function mdl_const($str_type)
{
$_str_content = "<?php" . PHP_EOL;
foreach ($this->arr_const[$str_type] as $_key => $_value) {
if (is_numeric($_value)) {
$_str_content .= "define(\"" . $_key . "\", " . $_value . ");" . PHP_EOL;
} else {
$_str_content .= "define(\"" . $_key . "\", \"" . str_replace(PHP_EOL, "|", $_value) . "\");" . PHP_EOL;
}
}
if ($str_type == "base") {
$_str_content .= "define(\"BG_SITE_SSIN\", \"" . fn_rand(6) . "\");" . PHP_EOL;
} else {
if ($str_type == "visit") {
if (!isset($this->arr_const[$str_type]["BG_VISIT_FILE"]) && $this->arr_const[$str_type]["BG_VISIT_TYPE"] != "static") {
$_str_content .= "define(\"BG_VISIT_FILE\", \"html\");" . PHP_EOL;
}
}
}
$_str_content = str_replace("||", "", $_str_content);
$_num_size = file_put_contents(BG_PATH_CONFIG . "opt_" . $str_type . ".inc.php", $_str_content);
if ($_num_size > 0) {
$_str_alert = "y060101";
} else {
$_str_alert = "x060101";
}
return array("alert" => $_str_alert);
}
/** 提交
* mdl_submit function.
*
* @access public
* @return void
*/
function mdl_submit()
{
$_arr_appData = array("app_name" => $this->appSubmit["app_name"], "app_notice" => $this->appSubmit["app_notice"], "app_note" => $this->appSubmit["app_note"], "app_status" => $this->appSubmit["app_status"], "app_ip_allow" => $this->appSubmit["app_ip_allow"], "app_ip_bad" => $this->appSubmit["app_ip_bad"], "app_sync" => $this->appSubmit["app_sync"], "app_allow" => $this->appSubmit["app_allow"]);
if ($this->appSubmit["app_id"] < 1) {
$_str_appKey = fn_rand(64);
$_arr_insert = array("app_key" => $_str_appKey, "app_time" => time());
$_arr_data = array_merge($_arr_appData, $_arr_insert);
$_num_appId = $this->obj_db->insert(BG_DB_TABLE . "app", $_arr_data);
//更新数据
if ($_num_appId > 0) {
$_str_alert = "y050101";
//更新成功
} else {
return array("alert" => "x050101");
}
} else {
$_str_appKey = "";
$_num_appId = $this->appSubmit["app_id"];
$_num_mysql = $this->obj_db->update(BG_DB_TABLE . "app", $_arr_appData, "app_id=" . $_num_appId);
//更新数据
if ($_num_mysql > 0) {
$_str_alert = "y050103";
//更新成功
} else {
return array("alert" => "x050103");
}
}
return array("app_id" => $_num_appId, "app_key" => $_str_appKey, "alert" => $_str_alert);
}
function mdl_const($str_type)
{
if (!fn_token("chk")) {
//令牌
$this->obj_ajax->halt_alert("x030102");
}
$_arr_opt = fn_post("opt");
$_str_content = "<?php" . PHP_EOL;
foreach ($_arr_opt as $_key => $_value) {
$_arr_optChk = validateStr($_value, 1, 900);
$_str_optValue = $_arr_optChk["str"];
if (is_numeric($_value)) {
$_str_content .= "define(\"" . $_key . "\", " . $_str_optValue . ");" . PHP_EOL;
} else {
$_str_content .= "define(\"" . $_key . "\", \"" . str_replace(PHP_EOL, "|", $_str_optValue) . "\");" . PHP_EOL;
}
}
if ($str_type == "base") {
$_str_content .= "define(\"BG_SITE_SSIN\", \"" . fn_rand(6) . "\");" . PHP_EOL;
} else {
if ($str_type == "visit") {
if ($_arr_opt["BG_VISIT_TYPE"] != "static") {
$_str_content .= "define(\"BG_VISIT_FILE\", \"html\");" . PHP_EOL;
}
}
}
$_str_content = str_replace("||", "", $_str_content);
$_num_size = file_put_contents(BG_PATH_CONFIG . "opt_" . $str_type . ".inc.php", $_str_content);
if ($_num_size > 0) {
$_str_alert = "y060101";
} else {
$_str_alert = "x060101";
}
return array("alert" => $_str_alert);
}
function mdl_const($str_type)
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030102");
exit;
}
$_str_content = "<?php" . PHP_EOL;
foreach ($this->arr_const[$str_type] as $_key => $_value) {
if (is_numeric($_value)) {
$_str_content .= "define(\"" . $_key . "\", " . $_value . ");" . PHP_EOL;
} else {
$_str_content .= "define(\"" . $_key . "\", \"" . str_replace(PHP_EOL, "|", $_value) . "\");" . PHP_EOL;
}
}
if ($str_type == "base") {
$_str_content .= "define(\"BG_SITE_SSIN\", \"" . fn_rand(6) . "\");" . PHP_EOL;
}
$_str_content = str_replace("||", "", $_str_content);
$_num_size = file_put_contents(BG_PATH_CONFIG . "opt_" . $str_type . ".inc.php", $_str_content);
if ($_num_size > 0) {
$_str_alert = "y040101";
} else {
$_str_alert = "x040101";
}
return array("alert" => $_str_alert);
}
/** 提交
* mdl_submit function.
