if (!check::CheckUser($_POST['user_name'])) { check::AlertExit("输入的用户名必须是4-21字符之间的数字、字母,或7个中文!", -1); } if (!check::CheckPassword($_POST['password'])) { check::AlertExit("输入的密码必须是4-21字符之间的数字、字母!", -1); } if (empty($_POST['user_id'])) { check::AlertExit("用户ID不能为空!", -1); } if (empty($_POST['nick_name'])) { check::AlertExit("用户昵称不能为空!", -1); } //如果两次密码不一致,说明,需要更新密码 if ($_POST['password'] != $_POST['oldpassword']) { if (!empty($arrGWeb['user_pass_type'])) { $_POST['password'] = check::strEncryption($_POST['password'], $arrGWeb['jamstr']); } } unset($_POST['oldpassword']); if ($_POST['user_name'] != $_POST['olduser_name']) { $arr = $objWebInit->getUserWhere(" Where user_name='" . $_POST['user_name'] . "'"); if (!empty($arr)) { check::AlertExit($_POST['user_name'] . ", 该用户名已被占用", -1); } } unset($_POST['olduser_name']); //生日转换 $_POST['birthday'] = date('Y-m-d', strtotime($_POST['year'] . '-' . $_POST['month'] . '-' . $_POST['day'])); unset($_POST['year']); unset($_POST['month']); unset($_POST['day']);
/** * 会员登陆 * @author 肖飞 * @param array $arrUser 会员信息数组 * @return void */ public function userLogin($arrData, $isEncryption = 0, $jamStr) { if (!check::CheckUser($arrData['User'])) { check::AlertExit("输入的用户名必须是4-20字符之间的数字、字母或中文!", -1); return false; } if (!check::CheckPassword($arrData['Pass'])) { check::AlertExit("输入的密码必须是4-20字符之间的数字、字母!", -1); return false; } $strPassTemp = $arrData['Pass']; if ($isEncryption) { $strPassTemp = check::strEncryption($strPassTemp, $jamStr); } $strSQL = "SELECT * FROM {$this->tablename2} WHERE user_name = ? and password = ?"; $rs = $this->db->prepare($strSQL); $rs->execute(array($arrData['User'], $strPassTemp)); if ($arr = $rs->fetchAll()) { $arr = current($this->loadTableFieldG($arr)); $user_id = ''; $user_name = ''; $password = ''; $real_name = ''; $user_group = ''; $user_popedom = ''; $submit_date = ''; $pass = ''; $email = ''; $tel = ''; $company_cn = ''; $user_type = ''; $user_bonus = ''; $_SESSION['user_id'] = $arr['user_id']; $_SESSION['user_name'] = $arr['user_name']; $_SESSION['password'] = $arr['password']; $_SESSION['user_group'] = $arr['user_group']; $_SESSION['user_grade'] = $arr['user_grade']; $_SESSION['user_popedom'] = $arr['user_popedom']; $_SESSION['real_name'] = $arr['real_name']; $_SESSION['email'] = $arr['email']; $_SESSION['tel'] = $arr['tel']; $_SESSION['company_cn'] = $arr['company_cn']; $_SESSION['user_type'] = $arr['user_type']; $_SESSION['user_bonus'] = $arr['user_bonus']; $_SESSION['pass'] = $arr['pass']; $_SESSION['province'] = $arr['province']; $_SESSION['city'] = $arr['city']; $_SESSION['type_id'] = $arr['type_id']; $arrUpdate['user_ip'] = check::getIP(); $arrUpdate['lastlog '] = date('Y-m-d H:i:s'); $arrUpdate['user_id'] = $arr['user_id']; $this->updateUser($arrUpdate); return true; } else { return false; } }
/** * 会员登陆 * @author 肖飞 * @param array $arrUser 会员信息数组 * @return void */ public function userLogin($arrData, $isEncryption = 0, $jamStr, $isAlert = ture) { if (!check::CheckUser($arrData['User']) && !check::CheckEmailAddr($_POST['User']) && !check::CheckMobilePhone($_POST['User'])) { if ($isAlert) { check::AlertExit("输入的用户名必须是4-21字符之间的数字、字母,或7个中文!", -1); } else { return 0; } } if (!check::CheckPassword($arrData['Pass'])) { if ($isAlert) { check::AlertExit("输入的密码必须是4-21字符之间的数字、字母!", -1); } return 0; } $strPassTemp = $arrData['Pass']; if ($isEncryption) { $strPassTemp = check::strEncryption($strPassTemp, $jamStr); } $strUserName = $arrData['User']; if ($_SESSION['user_group'] == 3) { $strSQL = "SELECT * FROM {$this->tablename1} WHERE user_name = '" . $strUserName . "' and status=1"; $rs = $this->db->query($strSQL); } else { $strSQL = "SELECT * FROM {$this->tablename1} WHERE user_name = '" . $strUserName . "' and password = '******' and status=1"; $rs = $this->db->query($strSQL); if (!