public function dologin()
{
$login_page_showed_success = session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__");
if (!$login_page_showed_success) {
$this->error('login error!');
}
$name = I("post.username");
if (empty($name)) {
$this->error(L('USERNAME_OR_EMAIL_EMPTY'));
}
$pass = I("post.password");
if (empty($pass)) {
$this->error(L('PASSWORD_REQUIRED'));
}
$verrify = I("post.verify");
if (empty($verrify)) {
$this->error(L('CAPTCHA_REQUIRED'));
}
//验证码
if (!sp_check_verify_code()) {
$this->error(L('CAPTCHA_NOT_RIGHT'));
} else {
$user = D("Common/Users");
if (strpos($name, "@") > 0) {
//邮箱登陆
$where['user_email'] = $name;
} else {
$where['user_login'] = $name;
}
$result = $user->where($where)->find();
if (!empty($result) && $result['user_type'] == 1) {
if (sp_compare_password($pass, $result['user_pass'])) {
$role_user_model = M("RoleUser");
$role_user_join = C('DB_PREFIX') . 'role as b on a.role_id =b.id';
$groups = $role_user_model->alias("a")->join($role_user_join)->where(array("user_id" => $result["id"], "status" => 1))->getField("role_id", true);
if ($result["id"] != 1 && (empty($groups) || empty($result['user_status']))) {
$this->error(L('USE_DISABLED'));
}
//登入成功页面跳转
$_SESSION["ADMIN_ID"] = $result["id"];
$_SESSION['name'] = $result["user_login"];
$result['last_login_ip'] = get_client_ip(0, true);
$result['last_login_time'] = date("Y-m-d H:i:s");
$user->save($result);
setcookie("admin_username", $name, time() + 30 * 24 * 3600, "/");
$this->success(L('LOGIN_SUCCESS'), U("Index/index"));
} else {
$this->error(L('PASSWORD_NOT_RIGHT'));
}
} else {
$this->error(L('USERNAME_NOT_EXIST'));
}
}
}
function addmsg()
{
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
if (IS_POST) {
if ($this->guestbook_model->create()) {
$result = $this->guestbook_model->add();
if ($result !== false) {
$this->success("留言成功!");
} else {
$this->error("留言失败!");
}
} else {
$this->error($this->guestbook_model->getError());
}
}
}
private function _do_email_register()
{
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
$rules = array(array('user_type', 'require', '请选择用户类型!', 1), array('email', 'require', '邮箱不能为空!', 1), array('password', 'require', '密码不能为空!', 1), array('repassword', 'require', '重复密码不能为空!', 1), array('repassword', 'password', '确认密码不正确', 0, 'confirm'), array('email', 'email', '邮箱格式不正确!', 1));
$users_model = M("Users");
if ($users_model->validate($rules)->create() === false) {
$this->error($users_model->getError());
}
$password = $_POST['password'];
$email = $_POST['email'];
$user_type = $_POST['user_type'];
$username = str_replace(array(".", "@"), "_", $email);
//用户名需过滤的字符的正则
$stripChar = '?<*.>\'"';
if (preg_match('/[' . $stripChar . ']/is', $username) == 1) {
$this->error('用户名中包含' . $stripChar . '等非法字符!');
}
// $banned_usernames=explode(",", sp_get_cmf_settings("banned_usernames"));
// if(in_array($username, $banned_usernames)){
// $this->error("此用户名禁止使用!");
// }
if (strlen($password) < 5 || strlen($password) > 20) {
$this->error("密码长度至少5位,最多20位!");
}
if ($user_type > 3 || $user_type < 1) {
$this->error("非法操作!");
}
$where['user_login'] = $username;
$where['user_email'] = $email;
$where['_logic'] = 'OR';
$ucenter_syn = C("UCENTER_ENABLED");
$uc_checkemail = 1;
$uc_checkusername = 1;
if ($ucenter_syn) {
include UC_CLIENT_ROOT . "client.php";
$uc_checkemail = uc_user_checkemail($email);
$uc_checkusername = uc_user_checkname($username);
}
$users_model = M("Users");
$result = $users_model->where($where)->count();
if ($result || $uc_checkemail < 0 || $uc_checkusername < 0) {
$this->error("用户名或者该邮箱已经存在!");
} else {
$uc_register = true;
if ($ucenter_syn) {
$uc_uid = uc_user_register($username, $password, $email);
//exit($uc_uid);
if ($uc_uid < 0) {
$uc_register = false;
}
}
if ($uc_register) {
$need_email_active = C("SP_MEMBER_EMAIL_ACTIVE");
$data = array('user_login' => $username, 'user_email' => $email, 'user_nicename' => $username, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(0, true), 'create_time' => date("Y-m-d H:i:s"), 'last_login_time' => date("Y-m-d H:i:s"), 'user_status' => $need_email_active ? 2 : 1, "user_type" => $user_type);
$rst = $users_model->add($data);
if ($rst) {
//登入成功页面跳转
$data['id'] = $rst;
$_SESSION['user'] = $data;