*
* @access public
* @return void
*/
function mdl_submit($num_userId, $str_mail)
{
$_arr_verifyRow = $this->mdl_read($num_userId, "verify_user_id");
$_str_rand = fn_rand(6);
$_str_token = fn_rand(32);
$_str_tokenDo = fn_baigoEncrypt($_str_token, $_str_rand);
$_arr_verifyData = array("verify_user_id" => $num_userId, "verify_mail" => $str_mail, "verify_token" => $_str_token, "verify_rand" => $_str_rand, "verify_token_expire" => time() + BG_VERIFY_EXPIRE * 60, "verify_status" => "enable", "verify_time_refresh" => time());
if ($_arr_verifyRow["alert"] == "x120102") {
$_arr_verifyData["verify_time"] = time();
$_num_verifyId = $this->obj_db->insert(BG_DB_TABLE . "verify", $_arr_verifyData);
//更新数据
if ($_num_verifyId > 0) {
$_str_alert = "y120101";
//更新成功
} else {
return array("alert" => "x120101");
}
} else {
$_num_verifyId = $_arr_verifyRow["verify_id"];
$_num_mysql = $this->obj_db->update(BG_DB_TABLE . "verify", $_arr_verifyData, "verify_id=" . $_num_verifyId);
//更新数据
if ($_num_mysql > 0) {
$_str_alert = "y120103";
//更新成功
} else {
return array("alert" => "x120103");
}
}
return array("verify_id" => $_num_verifyId, "verify_token" => $_str_tokenDo, "alert" => $_str_alert);
}
/**
* notice_list function.
*
* @access public
* @return void
*/
function notice_login()
{
$_arr_noticeGet = $this->obj_notice->notice_get("get");
if ($_arr_noticeGet["alert"] != "ok") {
$this->obj_notice->halt_re($_arr_noticeGet);
}
$_tm_now = time();
if ($_arr_noticeGet["time"] - $_tm_now > 300) {
$_arr_return = array("alert" => "x220213");
$this->obj_notice->halt_re($_arr_return);
}
$_arr_signature = $this->obj_sso->sso_verify($_arr_noticeGet["time"], $_arr_noticeGet["random"], $_arr_noticeGet["signature"]);
if ($_arr_signature["alert"] != "y050403") {
$this->obj_notice->halt_re($_arr_signature);
}
$_arr_decode = $this->obj_sso->sso_decode($_arr_noticeGet["code"], $_arr_noticeGet["key"]);
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_decode["user_id"]);
if ($_arr_adminRow["alert"] != "y020102") {
$this->obj_notice->halt_re($_arr_adminRow);
}
if ($_arr_adminRow["admin_status"] == "disable") {
$_arr_return = array("alert" => "x020401");
$this->obj_notice->halt_re($_arr_return);
}
$_str_rand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_decode["user_id"], $_str_rand);
fn_session("admin_id", "mk", $_arr_decode["user_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
$this->obj_notice->halt_re($_arr_adminRow);
}
/**
* ctl_login function.
*
* @access public
* @return void
*/
function ctl_login()
{
$_arr_adminLogin = $this->mdl_admin->input_login();
if ($_arr_adminLogin["alert"] != "ok") {
return $_arr_adminLogin;
exit;
}
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_adminLogin["admin_name"], "admin_name");
if ($_arr_adminRow["alert"] != "y020102") {
return $_arr_adminRow;
exit;
}
if (fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020207");
exit;
}
if ($_arr_adminRow["admin_status"] != "enable") {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020402");
exit;
}
$_str_adminRand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_adminRow["admin_id"], fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_str_adminRand), $_str_adminRand);
fn_session("admin_id", "mk", $_arr_adminRow["admin_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_adminRand));
return array("admin_id" => $_arr_adminLogin["admin_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020201");
}
/** 处理常量并生成配置文件
* mdl_const function.
*
* @access public
* @param mixed $str_type
* @return void
*/
function mdl_const($str_type)
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030206");
}
$_str_content = "<?php" . PHP_EOL;
foreach ($this->arr_const[$str_type] as $_key => $_value) {
if (is_numeric($_value)) {
$_str_content .= "define(\"" . $_key . "\", " . $_value . ");" . PHP_EOL;
} else {
$_str_content .= "define(\"" . $_key . "\", \"" . rtrim(str_ireplace(PHP_EOL, "|", $_value), "/\\") . "\");" . PHP_EOL;
}
}
if ($str_type == "base") {
$_str_content .= "define(\"BG_SITE_SSIN\", \"" . fn_rand(6) . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_TPL\", \"default\");" . PHP_EOL;
}
$_str_content = str_ireplace("||", "", $_str_content);
$_num_size = $this->obj_dir->put_file(BG_PATH_CONFIG . "opt_" . $str_type . ".inc.php", $_str_content);
if ($_num_size > 0) {
$_str_alert = "y030405";
} else {
$_str_alert = "x030405";
}
return array("alert" => $_str_alert);
}
function __construct()
{
//构造函数
$this->obj_dir = new CLASS_DIR();
if (!file_exists(BG_PATH_CACHE . "sys/crypt_key_pub.txt")) {
$this->obj_dir->put_file(BG_PATH_CACHE . "sys/crypt_key_pub.txt", fn_rand());
}
$this->key_pub = file_get_contents(BG_PATH_CACHE . "sys/crypt_key_pub.txt");
}
/**
* ajax_submit function.
