* @package iCMS V3.1
* @copyright 2007-2009, iDreamSoft
* @license http://www.idreamsoft.cn iDreamSoft
* @author coolmoo <*****@*****.**>
*/
require_once "global.php";
header('Content-Type: text/html; charset=utf-8');
$do = $_GET['do'];
if (empty($do)) {
require_once iPATH . "include/function/template.php";
$iCMS->message();
} elseif ($do == 'post') {
if ($_POST['action'] == 'save') {
$state = 0;
ckseccode($_POST['seccode']) && msgJson(0, 'error:seccode');
$user = array();
$user["name"] = dhtmlspecialchars($_POST['name']);
$user["m"] = intval($_POST['m']);
$user["email"] = dhtmlspecialchars($_POST['mail']);
$user["homepage"] = $_POST['homepage'] == 'http://' ? '' : dhtmlspecialchars($_POST['homepage']);
$secret = $_POST['secret'];
$messagetext = $_POST['messagetext'];
WordFilter($user["name"]) && msgJson(0, 'filter:username');
WordFilter($messagetext) && msgJson(0, 'filter:content');
!eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $user["email"]) && msgJson(0, 'error:email');
empty($messagetext) && msgJson(0, 'message:empty');
$userdate = serialize($user);
empty($secret) && ($secret = 'off');
$iCMS->db->query("INSERT INTO `#iCMS@__message`(`user`,`text`,`reply`,`secret`,`addtime`,`ip`)VALUES ('{$userdate}','{$messagetext}','','{$secret}','" . time() . "','" . getip() . "')") && msgJson(1, 'message:finish');
}
}
$iCMS->iPrint("iSYSTEM", "register");
} elseif ($do == 'post') {
if ($_POST['action'] == 'save') {
ckseccode($_POST['seccode']) && msgJson('seccode', 'error:seccode');
$username = dhtmlspecialchars($_POST['username']);
WordFilter($username) && msgJson('username', 'filter:username');
cstrlen($username) < 3 && msgJson('username', 'register:usernameShort');
cstrlen($username) > 12 && msgJson('username', 'register:usernameLong');
$iCMS->db->getValue("SELECT uid FROM `#iCMS@__members` where `username`='{$username}'") && msgJson('username', 'register:usernameusr');
$password = md5(trim($_POST['password']));
$pwdrepeat = md5(trim($_POST['pwdrepeat']));
$password != $pwdrepeat && msgJson('pwdrepeat', 'register:different');
$_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && msgJson('email', 'register:emailerror');
$email = $_POST['email'];
$gender = intval($_POST['gender']);
$nickname = dhtmlspecialchars($_POST['nickname']);
// cstrlen($info['nickname'])>12 && msgJson(0,'register:nicknamelong');
$_POST['icq'] && ($info['icq'] = intval($_POST['icq']));
$_POST['home'] && ($info['home'] = dhtmlspecialchars(stripslashes($_POST['home'])));
$_POST['year'] && ($info['year'] = intval($_POST['year']));
$_POST['month'] && ($info['month'] = intval($_POST['month']));
$_POST['day'] && ($info['day'] = intval($_POST['day']));
$_POST['from'] && ($info['from'] = dhtmlspecialchars(stripslashes($_POST['from'])));
$_POST['signature'] && ($info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature'])));
$info = empty($info) ? '' : addslashes(serialize($info));
$iCMS->db->query("INSERT INTO `#iCMS@__members` (`username`,`password`,`groupid`,`name`,`gender`,`email`,`info`,`power`,`cpower`,`lastip`,`lastlogintime`,`logintimes`,`post`) VALUES ('{$username}','{$password}', '4','{$nickname}','{$gender}','{$email}','{$info}','','','" . getip() . "', '" . time() . "','0','0') ");
//设置为登陆状态
set_cookie('user', authcode($username . '#=iCMS!=#' . $password, 'ENCODE'));
msgJson(1, 'register:finish');
}
}
if ($cl == 'login') {
msgJson(0, 'comment:error', $frame);
} elseif ($cl == 'success') {
$uid = $member->uId;
$username = empty($member->user->info['nickname']) ? $member->user->username : $member->user->info['nickname'];
}
}
!$iCMS->config['anonymousname'] && ($iCMS->config['anonymousname'] = $iCMS->language('guest'));
$iCMS->config['anonymous'] && empty($username) && ($username = $iCMS->config['anonymousname']);
$isexamine = $iCMS->config['isexamine'] ? '0' : '1';
!$commentext && msgJson(0, 'comment:empty', $frame);
if ($iCMS->db->query("INSERT INTO `#iCMS@__comment` (`aid`,`sortid`,`mid`,`username`,`uid`,`quote`,`atitle`,`contents`,`reply`,`addtime`,`ip`,`isexamine`,`up`,`against`,`zt`) VALUES ('{$aid}','{$sortid}','{$mid}', '{$username}', '{$uid}','{$quote}', '{$title}', '{$commentext}','', '" . time() . "', '" . getip() . "', '{$isexamine}', '0', '0', '0')")) {
if ($iCMS->config['isexamine']) {
msgJson(1, 'comment:examine', $frame);
} else {
if (empty($mid)) {
$__TABLE__ = 'article';
} else {
$__MODEL__ = $iCMS->cache('model.id', 'include/syscache', 0, true);
$model = $__MODEL__[$mid];
$__TABLE__ = $model['table'] . '_content';
}
$iCMS->db->query("UPDATE `#iCMS@__{$__TABLE__}` SET `comments` = comments+1 WHERE `id` ='{$aid}'");
msgJson(1, 'comment:post', $frame);
}
} else {
msgJson(1, 'comment:Unknown', $frame);
}
}
}
}
