/** * 判断用户是否已经登陆 */ public final function check_member() { $phpcms_auth = param::get_cookie('auth'); if (ROUTE_M == 'member' && ROUTE_C == 'index' && in_array(ROUTE_A, array('login', 'register', 'mini', 'send_newmail'))) { if ($phpcms_auth && ROUTE_A != 'mini') { showmessage(L('login_success', '', 'member'), 'index.php?m=member&c=index'); } else { return true; } } else { //判断是否存在auth cookie if ($phpcms_auth) { $auth_key = $auth_key = get_auth_key('login'); list($userid, $password) = explode("\t", sys_auth($phpcms_auth, 'DECODE', $auth_key)); //验证用户,获取用户信息 $this->memberinfo = $this->db->get_one(array('userid' => $userid)); if ($this->memberinfo['islock']) { exit('<h1>Bad Request!</h1>'); } //获取用户模型信息 $this->db->set_model($this->memberinfo['modelid']); $this->_member_modelinfo = $this->db->get_one(array('userid' => $userid)); $this->_member_modelinfo = $this->_member_modelinfo ? $this->_member_modelinfo : array(); $this->db->set_model(); if (is_array($this->memberinfo)) { $this->memberinfo = array_merge($this->memberinfo, $this->_member_modelinfo); } if ($this->memberinfo && $this->memberinfo['password'] === $password) { if (!defined('SITEID')) { define('SITEID', $this->memberinfo['siteid']); } if ($this->memberinfo['groupid'] == 1) { param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_username', ''); param::set_cookie('_groupid', ''); showmessage(L('userid_banned_by_administrator', '', 'member'), 'index.php?m=member&c=index&a=login'); } elseif ($this->memberinfo['groupid'] == 7) { param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_groupid', ''); //设置当前登录待验证账号COOKIE,为重发邮件所用 param::set_cookie('_regusername', $this->memberinfo['username']); param::set_cookie('_reguserid', $this->memberinfo['userid']); param::set_cookie('_reguseruid', $this->memberinfo['phpssouid']); param::set_cookie('email', $this->memberinfo['email']); showmessage(L('need_emial_authentication', '', 'member'), 'index.php?m=member&c=index&a=register&t=2'); } } else { param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_username', ''); param::set_cookie('_groupid', ''); } unset($userid, $password, $phpcms_auth, $auth_key); } else { $forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url()); showmessage(L('please_login', '', 'member'), 'index.php?m=member&c=index&a=login&forward=' . $forward); } } }
$username = $userinfo['username']; } //执行本系统登陆操作 $userid = $userinfo['userid']; $groupid = $userinfo['groupid']; $username = $userinfo['username']; $password = $userinfo['password']; $nickname = $userinfo['nickname']; $db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME), array('userid' => $userid)); pc_base::load_sys_class('param', '', 0); if (!$cookietime) { $get_cookietime = param::get_cookie('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', get_auth_key('login')); header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('cookietime', $_cookietime, $cookietime); exit('1'); } /** * 同步退出 */ if ($action == 'synlogout') { header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); pc_base::load_sys_class('param', '', 0);
/** * 找回密码 * 新增加短信找回方式 */ public function public_forget_password() { $email_config = getcache('common', 'commons'); //SMTP MAIL 二种发送模式 if ($email_config['mail_type'] == '1') { if (empty($email_config['mail_user']) || empty($email_config['mail_password'])) { showmessage(L('email_config_empty'), HTTP_REFERER); } } $this->_session_start(); $member_setting = getcache('member_setting'); if (isset($_POST['dosubmit'])) { if ($_SESSION['code'] != strtolower($_POST['code'])) { showmessage(L('code_error'), HTTP_REFERER); } $memberinfo = $this->db->get_one(array('email' => $_POST['email'])); if (!empty($memberinfo['email'])) { $email = $memberinfo['email']; } else { showmessage(L('email_error'), HTTP_REFERER); } pc_base::load_sys_func('mail'); $code = sys_auth($memberinfo['userid'] . "\t" . microtime(true), 'ENCODE', get_auth_key('email')); $url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}"; $message = $member_setting['forgetpassword']; $message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message); //获取站点名称 $sitelist = getcache('sitelist', 'commons'); if (isset($sitelist[$memberinfo['siteid']]['name'])) { $sitename = $sitelist[$memberinfo['siteid']]['name']; } else { $sitename = 'PHPCMS_V9_MAIL'; } sendmail($email, L('forgetpassword'), $message, '', '', $sitename); showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login'); } elseif ($_GET['code']) { $hour = date('y-m-d h', SYS_TIME); $code = sys_auth($_GET['code'], 'DECODE', get_auth_key('email')); $code = explode("\t", $code); if (is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h', $code[1])) { $memberinfo = $this->db->get_one(array('userid' => $code[0])); if (empty($memberinfo['phpssouid'])) { showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login'); } $updateinfo = array(); $password = random(8, "23456789abcdefghkmnrstwxy"); $updateinfo['password'] = password($password, $memberinfo['encrypt']); $this->db->update($updateinfo, array('userid' => $code[0])); if (pc_base::load_config('system', 'phpsso')) { //初始化phpsso $this->_init_phpsso(); $this->client->ps_member_edit('', $email, '', $password, $memberinfo['phpssouid'], $memberinfo['encrypt']); } $email = $memberinfo['email']; //获取站点名称 $sitelist = getcache('sitelist', 'commons'); if (isset($sitelist[$memberinfo['siteid']]['name'])) { $sitename = $sitelist[$memberinfo['siteid']]['name']; } else { $sitename = 'PHPCMS_V9_MAIL'; } pc_base::load_sys_func('mail'); sendmail($email, L('forgetpassword'), "New password:" . $password, '', '', $sitename); showmessage(L('operation_success') . L('newpassword') . ':' . $password); } else { showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login'); } } else { $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; $siteinfo = siteinfo($siteid); include template('member', 'forget_password'); } }
} else { $title = $_GET['title']; $title = addslashes(urldecode($title)); if (CHARSET != 'utf-8') { $title = iconv('utf-8', CHARSET, $title); $title = addslashes($title); } $title = new_html_special_chars($title); $url = safe_replace(addslashes(urldecode($_GET['url']))); $url = trim_script($url); } $_GET['callback'] = safe_replace($_GET['callback']); //判断是否登录 $phpcms_auth = param::get_cookie('auth'); if ($phpcms_auth) { list($userid, $password) = explode("\t", sys_auth($phpcms_auth, 'DECODE', get_auth_key('login'))); $userid = intval($userid); if ($userid > 0) { } else { exit(trim_script($_GET['callback']) . '(' . json_encode(array('status' => -1)) . ')'); } } else { exit(trim_script($_GET['callback']) . '(' . json_encode(array('status' => -1)) . ')'); } $favorite_db = pc_base::load_model('favorite_model'); $data = array('title' => $title, 'url' => $url, 'adddate' => SYS_TIME, 'userid' => $userid); //根据url判断是否已经收藏过。 $is_exists = $favorite_db->get_one(array('url' => $url, 'userid' => $userid)); if (!$is_exists) { $favorite_db->insert($data); }