//发送激活邮件
if ($need_email_active) {
$this->_send_to_active();
unset($_SESSION['user']);
$this->success("注册成功,激活后才能使用!", U("user/login/index"));
} else {
$this->success("注册成功!", __ROOT__ . "/");
}
} else {
$this->error("注册失败!", U("user/register/index"));
}
} else {
$this->error("注册失败!", U("user/register/index"));
}
}
}
function dologin()
{
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
$users_model = M("Users");
$rules = array(array('username', 'require', '手机号/邮箱/用户名不能为空!', 1), array('password', 'require', '密码不能为空!', 1));
if ($users_model->validate($rules)->create() === false) {
$this->error($users_model->getError());
}
$username = $_POST['username'];
if (preg_match('/^\\d+$/', $username)) {
//手机号登录
$this->_do_mobile_login();
} else {
$this->_do_email_login();
// 用户名或者邮箱登录
}
}
function dologin()
{
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
$users_model = M("Users");
$rules = array(array('terms', 'require', '您未同意服务条款!', 1), array('username', 'require', '用户名或者邮箱不能为空!', 1), array('password', 'require', '密码不能为空!', 1));
if ($users_model->validate($rules)->create() === false) {
$this->error($users_model->getError());
}
extract($_POST);
if (strpos($username, "@") > 0) {
//邮箱登陆
$where['user_email'] = $username;
} else {
$where['user_login'] = $username;
}
$users_model = M('Users');
$result = $users_model->where($where)->find();
$ucenter_syn = C("UCENTER_ENABLED");
$ucenter_old_user_login = false;
$ucenter_login_ok = false;
if ($ucenter_syn) {
setcookie("thinkcmf_auth", "");
include UC_CLIENT_ROOT . "client.php";
list($uc_uid, $username, $password, $email) = uc_user_login($username, $password);
if ($uc_uid > 0) {
if (!$result) {
$data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1');
$id = $users_model->add($data);
$data['id'] = $id;
$result = $data;
}
} else {
switch ($uc_uid) {
case "-1":
//用户不存在,或者被删除
if ($result) {
//本应用已经有这个用户
if ($result['user_pass'] == sp_password($password)) {
//本应用已经有这个用户,且密码正确,同步用户
$uc_uid2 = uc_user_register($username, $password, $result['user_email']);
if ($uc_uid2 < 0) {
$uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册");
$this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]);
}
$uc_uid = $uc_uid2;
} else {
$this->error("密码错误!");
}
}
break;
case -2:
//密码错
if ($result) {
//本应用已经有这个用户
if ($result['user_pass'] == sp_password($password)) {
//本应用已经有这个用户,且密码正确,同步用户
$uc_user_edit_status = uc_user_edit($username, "", $password, "", 1);
if ($uc_user_edit_status <= 0) {
$this->error("登陆错误!");
}
list($uc_uid2) = uc_get_user($username);
$uc_uid = $uc_uid2;
$ucenter_old_user_login = true;
} else {
$this->error("密码错误!");
}
} else {
$this->error("密码错误!");
}
break;
}
}
$ucenter_login_ok = true;
echo uc_user_synlogin($uc_uid);
}
//exit();
if ($result != null) {
if ($result['user_pass'] == sp_password($password) || $ucenter_login_ok) {
$_SESSION["user"] = $result;
//写入此次登录信息
$data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip());
$users_model->where("id=" . $result["id"])->save($data);
$redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer'];
$_SESSION['login_http_referer'] = "";
$ucenter_old_user_login_msg = "";
if ($ucenter_old_user_login) {
//$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆";
}
$this->success("登录验证成功!", $redirect);
} else {
$this->error("密码错误!");
}
} else {
$this->error("用户名不存在!");
}
}
function dologin()
{
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
$users_model = M("Users");
$rules = array(array('username', 'require', '用户名不能为空!', 1), array('password', 'require', '密码不能为空!', 1));
if ($users_model->validate($rules)->create() === false) {
$this->error($users_model->getError());
}
$username = $_POST['username'];
$password = $_POST['password'];
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "http://nuptsast.com/CheckPassword");
curl_setopt($curl, CURLOPT_PORT, 8080);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_TIMEOUT, 5);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, "username={$username}&password={$password}");
$result = json_decode(curl_exec($curl), true);
curl_close($curl);
if ($result['status'] === false) {
switch ($result['message']) {
case 'Server Error, Try Again':
$this->error('ERR00:服务器错误,请稍后重试!');
break;
