public function do_login()
{
$adm_name = strim($_POST['adm_name']);
$adm_password = trim(FW_DESPWD(trim($_POST['adm_password'])));
$adm_dog_key = strim($_POST['adm_dog_key']);
$ajax = intval($_REQUEST['ajax']);
//是否ajax提交
if ($adm_name == '') {
$this->error(L('ADM_NAME_EMPTY', $ajax));
}
if ($adm_password == '') {
$this->error(L('ADM_PASSWORD_EMPTY', $ajax));
}
if (es_session::get("verify") != md5($_REQUEST['adm_verify'])) {
$this->error(L('ADM_VERIFY_ERROR'), $ajax);
}
$condition['adm_name'] = $adm_name;
$condition['is_effect'] = 1;
$condition['is_delete'] = 0;
$adm_data = M("Admin")->where($condition)->find();
if ($adm_data) {
if ($adm_data['adm_password'] != md5($adm_password)) {
save_log($adm_name . L("ADM_PASSWORD_ERROR"), 0);
//记录密码登录错误的LOG
$this->error(L("ADM_PASSWORD_ERROR"), $ajax);
} else {
//登录成功
$adm_session['adm_name'] = $adm_data['adm_name'];
$adm_session['adm_id'] = $adm_data['id'];
$adm_session['adm_dog_key'] = $adm_dog_key;
es_session::set(md5(conf("AUTH_KEY")), $adm_session);
//重新保存记录
$adm_data['login_ip'] = CLIENT_IP;
$adm_data['login_time'] = TIME_UTC;
M("Admin")->save($adm_data);
save_log($adm_data['adm_name'] . L("LOGIN_SUCCESS"), 1);
$this->success(L("LOGIN_SUCCESS"), $ajax);
}
} else {
save_log($adm_name . L("ADM_NAME_ERROR"), 0);
//记录用户名登录错误的LOG
$this->error(L("ADM_NAME_ERROR"), $ajax);
}
}
function dobid()
{
$ajax = intval($_REQUEST["ajax"]);
$id = intval($_REQUEST["id"]);
$bid_money = floatval($_REQUEST["bid_money"]);
$bid_paypassword = strim(FW_DESPWD($_REQUEST['bid_paypassword']));
$status = dobid2($id, $bid_money, $bid_paypassword, 1);
if ($status['status'] == 0) {
showErr($status['show_err'], $ajax);
} elseif ($status['status'] == 2) {
do_loans($id, date('Y-m-d'));
// 满标自动放款
ajax_return($status);
} elseif ($status['status'] == 3) {
showSuccess("余额不足,请先去充值", $ajax, url("index", "uc_money#incharge"));
} else {
//showSuccess($GLOBALS['lang']['DEAL_BID_SUCCESS'],$ajax,url("index","deal",array("id"=>$id)));
showSuccess($GLOBALS['lang']['DEAL_BID_SUCCESS'], $ajax, url("index", "uc_invest"));
}
}
function savecarry()
{
if ($GLOBALS['user_info']['id'] > 0) {
require_once APP_ROOT_PATH . 'app/Lib/uc_func.php';
$paypassword = strim(FW_DESPWD($_REQUEST['paypassword']));
$amount = floatval($_REQUEST['amount']);
$bid = floatval($_REQUEST['bid']);
$status = getUcSaveCarry($amount, $paypassword, $bid);
if ($status['status'] == 0) {
showErr($status['show_err']);
} else {
showSuccess($status['show_err']);
}
} else {
app_redirect(url("index", "user#login"));
}
}
public function dotrans()
{
$ajax = intval($_REQUEST['ajax']);
$paypassword = strim(FW_DESPWD($_REQUEST['paypassword']));
$id = intval($_REQUEST['id']);
$status = dotrans($id, $paypassword);
if ($status['status'] == 2) {
ajax_return($status);
} elseif ($status['status'] == 1) {
showSuccess($status['show_err'], $ajax);
} else {
showErr($status['show_err'], $ajax);
}
}
public function dologin()
{
if (!$_POST) {
app_redirect("404.html");
exit;
}
foreach ($_POST as $k => $v) {
$_POST[$k] = htmlspecialchars(addslashes($v));
}
$ajax = intval($_REQUEST['ajax']);
if (!check_hash_key()) {
showErr("非法请求!", $ajax);
}
//验证码
if (app_conf("VERIFY_IMAGE") == 1) {
$verify = md5(trim($_REQUEST['verify']));
$session_verify = es_session::get('verify');
if ($verify != $session_verify) {
showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'], $ajax, url("shop", "user#login"));
}
}
require_once APP_ROOT_PATH . "system/libs/user.php";
$_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd']));
if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) {
$result = do_login_user($_POST['email'], $_POST['user_pwd']);
} else {
showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "user#login"));
}
if ($result['status']) {
$s_user_info = es_session::get("user_info");
if (intval($_POST['auto_login']) == 1) {
//自动登录,保存cookie
$user_data = $s_user_info;
es_cookie::set("user_name", $user_data['email'], 3600 * 24 * 30);
