header('location:' . $url);
exit;
}
if (empty($_sys) && ($html = template('login', $temparr))) {
mexit($html);
} else {
include_once M_ROOT . "./include/cheader.inc.php";
_header(lang('memberlogin'));
$cookiedef = '1m';
$cookiearr = array('0' => lang('inbrowser'), '1h' => '1' . lang('hours'), '1d' => '1' . lang('days'), '1w' => '1' . lang('weeks'), '1m' => '1' . lang('month'), '-1' => lang('saveforever'));
echo '<form name="cmslogin" id="cmslogin" method="post" action="?forward=' . rawurlencode($forward) . ($infloat ? "&infloat={$infloat}&handlekey={$handlekey}" : '') . '" onsubmit="return checklogin(this)">';
tabheader_e();
echo '<tr class="header"><td colspan="2"><b>' . lang('memberlogin') . ' >><a href="tools/lostpwd.php"' . (empty($infloat) ? '' : " onclick=\"return floatwin('open_{$handlekey}',this)\"") . '>' . lang('getpwd') . '</a></b></td></tr>';
trbasic(lang('membercname'), 'username');
trbasic(lang('loginpwd'), 'password', '', 'password');
tr_regcode('login');
trbasic('Cookie', 'expires', makeoption($cookiearr, $cookiedef), 'select');
trhidden('client_t', '');
$infloat && trhidden('infloat', 1);
tabfooter('cmslogin', lang('login'));
mexit('</div></body></html>');
}
}
} else {
switch (empty($expires) ? '0' : strtolower($expires)) {
case '-1':
$expires = 3650 * 86400;
break;
case '1m':
$expires = 30 * 86400;
break;
}
if (!in_array('fsalecp', $citems) && !in_array('fsalecp', $additems)) {
trbasic(lang('annex_price'), 'archiveadd[fsalecp]', makeoption(array('' => lang('freesale')) + $vcps['fsale']), 'select');
}
if (!in_array('ucid', $citems) && !in_array('ucid', $additems)) {
//关于文档的个人分类
$uclasses = loaduclasses($curuser->info['mid']);
$ucidsarr = array(0 => lang('p_choose'));
foreach ($uclasses as $k => $v) {
if (!$v['cuid']) {
$ucidsarr[$k] = $v['title'];
}
}
trbasic(lang('mycoclass'), 'archiveadd[ucid]', makeoption($ucidsarr), 'select');
}
$submitstr .= tr_regcode('archive');
tabfooter('barchiveadd', lang('add'));
check_submit_func($submitstr);
_footer();
} else {
include_once M_ROOT . './include/common.fun.php';
parse_str($_SERVER['QUERY_STRING'], $_da);
_aenter($_da, 1);
@extract($btags);
extract($_da, EXTR_OVERWRITE);
tpl_refresh($tplname);
@(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
$_content = ob_get_contents();
ob_clean();
mexit($_content);
}
<?php
!defined('M_COM') && exit('No Permission');
if (!submitcheck('bmemberpwd')) {
tabheader(lang('memberpwdsetting'), 'memberpwd', '?action=memberpwd', 2, 0, 1);
trbasic(lang('membercname'), '', $curuser->info['mname'], '');
trbasic(lang('oldpwd'), 'opassword', '', 'password');
trbasic(lang('newpwd'), 'npassword', '', 'password');
trbasic(lang('repwd'), 'npassword2', '', 'password');
$submitstr = '';
$submitstr .= makesubmitstr('opassword', 1, 0, 0, 15);
$submitstr .= makesubmitstr('npassword', 1, 0, 0, 15);
$submitstr .= makesubmitstr('npassword2', 1, 0, 0, 15);
$submitstr .= tr_regcode('login');
tabfooter('bmemberpwd');
check_submit_func($submitstr);
} else {
if (!regcode_pass('login', empty($regcode) ? '' : trim($regcode))) {
mcmessage('regcodeerror', '?action=memberpwd');
}
$opassword = trim($opassword);
$npassword = trim($npassword);
$npassword2 = trim($npassword2);
if (md5(md5($opassword)) != $curuser->info['password']) {
mcmessage('oldpasserror', '?action=memberpwd');
}
if ($npassword != $npassword2) {
mcmessage('notsamepwd', '?action=memberpwd');
}
if (!$npassword || strlen($npassword) > 15 || $npassword != addslashes($npassword)) {
mcmessage('memberpwdillegal', '?action=memberpwd');
for ($i = 0; $i < $l; $i++) {
