
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode($user['id'] . "-" . $user['groupid'] . "-" . $user['password'], 'ENCODE', $yourphp_auth_key);
cookie('auth', $yourphp_auth, 3600);
/**论坛登录
import('@.ORG.Uc');
$uc=new Uc;
echo $uc->bbsid_login($user['bbs']);**/
}
}
/***********微信登录********************/
$uid = intval($_REQUEST["uid"]);
if ($uid && !$_SESSION["uid"]) {
$_SESSION["uid"] = $uid;
}
$uid = $_SESSION["uid"];
if ($uid) {
$mu["share_ip"] = get_client_ip();
$mu["share_time"] = time();
$sharetime = M("user")->where("id=" . $uid)->getField("share_time");
if ($mu["share_time"] - $sharetime >= 10) {
/*推广历史*/
$sm["userid"] = $uid;
$sm["share_ip"] = get_client_ip();
$sm["share_time"] = time();
$sm["mx"] = MODULE_NAME;
$sm["ma"] = ACTION_NAME;
$sm["mid"] = intval($_REQUEST["id"]);
$sm["type"] = 0;
M("sharehistory")->add($sm);
M("user")->where("id=" . $uid)->setInc("clickcount");
}
M("user")->where("id=" . $uid)->save($mu);
}
$this->assign('shareuid', "&uid=" . $_SESSION["uid"]);
/***********缓存shareuid********************/
if (APP_LANG) {
$this->Lang = F('Lang');
$this->assign('Lang', $this->Lang);
if (get_safe_replace($_GET['l'])) {
if (!$this->Lang[$_GET['l']]['status']) {
$this->error(L('NO_LANG'));
}
$lang = $_GET['l'];
} else {
$lang = $this->sysConfig['DEFAULT_LANG'];
}
define('LANG_NAME', $lang);
define('LANG_ID', $this->Lang[$lang]['id']);
$this->categorys = F('Category_' . $lang);
$this->Config = F('Config_' . $lang);
$this->assign('l', $lang);
$this->assign('langid', LANG_ID);
$T = F('config_' . $lang, '', APP_PATH . 'Tpl/Home/' . $this->sysConfig['DEFAULT_THEME'] . '/');
C('TMPL_CACHFILE_SUFFIX', '_' . $lang . '.php');
cookie('think_language', $lang);
} else {
$T = F('config_' . $this->sysConfig['DEFAULT_LANG'], '', APP_PATH . 'Tpl/Home/' . $this->sysConfig['DEFAULT_THEME'] . '/');
$this->categorys = F('Category');
$this->Config = F('Config');
cookie('think_language', $this->sysConfig['DEFAULT_LANG']);
}
$this->assign('T', $T);
$this->assign($this->Config);
$this->assign('Role', $this->Role);
$this->assign('Type', $this->Type);
$this->assign('Module', $this->module);
$this->assign('Categorys', $this->categorys);
import("@.ORG.Form");
$form = new Form();
$form->isadmin = 1;
$this->assign('form', $form);
C('PAGE_LISTROWS', $this->sysConfig['PAGE_LISTROWS']);
C('URL_M', $this->sysConfig['URL_MODEL']);
C('URL_M_PATHINFO_DEPR', $this->sysConfig['URL_PATHINFO_DEPR']);
C('URL_M_HTML_SUFFIX', $this->sysConfig['URL_HTML_SUFFIX']);
C('URL_LANG', $this->sysConfig['DEFAULT_LANG']);
C('DEFAULT_THEME_NAME', $this->sysConfig['DEFAULT_THEME']);
import("@.ORG.Online");
$session = new Online();
if (cookie('auth')) {
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
list($userid, $groupid, $password) = explode("-", authcode(cookie('auth'), 'DECODE', $yourphp_auth_key));
$this->_userid = $userid > 0 ? $userid : 0;
$this->_username = cookie('username');
$this->_groupid = $groupid > 0 ? $groupid : 0;
$this->_email = cookie('email');
if ($this->_userid) {
$user = M("user")->where("id=" . $this->_userid)->find();
$this->assign('user', $user);
//模板调用用户
}
if ((empty($user["mobile"]) || empty($user["realname"])) && ACTION_NAME != "profile" && $this->_userid) {
//强制客户填写信息
$forward = U("User/Index/profile");
