/** * notice_list function. * * @access public * @return void */ function notice_login() { $_arr_noticeGet = $this->obj_notice->notice_get("get"); if ($_arr_noticeGet["alert"] != "ok") { $this->obj_notice->halt_re($_arr_noticeGet); } $_tm_now = time(); if ($_arr_noticeGet["time"] - $_tm_now > 300) { $_arr_return = array("alert" => "x220213"); $this->obj_notice->halt_re($_arr_return); } $_arr_signature = $this->obj_sso->sso_verify($_arr_noticeGet["time"], $_arr_noticeGet["random"], $_arr_noticeGet["signature"]); if ($_arr_signature["alert"] != "y050403") { $this->obj_notice->halt_re($_arr_signature); } $_arr_decode = $this->obj_sso->sso_decode($_arr_noticeGet["code"], $_arr_noticeGet["key"]); $_arr_adminRow = $this->mdl_admin->mdl_read($_arr_decode["user_id"]); if ($_arr_adminRow["alert"] != "y020102") { $this->obj_notice->halt_re($_arr_adminRow); } if ($_arr_adminRow["admin_status"] == "disable") { $_arr_return = array("alert" => "x020401"); $this->obj_notice->halt_re($_arr_return); } $_str_rand = fn_rand(6); $this->mdl_admin->mdl_login($_arr_decode["user_id"], $_str_rand); fn_session("admin_id", "mk", $_arr_decode["user_id"]); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand)); $this->obj_notice->halt_re($_arr_adminRow); }
/** 提交 * mdl_submit function. * * @access public * @return void */ function mdl_submit($num_userId, $str_mail) { $_arr_verifyRow = $this->mdl_read($num_userId, "verify_user_id"); $_str_rand = fn_rand(6); $_str_token = fn_rand(32); $_str_tokenDo = fn_baigoEncrypt($_str_token, $_str_rand); $_arr_verifyData = array("verify_user_id" => $num_userId, "verify_mail" => $str_mail, "verify_token" => $_str_token, "verify_rand" => $_str_rand, "verify_token_expire" => time() + BG_VERIFY_EXPIRE * 60, "verify_status" => "enable", "verify_time_refresh" => time()); if ($_arr_verifyRow["alert"] == "x120102") { $_arr_verifyData["verify_time"] = time(); $_num_verifyId = $this->obj_db->insert(BG_DB_TABLE . "verify", $_arr_verifyData); //更新数据 if ($_num_verifyId > 0) { $_str_alert = "y120101"; //更新成功 } else { return array("alert" => "x120101"); } } else { $_num_verifyId = $_arr_verifyRow["verify_id"]; $_num_mysql = $this->obj_db->update(BG_DB_TABLE . "verify", $_arr_verifyData, "verify_id=" . $_num_verifyId); //更新数据 if ($_num_mysql > 0) { $_str_alert = "y120103"; //更新成功 } else { return array("alert" => "x120103"); } } return array("verify_id" => $_num_verifyId, "verify_token" => $_str_tokenDo, "alert" => $_str_alert); }
/** * fn_ssin_begin function. * * @access public * @return void */ function fn_ssin_begin() { $_mdl_admin = new MODEL_ADMIN(); //设置管理员对象 $_mdl_group = new MODEL_GROUP(); //设置管理员对象 $_num_adminTimeDiff = fn_session("admin_ssin_time") + BG_DEFAULT_SESSION; //session有效期 if (!fn_session("admin_id") || !fn_session("admin_ssin_time") || !fn_session("admin_hash") || $_num_adminTimeDiff < time()) { fn_ssin_end(); $_arr_adminRow["alert"] = "x020402"; return $_arr_adminRow; exit; } $_arr_adminRow = $_mdl_admin->mdl_read(fn_session("admin_id")); if (fn_baigoEncrypt($_arr_adminRow["admin_time"], $_arr_adminRow["admin_rand"]) != fn_session("admin_hash")) { fn_ssin_end(); $_arr_adminRow["alert"] = "x020403"; return $_arr_adminRow; exit; } $_arr_groupRow = $_mdl_group->mdl_read($_arr_adminRow["admin_group_id"]); if (isset($_arr_groupRow["group_status"]) && $_arr_groupRow["group_status"] == "disable") { fn_ssin_end(); $_arr_adminRow["alert"] = "x040401"; return $_arr_adminRow; exit; } $_arr_adminRow["groupRow"] = $_arr_groupRow; fn_session("admin_ssin_time", "mk", time()); return $_arr_adminRow; }