($arr = $rs->fetch(PDO::FETCH_ASSOC))) { $strSQL = "SELECT * FROM {$this->tablename1} WHERE email = '" . $strUserName . "' and password = '******' and status=1"; $rs = $this->db->query($strSQL); if (!($arr = $rs->fetch(PDO::FETCH_ASSOC))) { $strSQL = "SELECT * FROM {$this->tablename1} WHERE mobile = '" . $strUserName . "' and password = '******' and status=1"; $rs = $this->db->query($strSQL); $arr = $rs->fetch(PDO::FETCH_ASSOC); } } } if ($arr) { if (is_array($_SESSION)) { $_SESSION = array_merge($_SESSION, $arr); } else { $_SESSION = $arr; } $arrUpdate = array(); $arrUpdate['user_ip'] = check::getIP(); $arrUpdate['lastlog'] = date('Y-m-d H:i:s'); $arrUpdate['user_id'] = $arr['user_id']; $arrUpdate['logtimes'] = ++$arr['logtimes']; $arrUpdate['session_id'] = session_id(); $this->updateUser($arrUpdate); return 1; } else { if ($isAlert) { check::AlertExit("用户名或密码错误", -1); } else { return 0; } } }
/** * 会员登陆 * @author 肖飞 * @param array $arrUser 会员信息数组 * @return void */ public function userLogin($arrData, $isEncryption = 0, $jamStr, $isAlert = true) { $arrData['User'] = trim($arrData['User']); $arrData['Pass'] = trim($arrData['Pass']); if ($isEncryption) { $strPassTemp = check::strEncryption($arrData['Pass'], $jamStr); } if (($_SESSION['user_name'] == $arrData['User'] || $_SESSION['email'] == $arrData['User'] || $_SESSION['mobile'] == $arrData['User']) && $_SESSION['password'] == $strPassTemp && isset($_SESSION['user_group'])) { return true; } $strData = check::getAPIArray($arrData); if (!check::getAPI('mcenter', 'userLogin', "{$strData}^{$isEncryption}^{$jamStr}")) { if ($isAlert) { check::AlertExit("用户名或密码错误!", -1); } return 0; } if (empty($_SESSION['user_id'])) { if ($isAlert) { check::AlertExit("用户名或密码错误!", -1); } else { return 0; } } $arr = $this->getInfoWhere("WHERE user_id = " . $_SESSION['user_id']); if (!empty($arr)) { unset($arr['id']); $_SESSION = array_merge($_SESSION, $arr); $arrUpdate = array(); $arrUpdate['lastlog'] = date('Y-m-d H:i:s'); $arrUpdate['user_id'] = $arr['user_id']; $this->updateUser($arrUpdate); return 1; } else { //Mcenter有信息,但本系统未注册,则自动注册。 $arrTemp = array(); $arrTemp = $_SESSION; $intID = $this->saveInfo($arrTemp, 0, false, false); if ($intID) { $this->userLogin($arrData, $isEncryption, $jamStr, $isAlert); return 1; } else { if ($isAlert) { check::AlertExit("会员信息不存在", -1); } else { return 0; } } } }
} elseif ($_GET['step'] == 5) { if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST['db_host']) || empty($_POST['db_port']) || empty($_POST['db_user']) || empty($_POST['db_name'])) { check::AlertExit("错误:数据库地址、端口、用户名和库名信息必须填写!", -1); } if (empty($_POST['password']) || empty($_POST['user_name']) || empty($_POST['real_name']) || empty($_POST['email'])) { check::AlertExit("错误:管理员的信息必须全部填写!", -1); } if ($_POST['password'] != $_POST['password_c']) { check::AlertExit("错误:两次输入的密码不相同!", -1); } $_SESSION['user_name'] = $_POST['user_name']; $_SESSION['real_name'] = $_POST['real_name']; $_SESSION['email'] = $_POST['email']; if (!empty($_POST['user_pass_type']) && $_POST['user_pass_type']) { $_SESSION['password'] = check::strEncryption($_POST['password'], $_POST['jamstr']); } else { $_SESSION['password'] = $_POST['password']; } $_SESSION['install_type'] = $_POST['install_type']; $_SESSION['user_pass_type'] = $_POST['user_pass_type']; $_SESSION['jamstr'] = $_POST['jamstr']; unset($_POST['user_name']); unset($_POST['real_name']); unset($_POST['email']); unset($_POST['password']); unset($_POST['password_c']); unset($_POST['install_type']); unset($_POST['biweb']); unset($arrGWeb); $strFilename = '../data/webconfig.inc.php';