es_cookie::set("user_pwd", md5($user_data['user_pwd'] . "_EASE_COOKIE"), 3600 * 24 * 30);
}
if ($ajax == 0 && trim(app_conf("INTEGRATE_CODE")) == '') {
$redirect = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : url("index");
app_redirect($redirect);
} else {
$jump_url = get_gopreview();
$s_user_info = es_session::get("user_info");
if ($s_user_info['ips_acct_no'] == "" && app_conf("OPEN_IPS")) {
if ($ajax == 1) {
$return['status'] = 2;
$return['info'] = "本站需绑定第三方托管账户,是否马上去绑定";
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
$return['jump1'] = APP_ROOT . "/index.php?ctl=collocation&act=CreateNewAcct&user_type=0&user_id=" . $s_user_info['id'];
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
} else {
if ($ajax == 1) {
$return['status'] = 1;
$return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS'];
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
}
}
} else {
if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_EXIST'];
}
if ($result['data'] == ACCOUNT_PASSWORD_ERROR) {
$err = $GLOBALS['lang']['PASSWORD_ERROR'];
}
if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_VERIFY'];
if (app_conf("MAIL_ON") == 1 && $ajax == 0) {
$GLOBALS['tmpl']->assign("page_title", $err);
$GLOBALS['tmpl']->assign("user_info", $result['user']);
$GLOBALS['tmpl']->display("verify_user.html");
exit;
}
}
showErr($err, $ajax);
}
}
public function check_authorized_paypwd_verify_code()
{
$ajax = intval($_REQUEST['ajax']);
$verify = strim($_REQUEST['verify']);
if ($verify == "") {
showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], $ajax);
}
$authorized_info = es_session::get("authorized_info");
$user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($authorized_info['id']));
$paypassword = strim(FW_DESPWD($_REQUEST['paypassword']));
$inum = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . $user_mobile . "' and id <> " . intval($GLOBALS['authorized_info']['id']));
if ($inum > 0) {
showErr($user_mobile . " 手机号码已被占用", $ajax);
}
if ($GLOBALS['db']->getOne("SELECT count(*) FROM " . DB_PREFIX . "mobile_verify_code WHERE mobile='" . $user_mobile . "' AND verify_code='" . $verify . "' AND create_time + " . SMS_EXPIRESPAN . " > " . TIME_UTC . " ") == 0) {
showErr("手机验证码出错,或已过期", $ajax);
} else {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set paypassword='******', bind_verify = '', verify_create_time = 0 where id = " . intval($authorized_info['id']));
if ($GLOBALS['db']->affected_rows() > 0) {
showSuccess($GLOBALS['lang']['MOBILE_BIND_SUCCESS'], $ajax);
} else {
showErr("绑定失败", $ajax);
}
}
}
public function check_paypwd_verify_code()
{
$ajax = intval($_REQUEST['ajax']);
$verify = strim($_REQUEST['verify']);
if ($verify == "") {
showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], $ajax);
}
$user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($GLOBALS['user_info']['id']));
$paypassword = trim(FW_DESPWD($_REQUEST['paypassword']));
if (app_conf("SMS_ON") == 1) {
if ($user['bind_verify'] == '' || $user['bind_verify'] != $verify) {
showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], $ajax);
} else {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set paypassword='******', bind_verify = '', verify_create_time = 0 where id = " . intval($GLOBALS['user_info']['id']));
showSuccess("设置成功", $ajax);
}
} else {
showErr($GLOBALS['lang']['SMS_OFF'], $ajax);
}
}
public function inrepay_repay_borrow_money()
{
$id = intval($_REQUEST['id']);
$paypassword = strim(FW_DESPWD($_REQUEST['paypassword']));
if ($paypassword == "") {
showErr($GLOBALS['lang']['PAYPASSWORD_EMPTY'], 1);
}
if (md5($paypassword) != $GLOBALS['user_info']['paypassword']) {
showErr($GLOBALS['lang']['PAYPASSWORD_ERROR'], 1);
}
$status = getUCInrepayRepayBorrowMoney($id);
if ($status['status'] == 0) {
showErr($status['show_err'], 1);
} else {
showSuccess($status['show_err'], 1);
}
}
/**
* 执行转让
*/
public function do_transfer()
{
$id = intval($_REQUEST['dlid']);
$tid = intval($_REQUEST['dltid']);
