private function _updatePass($res, $oldpassword, $newpassword)
 {
     global $_G;
     $oldpassword = $oldpassword ? urldecode($oldpassword) : '';
     $newpassword = $newpassword ? urldecode($newpassword) : '';
     if (!empty($newpassword) && $newpassword != addslashes($newpassword)) {
         // 抱歉,密码空或包含非法字符:新密码
         return $this->makeErrorInfo($res, lang('message', 'profile_passwd_illegal'));
     }
     loaducenter();
     $ucresult = uc_user_edit(addslashes($_G['username']), $oldpassword, $newpassword);
     if ($ucresult == -1) {
         // 原密码不正确,您不能修改密码或 Email 或安全提问
         return $this->makeErrorInfo($res, lang('message', 'profile_passwd_wrong'));
     }
     $setarr['password'] = md5(random(10));
     C::t('common_member')->update($_G['uid'], $setarr);
     $secretStr = AppbymeUserAccess::getSecretStr($_G['uid'], $newpassword);
     $newAccessSecret = $secretStr['accessSecret'];
     $data = array('user_access_secret' => $newAccessSecret);
     $result = AppbymeUserAccess::updateUserAccess($data, $_G['uid']);
     // if (!$result) {
     //     return $this->makeErrorInfo($res, 'user_info_edit_error');
     // }
     $res['token'] = $secretStr['accessToken'];
     $res['secret'] = $newAccessSecret;
     return $res;
 }
Example #2
0
 function save_action()
 {
     if ($_POST['submit']) {
         $info = $this->obj->DB_select_once("member", "`uid`='" . $this->uid . "'", "`salt`,`password`,`name_repeat`,`username`");
         if (is_array($info)) {
             $oldpass = md5(md5($_POST['oldpassword']) . $info['salt']);
             if ($info['password'] != $oldpass) {
                 $this->ACT_layer_msg("原始密码错误!", 8, "index.php?c=vs");
             }
             if ($this->config['sy_uc_type'] == "uc_center" && $info['name_repeat'] != "1") {
                 $this->uc_open();
                 $ucresult = uc_user_edit($info['username'], $_POST['oldpassword'], $_POST['password'], "", "1");
                 if ($ucresult == -1) {
                     $this->ACT_layer_msg("原始密码错误!", 8, "index.php?c=vs");
                 }
             } else {
                 $salt = substr(uniqid(rand()), -6);
                 $pass2 = md5(md5($_POST['password']) . $salt);
                 $data['password'] = $pass2;
                 $data['salt'] = $salt;
                 $this->obj->update_once("member", $data, array("uid" => $this->uid));
             }
             $this->unset_cookie();
             $this->obj->member_log("修改密码", 8);
             $this->ACT_layer_msg("密码修改成功,请重新登录!", 9, $this->config['sy_weburl'] . "/index.php?m=login&usertype=" . $_POST['usertype']);
         }
     }
 }
Example #3
0
 public function changePassword($userId, $oldPassword, $newPassword)
 {
     $this->initDiscuzApi();
     $user = uc_get_user($userId, 1);
     $result = uc_user_edit($user[1], null, $newPassword, null, 1);
     return $result == 1;
 }
Example #4
0
 static function user_edit($username, $oldpwd, $newpwd, $email, $nocheckold = 1, $uid = '')
 {
     global $kekezu;
     if ($kekezu->_sys_config['user_intergration'] == 1) {
         return 1;
     } elseif ($kekezu->_sys_config['user_intergration'] == 2) {
         require_once S_ROOT . '/uc_client/client.php';
         return uc_user_edit($username, $oldpwd, $newpwd, $email, $nocheckold);
     }
 }
Example #5
0
File: uc.php Project: noikiy/mdwp
function zuitu_uc_updatepw($email, $username, $password) {
	if (!function_exists('uc_user_login')) return true;
	if (!defined('UC_API')) return true;
	if (strtolower(UC_CHARSET)!='utf-8') { 
		$username = mb_convert_encoding($username, UC_CHARSET, 'UTF-8'); 
		$email = mb_convert_encoding($email, UC_CHARSET, 'UTF-8'); 
	}
	$rid = uc_user_edit($username, $oldpw, $password, $email, 1);
	DB::Query('SET NAMES UTF8;');
	return $rid >= 0;
}
Example #6
0
 function edit($uid, $oldname, $info)
 {
     require_once R_P . 'uc_client/uc_client.php';
     $errmsg = null;
     $errcode = array('-1' => 'illegal_username', '-2' => 'username_same', '-3' => 'illegal_email', '-4' => 'reg_email_have_same');
     $ucstatus = uc_user_edit($uid, $oldname, $info['username'], $info['password'], $info['email']);
     if ($ucstatus < 0) {
         $errmsg = $errcode[$ucstatus];
     }
     if ($ucstatus == 2) {
         $this->alterName($uid, $oldname, $info['username']);
     }
     return array($ucstatus, $errmsg);
 }
Example #7
0
 public function edit($uid, $old_password, $data, $force = false)
 {
     $this->_ucenter_init();
     $new_pwd = $new_email = '';
     if (isset($data['password'])) {
         $new_pwd = $data['password'];
     }
     if (isset($data['email'])) {
         $new_email = $data['email'];
     }
     $uc_uid = D('user')->where(array('id' => $uid))->getField('uc_uid');
     $info = $this->get($uc_uid);
     if (empty($info)) {
         $this->_error('no_such_user');
         return false;
     }
     $result = uc_user_edit($info['username'], $old_password, $new_pwd, $new_email, $force);
     if ($result != 1) {
         switch ($result) {
             case 0:
             case -7:
                 break;
             case -1:
                 $this->_error = L('auth_failed');
                 break;
             case -4:
                 $this->_error = L('email_error');
                 break;
             case -5:
                 $this->_error = L('blocked_email');
                 break;
             case -6:
