/**
* 基本验证
*
* @param string $key
* @param string $value
* @return int 0-验证信息不存在,1-验证码已过期, 2-验证码错误
*/
function validate_code($key, $code)
{
$record = get_validate_record($key);
if ($record == false) {
return ERR_VALIDATE_KEY_NOT_EXIST;
} else {
if ($record['expired_time'] < time()) {
return ERR_VALIDATE_EXPIRED_TIME;
} else {
if ($record['record_code'] != $code) {
return ERR_VALIDATE_CODE_NOT_MATCH;
} else {
return true;
}
}
}
}
function action_send_mobile_code()
{
// 获取全局变量
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
/* 载入语言文件 */
require_once ROOT_PATH . 'languages/' . $_CFG['lang'] . '/user.php';
require_once ROOT_PATH . 'includes/lib_validate_record.php';
$mobile_phone = trim($_REQUEST['mobile_phone']);
if (empty($mobile_phone)) {
exit("手机号不能为空");
return;
} else {
if (!is_mobile_phone($mobile_phone)) {
exit("手机号格式不正确");
return;
} else {
if (check_validate_record_exist($mobile_phone)) {
// 获取数据库中的验证记录
$record = get_validate_record($mobile_phone);
/**
* 检查是过了限制发送短信的时间
*/
$last_send_time = $record['last_send_time'];
$expired_time = $record['expired_time'];
$create_time = $record['create_time'];
$count = $record['count'];
// 每天每个手机号最多发送的验证码数量
$max_sms_count = 10;
// 发送最多验证码数量的限制时间,默认为24小时
$max_sms_count_time = 60 * 60 * 24;
if (time() - $last_send_time < 60) {
echo "每60秒内只能发送一次短信验证码,请稍候重试";
return;
} else {
if (time() - $create_time < $max_sms_count_time && $record['count'] > $max_sms_count) {
echo "您发送验证码太过于频繁,请稍后重试!";
return;
} else {
$count++;
}
}
}
}
}
require_once ROOT_PATH . 'includes/lib_passport.php';
// 设置为空
$_SESSION['mobile_register'] = array();
require_once ROOT_PATH . 'sms/sms.php';
// 生成6位短信验证码
$mobile_code = rand_number(6);
// 短信内容
$content = sprintf($_LANG['mobile_code_template'], $GLOBALS['_CFG']['shop_name'], $mobile_code, $GLOBALS['_CFG']['shop_name']);
/* 发送激活验证邮件 */
// $result = true;
$result = sendSMS($mobile_phone, $content);
if ($result) {
if (!isset($count)) {
$ext_info = array("count" => 1);
} else {
$ext_info = array("count" => $count);
}
// 保存手机号码到SESSION中
$_SESSION[VT_MOBILE_REGISTER] = $mobile_phone;
// 保存验证信息
save_validate_record($mobile_phone, $mobile_code, VT_MOBILE_REGISTER, time(), time() + 30 * 60, $ext_info);
echo 'ok';
} else {
echo '短信验证码发送失败';
}
}
/**
* 检查手机验证码
*
* @param $mobile_phone 邮箱地址
* @param $mobile_code 验证码
*
* @return 0-验证成功 1-手机为空
* 2-手机格式不正确
* 3-验证码为空
* 4-验证码不正确
* 5-验证码已过期
*/
function validate_mobile_code($mobile_phone, $mobile_code)
{
require_once ROOT_PATH . 'includes/lib_validate_record.php';
if (empty($mobile_phone)) {
return 1;
} else {
if (!is_mobile_phone($mobile_phone)) {
return 2;
}
}
$record = get_validate_record($mobile_phone);
/* 手机验证码检查 */
if (empty($mobile_code)) {
return 3;
} else {
if ($record['record_code'] != $mobile_code) {
return 4;
} else {
if ($record['expired_time'] < time()) {
return 5;
}
}
}
/* 删除注册的验证记录 */
remove_validate_record($mobile_phone);
return 0;
}
/**
* 注册会员的处理
*/
function action_register()
{
// 获取全局变量
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
/* 增加是否关闭注册 */
if ($_CFG['shop_reg_closed']) {
$smarty->assign('action', 'register');
$smarty->assign('shop_reg_closed', $_CFG['shop_reg_closed']);
$smarty->display('user_passport.dwt');
} else {
include_once ROOT_PATH . 'includes/lib_passport.php';
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$other['msn'] = isset($_POST['extend_field1']) ? $_POST['extend_field1'] : '';
$other['qq'] = isset($_POST['extend_field2']) ? $_POST['extend_field2'] : '';
$other['office_phone'] = isset($_POST['extend_field3']) ? $_POST['extend_field3'] : '';
$other['home_phone'] = isset($_POST['extend_field4']) ? $_POST['extend_field4'] : '';
//$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
// 注册类型:email、mobile
$register_type = isset($_POST['register_type']) ? trim($_POST['register_type']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
// if(empty($_POST['agreement']))
// {
// show_message($_LANG['passport_js']['agreement']);
// }
// 注册类型不能为空
if (empty($register_type)) {
show_message($_LANG['passport_js']['msg_register_type_blank']);
}
// 用户名将自动生成
if (strlen($username) < 3) {
// show_message($_LANG['passport_js']['username_shorter']);
