function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function AddFeedback($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
CheckCanPostUrl();
//验证来源
if ($add['bid']) {
$bid = (int) $add['bid'];
} else {
$bid = (int) getcvar('feedbackbid');
}
if (empty($bid)) {
printerror("EmptyFeedbackname", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkfeedbackkey';
if ($public_r['fbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
//版面是否存在
$br = $empire->fetch1("select bid,enter,mustenter,filef,groupid,checkboxf from {$dbtbpre}enewsfeedbackclass where bid='{$bid}';");
if (empty($br['bid'])) {
printerror("EmptyFeedback", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$pr = $empire->fetch1("select feedbacktfile,feedbackfilesize,feedbackfiletype from {$dbtbpre}enewspublic limit 1");
//必填项
$mustr = explode(",", $br['mustenter']);
$count = count($mustr);
for ($i = 1; $i < $count - 1; $i++) {
$mf = $mustr[$i];
if (strstr($br['filef'], "," . $mf . ",")) {
if (!$pr['feedbacktfile']) {
printerror("NotOpenFBFile", "", 1);
}
if (!$_FILES[$mf]['name']) {
printerror("EmptyFeedbackname", "", 1);
}
} else {
$chmustval = ReturnFBCheckboxAddF($add[$mf], $mf, $br['checkboxf']);
if (!trim($chmustval)) {
printerror("EmptyFeedbackname", "", 1);
}
}
}
$saytime = date("Y-m-d H:i:s");
//字段处理
$dh = "";
$tranf = "";
$record = "<!--record-->";
$field = "<!--field--->";
$er = explode($record, $br['enter']);
$count = count($er);
for ($i = 0; $i < $count - 1; $i++) {
$er1 = explode($field, $er[$i]);
$f = $er1[1];
//附件
$add[$f] = str_replace('[!#@-', 'ecms', $add[$f]);
if (strstr($br['filef'], "," . $f . ",")) {
if ($_FILES[$f]['name']) {
if (!$pr['feedbacktfile']) {
printerror("NotOpenFBFile", "", 1);
}
$filetype = GetFiletype($_FILES[$f]['name']);
//取得文件类型
if (CheckSaveTranFiletype($filetype)) {
printerror("NotQTranFiletype", "", 1);
}
if (!strstr($pr['feedbackfiletype'], "|" . $filetype . "|")) {
printerror("NotQTranFiletype", "", 1);
}
if ($_FILES[$f]['size'] > $pr['feedbackfilesize'] * 1024) {
printerror("TooBigQTranFile", "", 1);
}
$tranf .= $dh . $f;
$dh = ",";
$fval = "[!#@-" . $f . "-@!]";
} else {
$fval = "";
}
} else {
$add[$f] = ReturnFBCheckboxAddF($add[$f], $f, $br['checkboxf']);
$fval = $add[$f];
}
$addf .= ",`" . $f . "`";
$addval .= ",'" . addslashes(RepPostStr($fval)) . "'";
}
$type = 0;
$classid = 0;
$filename = '';
$filepath = '';
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$filepass = ReturnTranFilepass();
//上传附件
if ($tranf) {
$dh = "";
$tranr = explode(",", $tranf);
$count = count($tranr);
for ($i = 0; $i < $count; $i++) {
$tf = $tranr[$i];
$tfr = DoTranFile($_FILES[$tf]['tmp_name'], $_FILES[$tf]['name'], $_FILES[$tf]['type'], $_FILES[$tf]['size'], $classid);
if ($tfr['tran']) {
$filepath = $tfr[filepath];
//写入数据库
$filetime = $saytime;
$filesize = (int) $_FILES[$tf]['size'];
eInsertFileTable($tfr[filename], $filesize, $tfr[filepath], '[Member]' . $username, $classid, '[FB]' . addslashes(RepPostStr($add[title])), $type, $filepass, $filepass, $public_r[fpath], 0, 4, 0);
$repfval = ($tfr[filepath] ? $tfr[filepath] . '/' : '') . $tfr[filename];
$filename .= $dh . $tfr[filename];
$dh = ",";
} else {
$repfval = "";
}
$addval = str_replace("[!#@-" . $tf . "-@!]", $repfval, $addval);
}
}
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsfeedback(bid,saytime,ip,filepath,filename,userid,username,haveread,eipport" . $addf . ") values('{$bid}','{$saytime}','{$ip}','{$filepath}','{$filename}','{$userid}','{$username}',0,'{$eipport}'" . $addval . ");");
$fid = $empire->lastid();
//更新附件
UpdateTheFileOther(4, $fid, $filepass, 'other');
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl("../tool/feedback/?bid={$bid}", $add['ecmsfrom']);
printerror("AddFeedbackSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$enews = ehtmlspecialchars($_GET['enews']);
$postword = '增加碎片';
$noteditword = '<font color="#666666">(设置后不可修改)</font>';
$disabled = '';
$sptypehidden = '';
$r[maxnum] = 0;
$url = "<a href=ListSp.php" . $ecms_hashur['whehref'] . ">管理碎片</a> > 增加碎片";
$fcid = (int) $_GET['fcid'];
$fclassid = (int) $_GET['fclassid'];
$fsptype = (int) $_GET['fsptype'];
$r['spfile'] = 'html/sp/' . time() . '.html';
$spid = (int) $_GET['spid'];
if ($enews == 'EditSp') {
$filepass = $spid;
} else {
$filepass = ReturnTranFilepass();
}
//复制
if ($enews == "AddSp" && $_GET['docopy']) {
$r = $empire->fetch1("select * from {$dbtbpre}enewssp where spid='{$spid}'");
$url = "<a href=ListSp.php" . $ecms_hashur['whehref'] . ">管理碎片</a> > 复制碎片:<b>" . $r[spname] . "</b>";
$username = substr($r[username], 1, -1);
}
//修改
if ($enews == "EditSp") {
$r = $empire->fetch1("select * from {$dbtbpre}enewssp where spid='{$spid}'");
$postword = '修改碎片';
$noteditword = '';
$disabled = ' disabled';
$sptypehidden = '<input type="hidden" name="sptype" value="' . $r[sptype] . '">';
$url = "<a href=ListSp.php" . $ecms_hashur['whehref'] . ">管理碎片</a> > 修改碎片:<b>" . $r[spname] . "</b>";