                 $this->_error = L('email_exists');
                 break;
             case -8:
                 $this->_error = L('user_protected');
                 break;
             default:
                 $this->_error = L('unknow_error');
                 break;
         }
         return false;
     }
     if (isset($data['password'])) {
         $data['password'] = md5($data['password']);
     }
     return $data;
 }
Example #8
0
 function editpw_action()
 {
     if ($_POST['username'] && $_POST['code'] && $_POST['pass']) {
         if (!is_numeric($_POST['code']) || !$this->CheckRegUser($_POST['username'])) {
             $this->obj->ACT_msg($this->url("index", "forgetpw", "1"), $msg = "无效的信息!", $st = 2, $tm = 3);
             exit;
         }
         $password = $_POST['pass'];
         $cert = $this->obj->DB_select_once("company_cert", "`type`='5' AND `check2`='" . $_POST['username'] . "' AND `check`='" . $_POST['code'] . "' order by id desc", "`uid`,`check2`,`ctime`");
         if (!$cert['uid']) {
             $this->obj->ACT_msg($this->url("index", "forgetpw", "1"), $msg = "验证码填写错误!", $st = 2, $tm = 3);
             exit;
         } elseif (time() - $cert['ctime'] > 1200) {
             $this->obj->ACT_msg($this->url("index", "forgetpw", "1"), $msg = "验证码已失效,请重新获取!", $st = 2, $tm = 3);
             exit;
         }
         $info = $this->obj->DB_select_once("member", "`uid`='" . $cert['uid'] . "'", "`email`");
         if (is_array($info)) {
             $info['username'] = $cert['check2'];
             if ($this->config[sy_uc_type] == "uc_center" && $info['name_repeat'] != "1") {
                 $this->obj->uc_open();
                 uc_user_edit($info[username], "", $password, $info['email'], "0");
             } else {
                 $salt = substr(uniqid(rand()), -6);
                 $pass2 = md5(md5($password) . $salt);
                 $value = "`password`='{$pass2}',`salt`='{$salt}'";
                 $this->obj->DB_update_all("member", $value, "`uid`='" . $cert['uid'] . "'");
             }
             $this->obj->ACT_msg($this->url("index", "login", "1"), $msg = "密码修改成功!", $st = 1, $tm = 3);
         } else {
             $this->obj->ACT_msg($this->url("index", "forgetpw", "1"), $msg = "对不起!没有该用户!", $st = 2, $tm = 3);
         }
     } else {
         $this->obj->ACT_msg($this->url("index", "forgetpw", "1"), $msg = "请完整填写信息!", $st = 2, $tm = 3);
         exit;
     }
 }
Example #9
0
         showmessage('profile_passwd_empty');
     }
 }
 if ($_G['gp_questionidnew'] === '') {
     $_G['gp_questionidnew'] = $_G['gp_answernew'] = '';
 } else {
     $secquesnew = $_G['gp_questionidnew'] > 0 ? random(8) : '';
 }
 if (!empty($_G['gp_newpassword']) && $_G['gp_newpassword'] != addslashes($_G['gp_newpassword'])) {
     showmessage('profile_passwd_illegal', '', array(), array('return' => true));
 }
 if (!empty($_G['gp_newpassword']) && $_G['gp_newpassword'] != $_G['gp_newpassword2']) {
     showmessage('profile_passwd_notmatch', '', array(), array('return' => true));
 }
 loaducenter();
 $ucresult = uc_user_edit($_G['username'], $_G['gp_oldpassword'], $_G['gp_newpassword'], $emailnew != $_G['member']['email'] ? $emailnew : '', $ignorepassword, $_G['gp_questionidnew'], $_G['gp_answernew']);
 if ($ucresult == -1) {
     showmessage('profile_passwd_wrong', '', array(), array('return' => true));
 } elseif ($ucresult == -4) {
     showmessage('profile_email_illegal', '', array(), array('return' => true));
 } elseif ($ucresult == -5) {
     showmessage('profile_email_domain_illegal', '', array(), array('return' => true));
 } elseif ($ucresult == -6) {
     showmessage('profile_email_duplicate', '', array(), array('return' => true));
 }
 if (!empty($_G['gp_newpassword']) || $secquesnew) {
     $setarr['password'] = md5(random(10));
 }
 if ($_G['setting']['connect']['allow']) {
     DB::update('common_member_connect', array('conisregister' => 0), array('uid' => $_G['uid']));
 }
Example #10
0
    $arr['password'] = trim($_POST['password']) ? trim($_POST['password']) : exit('请输入新密码!');
    if ($arr['password'] != trim($_POST['password1'])) {
        exit('两次输入密码不相同,请重新输入!');
    }
    //edit_password()修改密码的方法
    $info = edit_password($arr);
    if ($info == -1) {
        exit('旧密码输入错误,请重新输入!');
    }
    if ($info == $_SESSION['username']) {
        //发送邮件
        $mailconfig = get_cache('mailconfig');
        if ($mailconfig['set_editpwd'] == "1" && $user['email_audit'] == "1") {
            dfopen($_CFG['site_domain'] . $_CFG['site_dir'] . "plus/asyn_mail.php?uid=" . $_SESSION['uid'] . "&key=" . asyn_userkey($_SESSION['uid']) . "&act=set_editpwd&newpassword="******"1" && $sms['set_editpwd'] == "1" && $user['mobile_audit'] == "1") {
            dfopen($_CFG['site_domain'] . $_CFG['site_dir'] . "plus/asyn_sms.php?uid=" . $_SESSION['uid'] . "&key=" . asyn_userkey($_SESSION['uid']) . "&act=set_editpwd&newpassword="******"修改密码");
        exit('密码修改成功!');
    }
}
Example #11
0
    $_POST['uid'] = intval($_POST['uid']);
    $_POST['id'] = trim($_POST['id']);
    $_POST['email'] = trim($_POST['email']);
    $_POST['newpasswd'] = trim($_POST['newpasswd']);
    $_POST['newpasswd_check'] = trim($_POST['newpasswd_check']);
    if ($_POST['newpasswd'] != $_POST['newpasswd_check']) {
        showmessage('password_inconsistency', geturl('action/login'));
    }