}
if (strlen($password) < 6) {
show_message($_LANG['passport_js']['password_shorter']);
}
if (strpos($password, ' ') > 0) {
show_message($_LANG['passwd_balnk']);
}
/* 验证码检查 */
if (intval($_CFG['captcha']) & CAPTCHA_REGISTER && gd_version() > 0) {
if (empty($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'register.php', 'error');
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$captcha = new captcha();
if (!$captcha->check_word(trim($_POST['captcha']))) {
show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'register.php', 'error');
}
}
if ($register_type == "email") {
/* 邮箱验证码检查 */
require_once ROOT_PATH . 'includes/lib_validate_record.php';
if (empty($email)) {
show_message($_LANG['msg_email_blank'], $_LANG['sign_up'], 'register.php', 'error');
}
$record = get_validate_record($email);
$session_email = $_SESSION[VT_EMAIL_REGISTER];
$email_code = !empty($_POST['email_code']) ? trim($_POST['email_code']) : '';
if (empty($email_code)) {
show_message($_LANG['msg_email_code_blank'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($session_email != $email) {
show_message($_LANG['email_changed'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($email_code != $record['record_code']) {
show_message($_LANG['invalid_email_code'], $_LANG['sign_up'], 'register.php', 'error');
}
}
}
/* 邮箱注册时 */
$username = generate_username();
/* 邮箱注册 */
$result = register_by_email($username, $password, $email, $other);
if ($result) {
/* 删除注册的验证记录 */
remove_validate_record($email);
}
} else {
if ($register_type == "mobile") {
require_once ROOT_PATH . 'includes/lib_validate_record.php';
$mobile_phone = !empty($_POST['mobile_phone']) ? trim($_POST['mobile_phone']) : '';
$mobile_code = !empty($_POST['mobile_code']) ? trim($_POST['mobile_code']) : '';
$record = get_validate_record($mobile_phone);
$session_mobile_phone = $_SESSION[VT_MOBILE_REGISTER];
/* 手机验证码检查 */
if (empty($mobile_code)) {
show_message($_LANG['msg_mobile_phone_blank'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($session_mobile_phone != $mobile_phone) {
show_message($_LANG['mobile_phone_changed'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($record['record_code'] != $mobile_code) {
show_message($_LANG['invalid_mobile_phone_code'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($record['expired_time'] < time()) {
show_message($_LANG['invalid_mobile_phone_code'], $_LANG['sign_up'], 'register.php', 'error');
}
}
}
}
/* 手机注册时,用户名默认为u+手机号 */
$username = generate_username_by_mobile($mobile_phone);
/* 手机注册 */
$result = register_by_mobile($username, $password, $mobile_phone, $other);
if ($result) {
/* 删除注册的验证记录 */
remove_validate_record($mobile_phone);
}
} else {
/* 无效的注册类型 */
show_message($_LANG['register_type_invalid'], $_LANG['sign_up'], 'register.php', 'error');
}
}
/* 随进生成用户名 */
// $username = generate_username();
if ($result) {
/* 把新注册用户的扩展信息插入数据库 */
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id';
// 读出所有自定义扩展字段的id
$fields_arr = $db->getAll($sql);
$extend_field_str = '';
// 生成扩展字段的内容字符串
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (!empty($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index];
$extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),";
}
}
$extend_field_str = substr($extend_field_str, 0, -1);
if ($extend_field_str) {
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str;
$db->query($sql);
}
/* 代码增加2014-12-23 by www.68ecshop.com _star */
// if($_SESSION['tag'] > 0)
// {
// $sql = "update " . $GLOBALS['ecs']->table('users') . " set
// is_validated = 1 where user_id = '" . $_SESSION['user_id'] . "'";
// $GLOBALS['db']->query($sql);
// }
// if($other['mobile_phone'] != '')
// {
// if($_CFG['sms_register'] == 1)
// {
// $sql = "update " . $GLOBALS['ecs']->table('users') . " set
// validated = 1 where user_id = '" . $_SESSION['user_id'] . "'";
// $GLOBALS['db']->query($sql);
// }
// }
/* 代码增加2014-12-23 by www.68ecshop.com _end */
/*
* 代码增加_start By www.68ecshop.com
* include_once(ROOT_PATH . '/includes/cls_image.php');
* $image = new cls_image($_CFG['bgcolor']);
* $headimg_original =
* $GLOBALS['image']->upload_image($_FILES['headimg'], 'headimg/'.
