function weixin_oauth($callback, $scope = 'BASE')
{
global $db;
$rs = $db->getRow("SELECT * FROM `wxch_config` WHERE `id` = 1");
$param['appid'] = $rs['appid'];
$oauth = intval($_REQUEST['oauth']);
if ($oauth == 0) {
$param['redirect_uri'] = $callback . (strpos($callback, '?') > 0 ? '&' : '?') . 'oauth=1';
$param['response_type'] = 'code';
if ($scope == 'INFO') {
$param['scope'] = 'snsapi_userinfo';
} else {
$param['scope'] = 'snsapi_base';
}
$url = 'https://open.weixin.qq.com/connect/oauth2/authorize?' . http_build_query($param) . '#wechat_redirect';
ecs_header("Location: {$url}\n");
exit;
} elseif ($oauth == 1) {
$param['secret'] = $rs['appsecret'];
$param['code'] = $_REQUEST['code'];
$param['grant_type'] = 'authorization_code';
$url = 'https://api.weixin.qq.com/sns/oauth2/access_token?' . http_build_query($param);
$content = file_get_contents($url);
$token = json_decode($content, true);
$user_info = $db->getRow("SELECT * FROM `wxch_user` WHERE `wxid` = '{$token[openid]}'");
if (empty($user_info)) {
//register
if (register_openid($token['openid'])) {
$user_info = $GLOBALS['user']->get_user_info($user_info['openid']);
} else {
return false;
}
} else {
//login
$user_info = $GLOBALS['user']->get_profile_by_id($user_info['uid']);
if (!empty($user_info) && $user_info['status'] == 1) {
$GLOBALS['user']->set_session($user_info);
$GLOBALS['user']->set_cookie($user_info, TRUE);
update_user_info();
// 更新用户信息
update_user_cart();
recalculate_price();
// 重新计算购物车中的商品价格
} else {
return false;
}
}
if ($token['scope'] == 'snsapi_userinfo') {
$url = "https://api.weixin.qq.com/sns/userinfo?access_token={$token[access_token]}&openid={$token[openid]}&lang=zh_CN";
$content = file_get_contents($url);
$info = json_decode($content, true);
// 更新微信用户数据
$db->autoExecute('wxch_user', array('nickname' => $info['nickname'], 'sex' => $info['sex'], 'city' => $info['city'], 'country' => $info['country'], 'province' => $info['province'], 'language' => $info['language'], 'headimgurl' => $info['headimgurl'], 'dateline' => time()), 'UPDATE', 'uid = ' . $user_info['uid']);
}
$_SESSION['openid'] = $token['openid'];
return $user_info;
}
}
die($json->encode($result));
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
$result['error'] = 1;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
}
if ($user->login($username, $password)) {
update_user_info();
//更新用户信息
recalculate_price();
// 重新计算购物车中的商品价格
$smarty->assign('user_info', get_user_info());
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
$result['ucdata'] = $ucdata;
$result['content'] = $smarty->fetch('library/member_info.lbi');
} else {
$_SESSION['login_fail']++;
if ($_SESSION['login_fail'] > 2) {
$smarty->assign('enabled_captcha', 1);
$result['html'] = $smarty->fetch('library/member_info.lbi');
}
$result['error'] = 1;
$result['content'] = $_LANG['login_failure'];
}
die($json->encode($result));
function action_signin()
{
// 获取全局变量
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
include_once 'includes/cls_json.php';
$json = new JSON();
$username = !empty($_POST['username']) ? json_str_iconv(trim($_POST['username'])) : '';
$password = !empty($_POST['password']) ? trim($_POST['password']) : '';
$captcha = !empty($_POST['captcha']) ? json_str_iconv(trim($_POST['captcha'])) : '';
$result = array('error' => 0, 'content' => '');
$captcha = intval($_CFG['captcha']);
if ($captcha & CAPTCHA_LOGIN && (!($captcha & CAPTCHA_LOGIN_FAIL) || $captcha & CAPTCHA_LOGIN_FAIL && $_SESSION['login_fail'] > 2) && gd_version() > 0) {
if (empty($captcha)) {
$result['error'] = 1;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
$result['error'] = 1;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