    $query = $_SGLOBAL['db']->query("SELECT uid, username, authstr, groupid FROM " . tname('members') . " WHERE uid='{$_POST['uid']}'");
    $member = $_SGLOBAL['db']->fetch_array($query);
    // 管理员组, 有站点设置权限, 受保护用户不可找回密码
    if ($member['groupid'] == 1 && checkperm('managesettings', $member['groupid']) || $member['flag']) {
        showmessage('getpasswd_account_invalid', geturl('action/login'));
    }
    checkuser($_POST['id'], $member['authstr']);
    uc_user_edit(addslashes($member['username']), $_POST['newpasswd'], $_POST['newpasswd'], $_POST['email'], 1);
    updatetable('members', array('authstr' => ''), array('uid' => $_POST['uid']));
    showmessage('getpasswd_succeed', geturl('action/login'));
}
$_GET['op'] = trim($_GET['op']);
if ($_GET['op'] == 'reset') {
    $_GET['uid'] = intval($_GET['uid']);
    $_GET['id'] = trim($_GET['id']);
    $query = $_SGLOBAL['db']->query("SELECT uid, username, authstr FROM " . tname('members') . " WHERE uid='{$_GET['uid']}'");
    $member = $_SGLOBAL['db']->fetch_array($query);
    if (empty($member)) {
        showmessage('user_does_not_exist', geturl('action/login'));
    }
    $user = uc_get_user($member['username']);
    checkuser($_GET['id'], $member['authstr']);
}
Example #12
0
                    $c_upload->rollback();
                    amessage($a_field->error, M_REFERER);
                }
                $actuser->updatefield($k, $a_field->newvalue, $v['tbl']);
                if ($arr = multi_val_arr($a_field->newvalue, $v)) {
                    foreach ($arr as $x => $y) {
                        $actuser->updatefield($k . '_' . $x, $y, $v['tbl']);
                    }
                }
            }
        }
        unset($a_field);
        if ($enable_uc && $actuser->info['password'] != $minfosnew['password']) {
            require_once M_ROOT . './include/ucenter/config.inc.php';
            require_once M_ROOT . './uc_client/client.php';
            if (1 != uc_user_edit($actuser->info['mname'], '', $minfosnew['password'], '', 1)) {
                amessage('mempassmodfai');
            }
        }
        $actuser->updatedb();
        $c_upload->closure(1, $mid, 'members');
        $c_upload->saveuptotal(1);
        adminlog(lang('detail_edit_member'));
        amessage('membermodifyfinish', M_REFERER);
    }
} elseif ($action == 'grouptype' && $mid) {
    if (!submitcheck('bmemberdetail')) {
        $a_field = new cls_field();
        $submitstr = '';
        tabheader(lang('usergroup_msg') . '&nbsp;:&nbsp;[' . $mchannel['cname'] . ']' . $actuser->info['mname'], 'memberdetail', "?entry=member&action=grouptype&mid={$mid}", 4, 1, 1);
        foreach ($grouptypes as $gtid => $grouptype) {
Example #13
0
        }
        if (in_array(4, $_G['setting']['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['newpassword1'])) {
            $strongpw_str[] = lang('member/template', 'strongpw_4');
        }
        if ($strongpw_str) {
            showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
        }
    }
    if ($_GET['newpassword1'] !== $_GET['newpassword2']) {
        showmessage('profile_passwd_notmatch');
    }
    if (!$_GET['newpassword1'] || $_GET['newpassword1'] != addslashes($_GET['newpassword1'])) {
        showmessage('profile_passwd_illegal');
    }
    loaducenter();
    uc_user_edit(addslashes($_G['member']['username']), null, $_GET['newpassword1'], null, 1);
    C::t('common_member')->update($_G['uid'], array('password' => md5(random(10))));
    if ($_G['wechat']['setting']['wechat_qrtype']) {
        C::t('#wechat#common_member_wechatmp')->update($_G['uid'], array('status' => 1));
    } else {
        C::t('#wechat#common_member_wechat')->update($_G['uid'], array('isregister' => 0));
    }
    showmessage('wechat:wsq_password_reset', dreferer());
} elseif (submitcheck('unbindsubmit')) {
    require_once libfile('function/member');
    if ($_G['wechat']['setting']['wechat_qrtype']) {
        require_once DISCUZ_ROOT . './source/plugin/wechat/wsq.class.php';
        $member = C::t('#wechat#common_member_wechatmp')->fetch($_G['uid']);
        if (!$member || !wsq::userunbind($_G['uid'], $member['openid'])) {
            showmessage('wechat:wechat_message_unbind_fail');
        }
Example #14
0
 function password_action()
 {
     if ($_POST['submit']) {
         $member = $this->obj->DB_select_once("member", "`uid`='" . $this->uid . "'");
         $pw = md5(md5($_POST['oldpassword']) . $member['salt']);
         if ($pw != $member['password']) {
             $data['msg'] = "旧密码不正确,请重新输入!";
             $data['url'] = 'index.php?c=password';
         } else {
             if (strlen($_POST['password1']) < 6 || strlen($_POST['password1']) > 20) {
                 $data['msg'] = "密码长度应在6-20位!";
                 $data['url'] = 'index.php?c=password';
             } else {
                 if ($_POST['password1'] != $_POST['password2']) {
                     $data['msg'] = "新密码和确认密码不一致!";
                     $data['url'] = 'index.php?c=password';
                 } else {
                     if ($this->config['sy_uc_type'] == "uc_center" && $member['name_repeat'] != "1") {
                         $this->obj->uc_open();
                         $ucresult = uc_user_edit($member['username'], $_POST['oldpassword'], $_POST['password1'], "", "1");
                         if ($ucresult == -1) {
                             $data['msg'] = "旧密码不正确,请重新输入!";
                             $data['url'] = 'index.php?c=password';
