public function dologin() { $login_page_showed_success = session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__"); if (!$login_page_showed_success) { $this->error('login error!'); } $name = I("post.username"); if (empty($name)) { $this->error(L('USERNAME_OR_EMAIL_EMPTY')); } $pass = I("post.password"); if (empty($pass)) { $this->error(L('PASSWORD_REQUIRED')); } $verrify = I("post.verify"); if (empty($verrify)) { $this->error(L('CAPTCHA_REQUIRED')); } //验证码 if (!sp_check_verify_code()) { $this->error(L('CAPTCHA_NOT_RIGHT')); } else { $user = D("Common/Users"); if (strpos($name, "@") > 0) { //邮箱登陆 $where['user_email'] = $name; } else { $where['user_login'] = $name; } $result = $user->where($where)->find(); if (!empty($result) && $result['user_type'] == 1) { if (sp_compare_password($pass, $result['user_pass'])) { $role_user_model = M("RoleUser"); $role_user_join = C('DB_PREFIX') . 'role as b on a.role_id =b.id'; $groups = $role_user_model->alias("a")->join($role_user_join)->where(array("user_id" => $result["id"], "status" => 1))->getField("role_id", true); if ($result["id"] != 1 && (empty($groups) || empty($result['user_status']))) { $this->error(L('USE_DISABLED')); } //登入成功页面跳转 $_SESSION["ADMIN_ID"] = $result["id"]; $_SESSION['name'] = $result["user_login"]; $result['last_login_ip'] = get_client_ip(0, true); $result['last_login_time'] = date("Y-m-d H:i:s"); $user->save($result); setcookie("admin_username", $name, time() + 30 * 24 * 3600, "/"); $this->success(L('LOGIN_SUCCESS'), U("Index/index")); } else { $this->error(L('PASSWORD_NOT_RIGHT')); } } else { $this->error(L('USERNAME_NOT_EXIST')); } } }
function addmsg() { if (!sp_check_verify_code()) { $this->error("验证码错误!"); } if (IS_POST) { if ($this->guestbook_model->create()) { $result = $this->guestbook_model->add(); if ($result !== false) { $this->success("留言成功!"); } else { $this->error("留言失败!"); } } else { $this->error($this->guestbook_model->getError()); } } }
private function _do_email_register() { if (!sp_check_verify_code()) { $this->error("验证码错误!"); } $rules = array(array('user_type', 'require', '请选择用户类型!', 1), array('email', 'require', '邮箱不能为空!', 1), array('password', 'require', '密码不能为空!', 1), array('repassword', 'require', '重复密码不能为空!', 1), array('repassword', 'password', '确认密码不正确', 0, 'confirm'), array('email', 'email', '邮箱格式不正确!', 1)); $users_model = M("Users"); if ($users_model->validate($rules)->create() === false) { $this->error($users_model->getError()); } $password = $_POST['password']; $email = $_POST['email']; $user_type = $_POST['user_type']; $username = str_replace(array(".", "@"), "_", $email); //用户名需过滤的字符的正则 $stripChar = '?<*.>\'"'; if (preg_match('/[' . $stripChar . ']/is', $username) == 1) { $this->error('用户名中包含' . $stripChar . '等非法字符!'); } // $banned_usernames=explode(",", sp_get_cmf_settings("banned_usernames")); // if(in_array($username, $banned_usernames)){ // $this->error("此用户名禁止使用!"); // } if (strlen($password) < 5 || strlen($password) > 20) { $this->error("密码长度至少5位,最多20位!"); } if ($user_type > 3 || $user_type < 1) { $this->error("非法操作!"); } $where['user_login'] = $username; $where['user_email'] = $email; $where['_logic'] = 'OR'; $ucenter_syn = C("UCENTER_ENABLED"); $uc_checkemail = 1; $uc_checkusername = 1; if ($ucenter_syn) { include UC_CLIENT_ROOT . "client.php"; $uc_checkemail = uc_user_checkemail($email); $uc_checkusername = uc_user_checkname($username); } $users_model = M("Users"); $result = $users_model->where($where)->count(); if ($result || $uc_checkemail < 0 || $uc_checkusername < 0) { $this->error("用户名或者该邮箱已经存在!"); } else { $uc_register = true; if ($ucenter_syn) { $uc_uid = uc_user_register($username, $password, $email); //exit($uc_uid); if ($uc_uid < 0) { $uc_register = false; } } if ($uc_register) { $need_email_active = C("SP_MEMBER_EMAIL_ACTIVE"); $data = array('user_login' => $username, 'user_email' => $email, 'user_nicename' => $username, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(0, true), 'create_time' => date("Y-m-d H:i:s"), 'last_login_time' => date("Y-m-d H:i:s"), 'user_status' => $need_email_active ? 2 : 1, "user_type" => $user_type); $rst = $users_model->add($data); if ($rst) { //登入成功页面跳转 $data['id'] = $rst; $_SESSION['user'] = $data; //发送激活邮件 if ($need_email_active) { $this->_send_to_active(); unset($_SESSION['user']); $this->success("注册成功,激活后才能使用!", U("user/login/index")); } else { $this->success("注册成功!", __ROOT__ . "/"); } } else { $this->error("注册失败!", U("user/register/index")); } } else { $this->error("注册失败!", U("user/register/index")); } } }