$paypassword = strim(FW_DESPWD($_REQUEST['paypassword']));
$transfer_money = floatval($_REQUEST['transfer_money']);
$status = getUcDoTransfer($id, $tid, $paypassword, $transfer_money);
if ($status['status'] == 0) {
showErr($status['show_err'], 1);
} else {
showSuccess($status['show_err'], 1);
}
}
public function dologin()
{
if (!$_POST) {
app_redirect("404.html");
exit;
}
foreach ($_POST as $k => $v) {
$_POST[$k] = htmlspecialchars(addslashes($v));
}
$ajax = intval($_REQUEST['ajax']);
//验证码
/*if(app_conf("VERIFY_IMAGE")==1)
{
$verify = md5(trim($_REQUEST['verify']));
$session_verify = es_session::get('verify');
if($verify!=$session_verify)
{
showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'],$ajax,url("shop","user#login"));
}
}*/
$_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd']));
require_once APP_ROOT_PATH . "system/libs/manageagency.php";
if (check_ipop_limit(get_client_ip(), "user_dologin", intval(app_conf("SUBMIT_DELAY")))) {
$result = do_login_user($_POST['email'], $_POST['user_pwd']);
} else {
showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "manageagency#login"));
}
if ($result['status']) {
$s_user_info = es_session::get("user_info");
$jump_url = url("index", "manageagency#account");
$s_user_info = es_session::get("manageagency_info");
/*if($s_user_info['ips_acct_no']=="" && app_conf("OPEN_IPS")){
if($ajax==1)
{
$return['status'] = 2;
$return['info'] = "本站需绑定第三方托管账户,是否马上去绑定";
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
$return['jump1'] = APP_ROOT."/index.php?ctl=collocation&act=CreateNewAcct&user_type=0&user_id=".$s_user_info['id'];
ajax_return($return);
}
else
{
$GLOBALS['tmpl']->assign('integrate_result',$result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'],$ajax,$jump_url);
}
}*/
//else{
if ($ajax == 1) {
$return['status'] = 1;
$return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS'];
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
//}
} else {
if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_EXIST'];
}
if ($result['data'] == ACCOUNT_PASSWORD_ERROR) {
$err = $GLOBALS['lang']['PASSWORD_ERROR'];
}
if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_VERIFY'];
if (app_conf("MAIL_ON") == 1 && $ajax == 0) {
$GLOBALS['tmpl']->assign("page_title", $err);
$GLOBALS['tmpl']->assign("user_info", $result['user']);
$GLOBALS['tmpl']->display("verify_user.html");
exit;
}
}
showErr($err, $ajax);
}
}
public function dologin()
{
if (!$_POST) {
app_redirect("404.html");
exit;
}
foreach ($_POST as $k => $v) {
$_POST[$k] = htmlspecialchars(addslashes($v));
}
$ajax = intval($_REQUEST['ajax']);
if (!check_hash_key()) {
showErr("非法请求!", $ajax);
}
$_POST['user_pwd'] = trim(FW_DESPWD($_POST['user_pwd']));
require_once APP_ROOT_PATH . "system/libs/user.php";
if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) {
$result = do_login_user($_POST['email'], $_POST['user_pwd']);
} else {
showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "manageagency#login"));
}
if ($result['status']) {
$s_user_info = es_session::get("user_info");
$jump_url = url("index", "manageagency#account");
$s_user_info = es_session::get("manageagency_info");
if ($ajax == 1) {
$return['status'] = 1;
$return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS'];
$return['data'] = $result['msg'];
$return['jump'] = $jump_url;
ajax_return($return);
} else {
$GLOBALS['tmpl']->assign('integrate_result', $result['msg']);
showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url);
}
} else {
if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_EXIST'];
}
if ($result['data'] == ACCOUNT_PASSWORD_ERROR) {
$err = $GLOBALS['lang']['PASSWORD_ERROR'];
}
if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) {
$err = $GLOBALS['lang']['USER_NOT_VERIFY'];
if (app_conf("MAIL_ON") == 1 && $ajax == 0) {
$GLOBALS['tmpl']->assign("page_title", $err);
$GLOBALS['tmpl']->assign("user_info", $result['user']);
$GLOBALS['tmpl']->display("verify_user.html");
exit;
}
}
showErr($err, $ajax);
}
}