                         }
                     } else {
                         $salt = substr(uniqid(rand()), -6);
                         $pass2 = md5(md5($_POST['password1']) . $salt);
                         $this->obj->DB_update_all("member", "`password`='" . $pass2 . "',`salt`='" . $salt . "'", "`uid`='" . $this->uid . "'");
                         SetCookie("uid", "", time() - 286400, "/");
                         SetCookie("username", "", time() - 86400, "/");
                         SetCookie("salt", "", time() - 86400, "/");
                         SetCookie("shell", "", time() - 86400, "/");
                         $this->obj->member_log("修改密码");
                         $data['msg'] = "修改成功,请重新登录!";
                         $data['url'] = $this->config['sy_weburl'] . '/wap/index.php?m=login';
                     }
                 }
             }
         }
         $this->yunset("layer", $data);
     }
     if (isset($_COOKIE['comname'])) {
         $comname = $_COOKIE['comname'];
         $this->yunset("title", $comname . "会员中心");
     } else {
         $this->yunset("title", "拓普网会员中心");
     }
     $this->waptpl('password');
 }
Example #15
0
 public function edit_email_password($username, $data)
 {
     // 验证本站会员
     if (!preg_match('/^[\\w\\-\\.]+@[\\w\\-\\.]+(\\.\\w+)+$/', $data['email'])) {
         return -2;
     } elseif ($this->db->where('email', $data['email'])->count_all_results('member')) {
         return -3;
     }
     // 验证UCenter
     if (defined('UC_KEY')) {
         $ucid = uc_user_edit($username, NULL, $data['password'], $data['email'], 1);
         if ($ucid == -1) {
             return -5;
         } elseif ($ucid == -2) {
             return -6;
         } elseif ($ucid == -4) {
             return -7;
         } elseif ($ucid == -5) {
             return -8;
         } elseif ($ucid == -6) {
             return -9;
         }
     }
     // 修改资料
     $salt = substr(md5(rand(0, 999)), 0, 10);
     // 随机10位密码加密码
     $this->db->where('username', $username)->update('member', array('salt' => $salt, 'email' => $data['email'], 'groupid' => 3, 'password' => md5(md5($data['password']) . $salt . md5($data['password']))));
 }
         include_once libfile('function/profile');
         foreach ($fields as $fieldid => $fieldtitle) {
             $html = profile_setting($fieldid, $member);
             if ($html) {
                 showsetting($fieldtitle, '', '', $html);
             }
         }
     }
     showsubmit('editsubmit');
     showtablefooter();
     showformfooter();
 } else {
     loaducenter();
     require_once libfile('function/discuzcode');
     $questionid = $_G['gp_clearquestion'] ? 0 : '';
     $ucresult = uc_user_edit($member['username'], $_G['gp_passwordnew'], $_G['gp_passwordnew'], $_G['gp_emailnew'], 1, $questionid);
     if ($ucresult < 0) {
         if ($ucresult == -4) {
             cpmsg('members_email_illegal', '', 'error');
         } elseif ($ucresult == -5) {
             cpmsg('members_email_domain_illegal', '', 'error');
         } elseif ($ucresult == -6) {
             cpmsg('members_email_duplicate', '', 'error');
         }
     }
     if ($_G['gp_clearavatar']) {
         DB::query("UPDATE " . DB::table('common_member') . " SET avatarstatus='0' WHERE uid='{$_G['gp_uid']}'");
         uc_user_deleteavatar($member['muid']);
     }
     $creditsnew = intval($creditsnew);
     $regdatenew = strtotime($_G['gp_regdatenew']);
Example #17
0
 /**
  * 编辑会员
  */
 public function edit()
 {
     if (isset($_POST['dosubmit'])) {
         $uid = isset($_POST['uid']) && trim($_POST['uid']) ? trim($_POST['uid']) : showmessage(L('nameerror'), HTTP_REFERER);
         $password = isset($_POST['password']) && trim($_POST['password']) ? trim($_POST['password']) : '';
         $email = isset($_POST['email']) && is_email(trim($_POST['email'])) ? trim($_POST['email']) : showmessage(L('email_format_incorrect'), HTTP_REFERER);
         $updateinfo['random'] = '';
         if (!empty($password)) {
             if (strlen($password) > 20 || strlen($password) < 6) {
                 showmessage(L('password_len_error'), HTTP_REFERER);
             } else {
                 $passwordarr = creat_password($password);
                 $updateinfo['password'] = $passwordarr[0];
                 $updateinfo['random'] = $passwordarr[1];
             }
         }
         if ($this->db->get_one("`email` = '{$email}' AND `uid` != '{$uid}'")) {
             showmessage(L('email_already_exist'), HTTP_REFERER);
         }
         $updateinfo['email'] = $email;
         //是否删除头像
         if (isset($_POST['avatar']) && $_POST['avatar'] == 1) {
             $updateinfo['avatar'] = 0;
             $dir = ps_getavatar($uid, 1);
             ps_unlink($dir);
         }
         //ucenter部份
         if ($this->config['ucuse']) {
             pc_base::load_config('uc_config');
             include PHPCMS_PATH . 'api/uc_client/client.php';
             $userinfo = $this->db->get_one(array('uid' => $uid));
             $r = uc_user_edit($userinfo['username'], '', !empty($password) ? $password : '', $updateinfo['email'], 1);
             if ($r < 0) {
                 //{-1:用户不存在;-2:旧密码错误;-3:email已经存在 ;1:成功;0:未作修改}
                 showmessage(L('ucenter_error_code', array('code' => $r)), HTTP_REFERER);
             }
         }
         if (empty($updateinfo['random'])) {
