public function do_login() { $adm_name = strim($_POST['adm_name']); $adm_password = trim(FW_DESPWD(trim($_POST['adm_password']))); $adm_dog_key = strim($_POST['adm_dog_key']); $ajax = intval($_REQUEST['ajax']); //是否ajax提交 if ($adm_name == '') { $this->error(L('ADM_NAME_EMPTY', $ajax)); } if ($adm_password == '') { $this->error(L('ADM_PASSWORD_EMPTY', $ajax)); } if (es_session::get("verify") != md5($_REQUEST['adm_verify'])) { $this->error(L('ADM_VERIFY_ERROR'), $ajax); } $condition['adm_name'] = $adm_name; $condition['is_effect'] = 1; $condition['is_delete'] = 0; $adm_data = M("Admin")->where($condition)->find(); if ($adm_data) { if ($adm_data['adm_password'] != md5($adm_password)) { save_log($adm_name . L("ADM_PASSWORD_ERROR"), 0); //记录密码登录错误的LOG $this->error(L("ADM_PASSWORD_ERROR"), $ajax); } else { //登录成功 $adm_session['adm_name'] = $adm_data['adm_name']; $adm_session['adm_id'] = $adm_data['id']; $adm_session['adm_dog_key'] = $adm_dog_key; es_session::set(md5(conf("AUTH_KEY")), $adm_session); //重新保存记录 $adm_data['login_ip'] = CLIENT_IP; $adm_data['login_time'] = TIME_UTC; M("Admin")->save($adm_data); save_log($adm_data['adm_name'] . L("LOGIN_SUCCESS"), 1); $this->success(L("LOGIN_SUCCESS"), $ajax); } } else { save_log($adm_name . L("ADM_NAME_ERROR"), 0); //记录用户名登录错误的LOG $this->error(L("ADM_NAME_ERROR"), $ajax); } }
function dobid() { $ajax = intval($_REQUEST["ajax"]); $id = intval($_REQUEST["id"]); $bid_money = floatval($_REQUEST["bid_money"]); $bid_paypassword = strim(FW_DESPWD($_REQUEST['bid_paypassword'])); $status = dobid2($id, $bid_money, $bid_paypassword, 1); if ($status['status'] == 0) { showErr($status['show_err'], $ajax); } elseif ($status['status'] == 2) { do_loans($id, date('Y-m-d')); // 满标自动放款 ajax_return($status); } elseif ($status['status'] == 3) { showSuccess("余额不足,请先去充值", $ajax, url("index", "uc_money#incharge")); } else { //showSuccess($GLOBALS['lang']['DEAL_BID_SUCCESS'],$ajax,url("index","deal",array("id"=>$id))); showSuccess($GLOBALS['lang']['DEAL_BID_SUCCESS'], $ajax, url("index", "uc_invest")); } }
function savecarry() { if ($GLOBALS['user_info']['id'] > 0) { require_once APP_ROOT_PATH . 'app/Lib/uc_func.php'; $paypassword = strim(FW_DESPWD($_REQUEST['paypassword'])); $amount = floatval($_REQUEST['amount']); $bid = floatval($_REQUEST['bid']); $status = getUcSaveCarry($amount, $paypassword, $bid); if ($status['status'] == 0) { showErr($status['show_err']); } else { showSuccess($status['show_err']); } } else { app_redirect(url("index", "user#login")); } }
public function dotrans() { $ajax = intval($_REQUEST['ajax']); $paypassword = strim(FW_DESPWD($_REQUEST['paypassword'])); $id = intval($_REQUEST['id']); $status = dotrans($id, $paypassword); if ($status['status'] == 2) { ajax_return($status); } elseif ($status['status'] == 1) { showSuccess($status['show_err'], $ajax); } else { showErr($status['show_err'], $ajax); } }
public function dologin() { if (!$_POST) { app_redirect("404.html"); exit; } foreach ($_POST as $k => $v) { $_POST[$k] = htmlspecialchars(addslashes($v)); } $ajax = intval($_REQUEST['ajax']); if (!check_hash_key()) { showErr("非法请求!", $ajax); } //验证码 if (app_conf("VERIFY_IMAGE") == 1) { $verify = md5(trim($_REQUEST['verify'])); $session_verify = es_session::get('verify'); if ($verify != $session_verify) { showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'], $ajax, url("shop", "user#login")); } } require_once APP_ROOT_PATH . "system/libs/user.php"; $_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd'])); if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) { $result = do_login_user($_POST['email'], $_POST['user_pwd']); } else { showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "user#login")); } if ($result['status']) { $s_user_info = es_session::get("user_info"); if (intval($_POST['auto_login']) == 1) { //自动登录,保存cookie $user_data = $s_user_info; es_cookie::set("user_name", $user_data['email'], 3600 * 24 * 30); es_cookie::set("user_pwd", md5($user_data['user_pwd'] . "_EASE_COOKIE"), 3600 * 24 * 30); } if ($ajax == 0 && trim(app_conf("INTEGRATE_CODE")) == '') { $redirect = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : url("index"); app_redirect($redirect); } else { $jump_url = get_gopreview(); $s_user_info = es_session::get("user_info"); if ($s_user_info['ips_acct_no'] == "" && app_conf("OPEN_IPS")) { if ($ajax == 1) { $return['status'] = 2; $return['info'] = "本站需绑定第三方托管账户,是否马上去绑定"; $return['data'] = $result['msg']; $return['jump'] = $jump_url; $return['jump1'] = APP_ROOT . "/index.php?ctl=collocation&act=CreateNewAcct&user_type=0&user_id=" . $s_user_info['id']; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result', $result['msg']); showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url); } } else { if ($ajax == 1) { $return['status'] = 1; $return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS']; $return['data'] = $result['msg']; $return['jump'] = $jump_url; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result', $result['msg']); showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url); } } } } else { if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) { $err = $GLOBALS['lang']['USER_NOT_EXIST']; } if ($result['data'] == ACCOUNT_PASSWORD_ERROR) { $err = $GLOBALS['lang']['PASSWORD_ERROR']; } if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) { $err = $GLOBALS['lang']['USER_NOT_VERIFY']; if (app_conf("MAIL_ON") == 1 && $ajax == 0) { $GLOBALS['tmpl']->assign("page_title", $err); $GLOBALS['tmpl']->assign("user_info", $result['user']); $GLOBALS['tmpl']->display("verify_user.html"); exit; } } showErr($err, $ajax); } }
public function check_authorized_paypwd_verify_code() { $ajax = intval($_REQUEST['ajax']); $verify = strim($_REQUEST['verify']); if ($verify == "") { showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], $ajax); } $authorized_info = es_session::get("authorized_info"); $user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($authorized_info['id'])); $paypassword = strim(FW_DESPWD($_REQUEST['paypassword'])); $inum = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . $user_mobile . "' and id <> " . intval($GLOBALS['authorized_info']['id'])); if ($inum > 0) { showErr($user_mobile . " 手机号码已被占用", $ajax); } if ($GLOBALS['db']->getOne("SELECT count(*) FROM " . DB_PREFIX . "mobile_verify_code WHERE mobile='" . $user_mobile . "' AND verify_code='" . $verify . "' AND create_time + " . SMS_EXPIRESPAN . " > " . TIME_UTC . " ") == 0) { showErr("手机验证码出错,或已过期", $ajax); } else { $GLOBALS['db']->query("update " . DB_PREFIX . "user set paypassword='******', bind_verify = '', verify_create_time = 0 where id = " . intval($authorized_info['id'])); if ($GLOBALS['db']->affected_rows() > 0) { showSuccess($GLOBALS['lang']['MOBILE_BIND_SUCCESS'], $ajax); } else { showErr("绑定失败", $ajax); } } }
public function check_paypwd_verify_code() { $ajax = intval($_REQUEST['ajax']); $verify = strim($_REQUEST['verify']); if ($verify == "") { showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], $ajax); } $user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($GLOBALS['user_info']['id'])); $paypassword = trim(FW_DESPWD($_REQUEST['paypassword'])); if (app_conf("SMS_ON") == 1) { if ($user['bind_verify'] == '' || $user['bind_verify'] != $verify) { showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], $ajax); } else { $GLOBALS['db']->query("update " . DB_PREFIX . "user set paypassword='******', bind_verify = '', verify_create_time = 0 where id = " . intval($GLOBALS['user_info']['id'])); showSuccess("设置成功", $ajax); } } else { showErr($GLOBALS['lang']['SMS_OFF'], $ajax); } }
public function inrepay_repay_borrow_money() { $id = intval($_REQUEST['id']); $paypassword = strim(FW_DESPWD($_REQUEST['paypassword'])); if ($paypassword == "") { showErr($GLOBALS['lang']['PAYPASSWORD_EMPTY'], 1); } if (md5($paypassword) != $GLOBALS['user_info']['paypassword']) { showErr($GLOBALS['lang']['PAYPASSWORD_ERROR'], 1); } $status = getUCInrepayRepayBorrowMoney($id); if ($status['status'] == 0) { showErr($status['show_err'], 1); } else { showSuccess($status['show_err'], 1); } }