*
* @access public
* @return void
*/
function ajax_submit()
{
$_arr_adminSubmit = $this->mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_str_adminPassDo = "";
$_str_adminRand = "";
if ($_arr_adminSubmit["admin_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020303");
}
if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) {
$this->obj_ajax->halt_alert("x020306");
}
$_str_adminPass = fn_post("admin_pass");
if (!fn_isEmpty($_str_adminPass)) {
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) {
$this->obj_ajax->halt_alert("x020302");
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
}
$_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") {
$_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]);
$_str_targets = json_encode($_arr_targets);
if ($_arr_adminRow["alert"] == "y020101") {
$_type = "add";
} else {
$_type = "edit";
}
$_str_adminRow = json_encode($_arr_adminRow);
$_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin");
$this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]);
}
$this->obj_ajax->halt_alert($_arr_adminRow["alert"]);
}
function api_admin()
{
$this->check_db();
include_once BG_PATH_MODEL . "admin.class.php";
//载入管理帐号模型
$_mdl_admin = new MODEL_ADMIN();
$_arr_adminAdd = $_mdl_admin->api_add();
if ($_arr_adminAdd["alert"] != "ok") {
$this->obj_api->halt_re($_arr_adminAdd);
}
$_str_rand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_arr_adminAdd["admin_pass"], $_str_rand, true);
$_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_rand);
$this->obj_api->halt_re($_arr_adminRow);
}
/**
* api_encode function.
*
* @access public
* @return void
*/
function api_encode()
{
$this->app_check("post");
$_arr_data = validateStr(fn_post("data"), 1, 0);
switch ($_arr_data["status"]) {
case "too_short":
$_arr_return = array("alert" => "x080201");
$this->obj_api->halt_re($_arr_return);
break;
case "ok":
$_str_data = html_entity_decode($_arr_data["str"]);
break;
}
$_str_key = fn_rand(6);
$_str_code = fn_baigoEncode($_str_data, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key, "alert" => "y050405");
$this->obj_api->halt_re($_arr_return);
}
function fn_ssin_login($num_adminId)
{
$_mdl_admin = new MODEL_ADMIN();
//设置管理员对象
$_arr_adminRow = $_mdl_admin->mdl_read($num_adminId);
//本地数据库处理
if ($_arr_adminRow["alert"] != "y020102") {
return $_arr_adminRow;
}
if ($_arr_adminRow["admin_status"] == "disable") {
return array("alert" => "x020401");
}
$_str_rand = fn_rand(6);
$_mdl_admin->mdl_login($num_adminId, $_str_rand);
fn_session("admin_id", "mk", $num_adminId);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
return array("alert" => "ok");
}
/**
* ctl_login function.
*
* @access public
* @return void
*/
function ctl_login()
{
$_arr_adminLogin = $this->input_login();
if ($_arr_adminLogin["alert"] != "ok") {
return $_arr_adminLogin;
exit;
}
$_arr_ssoLogin = $this->obj_sso->sso_login($_arr_adminLogin["admin_name"], $_arr_adminLogin["admin_pass"]);
//sso验证
if ($_arr_ssoLogin["alert"] != "y010401") {
$_arr_ssoLogin["forward"] = $_arr_adminLogin["forward"];
return $_arr_ssoLogin;
exit;
}
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_ssoLogin["user_id"]);
//本地数据库处理
if ($_arr_adminRow["alert"] != "y020102") {
$_arr_adminRow["forward"] = $_arr_adminLogin["forward"];
return $_arr_adminRow;
exit;
}
if ($_arr_adminRow["admin_status"] == "disable") {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020401");
exit;
}
$_str_rand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_ssoLogin["user_id"], $_str_rand);
fn_session("admin_id", "mk", $_arr_ssoLogin["user_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
if (defined("BG_SSO_SYNLOGON") && BG_SSO_SYNLOGON == "on") {
$_arr_sync = $this->obj_sso->sso_sync_login($_arr_ssoLogin["user_id"]);
echo $_arr_sync["html"];
}
exit;
return array("admin_id" => $_arr_ssoLogin["user_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020401");
}
function ajax_submit()
{
$_arr_userSubmit = $this->mdl_user->input_submit();
$_str_userPassDo = "";
$_str_userRand = "";
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_userSubmit["alert"]);
}
if ($_arr_userSubmit["user_id"] > 0) {
if (!isset($this->adminLogged["admin_allow"]["user"]["edit"])) {
$this->obj_ajax->halt_alert("x010303");
}
$_str_userPass = fn_post("user_pass");
if ($_str_userPass) {
$_str_userRand = fn_rand(6);
$_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand);
}
} else {
if (!isset($this->adminLogged["admin_allow"]["user"]["add"])) {
$this->obj_ajax->halt_alert("x010302");
}
$_arr_userPass = validateStr(fn_post("user_pass"), 1, 0);
switch ($_arr_userPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x010212");
break;
case "ok":
$_str_userPass = $_arr_userPass["str"];
break;
}
$_str_userRand = fn_rand(6);
$_str_userPassDo = fn_baigoEncrypt($_str_userPass, $_str_userRand);
}
$_arr_userRow = $this->mdl_user->mdl_submit($_str_userPassDo, $_str_userRand);
$this->obj_ajax->halt_alert($_arr_userRow["alert"]);
}
function ajax_admin()
{
$this->check_db();
include_once BG_PATH_MODEL . "admin.class.php";