* date('Ym'));
*
* $thumb_path=DATA_DIR. '/headimg/' . date('Ym').'/' ;
* $headimg_thumb = $GLOBALS['image']->make_thumb($headimg_original,
* '80', '50', $thumb_path);
* $headimg_thumb = $headimg_thumb ? $headimg_thumb :
* $headimg_original;
* if ($headimg_thumb)
* {
* $sql = 'UPDATE ' . $ecs->table('users') . " SET
* `headimg`='$headimg_thumb' WHERE `user_id`='" .
* $_SESSION['user_id'] . "'";
* $db->query($sql);
* }
* 代码增加_end By www.68ecshop.com
*/
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='{$sel_question}', `passwd_answer`='{$passwd_answer}' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
/* 代码增加_start By www.68ecshop.com */
$now = gmtime();
if ($_CFG['bonus_reg_rand']) {
$sql_bonus_ext = " order by rand() limit 0,1";
}
$sql_b = "SELECT type_id FROM " . $ecs->table("bonus_type") . " WHERE send_type='" . SEND_BY_REGISTER . "' AND send_start_date<=" . $now . " AND send_end_date>=" . $now . $sql_bonus_ext;
$res_bonus = $db->query($sql_b);
$kkk_bonus = 0;
while ($row_bonus = $db->fetchRow($res_bonus)) {
$sql = "INSERT INTO " . $ecs->table('user_bonus') . "(bonus_type_id, bonus_sn, user_id, used_time, order_id, emailed)" . " VALUES('" . $row_bonus['type_id'] . "', 0, '" . $_SESSION['user_id'] . "', 0, 0, 0)";
$db->query($sql);
$kkk_bonus = $kkk_bonus + 1;
}
if ($kkk_bonus) {
$_LANG['register_success'] = '用户名 %s 注册成功,并获得官方赠送的红包礼品';
}
/* 代码增加_end By www.68ecshop.com */
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
show_message(sprintf($_LANG['register_success'], $username . $ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
} else {
$GLOBALS['err']->show($_LANG['sign_up'], 'register.php');
}
}
/* 代码增加2014-12-23 by www.68ecshop.com _star */
}
/**
* 发送手机验证所需的短信验证码
*/
function action_send_mobile_code()
{
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
require_once ROOT_PATH . 'includes/lib_validate_record.php';
$mobile_phone = trim($_SESSION[VT_MOBILE_VALIDATE]);
if (empty($mobile_phone)) {
make_json_error("手机号不能为空");
} else {
if (!is_mobile_phone($mobile_phone)) {
make_json_error("手机号格式不正确");
} else {
if (check_validate_record_exist($mobile_phone)) {
// 获取数据库中的验证记录
$record = get_validate_record($mobile_phone);
/**
* 检查是过了限制发送短信的时间
*/
$last_send_time = $record['last_send_time'];
$expired_time = $record['expired_time'];
$create_time = $record['create_time'];
$count = $record['count'];
// 每天每个手机号最多发送的验证码数量
$max_sms_count = 10;
// 发送最多验证码数量的限制时间,默认为24小时
$max_sms_count_time = 60 * 60 * 24;
if (time() - $last_send_time < 60) {
make_json_error("每60秒内只能发送一次短信验证码,请稍候重试");
} else {
if (time() - $create_time < $max_sms_count_time && $record['count'] > $max_sms_count) {
make_json_error("您发送验证码太过于频繁,请稍后重试!");
} else {
$count++;
}
}
}
}
}
require_once ROOT_PATH . 'includes/lib_passport.php';
// 设置为空
$_SESSION[VT_MOBILE_VALIDATE] = array();
require_once ROOT_PATH . 'sms/sms.php';
// 生成6位短信验证码
$mobile_code = rand_number(6);
// 短信内容
$content = sprintf($_LANG['mobile_code_template'], $GLOBALS['_CFG']['shop_name'], $mobile_code, $GLOBALS['_CFG']['shop_name']);
/* 发送激活验证邮件 */
$result = sendSMS($mobile_phone, $content);
// $result = true;
if ($result) {
if (!isset($count)) {
$ext_info = array("count" => 1);
} else {
$ext_info = array("count" => $count);
}
// 保存验证的手机号
$_SESSION[VT_MOBILE_VALIDATE] = $mobile_phone;
// 保存验证信息
save_validate_record($mobile_phone, $mobile_code, VT_MOBILE_VALIDATE, time(), time() + 30 * 60, $ext_info);
make_json_result('发送成功');
} else {
make_json_error('短信验证码发送失败');
}
}
