public function receive()
{
global $_W;
$wedata = pdo_fetch("SELECT * FROM " . tablename('members_status') . " WHERE uid = '{$_W['account']['uid']}' LIMIT 1");
if ($wedata) {
if (TIMESTAMP > $wedata['endtime']) {
$data = array();
$data['stattime'] = TIMESTAMP;
$data['status'] = 1;
$data['endtime'] = TIMESTAMP + 3600 * 24 * 365;
pdo_update('members_status', $data, array('id' => $wedata['id']));
$nMember = array();
$nMember['uid'] = $_W['account']['uid'];
$nMember['groupid'] = 1;
member_update($nMember);
pdo_delete('members_permission', array('uid' => $_W['account']['uid']));
}
} else {
$data = array();
$data['endtime'] = TIMESTAMP + 86400 * 3;
$data['stattime'] = TIMESTAMP;
$data['uid'] = $_W['account']['uid'];
pdo_insert('members_status', $data);
}
}
function _login($forward = '')
{
global $_GPC;
require_once IA_ROOT . '/source/model/member.mod.php';
hooks('member:login:before');
$member = array();
$username = trim($_GPC['username']);
if (empty($username)) {
message('请输入要登录的用户名');
}
$member['username'] = $username;
$member['password'] = $_GPC['password'];
if (empty($member['password'])) {
message('请输入密码');
}
$record = member_single($member);
if (!empty($record)) {
if ($record['status'] == -1) {
message('您的账号正在核合或是已经被系统禁止,请联系网站管理员解决!');
}
$cookie = array();
$cookie['uid'] = $record['uid'];
$cookie['lastvisit'] = $record['lastvisit'];
$cookie['lastip'] = $record['lastip'];
$cookie['hash'] = md5($record['password'] . $record['salt']);
$session = base64_encode(json_encode($cookie));
isetcookie('__session', $session, !empty($_GPC['rember']) ? 7 * 86400 : 0);
$status = array();
$status['uid'] = $record['uid'];
$status['lastvisit'] = TIMESTAMP;
$status['lastip'] = CLIENT_IP;
member_update($status);
hooks('member:login:success');
if (empty($forward)) {
$forward = $_GPC['forward'];
}
if (empty($forward)) {
$forward = './index.php?refersh';
}
message("欢迎回来,{$record['username']}。", $forward);
} else {
message('登录失败,请检查您输入的用户名和密码!');
}
}
/**
* 更新用户与代理商的关系
* @param str $uid 注册用户ID
* @param str $host 访问web host
*/
function agent_member_register($uid, $host)
{
$sql = 'SELECT `id`,`uid`, `site_url` FROM' . tablename('agent') . " WHERE 1";
$params = array();
if (!empty($host)) {
$sql .= ' AND `site_url`=:site_url';
$params[':site_url'] = $host;
}
$sql .= " LIMIT 1";
$record = pdo_fetch($sql, $params);
if (!$record) {
return false;
}
$agent = pdo_fetch("SELECT * FROM " . tablename('members') . " WHERE uid = :uid", array(':uid' => $record['uid']));
$agent_user = array();
$agent_user['uid'] = $uid;
$agent_user['agent_uid'] = $record['uid'];
$result = pdo_insert('agent_user', $agent_user);
$nMember = array();
$nMember['remark'] = $agent['username'] . "代理用户";
$nMember['uid'] = $uid;
member_update($nMember);
return $record['id'];
}
exit('success');
}
}
}
if($do == 'deny') {
if($_W['ispost'] && $_W['isajax']) {
$founders = explode(',', $_W['config']['setting']['founder']);
if(in_array($uid, $founders)) {
exit('管理员用户不能禁用.');
}
$member = array();
$member['uid'] = $uid;
$status = $_GPC['status'];
$member['status'] = $status == '-1' ? '-1' : '0';
if(member_update($member)) {
exit('success');
}
}
}
if($do == 'auth') {
$mod = $_GPC['mod'];
if($mod == 'account') {
$weid = intval($_GPC['wechat']);
if(empty($weid)) {
exit('error');
}
if($member['status'] == '-1') {
exit('此用户已经被禁用. ');
}
if ($do == 'edit') {
$extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1'");
if (checksubmit('profile_submit')) {
require_once IA_ROOT . '/source/model/member.mod.php';
$nMember = array();
$nMember['uid'] = $uid;
$nMember['password'] = $_GPC['password'];
$nMember['salt'] = $member['salt'];
$nMember['groupid'] = intval($_GPC['groupid']);
if (!empty($nMember['password']) && istrlen($nMember['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$nMember['lastip'] = $_GPC['lastip'];
$nMember['lastvisit'] = strtotime($_GPC['lastvisit']);
$nMember['remark'] = $_GPC['remark'];
member_update($nMember);
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