//载入管理帐号模型
$_mdl_admin = new MODEL_ADMIN();
$_arr_adminSubmit = $_mdl_admin->input_submit();
if ($_arr_adminSubmit["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
}
$_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPass["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020205");
break;
case "ok":
$_str_adminPass = $_arr_adminPass["str"];
break;
}
$_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0);
switch ($_arr_adminPassConfirm["status"]) {
case "too_short":
$this->obj_ajax->halt_alert("x020211");
break;
case "ok":
$_str_adminPassConfirm = $_arr_adminPassConfirm["str"];
break;
}
if ($_str_adminPass != $_str_adminPassConfirm) {
$this->obj_ajax->halt_alert("x020206");
}
$_str_adminRand = fn_rand(6);
$_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
$_arr_adminRow = $_mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
$this->obj_ajax->halt_alert("y030407");
}
function api_logout()
{
$this->app_check("get");
if (!isset($this->appAllow["user"]["login"])) {
$_arr_return = array("alert" => "x050306");
$_arr_logTarget[] = array("app_id" => $this->appGet["app_id"]);
$_arr_logType = array("user", "get");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_sync->halt_re($_arr_return);
}
$_arr_userId = validateStr($this->appGet["user_id"], 1, 0, "str", "int");
switch ($_arr_userId["status"]) {
case "too_short":
$_arr_return = array("alert" => "x010217");
$this->obj_sync->halt_re($_arr_return);
break;
case "format_err":
$_arr_return = array("alert" => "x010218");
$this->obj_sync->halt_re($_arr_return);
break;
case "ok":
$_num_userId = $_arr_userId["str"];
break;
}
$_arr_userRow = $this->mdl_user->mdl_read($_num_userId);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_sync->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] != "enable") {
$_arr_return = array("alert" => "x010401");
$this->obj_api->halt_re($_arr_return);
}
unset($_arr_userRow["user_pass"], $_arr_userRow["user_mail"], $_arr_userRow["user_nick"], $_arr_userRow["user_note"], $_arr_userRow["user_rand"], $_arr_userRow["user_status"], $_arr_userRow["user_time"], $_arr_userRow["user_time_login"], $_arr_userRow["user_ip"]);
$_str_key = fn_rand(6);
$_arr_code = $_arr_userRow;
$_str_sync = "";
foreach ($this->appRows as $_key => $_value) {
$_tm_time = time();
$_str_rand = fn_rand();
$_str_sign = fn_baigoSignMk($_tm_time, $_str_rand);
$_arr_code["app_id"] = $_value["app_id"];
$_arr_code["app_key"] = $_value["app_key"];
$_str_code = $this->obj_sync->sync_encode($_arr_code, $_str_key);
if (stristr($_value["app_notice"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
$_str_url = $_value["app_notice"] . $_str_conn . "act_get=logout&time=" . $_tm_time . "&random=" . $_str_rand . "&signature=" . $_str_sign . "&code=" . $_str_code . "&key=" . $_str_key;
$_str_sync .= "<script type=\"text/javascript\" src=\"" . $_str_url . "\"></script>";
}
$_arr_return = array("alert" => "y100402", "html" => base64_encode($_str_sync));
exit(fn_jsonEncode($_arr_return, "no"));
}
/**
* api_edit function.
*
* @access public
* @return void
*/
function api_edit()
{
$this->app_check("post");
if (!isset($this->appAllow["user"]["edit"])) {
$_arr_return = array("alert" => "x050308");
$_arr_logTarget[] = array("app_id" => $this->appGet["app_id"]);
$_arr_logType = array("user", "edit");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userEdit = $this->mdl_user->api_input_edit();
if ($_arr_userEdit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userEdit);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userEdit["user_str"], $_arr_userEdit["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if (!isset($this->appAllow["user"]["global"])) {
$_arr_appBelongRow = $this->mdl_appBelong->mdl_read($_arr_userRow["user_id"], $this->appGet["app_id"]);
if ($_arr_appBelongRow["alert"] != "y070102") {
$_arr_return = array("alert" => "x050308");
$this->obj_api->halt_re($_arr_return);
}
}
if ($_arr_userEdit["user_check_pass"] == true) {
if (fn_baigoEncrypt($_arr_userEdit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) {
$_arr_return = array("alert" => "x010213");
$this->obj_api->halt_re($_arr_return);
}
}
if ($_arr_userRow["user_status"] != "enable") {
return array("alert" => "x010401");
exit;
}
if (BG_REG_ONEMAIL == "false" && BG_REG_NEEDMAIL == "on" && $_arr_userEdit["user_mail"]) {
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userEdit["user_mail"], "user_mail", $_arr_userRow["user_id"]);
if ($_arr_userRow["alert"] == "y010102") {
$_arr_return = array("alert" => "x010211");
$this->obj_api->halt_re($_arr_return);
}
}
//file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);
$_str_key = fn_rand(6);
$_arr_userUpdate = $this->mdl_user->mdl_edit($_arr_userRow["user_id"]);
$_arr_userUpdate["user_name"] = $_arr_userRow["user_name"];
$_str_code = $this->obj_api->api_encode($_arr_userUpdate, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key);
//通知
$_arr_notice = $_arr_return;
$_arr_notice["act_post"] = "edit";
$this->obj_api->api_notice($_arr_notice, $this->appRows);