/** * ctl_login function. * * @access public * @return void */ function ctl_login() { $_arr_adminLogin = $this->mdl_admin->input_login(); if ($_arr_adminLogin["alert"] != "ok") { return $_arr_adminLogin; exit; } $_arr_adminRow = $this->mdl_admin->mdl_read($_arr_adminLogin["admin_name"], "admin_name"); if ($_arr_adminRow["alert"] != "y020102") { return $_arr_adminRow; exit; } if (fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) { return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020207"); exit; } if ($_arr_adminRow["admin_status"] != "enable") { return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020402"); exit; } $_str_adminRand = fn_rand(6); $this->mdl_admin->mdl_login($_arr_adminRow["admin_id"], fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_str_adminRand), $_str_adminRand); fn_session("admin_id", "mk", $_arr_adminRow["admin_id"]); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_adminRand)); return array("admin_id" => $_arr_adminLogin["admin_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020201"); }
/** * ajax_submit function. * * @access public * @return void */ function ajax_submit() { $_arr_adminSubmit = $this->mdl_admin->input_submit(); if ($_arr_adminSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]); } $_str_adminPassDo = ""; $_str_adminRand = ""; if ($_arr_adminSubmit["admin_id"] > 0) { if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) { $this->obj_ajax->halt_alert("x020303"); } if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) { $this->obj_ajax->halt_alert("x020306"); } $_str_adminPass = fn_post("admin_pass"); if (!fn_isEmpty($_str_adminPass)) { $_str_adminRand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand); } } else { if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) { $this->obj_ajax->halt_alert("x020302"); } $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020205"); break; case "ok": $_str_adminPass = $_arr_adminPass["str"]; break; } $_str_adminRand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand); } $_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand); if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") { $_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]); $_str_targets = json_encode($_arr_targets); if ($_arr_adminRow["alert"] == "y020101") { $_type = "add"; } else { $_type = "edit"; } $_str_adminRow = json_encode($_arr_adminRow); $_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin"); $this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]); } $this->obj_ajax->halt_alert($_arr_adminRow["alert"]); }
function api_admin() { $this->check_db(); include_once BG_PATH_MODEL . "admin.class.php"; //载入管理帐号模型 $_mdl_admin = new MODEL_ADMIN(); $_arr_adminAdd = $_mdl_admin->api_add(); if ($_arr_adminAdd["alert"] != "ok") { $this->obj_api->halt_re($_arr_adminAdd); } $_str_rand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_arr_adminAdd["admin_pass"], $_str_rand, true); $_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_rand); $this->obj_api->halt_re($_arr_adminRow); }
function ajax_pass() { if (isset($this->adminLogged["admin_allow"]["pass"])) { $this->obj_ajax->halt_alert("x020109"); } $_arr_adminPass = $this->mdl_admin->input_pass(); if ($_arr_adminPass["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_adminPass["alert"]); } $_arr_adminRow = $this->mdl_admin->mdl_read($this->adminLogged["admin_id"]); if ($_arr_adminRow["alert"] != "y020102") { return $_arr_adminRow; } if (fn_baigoEncrypt($_arr_adminPass["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) { $this->obj_ajax->halt_alert("x020207"); } $_arr_adminRow = $this->mdl_admin->mdl_pass($this->adminLogged["admin_id"]); $this->obj_ajax->halt_alert($_arr_adminRow["alert"]); }
function fn_ssin_login($num_adminId) { $_mdl_admin = new MODEL_ADMIN(); //设置管理员对象 $_arr_adminRow = $_mdl_admin->mdl_read($num_adminId); //本地数据库处理 if ($_arr_adminRow["alert"] != "y020102") { return $_arr_adminRow; } if ($_arr_adminRow["admin_status"] == "disable") { return array("alert" => "x020401"); } $_str_rand = fn_rand(6); $_mdl_admin->mdl_login($num_adminId, $_str_rand); fn_session("admin_id", "mk", $num_adminId); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand)); return array("alert" => "ok"); }