case 'Username and password does\'t match.':
$this->error('ERR01:用户名或密码错误,请检查后重试!');
break;
default:
$this->error('ERR02:未知错误,请联系系统管理员!');
break;
}
} else {
//status===true
switch ($result['message']) {
case 'Server Error, Try Again':
//student account
$this->error('ERR03:用户名不存在');
break;
case "":
//successful login
$this->after_curl_login($result['information']);
break;
default:
$this->error('ERR04:未知错误,请联系系统管理员!');
break;
}
}
}
public function password_find_by_mobile()
{
$type = '';
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
$result = M('Member')->where(array('user_login' => I('post.username')))->find();
if (!is_array($result)) {
$this->error("不存在的用户");
}
$_SESSION['find_password_user'] = $result;
if (!$result['user_phone']) {
$type = 1;
} else {
$type = 2;
}
$this->success($type);
}
function doregister()
{
$rules = array(array('password', 'require', '密码不能为空!', 1), array('user_realname', 'require', '用户名不能为空!', 1), array('repassword', 'require', '重复密码不能为空!', 1), array('repassword', 'password', '确认密码不正确', 0, 'confirm'));
if (I('post.reg_type') == 1) {
if (!sp_check_verify_code()) {
$this->error("验证码错误!");
}
$_POST['email'] = I('post.username');
array_unshift($rules, array('username', 'require', '邮箱不能为空!', 1), array('email', 'email', '邮箱格式不正确!', 1));
} else {
array_unshift($rules, array('username', 'require', '手机号码不能为空!', 1));
$user_phone = I('post.username');
if (!preg_match('/^[1][3458]{1}[0-9]{9}$/', $user_phone)) {
$this->error('手机号码格式有误');
}
//手机号码格式检测
$check = M('Sms')->field('code,add_time')->where(array('phone' => $user_phone))->order('id desc')->find();
if (empty($_POST['code'])) {
$this->error('验证码不能为空');
}
if (strtolower($check['code']) != strtolower(I('post.code'))) {
$this->error("手机验证码错误");
}
if (time() > $check['add_time'] + 3600) {
$this->error('验证码已过期,请重新获取');
}
}
$users_model = M("Member");
if ($users_model->validate($rules)->create() === false) {
$this->error($users_model->getError());
}
extract($_POST);
//用户名需过滤的字符的正则
/**$stripChar = '?<*.>\'"';
if(preg_match('/['.$stripChar.']/is', $username)==1){
$this->error('用户名中包含'.$stripChar.'等非法字符!');
}
**/
$banned_usernames = explode(",", sp_get_cmf_settings("banned_usernames"));
if (in_array($username, $banned_usernames)) {
$this->error("此用户名禁止使用!");
}
if (strlen($password) < 6 || strlen($password) > 20) {
$this->error("密码长度至少6位,最多20位!");
}
$where['user_login'] = $username;
$where['user_email'] = $email;
// $where['user_realname']=$user_realname;
$where['_logic'] = 'OR';
$ucenter_syn = C("UCENTER_ENABLED");
$uc_checkemail = 1;
$uc_checkusername = 1;
if ($ucenter_syn) {
include UC_CLIENT_ROOT . "client.php";
$uc_checkemail = uc_user_checkemail($email);
$uc_checkusername = uc_user_checkname($username);
}
$users_model = M("Member");
$result = $users_model->where($where)->count();
if ($result || $uc_checkemail < 0 || $uc_checkusername < 0) {
$this->error("用户名或者该邮箱已经存在!");
} else {
$uc_register = true;
if ($ucenter_syn) {
$uc_uid = uc_user_register($username, $password, $email);
//exit($uc_uid);
if ($uc_uid < 0) {
$uc_register = false;
}
}
if ($uc_register) {
$need_email_active = C("SP_MEMBER_EMAIL_ACTIVE");
if ($need_email_active) {
//配置为需要邮件激活时
if (I('post.reg_type') == 1) {
//邮箱注册
$need_email_active = true;
} else {
if (I('post.reg_type') == 2) {
//手机号码注册
$need_email_active = false;
}
}
}
$data = array('user_login' => $username, 'user_email' => $email, 'user_nicename' => $username, 'user_realname' => $user_realname, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(), 'create_time' => date("Y-m-d H:i:s"), 'last_login_time' => date("Y-m-d H:i:s"), 'user_status' => $need_email_active ? 2 : 1, "utype" => 0, 'user_phone' => $user_phone);
$rst = $users_model->add($data);
if ($rst) {
//登入成功页面跳转
$data['id'] = $rst;
//插入我的账户
$account = M("Account");
$ac['uid'] = $rst;
$ac['money'] = get_point_rule('register');
$account->add($ac);
$_SESSION['user'] = $data;
//发送激活邮件
if ($need_email_active) {
$this->_send_to_active();
unset($_SESSION['user']);
$this->success("注册成功,激活后才能使用!", U("user/login/index"));
} else {
$this->success("注册成功!", __ROOT__ . "/");
}
} else {
$this->error("注册失败!", U("user/register/index"));
}
} else {
$this->error("注册失败!", U("user/register/index"));
}
}
}