$_arr_return["alert"] = $_arr_userUpdate["alert"];
$this->obj_api->halt_re($_arr_return);
}
function api_logout()
{
$this->app_check("get");
if (!isset($this->appRow["app_allow"]["user"]["login"])) {
$_arr_return = array("alert" => "x050306");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$_arr_logType = array("user", "get");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_sync->halt_re($_arr_return);
}
$_arr_userId = validateStr($this->appRequest["user_id"], 1, 0, "str", "int");
switch ($_arr_userId["status"]) {
case "too_short":
$_arr_return = array("alert" => "x010217");
$this->obj_sync->halt_re($_arr_return);
break;
case "format_err":
$_arr_return = array("alert" => "x010218");
$this->obj_sync->halt_re($_arr_return);
break;
case "ok":
$_num_userId = $_arr_userId["str"];
break;
}
$_arr_userRow = $this->mdl_user->mdl_read($_num_userId);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_sync->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] != "enable") {
$_arr_return = array("alert" => "x010401");
$this->obj_api->halt_re($_arr_return);
}
unset($_arr_userRow["user_pass"], $_arr_userRow["user_mail"], $_arr_userRow["user_nick"], $_arr_userRow["user_note"], $_arr_userRow["user_rand"], $_arr_userRow["user_status"], $_arr_userRow["user_time"], $_arr_userRow["user_time_login"], $_arr_userRow["user_ip"]);
$_str_key = fn_rand(6);
$_arr_code = $_arr_userRow;
$_arr_urlRows = array();
foreach ($this->appRows as $_key => $_value) {
$_tm_time = time();
$_str_rand = fn_rand();
$_str_sign = fn_baigoSignMk($_tm_time, $_str_rand);
$_arr_code["app_id"] = $_value["app_id"];
$_arr_code["app_key"] = $_value["app_key"];
$_str_code = $this->obj_sync->sync_encode($_arr_code, $_str_key);
if (stristr($_value["app_notice"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
$_str_url = $_value["app_notice"] . $_str_conn . "mod=sync";
$_arr_data = array("act_get" => "logout", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_str_sign, "code" => $_str_code, "key" => $_str_key);
$_arr_urlRows[] = urlencode($_str_url . "&" . http_build_query($_arr_data));
}
$_arr_return = array("alert" => "y100402", "urlRows" => $_arr_urlRows);
$this->obj_sync->halt_re($_arr_return);
}
/** 同步登录
* sso_sync_login function.
*
* @access public
* @param mixed $num_userId
* @return void
*/
function sso_sync_login($num_userId)
{
$_str_key = fn_rand(6);
$_arr_data["user_id"] = $num_userId;
$_arr_code = $this->sso_encode($_arr_data);
$_tm_time = time();
$_str_rand = fn_rand();
$_arr_signature = $this->sso_signature($_tm_time, $_str_rand);
if ($_arr_signature["alert"] != "y050404") {
return $_arr_result;
//返回错误信息
exit;
}
$_arr_ssoData = array("act_get" => "login", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_arr_signature["signature"], "code" => $_arr_code["code"], "key" => $_arr_code["key"]);
$_arr_get = fn_http(BG_SSO_URL . "?mod=sync", $_arr_ssoData, "get");
//提交
$_arr_result = $this->result_process($_arr_get);
if ($_arr_result["urls"]) {
foreach ($_arr_result["urls"] as $_key => $_value) {
$_arr_result["urls"][$_key] = base64_decode(urldecode($_value));
}
}
return $_arr_result;
}
/** api 编辑表单验证
* input_edit_api function.
*
* @access public
* @return void
*/
function input_edit_api()
{
$_arr_userGet = $this->input_get_by("post");
if ($_arr_userGet["alert"] != "ok") {
return $_arr_userGet;
}
$this->apiEdit = $_arr_userGet;
$this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", "");
if ($this->apiEdit["user_check_pass"] == true) {
$_arr_userPass = $this->chk_user_pass(fn_post("user_pass"));
if ($_arr_userPass["alert"] != "ok") {
return $_arr_userPass;
}
$this->apiEdit["user_pass"] = $_arr_userPass["user_pass"];
}
if (fn_post("user_pass_new")) {
$this->apiEdit["user_pass_new"] = fn_post("user_pass_new");
$this->apiEdit["user_rand"] = fn_rand(6);
$this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true);
}
if (fn_post("user_mail_new")) {
$_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new"));
if ($_arr_userMailNew["alert"] != "ok") {
return $_arr_userMailNew;
}
$this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"];
}
$_arr_userNick = $this->chk_user_nick(fn_post("user_nick"));
if ($_arr_userNick["alert"] != "ok") {
return $_arr_userNick;
}
$this->apiEdit["user_nick"] = $_arr_userNick["user_nick"];
$_str_userContact = fn_getSafe(fn_post("user_contact"), "txt", "");
$this->apiEdit["user_contactStr"] = $_str_userContact;
$_str_userContact = fn_htmlcode($_str_userContact, "decode", "json");
$_arr_userContact = json_decode($_str_userContact, true);
$this->apiEdit["user_contact"] = fn_jsonEncode($_arr_userContact, "encode");
$_str_userExtend = fn_getSafe(fn_post("user_extend"), "txt", "");
$this->apiEdit["user_extendStr"] = $_str_userExtend;
$_str_userExtend = fn_htmlcode($_str_userExtend, "decode", "json");
$_arr_userExtend = json_decode($_str_userExtend, true);
$this->apiEdit["user_extend"] = fn_jsonEncode($_arr_userExtend, "encode");
$this->apiEdit["alert"] = "ok";
return $this->apiEdit;
}
/**
* fn_token function.