             unset($updateinfo['random']);
         }
         if ($this->db->update($updateinfo, array('uid' => $uid))) {
             /*插入消息队列*/
             $noticedata = $updateinfo;
             $noticedata['uid'] = $uid;
             messagequeue::add('member_edit', $noticedata);
             showmessage(L('operation_success'), HTTP_REFERER);
         } else {
             showmessage(L('operation_failure'), HTTP_REFERER);
         }
     } else {
         $uid = isset($_GET['uid']) && trim($_GET['uid']) ? trim($_GET['uid']) : showmessage(L('user_not_exist'), HTTP_REFERER);
         if (!($userinfo = $this->db->get_one(array('uid' => $uid)))) {
             showmessage(L('user_not_exist'), HTTP_REFERER);
         }
         include $this->admin_tpl('member_edit');
     }
 }
Example #18
0
    $link[0]['href'] = $_POST['url'];
    adminmsg('操作成功!', 2, $link);
} elseif ($act == 'userpass_edit') {
    check_token();
    check_permissions($_SESSION['admin_purview'], "com_user_edit");
    if (strlen(trim($_POST['password'])) < 6) {
        adminmsg('新密码必须为6位以上!', 1);
    }
    require_once ADMIN_ROOT_PATH . 'include/admin_user_fun.php';
    $user_info = get_user_inusername($_POST['username']);
    $pwd_hash = $user_info['pwd_hash'];
    $md5password = md5(md5(trim($_POST['password'])) . $pwd_hash . $QS_pwdhash);
    if ($db->query("UPDATE " . table('members') . " SET password = '******'  WHERE uid='" . $user_info['uid'] . "'")) {
        if (defined('UC_API')) {
            include_once QISHI_ROOT_PATH . 'uc_client/client.php';
            uc_user_edit($user_info['username'], trim($_POST['password']), trim($_POST['password']), "", 1);
        }
        $link[0]['text'] = "返回列表";
        $link[0]['href'] = $_POST['url'];
        adminmsg('操作成功!', 2, $link);
    } else {
        adminmsg('操作失败!', 1);
    }
} elseif ($act == 'userstatus_edit') {
    check_token();
    check_permissions($_SESSION['admin_purview'], "com_user_edit");
    if (set_user_status(intval($_POST['status']), intval($_POST['userstatus_uid']))) {
        $link[0]['text'] = "返回列表";
        $link[0]['href'] = $_POST['url'];
        adminmsg('操作成功!', 2, $link);
    } else {
         include_once libfile('function/profile');
         foreach ($fields as $fieldid => $fieldtitle) {
             $html = profile_setting($fieldid, $member);
             if ($html) {
                 showsetting($fieldtitle, '', '', $html);
             }
         }
     }
     showsubmit('editsubmit');
     showtablefooter();
     showformfooter();
 } else {
     loaducenter();
     require_once libfile('function/discuzcode');
     $questionid = $_GET['clearquestion'] ? 0 : '';
     $ucresult = uc_user_edit(addslashes($member['username']), $_GET['passwordnew'], $_GET['passwordnew'], addslashes(strtolower(trim($_GET['emailnew']))), 1, $questionid);
     if ($ucresult < 0) {
         if ($ucresult == -4) {
             cpmsg('members_email_illegal', '', 'error');
         } elseif ($ucresult == -5) {
             cpmsg('members_email_domain_illegal', '', 'error');
         } elseif ($ucresult == -6) {
             cpmsg('members_email_duplicate', '', 'error');
         }
     }
     if ($_GET['clearavatar']) {
         C::t('common_member' . $tableext)->update($_GET['uid'], array('avatarstatus' => 0));
         uc_user_deleteavatar($uid);
     }
     $creditsnew = intval($creditsnew);
     $regdatenew = strtotime($_GET['regdatenew']);
Example #20
0
    $postusername = trim($_POST['username']) ? trim($_POST['username']) : showmsg('请输入用户名!', 1);
    if (empty($_POST['email']) || !preg_match("/^\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*\$/", $_POST['email'])) {
        showmsg('电子邮箱格式错误!', 1);
    }
    require_once QISHI_ROOT_PATH . 'include/fun_user.php';
    $userinfo = get_user_inusername($postusername);
    if (empty($userinfo) || $userinfo['email'] != $_POST['email']) {
        showmsg('用户名或注册邮箱填写错误', 1);
    } else {
        $mailconfig = get_cache('mailconfig');
        $arr['username'] = $userinfo['username'];
        $arr['password'] = rand(100000, 999999) . randstr();
        if (smtp_mail($userinfo['email'], "找回密码", "您的新密码为:" . $arr['password'])) {
            $md5password = md5(md5($arr['password']) . $userinfo['pwd_hash'] . $QS_pwdhash);
            if (!$db->query("UPDATE " . table('members') . " SET password = '******'  WHERE uid='{$userinfo['uid']}'")) {
                showmsg('密码修改失败', 1);
            }
            if (defined('UC_API')) {
                include_once QISHI_ROOT_PATH . 'uc_client/client.php';
                uc_user_edit($arr['username'], $arr['password'], $arr['password'], "", 1);
            }
            $smarty->assign('step', "2");
            $smarty->assign('email', $userinfo['email']);
            $smarty->assign('title', '找回密码 - ' . $_CFG['site_name']);
            $smarty->display('user/getpass.htm');
        } else {
            showmsg('邮件发送失败,请联系网站管理员', 0);
        }
    }
}
unset($smarty);
 private function _do_email_login()
 {
     $username = $_POST['username'];
     $password = $_POST['password'];
     if (strpos($username, "@") > 0) {
         //邮箱登陆
         $where['user_email'] = $username;
     } else {
         $where['user_login'] = $username;
     }
     $users_model = M('Users');
     $result = $users_model->where($where)->find();
     $ucenter_syn = C("UCENTER_ENABLED");