function dologin() { if (!sp_check_verify_code()) { $this->error("验证码错误!"); } $users_model = M("Users"); $rules = array(array('username', 'require', '手机号/邮箱/用户名不能为空!', 1), array('password', 'require', '密码不能为空!', 1)); if ($users_model->validate($rules)->create() === false) { $this->error($users_model->getError()); } $username = $_POST['username']; if (preg_match('/^\\d+$/', $username)) { //手机号登录 $this->_do_mobile_login(); } else { $this->_do_email_login(); // 用户名或者邮箱登录 } }
function dologin() { if (!sp_check_verify_code()) { $this->error("验证码错误!"); } $users_model = M("Users"); $rules = array(array('terms', 'require', '您未同意服务条款!', 1), array('username', 'require', '用户名或者邮箱不能为空!', 1), array('password', 'require', '密码不能为空!', 1)); if ($users_model->validate($rules)->create() === false) { $this->error($users_model->getError()); } extract($_POST); if (strpos($username, "@") > 0) { //邮箱登陆 $where['user_email'] = $username; } else { $where['user_login'] = $username; } $users_model = M('Users'); $result = $users_model->where($where)->find(); $ucenter_syn = C("UCENTER_ENABLED"); $ucenter_old_user_login = false; $ucenter_login_ok = false; if ($ucenter_syn) { setcookie("thinkcmf_auth", ""); include UC_CLIENT_ROOT . "client.php"; list($uc_uid, $username, $password, $email) = uc_user_login($username, $password); if ($uc_uid > 0) { if (!$result) { $data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1'); $id = $users_model->add($data); $data['id'] = $id; $result = $data; } } else { switch ($uc_uid) { case "-1": //用户不存在,或者被删除 if ($result) { //本应用已经有这个用户 if ($result['user_pass'] == sp_password($password)) { //本应用已经有这个用户,且密码正确,同步用户 $uc_uid2 = uc_user_register($username, $password, $result['user_email']); if ($uc_uid2 < 0) { $uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册"); $this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]); } $uc_uid = $uc_uid2; } else { $this->error("密码错误!"); } } break; case -2: //密码错 if ($result) { //本应用已经有这个用户 if ($result['user_pass'] == sp_password($password)) { //本应用已经有这个用户,且密码正确,同步用户 $uc_user_edit_status = uc_user_edit($username, "", $password, "", 1); if ($uc_user_edit_status <= 0) { $this->error("登陆错误!"); } list($uc_uid2) = uc_get_user($username); $uc_uid = $uc_uid2; $ucenter_old_user_login = true; } else { $this->error("密码错误!"); } } else { $this->error("密码错误!"); } break; } } $ucenter_login_ok = true; echo uc_user_synlogin($uc_uid); } //exit(); if ($result != null) { if ($result['user_pass'] == sp_password($password) || $ucenter_login_ok) { $_SESSION["user"] = $result; //写入此次登录信息 $data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip()); $users_model->where("id=" . $result["id"])->save($data); $redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer']; $_SESSION['login_http_referer'] = ""; $ucenter_old_user_login_msg = ""; if ($ucenter_old_user_login) { //$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆"; } $this->success("登录验证成功!", $redirect); } else { $this->error("密码错误!"); } } else { $this->error("用户名不存在!"); } }
function dologin() { if (!sp_check_verify_code()) { $this->error("验证码错误!"); } $users_model = M("Users"); $rules = array(array('username', 'require', '用户名不能为空!', 1), array('password', 'require', '密码不能为空!', 1)); if ($users_model->validate($rules)->create() === false) { $this->error($users_model->getError()); } $username = $_POST['username']; $password = $_POST['password']; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, "http://nuptsast.com/CheckPassword"); curl_setopt($curl, CURLOPT_PORT, 8080); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_TIMEOUT, 5); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POSTFIELDS, "username={$username}&password={$password}"); $result = json_decode(curl_exec($curl), true); curl_close($curl); if ($result['status'] === false) { switch ($result['message']) { case 'Server Error, Try Again': $this->error('ERR00:服务器错误,请稍后重试!'); break; case 'Username and password does\'t match.': $this->error('ERR01:用户名或密码错误,请检查后重试!'); break; default: $this->error('ERR02:未知错误,请联系系统管理员!'); break; } } else { //status===true switch ($result['message']) { case 'Server Error, Try Again': //student account $this->error('ERR03:用户名不存在'); break; case "": //successful login $this->after_curl_login($result['information']); break; default: $this->error('ERR04:未知错误,请联系系统管理员!'); break; } } }