*
* @access public
* @param string $token_action (default: "mk")
* @param string $token_method (default: "post")
* @param string $cookie_method (default: "post")
* @return void
*/
function fn_token($token_action = "mk", $session_method = "post", $cookie_method = "cookie")
{
switch ($token_action) {
case "chk":
switch ($session_method) {
case "get":
$_str_tokenSession = fn_getSafe(fn_get("token_session"), "txt", "");
break;
default:
$_str_tokenSession = fn_getSafe(fn_post("token_session"), "txt", "");
break;
}
switch ($cookie_method) {
case "get":
$_str_tokenCookie = fn_getSafe(fn_get("token_cookie"), "txt", "");
break;
case "post":
$_str_tokenCookie = fn_getSafe(fn_post("token_cookie"), "txt", "");
break;
default:
$_str_tokenCookie = fn_cookie("token_cookie");
break;
}
if (BG_SWITCH_TOKEN == true) {
if ($_str_tokenSession != fn_session("token_session") || $_str_tokenCookie != fn_session("token_cookie")) {
$_str_return = false;
} else {
$_str_return = true;
}
} else {
$_str_return = true;
}
break;
default:
if (BG_SWITCH_TOKEN == true) {
$_num_tokenSessionDiff = fn_session("token_session_time") + 300;
//session有效期
if (!fn_session("token_session") || !fn_session("token_session_time") || $_num_tokenSessionDiff < time()) {
$_str_tokenSession = fn_rand();
fn_session("token_session", "mk", $_str_tokenSession);
fn_session("token_session_time", "mk", time());
} else {
$_str_tokenSession = fn_session("token_session");
}
$_num_tokenCookieDiff = fn_session("token_cookie_time") + 300;
//cookie有效期
if (!fn_session("token_cookie") || !fn_session("token_cookie_time") || $_num_tokenCookieDiff < time()) {
$_str_tokenCookie = fn_rand();
fn_session("token_cookie", "mk", $_str_tokenCookie);
fn_session("token_cookie_time", "mk", time());
} else {
$_str_tokenCookie = fn_session("token_cookie");
}
$_str_return = $_str_tokenSession;
fn_cookie("token_cookie", "mk", $_str_tokenCookie);
}
break;
}
return $_str_return;
}
/**
* ajax_notice function.
*
* @access public
* @return void
*/
function ajax_notice()
{
$_num_appId = fn_getSafe(fn_post("app_id_notice"), "int", 0);
if ($_num_appId == 0) {
$this->obj_ajax->halt_alert("x050203");
}
if (!isset($this->adminLogged["admin_allow"]["app"]["browse"])) {
$this->obj_ajax->halt_alert("x050301");
}
$_arr_appRow = $this->mdl_app->mdl_read($_num_appId);
if ($_arr_appRow["alert"] != "y050102") {
$this->obj_ajax->halt_alert($_arr_appRow["alert"]);
}
$_tm_time = time();
$_str_rand = fn_rand();
$_str_sign = fn_baigoSignMk($_tm_time, $_str_rand);
$_str_echo = fn_rand();
$_arr_data = array("act_get" => "test", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_str_sign, "echostr" => $_str_echo, "app_id" => $_arr_appRow["app_id"], "app_key" => $_arr_appRow["app_key"]);
if (stristr($_arr_appRow["app_notice"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
$_arr_notice = fn_http($_arr_appRow["app_notice"] . $_str_conn . "mod=notice", $_arr_data, "get");
//print_r($_arr_notice);
//exit;
if ($_arr_notice["ret"] == $_str_echo) {
$_str_alert = "y050401";
} else {
$_str_alert = "x050401";
$_arr_targets[] = array("app_id" => $_num_appId);
$_str_targets = json_encode($_arr_targets);
$_str_notice = htmlentities($_arr_notice["ret"], ENT_QUOTES, "UTF-8");
//exit($_str_notice);
$this->mdl_log->mdl_submit($_str_targets, "app", $this->log["app"]["noticeTest"], $_str_notice, "admin", $this->adminLogged["admin_id"]);
//exit("test");
}
$this->obj_ajax->halt_alert($_str_alert);
}
/**
* sso_base function.
*
* @access private
* @return void
*/
private function sso_base()
{
$_str_content = "<?php" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_NAME\", \"baigo SSO\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_DOMAIN\", \"" . BG_SITE_DOMAIN . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_URL\", \"" . BG_SITE_URL . "\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_PERPAGE\", 30);" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_TIMEZONE\", \"Etc/GMT+8\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_DATE\", \"Y-m-d\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_DATESHORT\", \"m-d\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_TIME\", \"H:i:s\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_TIMESHORT\", \"H:i\");" . PHP_EOL;
$_str_content .= "define(\"BG_SITE_SSIN\", \"" . fn_rand(6) . "\");" . PHP_EOL;
file_put_contents(BG_PATH_SSO . "config/opt_base.inc.php", $_str_content);
}
function api_nomail()
{
$this->app_check("post");
if (!isset($this->appAllow["user"]["reg"])) {
$_arr_return = array("alert" => "x050308");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$_arr_logType = array("user", "reg");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userSubmit = $this->mdl_user->input_get_by("post");
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userSubmit);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userSubmit["user_str"], $_arr_userSubmit["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] == "enable") {
$_arr_return = array("alert" => "x010226");
$this->obj_api->halt_re($_arr_return);
}
if (!isset($this->appAllow["user"]["global"])) {
$_arr_belongRow = $this->mdl_belong->mdl_read($_arr_userRow["user_id"], $this->appRequest["app_id"]);
if ($_arr_belongRow["alert"] != "y070102") {
$_arr_return = array("alert" => "x050308");
$this->obj_api->halt_re($_arr_return);
}
}
//file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);
$_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userRow["user_mail"]);
if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") {
$_arr_return = array("alert" => "x010407");
$this->obj_api->halt_re($_arr_return);
}
$_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=confirm&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"];
$_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>";
$_str_html = str_replace("{verify_url}", $_str_url, $this->obj_api->mail["reg"]["content"]);
if (fn_mailSend($_arr_userRow["user_mail"], $this->obj_api->mail["reg"]["subject"], $_str_html)) {
$_arr_returnRow["alert"] = "y010408";
} else {
$_arr_returnRow["alert"] = "x010408";
}
$_arr_returnRow["user_id"] = $_arr_userRow["user_id"];
$_str_key = fn_rand(6);
$_str_code = $this->obj_api->api_encode($_arr_returnRow, $_str_key);
$_arr_return = array("code" => $_str_code, "key" => $_str_key);
$_arr_return["alert"] = $_arr_returnRow["alert"];
$this->obj_api->halt_re($_arr_return);
}
/** 修改密码表单验证
* input_pass function.