$urlsarr[$boxs[$i]] = array(lang($boxl[$i]) . ($new[$boxs[$i]] ? '(' . $new[$boxs[$i]] . ')' : ''), "?action=pmbox&box={$boxs[$i]}&page={$page}");
}
murl_nav($urlsarr, 'pmbox' == $action ? $box : 'pmsend', 6);
if ($action == 'pmsend') {
if (!submitcheck('bpmsend')) {
//发送框
tabheader(lang('sendpm'), 'pmsend', "?action=pmsend&box={$box}&page={$page}", 2, 0, 1);
trbasic(lang('pmtitle'), 'pmnew[title]', '', 'btext');
trbasic(lang('pmtonames'), 'pmnew[tonames]', empty($tonames) ? '' : $tonames, 'btext');
trbasic(lang('pmcontent'), 'pmnew[content]', '', 'btextarea');
$submitstr = '';
// $submitstr .= makesubmitstr('pmnew[title]',1,0,0,80);
$submitstr .= makesubmitstr('pmnew[tonames]', 1, 0, 0, 100);
$submitstr .= makesubmitstr('pmnew[content]', 1, 0, 0, 1000);
$submitstr .= tr_regcode('pm');
tabfooter('bpmsend');
check_submit_func($submitstr);
} else {
//发送短信
if (!regcode_pass('pm', empty($regcode) ? '' : trim($regcode))) {
mcmessage(lang('regcodeerror'), M_REFERER);
}
$pmnew['title'] = trim($pmnew['title']);
$pmnew['tonames'] = trim($pmnew['tonames']);
$pmnew['content'] = trim($pmnew['content']);
if (empty($pmnew['content']) || empty($pmnew['tonames'])) {
mcmessage(lang('pmdatamiss'), M_REFERER);
}
$tos = array_filter(explode(',', $pmnew['tonames']));
$count = 0;
}
unset($a_field);
tabfooter('newcommu');
check_submit_func($submitstr);
} else {
//修改
if (!($reportold = $db->fetch_one("SELECT * FROM {$tblprefix}mreports WHERE mid='{$mid}' AND fromid='{$memberid}' AND cid='{$cid}'"))) {
mcmessage('choosereport', $forward);
}
if (!submitcheck('breportdetail')) {
tabheader($mcommu['cname'] . ' - ' . lang('basemessage'), 'reportdetail', "?action=mreport&mid={$mid}&cid={$cid}{$forwardstr}", 2, 1, 1);
$submitstr = '';
trbasic(lang('lookreportobject'), '', "<a href=\"{$mspaceurl}index.php?mid={$mid}\" target=\"_blank\">>> " . $reportold['mname'] . "</a>", '');
trbasic(lang('addtime'), '', date('Y-m-d H:i', $reportold['createdate']), '');
tabfooter();
$submitstr .= tr_regcode('report');
$a_field = new cls_field();
tabheader($mcommu['cname'] . ' - ' . lang('submitmessage'));
foreach ($mbfields as $k => $v) {
if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $fieldsarr)) {
$a_field->init();
$a_field->field = $v;
$a_field->oldvalue = isset($reportold[$k]) ? $reportold[$k] : '';
$a_field->trfield('reportnew', '', 'mb');
$submitstr .= $a_field->submitstr;
}
}
unset($a_field);
tabfooter('breportdetail', '', strbutton('', 'goback', "redirect('{$forward}');"));
check_submit_func($submitstr);
} else {
exit;
}
if (!($tplname = @$mchannel['addtpl'])) {
//系统自带的的模板
include_once M_ROOT . './include/cheader.inc.php';
load_cache('mtconfigs');
_header(lang('register'));
echo '<script type="text/javascript" src="include/js/register.js"></script>';
$mchannel = $mchannels[$mchid];
$mfields = read_cache('mfields', $mchid);
foreach (array('additems') as $var) {
${$var} = !empty($mchannel[$var]) ? explode(',', $mchannel[$var]) : array();
}
tabheader(lang('newreg'), 'cmsregister', "?mchid={$mchid}&forward=" . rawurlencode($forward), 2, 1, 1);
$muststr = '<span style="color:red">*</span>';
$submitstr = tr_regcode('register') ? '' : "passinfo['code']=1;\n";
trbasic($muststr . lang('membercname'), 'mname');
trbasic($muststr . lang('password'), 'password', '', 'password');
trbasic($muststr . lang('repwd'), 'password2', '', 'password');
trbasic($muststr . lang('email'), 'email');
$submitstr = "function checkChannel(form){\nvar i = true;\n{$submitstr}";
if (in_array('mtcid', $additems)) {
trbasic(lang('spacetemplateproject'), 'mtcid', makeoption(mtcidsarr($mchid)), 'select');
}
foreach ($grouptypes as $k => $v) {