function fn_ssin_begin() { $_mdl_admin = new MODEL_ADMIN(); //设置管理员模型 $_num_adminTimeDiff = fn_session("admin_ssin_time") + BG_DEFAULT_SESSION; //session有效期 if (!fn_session("admin_id") || !fn_session("admin_ssin_time") || !fn_session("admin_hash") || $_num_adminTimeDiff < time()) { fn_ssin_end(); $_arr_adminRow["alert"] = "x020401"; return $_arr_adminRow; exit; } $_arr_adminRow = $_mdl_admin->mdl_read(fn_session("admin_id")); //print_r($_arr_adminRow); if (fn_baigoEncrypt($_arr_adminRow["admin_time"], $_arr_adminRow["admin_rand"]) != fn_session("admin_hash")) { fn_ssin_end(); $_arr_adminRow["alert"] = "x020403"; return $_arr_adminRow; exit; } fn_session("admin_ssin_time", "mk", time()); return $_arr_adminRow; }
/** * ctl_login function. * * @access public * @return void */ function ctl_login() { $_arr_adminLogin = $this->input_login(); if ($_arr_adminLogin["alert"] != "ok") { return $_arr_adminLogin; exit; } $_arr_ssoLogin = $this->obj_sso->sso_login($_arr_adminLogin["admin_name"], $_arr_adminLogin["admin_pass"]); //sso验证 if ($_arr_ssoLogin["alert"] != "y010401") { $_arr_ssoLogin["forward"] = $_arr_adminLogin["forward"]; return $_arr_ssoLogin; exit; } $_arr_adminRow = $this->mdl_admin->mdl_read($_arr_ssoLogin["user_id"]); //本地数据库处理 if ($_arr_adminRow["alert"] != "y020102") { $_arr_adminRow["forward"] = $_arr_adminLogin["forward"]; return $_arr_adminRow; exit; } if ($_arr_adminRow["admin_status"] == "disable") { return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020401"); exit; } $_str_rand = fn_rand(6); $this->mdl_admin->mdl_login($_arr_ssoLogin["user_id"], $_str_rand); fn_session("admin_id", "mk", $_arr_ssoLogin["user_id"]); fn_session("admin_ssin_time", "mk", time()); fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand)); if (defined("BG_SSO_SYNLOGON") && BG_SSO_SYNLOGON == "on") { $_arr_sync = $this->obj_sso->sso_sync_login($_arr_ssoLogin["user_id"]); echo $_arr_sync["html"]; } exit; return array("admin_id" => $_arr_ssoLogin["user_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020401"); }
function ajax_submit() { $_arr_userSubmit = $this->mdl_user->input_submit(); $_str_userPassDo = ""; $_str_userRand = ""; if ($_arr_userSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_userSubmit["alert"]); } if ($_arr_userSubmit["user_id"] > 0) { if (!isset($this->adminLogged["admin_allow"]["user"]["edit"])) { $this->obj_ajax->halt_alert("x010303"); } $_str_userPass = fn_post("user_pass"); if ($_str_userPass) { $_str_userRand = fn_rand(6); $_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand); } } else { if (!isset($this->adminLogged["admin_allow"]["user"]["add"])) { $this->obj_ajax->halt_alert("x010302"); } $_arr_userPass = validateStr(fn_post("user_pass"), 1, 0); switch ($_arr_userPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x010212"); break; case "ok": $_str_userPass = $_arr_userPass["str"]; break; } $_str_userRand = fn_rand(6); $_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand); } $_arr_userRow = $this->mdl_user->mdl_submit($_str_userPassDo, $_str_userRand); $this->obj_ajax->halt_alert($_arr_userRow["alert"]); }
function ctl_mailbox() { $_num_verifyId = fn_getSafe(fn_get("verify_id"), "int", 0); $_str_verifyToken = fn_getSafe(fn_get("verify_token"), "txt", ""); if ($_num_verifyId < 1) { return array("alert" => "x120201"); } if (fn_isEmpty($_str_verifyToken)) { return array("alert" => "x120202"); } $_arr_verifyRow = $this->mdl_verify->mdl_read($_num_verifyId); if ($_arr_verifyRow["alert"] != "y120102") { return $_arr_verifyRow; } if ($_arr_verifyRow["verify_status"] != "enable") { return array("alert" => "x120203"); } if ($_arr_verifyRow["verify_token_expire"] < time()) { return array("alert" => "x120204"); } if (fn_baigoEncrypt($_arr_verifyRow["verify_token"], $_arr_verifyRow["verify_rand"]) != $_str_verifyToken) { return array("alert" => "x120205"); } $_arr_userRow = $this->mdl_user->mdl_read($_arr_verifyRow["verify_user_id"]); if ($_arr_userRow["alert"] != "y010102") { return $_arr_userRow; } $_arr_verifyRow["verify_token"] = $_str_verifyToken; $_arr_tplData = array("userRow" => $_arr_userRow, "verifyRow" => $_arr_verifyRow); $this->obj_tpl->tplDisplay("reg_mailbox.tpl", $_arr_tplData); return array("alert" => "y010102"); }