if ($row['field'] != 'profile') {
$profile[$row['field']] = $_GPC[$row['field']];
}
}
if (!empty($profile)) {
$exists = pdo_fetchcolumn("SELECT uid FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $uid));
if (!empty($exists)) {
pdo_update('members_profile', $profile, array('uid' => $uid));
} else {
$profile['uid'] = $uid;
pdo_insert('members_profile', $profile);
}
}
public function doWebUser()
{
global $_W, $_GPC;
$operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
if ($operation == 'display') {
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$where = '';
if (isset($_GPC['status']) && $_GPC['status'] !== '') {
$where .= " AND a.status = '" . intval($_GPC['status']) . "'";
}
if (!empty($_GPC['username'])) {
$where .= " AND a.username LIKE '%{$_GPC['username']}%'";
}
if (!empty($_GPC['group'])) {
$where .= " AND a.groupid = '{$_GPC['group']}'";
}
$where .= "AND b.agent_uid = {$_W['uid']}";
$sql = 'SELECT * FROM ' . tablename('members') . ' a LEFT JOIN ' . tablename('agent_user') . ' b ON a.uid=b.uid WHERE 1 ' . $where . " LIMIT " . ($pindex - 1) * $psize . ',' . $psize;
$list = pdo_fetchall($sql);
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('members') . ' a LEFT JOIN ' . tablename('agent_user') . ' b ON a.uid=b.uid WHERE 1 ' . $where);
$pager = pagination($total, $pindex, $psize);
$founders = explode(',', $_W['config']['setting']['founder']);
foreach ($members as &$m) {
$m['founder'] = in_array($m['uid'], $founders);
}
$usergroups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group'), array(), 'id');
} elseif ($operation == 'post') {
$id = intval($_GPC['id']);
$agent_uid = intval($_W['uid']);
$extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1'");
if (!empty($id)) {
$member = pdo_fetch("SELECT * FROM " . tablename('members') . " WHERE uid = :uid", array(':uid' => $id));
if (empty($member)) {
message('抱歉,用户不存在或是已经删除!', '', 'error');
}
}
if (checksubmit('profile_submit')) {
$nMember = array();
$nMember['uid'] = $id;
$nMember['password'] = $_GPC['password'];
$nMember['groupid'] = intval($_GPC['groupid']);
if (!empty($nMember['password']) && istrlen($nMember['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$nMember['lastip'] = $_GPC['lastip'];
$nMember['lastvisit'] = strtotime($_GPC['lastvisit']);
$nMember['remark'] = $_GPC['remark'];
if ($member['groupid'] != $nMember['groupid']) {
# 扣钱
$balance = pdo_fetch("SELECT * FROM " . tablename('agent') . " WHERE uid = :uid", array(':uid' => $agent_uid));
$reduce_money = pdo_fetch("SELECT * FROM " . tablename('agent_payment') . " WHERE agent_uid = :uid AND group_id = :group_id", array(':uid' => $agent_uid, ':group_id' => $nMember['groupid']));
if (empty($reduce_money) || $balance['balance'] < $reduce_money['amount_needs']) {
message('余额不足,不能修改分组。');
}
$new_balance = $balance['balance'] - $reduce_money['amount_needs'];
pdo_update('agent', array('balance' => $new_balance), array('uid' => $agent_uid));
$log = array();
$log['agent_uid'] = $agent_uid;
$log['datetime'] = time();
$log['log'] = "修改用户" . $id . "分组:" . $member['groupid'] . " --> " . $nMember['groupid'];
pdo_insert('agent_log', $log);
}
member_update($nMember);
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
if ($row['field'] != 'profile') {
$profile[$row['field']] = $_GPC[$row['field']];
}
}
if (!empty($profile)) {
$exists = pdo_fetchcolumn("SELECT uid FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $id));
if (!empty($exists)) {
pdo_update('members_profile', $profile, array('uid' => $id));
} else {
$profile['uid'] = $id;
pdo_insert('members_profile', $profile);
}
}
}
message('用户信息更新成功!', create_url('site/module/user', array('name' => 'agent', 'op' => 'display')), 'success');
}
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
$fields[] = $row['field'];
}
$member['profile'] = pdo_fetch("SELECT `" . implode("`,`", $fields) . "` FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $id));
}
$groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC");
}
include $this->template('user');
}