/** * 执行转让 */ public function do_transfer() { $id = intval($_REQUEST['dlid']); $tid = intval($_REQUEST['dltid']); $paypassword = strim(FW_DESPWD($_REQUEST['paypassword'])); $transfer_money = floatval($_REQUEST['transfer_money']); $status = getUcDoTransfer($id, $tid, $paypassword, $transfer_money); if ($status['status'] == 0) { showErr($status['show_err'], 1); } else { showSuccess($status['show_err'], 1); } }
public function dologin() { if (!$_POST) { app_redirect("404.html"); exit; } foreach ($_POST as $k => $v) { $_POST[$k] = htmlspecialchars(addslashes($v)); } $ajax = intval($_REQUEST['ajax']); //验证码 /*if(app_conf("VERIFY_IMAGE")==1) { $verify = md5(trim($_REQUEST['verify'])); $session_verify = es_session::get('verify'); if($verify!=$session_verify) { showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'],$ajax,url("shop","user#login")); } }*/ $_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd'])); require_once APP_ROOT_PATH . "system/libs/manageagency.php"; if (check_ipop_limit(get_client_ip(), "user_dologin", intval(app_conf("SUBMIT_DELAY")))) { $result = do_login_user($_POST['email'], $_POST['user_pwd']); } else { showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "manageagency#login")); } if ($result['status']) { $s_user_info = es_session::get("user_info"); $jump_url = url("index", "manageagency#account"); $s_user_info = es_session::get("manageagency_info"); /*if($s_user_info['ips_acct_no']=="" && app_conf("OPEN_IPS")){ if($ajax==1) { $return['status'] = 2; $return['info'] = "本站需绑定第三方托管账户,是否马上去绑定"; $return['data'] = $result['msg']; $return['jump'] = $jump_url; $return['jump1'] = APP_ROOT."/index.php?ctl=collocation&act=CreateNewAcct&user_type=0&user_id=".$s_user_info['id']; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result',$result['msg']); showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'],$ajax,$jump_url); } }*/ //else{ if ($ajax == 1) { $return['status'] = 1; $return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS']; $return['data'] = $result['msg']; $return['jump'] = $jump_url; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result', $result['msg']); showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url); } //} } else { if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) { $err = $GLOBALS['lang']['USER_NOT_EXIST']; } if ($result['data'] == ACCOUNT_PASSWORD_ERROR) { $err = $GLOBALS['lang']['PASSWORD_ERROR']; } if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) { $err = $GLOBALS['lang']['USER_NOT_VERIFY']; if (app_conf("MAIL_ON") == 1 && $ajax == 0) { $GLOBALS['tmpl']->assign("page_title", $err); $GLOBALS['tmpl']->assign("user_info", $result['user']); $GLOBALS['tmpl']->display("verify_user.html"); exit; } } showErr($err, $ajax); } }
public function dologin() { if (!$_POST) { app_redirect("404.html"); exit; } foreach ($_POST as $k => $v) { $_POST[$k] = htmlspecialchars(addslashes($v)); } $ajax = intval($_REQUEST['ajax']); if (!check_hash_key()) { showErr("非法请求!", $ajax); } $_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd'])); require_once APP_ROOT_PATH . "system/libs/user.php"; if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) { $result = do_login_user($_POST['email'], $_POST['user_pwd']); } else { showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "manageagency#login")); } if ($result['status']) { $s_user_info = es_session::get("user_info"); $jump_url = url("index", "manageagency#account"); $s_user_info = es_session::get("manageagency_info"); if ($ajax == 1) { $return['status'] = 1; $return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS']; $return['data'] = $result['msg']; $return['jump'] = $jump_url; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result', $result['msg']); showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url); } } else { if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) { $err = $GLOBALS['lang']['USER_NOT_EXIST']; } if ($result['data'] == ACCOUNT_PASSWORD_ERROR) { $err = $GLOBALS['lang']['PASSWORD_ERROR']; } if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) { $err = $GLOBALS['lang']['USER_NOT_VERIFY']; if (app_conf("MAIL_ON") == 1 && $ajax == 0) { $GLOBALS['tmpl']->assign("page_title", $err); $GLOBALS['tmpl']->assign("user_info", $result['user']); $GLOBALS['tmpl']->display("verify_user.html"); exit; } } showErr($err, $ajax); } }