<?php
defined('IN_KEKE') or exit('Access Denied');
$strUrl = 'index.php?do=user&view=account&op=password';
if (isset($formhash) && kekezu::submitcheck($formhash)) {
$old_pass = kekezu::escape(trim($old_password));
$new_pass = kekezu::escape(trim($new_password));
$confirm_pass = kekezu::escape(trim($confirm_password));
if (md5($old_pass) != $gUserInfo['password']) {
$title['errors']['old_password'] = '******';
kekezu::show_msg($title, NULL, NULL, NULL, 'error');
}
if ($old_pass === $new_pass) {
$title['errors']['new_password'] = '******';
kekezu::show_msg($title, NULL, NULL, NULL, 'error');
}
if ($new_pass != $confirm_pass) {
$title['errors']['confirm_password'] = '******';
kekezu::show_msg($title, NULL, NULL, NULL, 'error');
}
$intRes1 = db_factory::updatetable(TABLEPRE . 'witkey_space', array('password' => md5($new_pass)), array('uid' => $gUid));
$intRes2 = db_factory::updatetable(TABLEPRE . 'witkey_member', array('password' => md5($new_pass)), array('uid' => $gUid));
$flag = keke_user_class::user_edit($gUserInfo['username'], $old_pass, $new_pass, '', 0) > 0 ? 1 : 0;
if ($flag && $intRes1 === 1 && $intRes2 === 1) {
kekezu::admin_system_log($_SESSION['username'] . '于' . date("Y-m-d H:i:s") . '修改了密码');
keke_msg_class::notify_user($gUserInfo['uid'], $gUserInfo['username'], 'update_password', '修改密码', array('新密码' => $new_pass, '网站名称' => $kekezu->_sys_config['website_name'], '用户名' => $gUserInfo['username']), 2);
setcookie('rememberme', '');
unset($_SESSION, $_SESSION['uid'], $_SESSION['username']);
unset($_COOKIE['rememberme']);
session_destroy();
kekezu::show_msg('新密码已生效', 'index.php?do=login', NULL, NULL, 'ok');
}
$arrOauthInfo = $_SESSION[$type . '_oauthInfo'];
if (strtoupper(CHARSET) == 'GBK') {
$arrOauthInfo = kekezu::utftogbk($arrOauthInfo);
}
$objLogin = new keke_user_login_class();
$arrBindInfo = keke_register_class::is_oauth_bind($type, $arrOauthInfo['account']);
if ($_SESSION[$type . '_oauthInfo'] && $arrBindInfo && !$is_binding) {
$_SESSION[$type . '_oauthInfo'] = null;
$arrUserInfo = kekezu::get_user_info($arrBindInfo['uid']);
$loginUserInfo = $objLogin->oauth_user_login($arrUserInfo['username'], $arrUserInfo['password'], null, 1);
$objLogin->save_user_info($loginUserInfo, 1);
}
$inter = $kekezu->_sys_config['user_intergration'];
$intLoginTimes = intval($_SESSION['login_times']);
if (kekezu::submitcheck(isset($formhash)) || isset($login_type) == 3) {
if ($code) {
$strCodeCheck = kekezu::check_secode($code);
if ($strCodeCheck != 1) {
$tips['errors']['code'] = $strCodeCheck;
kekezu::show_msg($tips, NULL, NULL, NULL, 'error');
}
}
$strCode = isset($code) ? $code : "";
$intLoginType = isset($login_type) ? $login_type : "";
$ckb_cookie = isset($ckb_cookie) ? $ckb_cookie : "";
if (strtoupper(CHARSET) == 'GBK') {
$account = kekezu::utftogbk($account);
}
$arrUserInfo = $objLogin->user_login($account, $password, $strCode, $intLoginType, 1);
db_factory::execute("delete from " . TABLEPRE . "witkey_space where uid =" . intval($arrBindInfo['uid']));
if ($check_uid) {
CHARSET == 'gbk' and $check_uid = kekezu::utftogbk($check_uid);
$info = get_info($check_uid, $t);
if ($info) {
$info['balance'] = floatval($info['balance']);
}
if ($t == 1) {
$msg = "UID不存在";
} else {
$msg = "用户名不存在";
}
$info and kekezu::echojson('', 1, $info) or kekezu::echojson($msg, 0);
die;
}
$config = $kekezu->_sys_config;
if ($is_submit && kekezu::submitcheck(isset($formhash))) {
$url = "index.php?do={$do}&view={$view}";
$user or kekezu::admin_show_msg($_lang['username_uid_can_not_null'], $url, 3, '', 'warning');
$info = get_info($user, $user_type);
$cash = floatval($cash);
$cash == 0 and kekezu::admin_show_msg($_lang['cash_can_not_null'], $url, 3, '', 'warning');
if ($cash_type == 1) {
$res = keke_finance_class::cash_in($info['uid'], floatval($cash), 'admin_charge', '', 'admin_charge');
} else {
if ($cash > $info['balance']) {
kekezu::admin_show_msg($_lang['user_deduct_limit'] . $info['balance'] . $_lang['yuan'], $url, 3, '', 'warning');