/** * api_mailbox function. * * @access public * @return void */ function api_mailbox() { $this->app_check("post"); if (!isset($this->appAllow["user"]["mailbox"])) { //无权限并记录日志 $_arr_return = array("alert" => "x050308"); $_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]); $_arr_logType = array("user", "mailbox"); $this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType); $this->obj_api->halt_re($_arr_return); } $_arr_userSubmit = $this->mdl_user->input_mail_api(); if ($_arr_userSubmit["alert"] != "ok") { $this->obj_api->halt_re($_arr_userSubmit); } $_arr_userRow = $this->mdl_user->mdl_read($_arr_userSubmit["user_str"], $_arr_userSubmit["user_by"]); if ($_arr_userRow["alert"] != "y010102") { $this->obj_api->halt_re($_arr_userRow); } if ($_arr_userRow["user_status"] != "enable") { $_arr_return = array("alert" => "x010401"); $this->obj_api->halt_re($_arr_return); } if ($_arr_userSubmit["user_mail_new"] == $_arr_userRow["user_mail"]) { $_arr_return = array("alert" => "x010223"); $this->obj_api->halt_re($_arr_return); } $_is_pass = false; if ($_arr_userSubmit["user_check_pass"] == true) { if (fn_baigoEncrypt($_arr_userSubmit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) { $_arr_return = array("alert" => "x010213"); $this->obj_api->halt_re($_arr_return); } else { $_is_pass = true; } } if (!isset($this->appAllow["user"]["global"]) && !$_is_pass) { $_arr_belongRow = $this->mdl_belong->mdl_read($_arr_userRow["user_id"], $this->appRequest["app_id"]); if ($_arr_belongRow["alert"] != "y070102") { $_arr_return = array("alert" => "x050308"); $this->obj_api->halt_re($_arr_return); } } if ((BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") && $_arr_userSubmit["user_mail_new"]) { $_arr_userRowChk = $this->mdl_user->mdl_read($_arr_userSubmit["user_mail_new"], "user_mail", $_arr_userRow["user_id"]); //检查邮箱 if ($_arr_userRowChk["alert"] == "y010102") { $_arr_return = array("alert" => "x010211"); $this->obj_api->halt_re($_arr_return); } } //file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand); if (BG_REG_CONFIRM == "on") { $_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]); if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") { $_arr_return = array("alert" => "x010405"); $this->obj_api->halt_re($_arr_return); } $_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=mailbox&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"]; $_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>"; $_str_html = str_replace("{verify_url}", $_str_url, $this->obj_api->mail["mailbox"]["content"]); if (fn_mailSend($_arr_userSubmit["user_mail_new"], $this->obj_api->mail["mailbox"]["subject"], $_str_html)) { $_arr_returnRow["alert"] = "y010406"; } else { $_arr_returnRow["alert"] = "x010406"; } } else { $_arr_returnRow = $this->mdl_user->mdl_mail($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]); } $_arr_returnRow["user_id"] = $_arr_userRow["user_id"]; $_arr_returnRow["user_name"] = $_arr_userRow["user_name"]; $_str_key = fn_rand(6); $_str_code = $this->obj_api->api_encode($_arr_returnRow, $_str_key); $_arr_return = array("code" => $_str_code, "key" => $_str_key); //通知 $_arr_notice = $_arr_return; $_arr_notice["act_post"] = "mailbox"; $this->obj_api->api_notice($_arr_notice, $this->appRows); $_arr_return["alert"] = $_arr_returnRow["alert"]; $this->obj_api->halt_re($_arr_return); }
function mdl_convert() { $_num_errChk = 0; $_arr_csvRows = $this->mdl_import(); /*print_r($this->userConvert["user_list"]["convert"]); exit;*/ foreach ($_arr_csvRows as $_key_row => $_value_row) { foreach ($this->userConvert["user_convert"] as $_key_cel => $_value_cel) { $_arr_userRow = $this->mdl_read($_value_row["user_name"], "user_name"); if ($_arr_userRow["alert"] == "x010102") { $_str_rand = fn_rand(6); $_arr_userData["user_rand"] = $_str_rand; switch ($_value_cel) { case "user_pass": $_str_userPass = fn_baigoEncrypt($_value_row[$_key_cel], $_str_rand, true); $_arr_userData["user_pass"] = $_str_userPass; break; case "abort": break; default: $_arr_userData[$_value_cel] = $_value_row[$_key_cel]; break; } } } //print_r($_arr_userData); $_num_userId = 0; if ($_key_row > 0) { $_num_userId = $this->obj_db->insert(BG_DB_TABLE . "user", $_arr_userData); } if ($_num_userId > 0) { //数据库插入是否成功 $_num_errChk++; } unset($_arr_userData["user_abort"]); } if ($_num_errChk > 0) { $_str_alert = "y010402"; } else { $_str_alert = "x010402"; } return array("user_id" => $_num_userId, "alert" => $_str_alert); }