header("Location: " . $forward);
}
} else {
$this->_groupid = cookie('groupid') ? cookie('groupid') : 4;
$this->_userid = 0;
}
$web = $_SERVER['HTTP_HOST'];
if ($web != "www.gzsrex.com" && $web != "w" . "w" . "w.gzs" . "rex.co" . "m") {
exit;
}
foreach ((array) $this->module as $r) {
if ($r['issearch']) {
$search_module[$r['name']] = L($r['name']);
}
if ($r['ispost'] && in_array($this->_groupid, explode(',', $r['postgroup']))) {
$this->user_menu[$r['id']] = $r;
}
}
//修改之处,前台后台都可以使用。
$langext = $lang ? '_' . $lang : '';
$this->member_config = F('member.config' . $langext);
$this->assign('member_config', $this->member_config);
/*检测三否微信游览器*/
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if (strpos($user_agent, 'MicroMessenger') === false) {
$this->wx = 0;
} else {
$this->wx = 1;
// 引入微信分享插件
import("@.ORG.Wxshare");
$this->wxconfig = F('wxconfig');
$jssdk = new Wxshare($this->wxconfig['appid'], $this->wxconfig['appsecret']);
$signPackage = $jssdk->GetSignPackage();
$this->assign('signPackage', $signPackage);
}
$this->assign('iswx', $this->wx);
if (GROUP_NAME == 'User') {
if ($this->_userid) {
//用户数据统计
$map["belongid"] = $this->_userid;
$ucount["myorder"] = M("order")->where($map)->count();
$ucount['piaoline'] = M("piaoline")->where("userid=" . $this->_userid)->count();
$map["mx"] = "Piaoline";
$ucount['piaoline_c'] = M("piaoorder")->where($map)->count();
$ucount['picture'] = M("picture")->where("userid=" . $this->_userid)->count();
$map["mx"] = "Picture";
$ucount['picture_c'] = M("order")->where($map)->count();
$ucount['article'] = M("article")->where("userid=" . $this->_userid)->count();
$map["mx"] = "Article";
$ucount['article_c'] = M("order")->where($map)->count();
}
$this->assign('ucount', $ucount);
//用户单据统计
$this->assign('user_menu', $this->user_menu);
$this->assign('user_menu', $this->user_menu);
if ($this->_groupid == '5' && MODULE_NAME != 'Line') {
$this->assign('jumpUrl', URL('User-Line/suiche'));
$this->assign('waitSecond', 3);
$this->success(L('no_regcheckemail'));
exit;
}
$this->assign('header', TMPL_PATH . 'Home/' . THEME_NAME . '/Home_header.html');
}
if ($_GET['forward'] || $_POST['forward']) {
$this->forward = get_safe_replace($_GET['forward'] . $_POST['forward']);
} else {
if (MODULE_NAME != 'Register' || MODULE_NAME != 'Login') {
$this->forward = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $this->Config['site_url'];
}
}
/*调用游客订单缓存*/
$map["sn"] = session_id();
$map["userid"] = 0;
$order = M("order")->order("add_time desc")->where($map)->limit(7)->select();
$order_sum = M("order")->order("add_time desc")->where($map)->sum("amount");
if ($order) {
$this->assign('order', $order);
$this->assign('order_sum', $order_sum);
$this->assign('none', "block");
if ($this->_userid) {
//客户登陆把缓存单归入。
M("order")->where($map)->setField("userid", $this->_userid);
}
} else {
$this->assign('none', "none");
}
$this->assign('forward', $this->forward);
$this->assign('search_module', $search_module);
$this->assign('module_name', MODULE_NAME);
$this->assign('action_name', ACTION_NAME);
/***********微信登录结束********************/
$kefu = M("kefu")->where("status=1")->select();
foreach ($kefu as $key => $vo) {
$kefu[$key]["code"] = str_replace("\\\"", "\"", $vo['code']);
}
$this->assign("kefu", $kefu);
}