*
* @access public
* @return void
*/
function input_pass()
{
if (!fn_token("chk")) {
//令牌
return array("alert" => "x030102");
exit;
}
$_arr_adminPassOld = validateStr(fn_post("admin_pass"), 1, 0);
switch ($_arr_adminPassOld["status"]) {
case "too_short":
return array("alert" => "x020210");
exit;
break;
case "ok":
$this->adminPass["admin_pass"] = $_arr_adminPassOld["str"];
break;
}
$_arr_adminPassNew = validateStr(fn_post("admin_pass_new"), 1, 0);
switch ($_arr_adminPassNew["status"]) {
case "too_short":
return array("alert" => "x020213");
exit;
break;
case "ok":
$this->adminPass["admin_pass_new"] = $_arr_adminPassNew["str"];
break;
}
$_arr_adminPassConfirm = validateStr(fn_post("admin_pass_confirm"), 1, 0);
switch ($_arr_adminPassConfirm["status"]) {
case "too_short":
return array("alert" => "x020215");
exit;
break;
case "ok":
$this->adminPass["admin_pass_confirm"] = $_arr_adminPassConfirm["str"];
break;
}
if ($this->adminPass["admin_pass_new"] != $this->adminPass["admin_pass_confirm"]) {
return array("alert" => "x020211");
exit;
}
$this->adminPass["admin_rand"] = fn_rand(6);
$this->adminPass["admin_pass_do"] = fn_baigoEncrypt($this->adminPass["admin_pass_new"], $this->adminPass["admin_rand"]);
$this->adminPass["alert"] = "ok";
return $this->adminPass;
}
/**
* mdl_submit function.
*
* @access public
* @param mixed $num_adminId
* @param mixed $str_adminNote
* @param mixed $str_adminRand
* @param mixed $str_adminStatus
* @param mixed $str_adminAllowCate
* @return void
*/
function mdl_submit($num_adminId)
{
$_arr_adminRow = $this->mdl_read($num_adminId);
$_arr_adminData = array("admin_note" => $this->adminSubmit["admin_note"], "admin_nick" => $this->adminSubmit["admin_nick"], "admin_status" => $this->adminSubmit["admin_status"], "admin_allow_cate" => $this->adminSubmit["admin_allow_cate"], "admin_allow_profile" => $this->adminSubmit["admin_allow_profile"]);
if ($_arr_adminRow["alert"] == "x020102") {
$_arr_insert = array("admin_id" => $num_adminId, "admin_rand" => fn_rand(6), "admin_name" => $this->adminSubmit["admin_name"], "admin_time" => time());
$_arr_data = array_merge($_arr_adminData, $_arr_insert);
$_num_adminId = $this->obj_db->insert(BG_DB_TABLE . "admin", $_arr_data);
//插入数据
if ($_num_adminId >= 0) {
$_str_alert = "y020101";
//插入成功
} else {
return array("alert" => "x020101");
exit;
}
} else {
$_num_adminId = $num_adminId;
$_num_mysql = $this->obj_db->update(BG_DB_TABLE . "admin", $_arr_adminData, "admin_id=" . $_num_adminId);
//更新数据
if ($_num_mysql > 0) {
$_str_alert = "y020103";
//更新成功
} else {
return array("alert" => "x020103");
exit;
}
}
return array("admin_id" => $_num_adminId, "alert" => $_str_alert);
}
/** api 编辑
* api_edit function.
*
* @access public
* @return void
*/
function api_edit()
{
$_arr_userGet = $this->input_get_by("post");
if ($_arr_userGet["alert"] != "ok") {
return $_arr_userGet;
exit;
}
$this->apiEdit = $_arr_userGet;
if (fn_post("user_mail")) {
$_arr_userMail = $this->input_mail_chk(fn_post("user_mail"));
if ($_arr_userMail["alert"] != "ok") {
return $_arr_userMail;
exit;
}
$this->apiEdit["user_mail"] = $_arr_userMail["user_mail"];
if (defined("BG_ACC_MAIL") && strlen(BG_ACC_MAIL)) {
if (!fn_regChk($this->apiEdit["user_mail"], BG_ACC_MAIL)) {
return array("alert" => "x010209");
exit;
}
} else {
if (defined("BG_BAD_MAIL") && strlen(BG_BAD_MAIL)) {
if (fn_regChk($this->apiEdit["user_mail"], BG_BAD_MAIL)) {
return array("alert" => "x010210");
exit;
}
}
}
}
$this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", "");
if ($this->apiEdit["user_check_pass"] == true) {
$_arr_userPass = $this->input_pass_chk(fn_post("user_pass"));
if ($_arr_userPass["alert"] != "ok") {
return $_arr_userPass;
exit;
}
$this->apiEdit["user_pass"] = $_arr_userPass["user_pass"];
}
if (fn_post("user_pass_new")) {
$this->apiEdit["user_pass_new"] = fn_post("user_pass_new");
$this->apiEdit["user_rand"] = fn_rand(6);
$this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true);
}
$_arr_userNick = $this->input_nick_chk(fn_post("user_nick"));
if ($_arr_userNick["alert"] != "ok") {
return $_arr_userNick;
exit;
}
$this->apiEdit["user_nick"] = $_arr_userNick["user_nick"];
$this->apiEdit["alert"] = "ok";
return $this->apiEdit;
}
/**
* api_reg function.