if (!$v['mode'] && !in_array($mchid, explode(',', $v['mchids'])) && in_array("grouptype{$k}", $additems)) {
trbasic($v['cname'], 'grouptype' . $k, makeoption(ugidsarr($k, $mchid)), 'select');
}
}
$a_field = new cls_field();
foreach ($mfields as $k => $field) {
$a_field = new cls_field();
foreach ($rfields as $k => $v) {
if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $citems)) {
$a_field->init();
$a_field->field = $v;
if (isset($oldmsg[$k])) {
$a_field->oldvalue = $oldmsg[$k];
} else {
$a_field->isadd = 1;
}
$a_field->trfield('communew', '', 'r');
$submitstr .= $a_field->submitstr;
}
}
unset($a_field);
$submitstr .= tr_regcode('reply');
tabfooter('newcommu');
check_submit_func($submitstr);
_footer();
} else {
$_da =& $arc->archive;
arc_parse($_da);
_aenter($_da, 1);
@extract($btags);
extract($_da, EXTR_OVERWRITE);
tpl_refresh($tplname);
@(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
$_content = ob_get_contents();
ob_clean();
mexit($_content);
}
$amount = empty($amount) ? '' : max(0, round($amount, 2));
if (!($oldmsg = $db->fetch_one("SELECT * FROM {$tblprefix}pays WHERE mid='{$memberid}' ORDER BY pid DESC LIMIT 0,1"))) {
$oldmsg = array();
}
tabheader(lang('onlinepay'), 'paynew', '?action=payonline&deal=confirm', 2, 0, 1);
trbasic(lang('payinterface'), 'paynew[poid]', makeoption($poids), 'select');
trbasic(lang('payamount'), 'paynew[amount]', $amount, 'text', lang('payamountrmbi'));
trbasic(lang('contactorname'), 'paynew[truename]', empty($oldmsg['truename']) ? '' : $oldmsg['truename'], 'btext');
trbasic(lang('contacttel'), 'paynew[telephone]', empty($oldmsg['telephone']) ? '' : $oldmsg['telephone'], 'btext');
trbasic(lang('contactemail'), 'paynew[email]', empty($oldmsg['email']) ? '' : $oldmsg['email'], 'btext');
$submitstr = '';
$submitstr .= makesubmitstr('paynew[amount]', 1, 'number', 0, 15);
$submitstr .= makesubmitstr('paynew[truename]', 0, 0, 0, 80);
$submitstr .= makesubmitstr('paynew[telephone]', 0, 0, 0, 30);
$submitstr .= makesubmitstr('paynew[email]', 0, 'email', 0, 100);
$submitstr .= tr_regcode('payonline');
tabfooter('submit', lang('continue'));
check_submit_func($submitstr);
} elseif ($deal == 'confirm') {
if (!regcode_pass('payonline', empty($regcode) ? '' : trim($regcode))) {
mcmessage('regcodeerror', '?action=payonline');
}
$paynew['amount'] = max(0, round(floatval($paynew['amount']), 2));
empty($paynew['amount']) && mcmessage('pinputpayamount', '?action=payonline');
array_key_exists($paynew['poid'], $poids) || mcmessage('errorpaymode', '?action=payonline');
/*
$paynew['handfee'] = 0;
if(!empty($payonline['percent'])){
$paynew['handfee'] = round($paynew['amount'] * $payonline['percent'] / 100,2);
}
$paynew['total'] = $paynew['amount'] + $paynew['handfee'];*/
include_once M_ROOT . './include/ucenter/uc.inc.php';
}
$npassword = md5(md5($npassword));
$db->query("UPDATE {$tblprefix}members SET password='******' WHERE mid='{$mid}'");
$db->query("UPDATE {$tblprefix}members_sub SET confirmstr='' WHERE mid='{$mid}'");
mcmessage('refindpwdsucceed');
}
} else {
if (!submitcheck('blostpwd')) {
tabheader(lang('membergetpwd'), 'lostpwd', "?{$forwardstr}", 2, 0, 1);
trbasic(lang('membercname'), 'mname');
trbasic(lang('memberemail'), 'email');
$submitstr = '';
$submitstr .= makesubmitstr('mname', 1, 0, 0, 15);
$submitstr .= makesubmitstr('email', 1, 'email', 0, 80);
$submitstr .= tr_regcode('register');
tabfooter('blostpwd');
check_submit_func($submitstr);
} else {
if (!regcode_pass('register', empty($regcode) ? '' : trim($regcode))) {
mcmessage('safecodeerr');
}
$mname = trim($mname);
$email = trim($email);