public function password_find_by_mobile() { $type = ''; if (!sp_check_verify_code()) { $this->error("验证码错误!"); } $result = M('Member')->where(array('user_login' => I('post.username')))->find(); if (!is_array($result)) { $this->error("不存在的用户"); } $_SESSION['find_password_user'] = $result; if (!$result['user_phone']) { $type = 1; } else { $type = 2; } $this->success($type); }
function doregister() { $rules = array(array('password', 'require', '密码不能为空!', 1), array('user_realname', 'require', '用户名不能为空!', 1), array('repassword', 'require', '重复密码不能为空!', 1), array('repassword', 'password', '确认密码不正确', 0, 'confirm')); if (I('post.reg_type') == 1) { if (!sp_check_verify_code()) { $this->error("验证码错误!"); } $_POST['email'] = I('post.username'); array_unshift($rules, array('username', 'require', '邮箱不能为空!', 1), array('email', 'email', '邮箱格式不正确!', 1)); } else { array_unshift($rules, array('username', 'require', '手机号码不能为空!', 1)); $user_phone = I('post.username'); if (!preg_match('/^[1][3458]{1}[0-9]{9}$/', $user_phone)) { $this->error('手机号码格式有误'); } //手机号码格式检测 $check = M('Sms')->field('code,add_time')->where(array('phone' => $user_phone))->order('id desc')->find(); if (empty($_POST['code'])) { $this->error('验证码不能为空'); } if (strtolower($check['code']) != strtolower(I('post.code'))) { $this->error("手机验证码错误"); } if (time() > $check['add_time'] + 3600) { $this->error('验证码已过期,请重新获取'); } } $users_model = M("Member"); if ($users_model->validate($rules)->create() === false) { $this->error($users_model->getError()); } extract($_POST); //用户名需过滤的字符的正则 /**$stripChar = '?<*.>\'"'; if(preg_match('/['.$stripChar.']/is', $username)==1){ $this->error('用户名中包含'.$stripChar.'等非法字符!'); } **/ $banned_usernames = explode(",", sp_get_cmf_settings("banned_usernames")); if (in_array($username, $banned_usernames)) { $this->error("此用户名禁止使用!"); } if (strlen($password) < 6 || strlen($password) > 20) { $this->error("密码长度至少6位,最多20位!"); } $where['user_login'] = $username; $where['user_email'] = $email; // $where['user_realname']=$user_realname; $where['_logic'] = 'OR'; $ucenter_syn = C("UCENTER_ENABLED"); $uc_checkemail = 1; $uc_checkusername = 1; if ($ucenter_syn) { include UC_CLIENT_ROOT . "client.php"; $uc_checkemail = uc_user_checkemail($email); $uc_checkusername = uc_user_checkname($username); } $users_model = M("Member"); $result = $users_model->where($where)->count(); if ($result || $uc_checkemail < 0 || $uc_checkusername < 0) { $this->error("用户名或者该邮箱已经存在!"); } else { $uc_register = true; if ($ucenter_syn) { $uc_uid = uc_user_register($username, $password, $email); //exit($uc_uid); if ($uc_uid < 0) { $uc_register = false; } } if ($uc_register) { $need_email_active = C("SP_MEMBER_EMAIL_ACTIVE"); if ($need_email_active) { //配置为需要邮件激活时 if (I('post.reg_type') == 1) { //邮箱注册 $need_email_active = true; } else { if (I('post.reg_type') == 2) { //手机号码注册 $need_email_active = false; } } } $data = array('user_login' => $username, 'user_email' => $email, 'user_nicename' => $username, 'user_realname' => $user_realname, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(), 'create_time' => date("Y-m-d H:i:s"), 'last_login_time' => date("Y-m-d H:i:s"), 'user_status' => $need_email_active ? 2 : 1, "utype" => 0, 'user_phone' => $user_phone); $rst = $users_model->add($data); if ($rst) { //登入成功页面跳转 $data['id'] = $rst; //插入我的账户 $account = M("Account"); $ac['uid'] = $rst; $ac['money'] = get_point_rule('register'); $account->add($ac); $_SESSION['user'] = $data; //发送激活邮件 if ($need_email_active) { $this->_send_to_active(); unset($_SESSION['user']); $this->success("注册成功,激活后才能使用!", U("user/login/index")); } else { $this->success("注册成功!", __ROOT__ . "/"); } } else { $this->error("注册失败!", U("user/register/index")); } } else { $this->error("注册失败!", U("user/register/index")); } } }