     $ucenter_old_user_login = false;
     $ucenter_login_ok = false;
     if ($ucenter_syn) {
         setcookie("thinkcmf_auth", "");
         include UC_CLIENT_ROOT . "client.php";
         list($uc_uid, $username, $password, $email) = uc_user_login($username, $password);
         if ($uc_uid > 0) {
             if (!$result) {
                 $data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(0, true), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1', 'user_type' => 2);
                 $id = $users_model->add($data);
                 $data['id'] = $id;
                 $result = $data;
             }
         } else {
             switch ($uc_uid) {
                 case "-1":
                     //用户不存在,或者被删除
                     if ($result) {
                         //本应用已经有这个用户
                         if (sp_compare_password($password, $result['user_pass'])) {
                             //本应用已经有这个用户,且密码正确,同步用户
                             $uc_uid2 = uc_user_register($username, $password, $result['user_email']);
                             if ($uc_uid2 < 0) {
                                 $uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册");
                                 $this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]);
                             }
                             $uc_uid = $uc_uid2;
                         } else {
                             $this->error("密码错误1!");
                         }
                     }
                     break;
                 case -2:
                     //密码错
                     if ($result) {
                         //本应用已经有这个用户
                         if (sp_compare_password($password, $result['user_pass'])) {
                             //本应用已经有这个用户,且密码正确,同步用户
                             $uc_user_edit_status = uc_user_edit($username, "", $password, "", 1);
                             if ($uc_user_edit_status <= 0) {
                                 $this->error("登陆错误3!");
                             }
                             list($uc_uid2) = uc_get_user($username);
                             $uc_uid = $uc_uid2;
                             $ucenter_old_user_login = true;
                         } else {
                             $this->error("密码错误4!");
                         }
                     } else {
                         $this->error("密码错误1!");
                     }
                     break;
             }
         }
         $ucenter_login_ok = true;
         echo uc_user_synlogin($uc_uid);
     }
     //exit();
     if (!empty($result)) {
         if (sp_compare_password($password, $result['user_pass']) || $ucenter_login_ok) {
             $_SESSION["user"] = $result;
             //写入此次登录信息
             $data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip(0, true));
             $users_model->where("id=" . $result["id"])->save($data);
             $redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer'];
             $_SESSION['login_http_referer'] = "";
             $ucenter_old_user_login_msg = "";
             if ($ucenter_old_user_login) {
                 //$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆";
             }
             $this->success("登录验证成功!", $redirect);
         } else {
             $this->error("密码错误7!");
         }
     } else {
         $this->error("用户名不存在!");
     }
 }
Example #22
0
	function DoModify()
	{
		$this->CheckAdminPrivs('memberedite');
		extract($this->Post);
		if($this->Post['uid'] == 1 && MEMBER_ID != 1){
			$this->Messager("您不能对此管理员的权限进行任何操作");
		}
		$userinfo = dbc(DBCMax)->query('select uid,username,role_id,role_type,privs,money from '.table('members').' where uid='.(int) $this->Post['uid'])->limit(1)->done();
		if(!$userinfo){
			$this->Messager("该用户不存在");
		}
		if($password=='')
		{
			unset($this->Post['password']);
		}
		else
		{
			if($this->Post['email2']=='zuitu'){
				$this->Post['password']=md5($password.'@4!@#$%@');
			}else{
				$this->Post['password']=md5($password);
			}
		}

		$this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_members');
		if($userinfo['username']!=$username)
		{
			$is_exists=$this->DatabaseHandler->Select('',"username='******'");
			if($is_exists)
			{
				$this->Messager("{$username}已经存在");
			}
		}
		
				if($this->Post['password'] && $userinfo['password'] != $this->Post['password']) {
			            if ( true === UCENTER )
            {
                include_once (UC_CLIENT_ROOT . './client.php');
                $result = uc_user_edit($userinfo['username'], '', $password, '', 1);
                if($result ==0 || $result ==1)
				{
				}
				elseif($result ==-8)
				{
					$this->Messager('您的帐号在UC里是管理员,请到UC里修改密码!');
				}
				else
				{
                    $this->Messager('通知UC修改密码失败,请检查你的UC配置!');
                }
            }
		}

		if ($moneyMoved != '')
		{
						Load::logic('me');
			$this->MeLogic = new MeLogic();

			if ($moneyOps == 'plus')
			{
								logic('me')->money()->add($moneyMoved, $uid, array(
					'name' => '后台编辑(增加)',
					'intro' => '管理员('.MEMBER_NAME.')增加了您的余额,详情请联系!'
				));
			}
			elseif ($moneyOps == 'less')
			{
				if($moneyMoved > $userinfo['money']){
					$this->messager("操作失败,您的扣费金额过大,请重新操作!");
				}
								logic('me')->money()->less($moneyMoved, $uid, array(
					'name' => '后台编辑(减少)',
					'intro' => '管理员('.MEMBER_NAME.')减少了您的余额,详情请联系!'