if (strlen($mname) < 3 || strlen($mname) > 15) {
mcmessage('membernamelenillegal');
}
$guestexp = '\\xA1\\xA1|^Guest|^\\xD3\\xCE\\xBF\\xCD|\\xB9\\x43\\xAB\\xC8';
if (preg_match("/^\\s*\$|^c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&]|{$guestexp}/is", $mname)) {
mcmessage('membercnameillegal');
}
($arc->archive['closed'] || $arc->archive['finishdate'] < $timestamp) && message('questionclosed');
switch_cache($arc->archive['sid']);
$sid = $arc->archive['sid'];
if_siteclosed($sid);
cache_merge($commu, 'commu', $sid);
if (!($tplname = @$commu['addtpl'])) {
load_cache('mlangs');
include_once M_ROOT . "./include/admin.fun.php";
include_once M_ROOT . "./include/adminm.fun.php";
include_once M_ROOT . "./include/cheader.inc.php";
_header();
tabheader(lang('add') . $commu['cname'] . ' ' . "<a href=\"" . view_arcurl($arc->archive) . "\" target=\"_blank\">>> " . $arc->archive['subject'] . "</a>", 'answeradd', "?aid={$aid}{$forwardstr}", 2, 1, 1);
$submitstr = '';
trbasic(lang('answer0'), 'communew[answer]', '', 'textarea');
$submitstr .= makesubmitstr('communew[answer]', 1, 0, $commu['setting']['minlength'], $commu['setting']['maxlength'], 'multitext');
$submitstr .= tr_regcode('answer');
tabfooter('newcommu');
check_submit_func($submitstr);
} else {
$_da =& $arc->archive;
arc_parse($_da);
_aenter($_da, 1);
@extract($btags);
extract($_da, EXTR_OVERWRITE);
tpl_refresh($tplname);
@(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
$_content = ob_get_contents();
ob_clean();
mexit($_content);
}
} else {
$a_field = new cls_field();
foreach ($cfields as $k => $v) {
if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $citems)) {
$a_field->init();
$a_field->field = $v;
if (isset($oldmsg[$k])) {
$a_field->oldvalue = $oldmsg[$k];
} else {
$a_field->isadd = 1;
}
$a_field->trfield('communew', '', 'c');
$submitstr .= $a_field->submitstr;
}
}
unset($a_field);
$submitstr .= tr_regcode('comment');
tabfooter('newcommu');
check_submit_func($submitstr);
_footer();
} else {
$_da =& $arc->archive;
arc_parse($_da);
_aenter($_da, 1);
@extract($btags);
extract($_da, EXTR_OVERWRITE);
tpl_refresh($tplname);
@(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
$_content = ob_get_contents();
ob_clean();
mexit($_content);
}
tabheader($mcommu['cname'] . ' - ' . lang('needmessage'));
foreach ($mlfields as $k => $v) {
if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $fieldsarr)) {
trbasic($v['cname'], '', $flinkold[$k], '');
}
}
unset($a_field);
tabfooter('', '', strbutton('', 'goback', "redirect('{$forward}');"));
} elseif (!submitcheck('bflinkdetail')) {
tabheader($mcommu['cname'] . ' - ' . lang('basemessage'), 'flinkdetail', "?action=mflink&mid={$mid}&cid={$cid}{$forwardstr}", 2, 1, 1);
$submitstr = '';
trbasic(lang('looklinkobject'), '', "<a href=\"{$mspaceurl}index.php?mid={$mid}\" target=\"_blank\">>> " . $flinkold['mname'] . "</a>", '');
trbasic(lang('checkstate'), '', empty($flinkold['checked']) ? lang('nocheck') : lang('checked'), '');
trbasic(lang('addtime'), '', date('Y-m-d H:i', $flinkold['createdate']), '');
tabfooter();
$submitstr .= tr_regcode('link');
$a_field = new cls_field();
tabheader($mcommu['cname'] . ' - ' . lang('submitmessage'));
foreach ($mlfields as $k => $v) {
if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $fieldsarr)) {
$a_field->init();
$a_field->field = $v;
$a_field->oldvalue = isset($flinkold[$k]) ? $flinkold[$k] : '';
$a_field->trfield('flinknew', '', 'ml');
$submitstr .= $a_field->submitstr;
}
}
unset($a_field);
tabfooter('bflinkdetail', '', strbutton('', 'goback', "redirect('{$forward}');"));
check_submit_func($submitstr);
} else {