} else {
$res = keke_finance_class::cash_out($info['uid'], floatval($cash), 'admin_charge', '', 'admin_charge');
}
}
$charge_reason = kekezu::filter_input($charge_reason);
<?php
defined('IN_KEKE') or exit('Access Denied');
$task_id = intval($task_id);
if (kekezu::submitcheck(isset($formhash))) {
$arrSelectPeople = db_factory::query('select uid from ' . TABLEPRE . 'witkey_task_work where task_id=' . $task_id);
$task_info = db_factory::query('select * from ' . TABLEPRE . 'witkey_task where task_id=' . $task_id);
$hongbaoSum = $task_info[0]['task_cash'];
shuffle($cbk);
$a = '';
foreach ($arrSelectPeople as $key => $val) {
$arrSelectPeople[$key] = $val['uid'];
}
$cha = array_diff($arrSelectPeople, $cbk);
foreach ($cha as $k => $v) {
db_factory::query('update ' . TABLEPRE . 'witkey_task_work set work_status=7 where uid="' . $v . '" and task_id=' . $task_id);
}
$count = count($cbk);
foreach ($cbk as $key => $val) {
do {
$lcg = lcg_value();
} while ($lcg < 0.1);
if ($key + 1 == $count) {
$selefHongBao[$val] = $hongbaoSum;
} else {
$selefHongBao[$val] = number_format($lcg * $hongbaoSum, 2);
}
$hongbaoSum -= $selefHongBao[$val];
$a += $selefHongBao[$val];
}
foreach ($selefHongBao as $k => $v) {
if (!$arrUserInfo) {
$tips['errors']['account'] = '账号不存在';
kekezu::show_msg($tips, NULL, NULL, NULL, 'error');
}
if ($getPasswordCode) {
$strCodeCheck = kekezu::check_secode($getPasswordCode);
if ($strCodeCheck != 1) {
$tips['errors']['code'] = $strCodeCheck;
kekezu::show_msg($tips, NULL, NULL, NULL, 'error');
}
}
kekezu::show_msg('', "index.php?do=retrieve&strStep=step2&account={$account}", NULL, NULL, 'ok');
}
break;
case "step2":
if (kekezu::submitcheck($formhash)) {
$strAccount = strval($account);
$arrUserInfo = kekezu::get_user_info($strAccount, true);
$arrPassInfo = reset_set_password($arrUserInfo);
$arrNotifyArr = array('用户名' => $arrUserInfo['username'], '网站名称' => $kekezu->_sys_config['website_name'], '密码' => $arrPassInfo['code'], '安全码' => $arrPassInfo['sec_code']);
keke_shop_class::notify_user($arrUserInfo['uid'], $arrUserInfo['username'], 'get_password', '找回密码', $arrNotifyArr, 2);
kekezu::show_msg('您的新密码已发送到邮箱,请注意查收', $strUrl, NULL, NULL, 'ok');
} else {
$arrUserInfo = kekezu::get_user_info($account, true);
$arrEmailAuths = db_factory::query(sprintf("select * from %switkey_auth_email where uid=%d and auth_status=1", TABLEPRE, $arrUserInfo['uid']));
$arrEmailAuths and $strEmailInfo = $arrEmailAuths['0']['email'];
$strEmail = explode('@', $strEmailInfo);
$intLeng = strlen($strEmail[0]);
$i = intval($intLeng / 2);
$strRe = '*';
$strRe = str_pad($strRe, $intLeng - $i, '*', STR_PAD_LEFT);
public function admin_login($username, $password, $allow_times, $formhash = '')
{
global $_lang;
global $kekezu;
if (!kekezu::submitcheck($formhash, true)) {
$hash = kekezu::formhash();
$kekezu->echojson($_lang['repeat_form_submit'], 6, array('formhash' => $hash));
die;
}
$user_info = keke_user_class::user_login($username, $password);
$hash = kekezu::formhash();
if ($user_info == -1) {
$kekezu->echojson($_lang['username_input_error'], "6", array('formhash' => $hash));
die;
} else {
if ($user_info == -2) {
$kekezu->echojson($_lang['username_password_input_error'], "5", array('formhash' => $hash));
die;
}
}
if (!$user_info) {
$kekezu->echojson($_lang['login_fail'], "4", array('formhash' => $hash));
die;
} else {
$user_info = kekezu::get_user_info($user_info['uid']);
}
if (!$user_info) {
$kekezu->echojson($_lang['no_rights_login_backstage'], "3", array('formhash' => $hash));
die;
} else {
if (!$user_info['group_id'] && $user_info['uid'] != ADMIN_UID) {
$kekezu->echojson($_lang['no_rights_login_backstage'], "2", array('formhash' => $hash));
die;
} else {
$_SESSION['auid'] = $_SESSION['uid'] = $user_info['uid'];
$_SESSION['username'] = $user_info['username'];
kekezu::admin_system_log($user_info['username'] . date('Y-m-d H:i:s', time()) . $_lang['login_system']);
$kekezu->echojson($_lang['login_success'], "1");
die;
}
}
}