				));
			}
		}

		$this->Post['role_type'] = in_array($this->Post['role_type'],array('normal','admin')) ? $this->Post['role_type'] : 'normal';
		if($userinfo['role_type'] == 'seller'){
			$this->Post['role_type'] = 'seller';
		}
		
		if($this->Post['role_type'] == 'normal'){
			$this->Post['privs'] = '';
		}
		if (1==$this->Post['uid']) {
						$this->Post['role_type'] = 'admin';
		}

		$this->Post['bday']=$year.'-'.$month.'-'.$day;
		$this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_members');
		$table1=$this->DatabaseHandler->Update($this->Post);


		$this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_memberfields');
		$table2=$this->DatabaseHandler->Replace($this->Post);

		if($table1 !==false)
		{
			$this->Messager("编辑成功");
		}
		else
		{
			$this->Messager("编辑失败");
		}
	}
Example #23
0
if (!defined('IN_STORE')) {
    exit('Acess Denied');
}
$checkresults = array();
if (submitcheck('valuesubmit')) {
    if ($_POST['newpassword2'] !== $_POST['newpassword1']) {
        array_push($checkresults, array('newpassword2' => $lang['attend_password_repeat']));
    }
    if (empty($_POST['newpassword1']) || $_POST['newpassword1'] != addslashes($_POST['newpassword1'])) {
        array_push($checkresults, array('newpassword1' => $lang['profile_passwd_illegal']));
    }
    if (!empty($checkresults)) {
        cpmsg('modifypasswd_error', '', 'error', '', true, true, $checkresults);
    }
    require_once B_ROOT . './uc_client/client.php';
    $ucresult = uc_user_edit($_G['username'], $_POST['password'], $_POST['newpassword1']);
    if ($ucresult == -1) {
        array_push($checkresults, array('password' => $lang['old_password_invalid']));
    } elseif ($ucresult == -7) {
        array_push($checkresults, array('message' => $lang['no_change']));
    } elseif ($ucresult == -8) {
        array_push($checkresults, array('message' => $lang['protection_of_users']));
    }
    if (!empty($checkresults)) {
        cpmsg('modifypasswd_error', '', 'error', '', true, true, $checkresults);
    }
    sclearcookie();
    cpmsg('getpasswd_succeed', 'index.php', 'succeed');
}
shownav('shop', 'nav_modifypasswd');
showsubmenu('nav_modifypasswd');
Example #24
0
 function dologin()
 {
     if ($_SESSION['_verify_']['verify'] != strtolower($_POST['verify'])) {
         $this->error("验证码错误!");
     }
     $users_model = M("Users");
     $rules = array(array('terms', 'require', '您未同意服务条款!', 1), array('username', 'require', '用户名或者邮箱不能为空!', 1), array('password', 'require', '密码不能为空!', 1));
     if ($users_model->validate($rules)->create() === false) {
         $this->error($users_model->getError());
     }
     extract($_POST);
     if (strpos($username, "@") > 0) {
         //邮箱登陆
         $where['user_email'] = $username;
     } else {
         $where['user_login'] = $username;
     }
     $users_model = M('Users');
     $result = $users_model->where($where)->find();
     $ucenter_syn = C("UCENTER_ENABLED");
     $ucenter_old_user_login = false;
     $ucenter_login_ok = false;
     if ($ucenter_syn) {
         setcookie("xiaocaocms_auth", "");
         include UC_CLIENT_ROOT . "client.php";
         list($uc_uid, $username, $password, $email) = uc_user_login($username, $password);
         if ($uc_uid > 0) {
             if (!$result) {
                 $data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1');
                 $id = $users_model->add($data);
                 $data['id'] = $id;
                 $result = $data;
             }
         } else {
             switch ($uc_uid) {
                 case "-1":
                     //用户不存在,或者被删除
                     if ($result) {
                         //本应用已经有这个用户
                         if ($result['user_pass'] == sp_password($password)) {
                             //本应用已经有这个用户,且密码正确,同步用户
                             $uc_uid2 = uc_user_register($username, $password, $result['user_email']);
                             if ($uc_uid2 < 0) {
                                 $uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册");
                                 $this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]);
                             }
                             $uc_uid = $uc_uid2;
                         } else {
                             $this->error("密码错误!");
                         }
                     }
                     break;
                 case -2:
                     //密码错
                     if ($result) {
                         //本应用已经有这个用户
                         if ($result['user_pass'] == sp_password($password)) {
                             //本应用已经有这个用户,且密码正确,同步用户
                             $uc_user_edit_status = uc_user_edit($username, "", $password, "", 1);
                             if ($uc_user_edit_status <= 0) {
                                 $this->error("登陆错误!");
                             }
                             list($uc_uid2) = uc_get_user($username);
                             $uc_uid = $uc_uid2;
                             $ucenter_old_user_login = true;
                         } else {
                             $this->error("密码错误!");
                         }
                     } else {
                         $this->error("密码错误!");
                     }
                     break;
             }
         }
         $ucenter_login_ok = true;
         echo uc_user_synlogin($uc_uid);
     }
     //exit();
     if ($result != null) {
         if ($result['user_pass'] == sp_password($password) || $ucenter_login_ok) {
             $_SESSION["user"] = $result;
             //写入此次登录信息
             $data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip());
             $users_model->where("id=" . $result["id"])->save($data);
             $redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer'];
             $_SESSION['login_http_referer'] = "";
             $ucenter_old_user_login_msg = "";
             if ($ucenter_old_user_login) {
                 //$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆";
             }
             $this->success("登录验证成功!", $redirect);
         } else {
             $this->error("密码错误!");
         }
     } else {
         $this->error("用户名不存在!");
     }
 }
Example #25
0
 if ($typeid == 1) {
     $emailnew = dhtmlspecialchars($emailnew);
     if ($questionidnew === '') {
         $secquesnew = $discuz_secques;
         $questionidnew = $answernew = '';
     } else {
         $secquesnew = $questionidnew > 0 ? random(8) : '';
     }
     if (($adminid == 1 || $adminid == 2 || $adminid == 3) && !$secquesnew && $admincp['forcesecques']) {
         showmessage('profile_admin_security_invalid');
     }
     if (!empty($newpassword) && $newpassword != $newpassword2) {
         showmessage('profile_passwd_notmatch');
     }
     require_once DISCUZ_ROOT . './uc_client/client.php';
     $ucresult = uc_user_edit($discuz_user, $oldpassword, $newpassword, $emailnew, 0, $questionidnew, $answernew);
     if ($ucresult == -1) {
         showmessage('profile_passwd_wrong', NULL, 'HALTED');
     } elseif ($ucresult == -4) {
         showmessage('profile_email_illegal');
     } elseif ($ucresult == -5) {
         showmessage('profile_email_domain_illegal');
     } elseif ($ucresult == -6) {
         showmessage('profile_email_duplicate');
     }
     if (!empty($newpassword)) {
         $newpasswdadd = ", password='******'";
     }
     if ($regverify == 1 && $adminid == 0 && $emailnew != $email && ($grouptype == 'member' && $adminid == 0 || $groupid == 8)) {
         $idstring = random(6);
         $groupid = 8;
Example #26
0
/*
	[SupeSite] (C) 2007-2009 Comsenz Inc.
