/**
* 判断用户是否已经登陆
*/
public final function check_member()
{
$phpcms_auth = param::get_cookie('auth');
if (ROUTE_M == 'member' && ROUTE_C == 'index' && in_array(ROUTE_A, array('login', 'register', 'mini', 'send_newmail'))) {
if ($phpcms_auth && ROUTE_A != 'mini') {
showmessage(L('login_success', '', 'member'), 'index.php?m=member&c=index');
} else {
return true;
}
} else {
//判断是否存在auth cookie
if ($phpcms_auth) {
$auth_key = $auth_key = get_auth_key('login');
list($userid, $password) = explode("\t", sys_auth($phpcms_auth, 'DECODE', $auth_key));
//验证用户,获取用户信息
$this->memberinfo = $this->db->get_one(array('userid' => $userid));
if ($this->memberinfo['islock']) {
exit('<h1>Bad Request!</h1>');
}
//获取用户模型信息
$this->db->set_model($this->memberinfo['modelid']);
$this->_member_modelinfo = $this->db->get_one(array('userid' => $userid));
$this->_member_modelinfo = $this->_member_modelinfo ? $this->_member_modelinfo : array();
$this->db->set_model();
if (is_array($this->memberinfo)) {
$this->memberinfo = array_merge($this->memberinfo, $this->_member_modelinfo);
}
if ($this->memberinfo && $this->memberinfo['password'] === $password) {
if (!defined('SITEID')) {
define('SITEID', $this->memberinfo['siteid']);
}
if ($this->memberinfo['groupid'] == 1) {
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_username', '');
param::set_cookie('_groupid', '');
showmessage(L('userid_banned_by_administrator', '', 'member'), 'index.php?m=member&c=index&a=login');
} elseif ($this->memberinfo['groupid'] == 7) {
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_groupid', '');
//设置当前登录待验证账号COOKIE,为重发邮件所用
param::set_cookie('_regusername', $this->memberinfo['username']);
param::set_cookie('_reguserid', $this->memberinfo['userid']);
param::set_cookie('_reguseruid', $this->memberinfo['phpssouid']);
param::set_cookie('email', $this->memberinfo['email']);
showmessage(L('need_emial_authentication', '', 'member'), 'index.php?m=member&c=index&a=register&t=2');
}
} else {
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_username', '');
param::set_cookie('_groupid', '');
}
unset($userid, $password, $phpcms_auth, $auth_key);
} else {
$forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url());
showmessage(L('please_login', '', 'member'), 'index.php?m=member&c=index&a=login&forward=' . $forward);
}
}
}
$username = $userinfo['username'];
}
//执行本系统登陆操作
$userid = $userinfo['userid'];
$groupid = $userinfo['groupid'];
$username = $userinfo['username'];
$password = $userinfo['password'];
$nickname = $userinfo['nickname'];
$db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME), array('userid' => $userid));
pc_base::load_sys_class('param', '', 0);
if (!$cookietime) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', get_auth_key('login'));
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
exit('1');
}
/**
* 同步退出
*/
if ($action == 'synlogout') {
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
pc_base::load_sys_class('param', '', 0);
/**
* 找回密码
* 新增加短信找回方式
*/
public function public_forget_password()
{
$email_config = getcache('common', 'commons');
//SMTP MAIL 二种发送模式
if ($email_config['mail_type'] == '1') {
if (empty($email_config['mail_user']) || empty($email_config['mail_password'])) {
showmessage(L('email_config_empty'), HTTP_REFERER);
}
}
$this->_session_start();
$member_setting = getcache('member_setting');
if (isset($_POST['dosubmit'])) {
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$memberinfo = $this->db->get_one(array('email' => $_POST['email']));
if (!empty($memberinfo['email'])) {
$email = $memberinfo['email'];
} else {
showmessage(L('email_error'), HTTP_REFERER);
}
pc_base::load_sys_func('mail');
$code = sys_auth($memberinfo['userid'] . "\t" . microtime(true), 'ENCODE', get_auth_key('email'));
$url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}";
$message = $member_setting['forgetpassword'];
$message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message);
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if (isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
sendmail($email, L('forgetpassword'), $message, '', '', $sitename);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');
} elseif ($_GET['code']) {
$hour = date('y-m-d h', SYS_TIME);
$code = sys_auth($_GET['code'], 'DECODE', get_auth_key('email'));
$code = explode("\t", $code);
if (is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h', $code[1])) {
$memberinfo = $this->db->get_one(array('userid' => $code[0]));
if (empty($memberinfo['phpssouid'])) {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
$updateinfo = array();
$password = random(8, "23456789abcdefghkmnrstwxy");
$updateinfo['password'] = password($password, $memberinfo['encrypt']);
$this->db->update($updateinfo, array('userid' => $code[0]));
if (pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$this->client->ps_member_edit('', $email, '', $password, $memberinfo['phpssouid'], $memberinfo['encrypt']);
}
$email = $memberinfo['email'];
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if (isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
pc_base::load_sys_func('mail');
sendmail($email, L('forgetpassword'), "New password:" . $password, '', '', $sitename);
showmessage(L('operation_success') . L('newpassword') . ':' . $password);
} else {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password');
}
}
} else {
$title = $_GET['title'];
$title = addslashes(urldecode($title));
if (CHARSET != 'utf-8') {
$title = iconv('utf-8', CHARSET, $title);
$title = addslashes($title);
}
$title = new_html_special_chars($title);
$url = safe_replace(addslashes(urldecode($_GET['url'])));
$url = trim_script($url);
}
$_GET['callback'] = safe_replace($_GET['callback']);
//判断是否登录
$phpcms_auth = param::get_cookie('auth');
if ($phpcms_auth) {
list($userid, $password) = explode("\t", sys_auth($phpcms_auth, 'DECODE', get_auth_key('login')));
$userid = intval($userid);
if ($userid > 0) {
} else {
exit(trim_script($_GET['callback']) . '(' . json_encode(array('status' => -1)) . ')');
}
} else {
exit(trim_script($_GET['callback']) . '(' . json_encode(array('status' => -1)) . ')');
}
$favorite_db = pc_base::load_model('favorite_model');
$data = array('title' => $title, 'url' => $url, 'adddate' => SYS_TIME, 'userid' => $userid);
//根据url判断是否已经收藏过。
$is_exists = $favorite_db->get_one(array('url' => $url, 'userid' => $userid));
if (!$is_exists) {
$favorite_db->insert($data);
}