function ajax_admin() { $this->check_db(); include_once BG_PATH_MODEL . "admin.class.php"; //载入管理帐号模型 $_mdl_admin = new MODEL_ADMIN(); $_arr_adminSubmit = $_mdl_admin->input_submit(); if ($_arr_adminSubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]); } $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPass["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020205"); break; case "ok": $_str_adminPass = $_arr_adminPass["str"]; break; } $_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0); switch ($_arr_adminPassConfirm["status"]) { case "too_short": $this->obj_ajax->halt_alert("x020211"); break; case "ok": $_str_adminPassConfirm = $_arr_adminPassConfirm["str"]; break; } if ($_str_adminPass != $_str_adminPassConfirm) { $this->obj_ajax->halt_alert("x020206"); } $_str_adminRand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand); $_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand); $this->obj_ajax->halt_alert("y030407"); }
/** * ajax_submit function. * * @access public * @return void */ function api_add() { $this->app_check("post"); $_arr_adminAdd = $this->mdl_admin->api_add(); if ($_arr_adminAdd["alert"] != "ok") { $this->obj_api->halt_re($_arr_adminAdd); } $_str_rand = fn_rand(6); $_str_adminPassDo = fn_baigoEncrypt($_arr_adminAdd["admin_pass"], $_str_rand, true); $_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_rand); $_str_key = fn_rand(6); $_str_code = $this->obj_api->api_encode($_arr_adminRow, $_str_key); $_arr_return = array("code" => $_str_code, "key" => $_str_key); $_arr_return["alert"] = $_arr_adminRow["alert"]; $this->obj_api->halt_re($_arr_return); }
/** api 编辑 * input_edit_api function. * * @access public * @return void */ function input_edit_api() { $_arr_userGet = $this->input_get_by("post"); if ($_arr_userGet["alert"] != "ok") { return $_arr_userGet; } $this->apiEdit = $_arr_userGet; $this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", ""); if ($this->apiEdit["user_check_pass"] == true) { $_arr_userPass = $this->chk_user_pass(fn_post("user_pass")); if ($_arr_userPass["alert"] != "ok") { return $_arr_userPass; } $this->apiEdit["user_pass"] = $_arr_userPass["user_pass"]; } if (fn_post("user_pass_new")) { $this->apiEdit["user_pass_new"] = fn_post("user_pass_new"); $this->apiEdit["user_rand"] = fn_rand(6); $this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true); } if (fn_post("user_mail_new")) { $_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new")); if ($_arr_userMailNew["alert"] != "ok") { return $_arr_userMailNew; } $this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"]; } $_arr_userNick = $this->chk_user_nick(fn_post("user_nick")); if ($_arr_userNick["alert"] != "ok") { return $_arr_userNick; } $this->apiEdit["user_nick"] = $_arr_userNick["user_nick"]; $this->apiEdit["alert"] = "ok"; return $this->apiEdit; }
/** api 编辑表单验证 * input_edit_api function. * * @access public * @return void */ function input_edit_api() { $_arr_userGet = $this->input_get_by("post"); if ($_arr_userGet["alert"] != "ok") { return $_arr_userGet; } $this->apiEdit = $_arr_userGet; $this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", ""); if ($this->apiEdit["user_check_pass"] == true) { $_arr_userPass = $this->chk_user_pass(fn_post("user_pass")); if ($_arr_userPass["alert"] != "ok") { return $_arr_userPass; } $this->apiEdit["user_pass"] = $_arr_userPass["user_pass"]; } if (fn_post("user_pass_new")) { $this->apiEdit["user_pass_new"] = fn_post("user_pass_new"); $this->apiEdit["user_rand"] = fn_rand(6); $this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true); } if (fn_post("user_mail_new")) { $_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new")); if ($_arr_userMailNew["alert"] != "ok") { return $_arr_userMailNew; } $this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"]; } $_arr_userNick = $this->chk_user_nick(fn_post("user_nick")); if ($_arr_userNick["alert"] != "ok") { return $_arr_userNick; } $this->apiEdit["user_nick"] = $_arr_userNick["user_nick"]; $_str_userContact = fn_getSafe(fn_post("user_contact"), "txt", ""); $this->apiEdit["user_contactStr"] = $_str_userContact; $_str_userContact = fn_htmlcode($_str_userContact, "decode", "json"); $_arr_userContact = json_decode($_str_userContact, true); $this->apiEdit["user_contact"] = fn_jsonEncode($_arr_userContact, "encode"); $_str_userExtend = fn_getSafe(fn_post("user_extend"), "txt", ""); $this->apiEdit["user_extendStr"] = $_str_userExtend; $_str_userExtend = fn_htmlcode($_str_userExtend, "decode", "json"); $_arr_userExtend = json_decode($_str_userExtend, true); $this->apiEdit["user_extend"] = fn_jsonEncode($_arr_userExtend, "encode"); $this->apiEdit["alert"] = "ok"; return $this->apiEdit; }
/** api 编辑 * api_edit function. * * @access public * @return void */ function api_edit() { $_arr_userGet = $this->input_get_by("post"); if ($_arr_userGet["alert"] != "ok") { return $_arr_userGet; exit; } $this->apiEdit = $_arr_userGet; if (fn_post("user_mail")) { $_arr_userMail = $this->input_mail_chk(fn_post("user_mail")); if ($_arr_userMail["alert"] != "ok") { return $_arr_userMail; exit; } $this->apiEdit["user_mail"] = $_arr_userMail["user_mail"]; if (defined("BG_ACC_MAIL") && strlen(BG_ACC_MAIL)) { if (!fn_regChk($this->apiEdit["user_mail"], BG_ACC_MAIL)) { return array("alert" => "x010209"); exit; } } else { if (defined("BG_BAD_MAIL") && strlen(BG_BAD_MAIL)) { if (fn_regChk($this->apiEdit["user_mail"], BG_BAD_MAIL)) { return array("alert" => "x010210"); exit; } } } } $this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", ""); if ($this->apiEdit["user_check_pass"] == true) { $_arr_userPass = $this->input_pass_chk(fn_post("user_pass")); if ($_arr_userPass["alert"] != "ok") { return $_arr_userPass; exit; } $this->apiEdit["user_pass"] = $_arr_userPass["user_pass"]; } if (fn_post("user_pass_new")) { $this->apiEdit["user_pass_new"] = fn_post("user_pass_new"); $this->apiEdit["user_rand"] = fn_rand(6); $this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true); } $_arr_userNick = $this->input_nick_chk(fn_post("user_nick")); if ($_arr_userNick["alert"] != "ok") { return $_arr_userNick; exit; } $this->apiEdit["user_nick"] = $_arr_userNick["user_nick"]; $this->apiEdit["alert"] = "ok"; return $this->apiEdit; }
/** 修改密码表单验证 * input_pass function. * * @access public * @return void */ function input_pass() { if (!fn_token("chk")) { //令牌 return array("alert" => "x030102"); exit; } $_arr_adminPassOld = validateStr(fn_post("admin_pass"), 1, 0); switch ($_arr_adminPassOld["status"]) { case "too_short": return array("alert" => "x020210"); exit; break; case "ok": $this->adminPass["admin_pass"] = $_arr_adminPassOld["str"]; break; } $_arr_adminPassNew = validateStr(fn_post("admin_pass_new"), 1, 0); switch ($_arr_adminPassNew["status"]) { case "too_short": return array("alert" => "x020213"); exit; break; case "ok": $this->adminPass["admin_pass_new"] = $_arr_adminPassNew["str"]; break; } $_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0); switch ($_arr_adminPassConfirm["status"]) { case "too_short": return array("alert" => "x020215"); exit; break; case "ok": $this->adminPass["admin_pass_confirm"] = $_arr_adminPassConfirm["str"]; break; } if ($this->adminPass["admin_pass_new"] != $this->adminPass["admin_pass_confirm"]) { return array("alert" => "x020211"); exit; } $this->adminPass["admin_rand"] = fn_rand(6); $this->adminPass["admin_pass_do"] = fn_baigoEncrypt($this->adminPass["admin_pass_new"], $this->adminPass["admin_rand"]); $this->adminPass["alert"] = "ok"; return $this->adminPass; }
