function check_cookie() { global $db, $cookiecfg, $tablepre, $onlineip, $onlineurl; $secret = $_COOKIE[$cookiecfg['prefix'] . secret]; $onlineurl = addslashes($onlineurl); //old online information if (isset($secret)) { list($cookies['uid'], $cookies['username'], $cookies['logintime']) = explode("\t", authcrypt($secret, 'decode')); //online member if (is_numeric($cookies['uid'])) { $sql = "INSERT INTO `{$tablepre}online` (uid,username,logintime,dateline,url) VALUES ('{$cookies['uid']}','{$cookies['username']}',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),'{$onlineurl}') ON DUPLICATE KEY UPDATE dateline=UNIX_TIMESTAMP(),url='{$onlineurl}'"; $db->query($sql); //online guest } else { $sql = "INSERT INTO `{$tablepre}online` (uid,username,logintime,dateline,url) VALUES ('{$cookies['uid']}','{$onlineip}',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),'') ON DUPLICATE KEY UPDATE dateline=UNIX_TIMESTAMP(),url='{$onlineurl}'"; $db->query($sql); } //new member information } else { $time = times(); $rnd = m_rand(5); m_setcookie('secret', authcrypt("{$rnd}\tguest\t{$time}", 'encode')); $sql = "INSERT INTO `{$tablepre}online` VALUES ('{$rnd}','{$onlineip}',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),'{$onlineurl}') ON DUPLICATE KEY UPDATE dateline=UNIX_TIMESTAMP(),url='{$onlineurl}'"; $db->query($sql); } }
$db->query("UPDATE `{$tablepre}memberdata` SET onlinetime=onlinetime+{$visittimes},lastvisit=UNIX_TIMESTAMP() WHERE uid='{$m_uid}'"); $db->query("DELETE FROM `{$tablepre}online` WHERE uid='{$m_uid}'"); } clearcookie(); header("Location: {$location}"); } if (array_key_exists('Password', $_POST) && $Password !== '' && $UserName !== '') { $username = addslashes($UserName); $password = md5($Password); //if(($username=='' || $password==''))refer('error',$fromurl); $query = $db->query("SELECT uid,username FROM `{$tablepre}members` WHERE username='******' AND password='******' LIMIT 1"); if ($db->num_rows($query)) { $db->query("DELETE FROM `{$tablepre}online` WHERE uid='{$m_uid}'"); list($m_uid, $m_username) = $db->fetch_row($query); $temp = array($m_uid, $username, $m_username); //make sure the cookie $time = time(); $db->query("UPDATE `{$tablepre}memberdata` SET lastvisit = UNIX_TIMESTAMP(),lastloginip = '{$onlineip}',logintimes = logintimes+1 WHERE uid = {$m_uid}"); if (isset($saveCookie)) { m_setcookie('secret', authcrypt("{$m_uid}\t{$username}\t{$time}", 'encode'), 86400); } else { m_setcookie('secret', authcrypt("{$m_uid}\t{$username}\t{$time}", 'encode')); } header("Location: {$location}"); } else { $errorinfo = " 用户名或密码错误!"; } } elseif (array_key_exists('Password', $_POST)) { $errorinfo = ' 用户名或密码不能为空!'; } $templatefile = 'login.html';