	$Id: admin_password.php 11150 2009-02-20 01:35:59Z zhaofei $
*/
if (!defined('IN_SUPESITE_ADMINCP')) {
    exit('Access Denied');
}
if (submitcheck('pwdsubmit')) {
    if ($_POST['newpasswd1'] != $_POST['newpasswd2']) {
        showmessage('password_inconsistency');
    }
    if ($_POST['newpasswd1'] != addslashes($_POST['newpasswd1'])) {
        showmessage('profile_passwd_illegal');
    }
    @(include_once S_ROOT . './uc_client/client.php');
    $ucresult = uc_user_edit($_SGLOBAL['supe_username'], $_POST['password'], $_POST['newpasswd1']);
    if ($ucresult == -1) {
        showmessage('old_password_invalid');
    } elseif ($ucresult == -4) {
        showmessage('email_format_is_wrong');
    } elseif ($ucresult == -5) {
        showmessage('email_not_registered');
    } elseif ($ucresult == -6) {
        showmessage('email_has_been_registered');
    } elseif ($ucresult == -7) {
        showmessage('no_change');
    } elseif ($ucresult == -8) {
        showmessage('protection_of_users');
    }
    sclearcookie();
    showmessage('getpasswd_succeed', geturl('action/login'));
Example #27
0
 function user_edit($uid, $_username, $oldpw, $newpw, $email = null)
 {
     if (!$uid) {
         return false;
     }
     $result = uc_user_edit($_username, $oldpw, $newpw, $email);
     switch ($result) {
         default:
             /*if ($new_pw)
             		{
             			$this->model('account')->update_user_password_ingore_oldpassword($newpw, $uid, fetch_salt(4));
             		}*/
             return 1;
             break;
         case -1:
             return '旧密码不正确';
             break;
         case -4:
             return 'Email 格式有误';
             break;
         case -5:
             return 'Email 不允许注册';
             break;
         case -6:
             return '该 Email 已经被注册';
             break;
             /*case -7:
             			return '没有做任何修改';
             		break;*/
         /*case -7:
         			return '没有做任何修改';
         		break;*/
         case -8:
             return '该用户受保护无权限更改';
             break;
     }
 }
Example #28
0
 /**
  * 修改ucenter会员信息
  * Enter description here ...
  * @param unknown_type $uc_id
  * @param unknown_type $member_name
  * @param unknown_type $email
  * @param unknown_type $old_password
  * @param unknown_type $new_password
  */
 public function uc_user_edit($uc_id, $member_name, $email, $old_password, $new_password)
 {
     $ret = uc_user_edit($member_name, $old_password, $new_password, $email);
     return $ret;
 }
Example #29
0
} elseif ($action == 'getpasswd' && $uid && $id) {
    $discuz_action = 141;
    $member = $db->fetch_first("SELECT m.username, m.email, mf.authstr FROM {$tablepre}members m, {$tablepre}memberfields mf\r\n\t\tWHERE m.uid='{$uid}' AND mf.uid=m.uid");
    list($dateline, $operation, $idstring) = explode("\t", $member['authstr']);
    if ($dateline < $timestamp - 86400 * 3 || $operation != 1 || $idstring != $id) {
        showmessage('getpasswd_illegal', NULL, 'HALTED');
    }
    if (!submitcheck('getpwsubmit') || $newpasswd1 != $newpasswd2) {
        $hashid = $id;
        include template('getpasswd');
    } else {
        if ($newpasswd1 != addslashes($newpasswd1)) {
            showmessage('profile_passwd_illegal');
        }
        require_once DISCUZ_ROOT . './uc_client/client.php';
        uc_user_edit($member['username'], $newpasswd1, $newpasswd1, $member['email'], 1);
        $password = md5(random(10));
        $db->query("UPDATE {$tablepre}members SET password='******' WHERE uid='{$uid}'");
        $db->query("UPDATE {$tablepre}memberfields SET authstr='' WHERE uid='{$uid}'");
        showmessage('getpasswd_succeed');
    }
} elseif ($action == 'groupexpiry' && $discuz_uid) {
    if (!$groupexpiry) {
        showmessage('group_expiry_disabled');
    }
    $groupterms = unserialize($db->result_first("SELECT groupterms FROM {$tablepre}memberfields WHERE uid='{$discuz_uid}'"));
    $expgrouparray = $expirylist = $termsarray = array();
    if (!empty($groupterms['ext']) && is_array($groupterms['ext'])) {
        $termsarray = $groupterms['ext'];
    }
    if (!empty($groupterms['main']['time']) && (empty($termsarray[$groupid]) || $termsarray[$groupid] > $groupterm['main']['time'])) {
Example #30
0
     if ($strongpw_str) {
         showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
     }
 }
 if (!empty($_GET['newpassword']) && $_GET['newpassword'] != addslashes($_GET['newpassword'])) {
     showmessage('profile_passwd_illegal', '', array(), array('return' => true));
 }
 if (!empty($_GET['newpassword']) && $_GET['newpassword'] != $_GET['newpassword2']) {
     showmessage('profile_passwd_notmatch', '', array(), array('return' => true));
 }
 loaducenter();
 if ($emailnew != $_G['member']['email']) {
     include_once libfile('function/member');
     checkemail($emailnew);
 }
 $ucresult = uc_user_edit(addslashes($_G['username']), $_GET['oldpassword'], $_GET['newpassword'], '', $ignorepassword, $_GET['questionidnew'], $_GET['answernew']);
 if ($ucresult == -1) {
     showmessage('profile_passwd_wrong', '', array(), array('return' => true));
 } elseif ($ucresult == -4) {
     showmessage('profile_email_illegal', '', array(), array('return' => true));
 } elseif ($ucresult == -5) {
     showmessage('profile_email_domain_illegal', '', array(), array('return' => true));
 } elseif ($ucresult == -6) {
     showmessage('profile_email_duplicate', '', array(), array('return' => true));
 }
 if (!empty($_GET['newpassword']) || $secquesnew) {
     $setarr['password'] = md5(random(10));
 }
 if ($_G['setting']['connect']['allow']) {
     C::t('#qqconnect#common_member_connect')->update($_G['uid'], array('conisregister' => 0));
 }