/** * api_edit function. * * @access public * @return void */ function api_edit() { $this->app_check("post"); if (!isset($this->appAllow["user"]["edit"])) { $_arr_return = array("alert" => "x050308"); $_arr_logTarget[] = array("app_id" => $this->appGet["app_id"]); $_arr_logType = array("user", "edit"); $this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType); $this->obj_api->halt_re($_arr_return); } $_arr_userEdit = $this->mdl_user->api_input_edit(); if ($_arr_userEdit["alert"] != "ok") { $this->obj_api->halt_re($_arr_userEdit); } $_arr_userRow = $this->mdl_user->mdl_read($_arr_userEdit["user_str"], $_arr_userEdit["user_by"]); if ($_arr_userRow["alert"] != "y010102") { $this->obj_api->halt_re($_arr_userRow); } if (!isset($this->appAllow["user"]["global"])) { $_arr_appBelongRow = $this->mdl_appBelong->mdl_read($_arr_userRow["user_id"], $this->appGet["app_id"]); if ($_arr_appBelongRow["alert"] != "y070102") { $_arr_return = array("alert" => "x050308"); $this->obj_api->halt_re($_arr_return); } } if ($_arr_userEdit["user_check_pass"] == true) { if (fn_baigoEncrypt($_arr_userEdit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) { $_arr_return = array("alert" => "x010213"); $this->obj_api->halt_re($_arr_return); } } if ($_arr_userRow["user_status"] != "enable") { return array("alert" => "x010401"); exit; } if (BG_REG_ONEMAIL == "false" && BG_REG_NEEDMAIL == "on" && $_arr_userEdit["user_mail"]) { $_arr_userRow = $this->mdl_user->mdl_read($_arr_userEdit["user_mail"], "user_mail", $_arr_userRow["user_id"]); if ($_arr_userRow["alert"] == "y010102") { $_arr_return = array("alert" => "x010211"); $this->obj_api->halt_re($_arr_return); } } //file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand); $_str_key = fn_rand(6); $_arr_userUpdate = $this->mdl_user->mdl_edit($_arr_userRow["user_id"]); $_arr_userUpdate["user_name"] = $_arr_userRow["user_name"]; $_str_code = $this->obj_api->api_encode($_arr_userUpdate, $_str_key); $_arr_return = array("code" => $_str_code, "key" => $_str_key); //通知 $_arr_notice = $_arr_return; $_arr_notice["act_post"] = "edit"; $this->obj_api->api_notice($_arr_notice, $this->appRows); $_arr_return["alert"] = $_arr_userUpdate["alert"]; $this->obj_api->halt_re($_arr_return); }
function ajax_confirm() { $_arr_verifySubmit = $this->mdl_verify->input_verify(); if ($_arr_verifySubmit["alert"] != "ok") { $this->obj_ajax->halt_alert($_arr_verifySubmit["alert"]); } $_arr_verifyRow = $this->mdl_verify->mdl_read($_arr_verifySubmit["verify_id"]); if ($_arr_verifyRow["alert"] != "y120102") { $this->obj_ajax->halt_alert($_arr_verifyRow["alert"]); } if ($_arr_verifyRow["verify_status"] != "enable") { $this->obj_ajax->halt_alert("x120203"); } if ($_arr_verifyRow["verify_token_expire"] < time()) { $this->obj_ajax->halt_alert("x120204"); } if (fn_baigoEncrypt($_arr_verifyRow["verify_token"], $_arr_verifyRow["verify_rand"]) != $_arr_verifySubmit["verify_token"]) { $this->obj_ajax->halt_alert("x120205"); } $_arr_userRow = $this->mdl_user->mdl_read($_arr_verifyRow["verify_user_id"]); if ($_arr_userRow["alert"] != "y010102") { $this->obj_ajax->halt_alert($_arr_userRow["alert"]); } $_arr_returnRow = $this->mdl_user->mdl_confirm($_arr_userRow["user_id"]); if ($_arr_returnRow["alert"] == "y010103") { $_str_alert = "y010409"; } else { $_str_alert = "x010409"; } $this->mdl_verify->mdl_disable(); $this->obj_ajax->halt_alert($_str_alert); }
/** * api_mailbox function. * * @access public * @return void */ function api_mailbox() { $this->app_check("post"); if (!isset($this->appAllow["user"]["mailbox"])) { //无权限并记录日志 $_arr_return = array("alert" => "x050308"); $_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]); $_arr_logType = array("user", "mailbox"); $this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType); $this->obj_api->halt_re($_arr_return); } $_arr_userSubmit = $this->mdl_user->input_mail_api(); if ($_arr_userSubmit["alert"] != "ok") { $this->obj_api->halt_re($_arr_userSubmit); } $_arr_sign = array("act_post" => $GLOBALS["act_post"], $_arr_userSubmit["user_by"] => $_arr_userSubmit["user_str"], "user_mail_new" => $_arr_userSubmit["user_mail_new"]); if (isset($_arr_userSubmit["user_check_pass"]) && $_arr_userSubmit["user_check_pass"] == true) { $_arr_sign["user_check_pass"] = true; $_arr_sign["user_pass"] = $_arr_userSubmit["user_pass"]; } else { $_arr_sign["user_check_pass"] = false; } if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) { $_arr_return = array("alert" => "x050403"); $this->obj_api->halt_re($_arr_return); } $_arr_userRow = $this->mdl_user->mdl_read($_arr_userSubmit["user_str"], $_arr_userSubmit["user_by"]); if ($_arr_userRow["alert"] != "y010102") { $this->obj_api->halt_re($_arr_userRow); } if ($_arr_userRow["user_status"] == "disable") { $_arr_return = array("alert" => "x010401"); $this->obj_api->halt_re($_arr_return); } if ($_arr_userSubmit["user_mail_new"] == $_arr_userRow["user_mail"]) { $_arr_return = array("alert" => "x010223"); $this->obj_api->halt_re($_arr_return); } $_is_pass = false; if ($_arr_userSubmit["user_check_pass"] == true) { if (fn_baigoEncrypt($_arr_userSubmit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) { $_arr_return = array("alert" => "x010213"); $this->obj_api->halt_re($_arr_return); } else { $_is_pass = true; } } if (!isset($this->appAllow["user"]["global"]) && !$_is_pass) { $_arr_belongRow = $this->mdl_belong->mdl_read($_arr_userRow["user_id"], $this->appRequest["app_id"]); if ($_arr_belongRow["alert"] != "y070102") { $_arr_return = array("alert" => "x050308"); $this->obj_api->halt_re($_arr_return); } } if ((BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") && isset($_arr_userSubmit["user_mail_new"]) && $_arr_userSubmit["user_mail_new"]) { $_arr_userRowChk = $this->mdl_user->mdl_read($_arr_userSubmit["user_mail_new"], "user_mail", $_arr_userRow["user_id"]); //检查邮箱 if ($_arr_userRowChk["alert"] == "y010102") { $_arr_return = array("alert" => "x010211"); $this->obj_api->halt_re($_arr_return); } } //file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand); if (BG_REG_CONFIRM == "on") { $_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]); if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") { $_arr_return = array("alert" => "x010405"); $this->obj_api->halt_re($_arr_return); } $_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=mailbox&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"]; $_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>"; $_str_html = str_ireplace("{verify_url}", $_str_url, $this->obj_api->mail["mailbox"]["content"]); $_str_html = str_ireplace("{user_name}", $_arr_userRow["user_name"], $_str_html); $_str_html = str_ireplace("{user_mail}", $_arr_userRow["user_mail"], $_str_html); $_str_html = str_ireplace("{user_mail_new}", $_arr_userSubmit["user_mail_new"], $_str_html); if (fn_mailSend($_arr_userSubmit["user_mail_new"], $this->obj_api->mail["mailbox"]["subject"], $_str_html)) { $_arr_returnRow["alert"] = "y010406"; } else { $_arr_returnRow["alert"] = "x010406"; } } else { $_arr_returnRow = $this->mdl_user->mdl_mail($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]); } $_arr_returnRow["user_id"] = $_arr_userRow["user_id"]; $_arr_returnRow["user_name"] = $_arr_userRow["user_name"]; //unset($_arr_returnRow["alert"]); $_str_src = fn_jsonEncode($_arr_returnRow, "encode"); $_str_code = $this->obj_crypt->encrypt($_str_src, $this->appRow["app_key"]); $_arr_return = array("code" => $_str_code); $_tm_time = time(); //通知 foreach ($this->appRows as $_key => $_value) { $_arr_data = array("act_post" => "mailbox", "code" => $this->obj_crypt->encrypt($_str_src, $_value["app_key"]), "time" => $_tm_time, "app_id" => $_value["app_id"], "app_key" => $_value["app_key"]); $_arr_data["signature"] = $this->obj_sign->sign_make($_arr_data); if (stristr($_value["app_url_notify"], "?")) { $_str_conn = "&"; } else { $_str_conn = "?"; } fn_http($_value["app_url_notify"] . $_str_conn . "mod=notify", $_arr_data, "post"); } $_arr_return["alert"] = $_arr_returnRow["alert"]; $this->obj_api->halt_re($_arr_return); }