*
* @access public
* @return void
*/
function api_reg()
{
$this->app_check("post");
if (defined("BG_REG_ACC") && BG_REG_ACC != "enable") {
$_arr_return = array("alert" => "x050316");
$this->obj_api->halt_re($_arr_return);
}
if (!isset($this->appAllow["user"]["reg"])) {
//无权限并记录日志
$_arr_return = array("alert" => "x050305");
$_arr_logType = array("user", "reg");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userSubmit = $this->mdl_user->input_reg_api();
//获取数据
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userSubmit);
}
$_arr_sign = array("act_post" => $GLOBALS["act_post"], "user_name" => $_arr_userSubmit["user_name"], "user_mail" => $_arr_userSubmit["user_mail"], "user_pass" => $_arr_userSubmit["user_pass"], "user_nick" => $_arr_userSubmit["user_nick"], "user_contact" => $_arr_userSubmit["user_contactStr"], "user_extend" => $_arr_userSubmit["user_extendStr"]);
if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
$_arr_return = array("alert" => "x050403");
$this->obj_api->halt_re($_arr_return);
}
$_str_rand = fn_rand(6);
$_str_userPass = fn_baigoEncrypt($_arr_userSubmit["user_pass"], $_str_rand, true);
//生成密码
if (BG_REG_CONFIRM == "on") {
//开启验证则为等待
$_str_status = "wait";
} else {
$_str_status = "enable";
}
$_arr_userRow = $this->mdl_user->mdl_submit($_str_userPass, $_str_rand, $_str_status);
if (BG_REG_CONFIRM == "on") {
//开启验证发送邮件
$_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userSubmit["user_mail"]);
if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") {
//生成验证失败
$_arr_return = array("alert" => "x010410");
$this->obj_api->halt_re($_arr_return);
}
$_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=confirm&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"];
$_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>";
$_str_html = str_ireplace("{verify_url}", $_str_url, $this->obj_api->mail["reg"]["content"]);
$_str_html = str_ireplace("{user_name}", $_arr_userSubmit["user_name"], $_str_html);
$_str_html = str_ireplace("{user_mail}", $_arr_userSubmit["user_mail"], $_str_html);
if (fn_mailSend($_arr_userSubmit["user_mail"], $this->obj_api->mail["reg"]["subject"], $_str_html)) {
//发送邮件
$_str_alert = "y010410";
} else {
$_str_alert = "x010410";
}
$_arr_userRow["alert"] = $_str_alert;
$_arr_userRow["verify_id"] = $_arr_returnRow["verify_id"];
$_arr_userRow["verify_token"] = $_arr_returnRow["verify_token"];
}
//unset($_arr_userRow["alert"]);
$_str_src = fn_jsonEncode($_arr_userRow, "encode");
$_str_code = $this->obj_crypt->encrypt($_str_src, $this->appRow["app_key"]);
$this->mdl_belong->mdl_submit($_arr_userRow["user_id"], $this->appRequest["app_id"]);
//用户授权
$_arr_return = array("code" => $_str_code);
$_tm_time = time();
//通知
foreach ($this->appRows as $_key => $_value) {
$_arr_data = array("act_post" => "reg", "code" => $this->obj_crypt->encrypt($_str_src, $_value["app_key"]), "time" => $_tm_time, "app_id" => $_value["app_id"], "app_key" => $_value["app_key"]);
$_arr_data["signature"] = $this->obj_sign->sign_make($_arr_data);
if (stristr($_value["app_url_notify"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
if (stristr($_value["app_url_notify"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
fn_http($_value["app_url_notify"] . $_str_conn . "mod=notify", $_arr_data, "post");
}
$_arr_return["alert"] = $_arr_userRow["alert"];
$this->obj_api->halt_re($_arr_return);
}
/** api 编辑
* input_edit_api function.
*
* @access public
* @return void
*/
function input_edit_api()
{
$_arr_userGet = $this->input_get_by("post");
if ($_arr_userGet["alert"] != "ok") {
return $_arr_userGet;
}
$this->apiEdit = $_arr_userGet;
$this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", "");
if ($this->apiEdit["user_check_pass"] == true) {
$_arr_userPass = $this->chk_user_pass(fn_post("user_pass"));
if ($_arr_userPass["alert"] != "ok") {
return $_arr_userPass;
}
$this->apiEdit["user_pass"] = $_arr_userPass["user_pass"];
}
if (fn_post("user_pass_new")) {
$this->apiEdit["user_pass_new"] = fn_post("user_pass_new");
$this->apiEdit["user_rand"] = fn_rand(6);
$this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true);
}
if (fn_post("user_mail_new")) {
$_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new"));
if ($_arr_userMailNew["alert"] != "ok") {
return $_arr_userMailNew;
}
$this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"];
}
$_arr_userNick = $this->chk_user_nick(fn_post("user_nick"));
if ($_arr_userNick["alert"] != "ok") {
return $_arr_userNick;
}
$this->apiEdit["user_nick"] = $_arr_userNick["user_nick"];
$this->apiEdit["alert"] = "ok";
return $this->apiEdit;
}