}
if ($user->login($username, $password)) {
update_user_info();
// 更新用户信息
recalculate_price();
// 重新计算购物车中的商品价格
$smarty->assign('user_info', get_user_info());
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
$result['ucdata'] = $ucdata;
$result['content'] = $smarty->fetch('library/member_info.lbi');
} else {
$_SESSION['login_fail']++;
if ($_SESSION['login_fail'] > 2) {
$smarty->assign('enabled_captcha', 1);
$result['html'] = $smarty->fetch('library/member_info.lbi');
}
$result['error'] = 1;
$result['content'] = $_LANG['login_failure'];
}
die($json->encode($result));
}
/**
* 用户注册,登录函数
*
* @access public
* @param string $username 注册用户名
* @param string $password 用户密码
* @param string $email 注册email
* @param array $other 注册的其他信息
*
* @return bool $bool
*/
function register($username, $password, $other = array())
{
/* 检查注册是否关闭 */
if (!empty($GLOBALS['_CFG']['shop_reg_closed'])) {
$GLOBALS['err']->add($GLOBALS['_LANG']['shop_register_closed']);
}
/* 检查username */
if (empty($username)) {
$GLOBALS['err']->add($GLOBALS['_LANG']['username_empty']);
} else {
if (preg_match('/\'\\/^\\s*$|^c:\\\\con\\\\con$|[%,\\*\\"\\s\\t\\<\\>\\&\'\\\\]/', $username)) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_invalid'], htmlspecialchars($username)));
}
}
/* 检查是否和管理员重名 */
if (admin_registered($username)) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_exist'], $username));
return false;
}
if (!$GLOBALS['user']->add_user($username, $password, $email)) {
if ($GLOBALS['user']->error == ERR_INVALID_USERNAME) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_invalid'], $username));
} elseif ($GLOBALS['user']->error == ERR_USERNAME_NOT_ALLOW) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_not_allow'], $username));
} elseif ($GLOBALS['user']->error == ERR_USERNAME_EXISTS) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_exist'], $username));
} else {
$GLOBALS['err']->add('UNKNOWN ERROR!');
}
//注册失败
return false;
} else {
//注册成功
/* 设置成登录状态 */
$GLOBALS['user']->set_session($username);
$GLOBALS['user']->set_cookie($username);
/* 注册送积分 */
if (!empty($GLOBALS['_CFG']['register_points'])) {
log_account_change($_SESSION['user_id'], 0, 0, $GLOBALS['_CFG']['register_points'], $GLOBALS['_CFG']['register_points'], $GLOBALS['_LANG']['register_points']);
}
/*推荐处理*/
$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
if (isset($affiliate['on']) && $affiliate['on'] == 1) {
// 推荐开关开启
$up_uid = get_affiliate();
empty($affiliate) && ($affiliate = array());
$affiliate['config']['level_register_all'] = intval($affiliate['config']['level_register_all']);
$affiliate['config']['level_register_up'] = intval($affiliate['config']['level_register_up']);
if ($up_uid) {
if (!empty($affiliate['config']['level_register_all'])) {
if (!empty($affiliate['config']['level_register_up'])) {
$rank_points = $GLOBALS['db']->getOne("SELECT rank_points FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id = '{$up_uid}'");
if ($rank_points + $affiliate['config']['level_register_all'] <= $affiliate['config']['level_register_up']) {
log_account_change($up_uid, 0, 0, $affiliate['config']['level_register_all'], 0, sprintf($GLOBALS['_LANG']['register_affiliate'], $_SESSION['user_id'], $username));
}
} else {
log_account_change($up_uid, 0, 0, $affiliate['config']['level_register_all'], 0, $GLOBALS['_LANG']['register_affiliate']);
}
}
//设置推荐人
$sql = 'UPDATE ' . $GLOBALS['ecs']->table('users') . ' SET parent_id = ' . $up_uid . ' WHERE user_id = ' . $_SESSION['user_id'];
$GLOBALS['db']->query($sql);
}
}
//定义other合法的变量数组
$other_key_array = array('msn', 'qq', 'office_phone', 'home_phone', 'mobile_phone', 'sina_weibo_id');
$update_data['reg_time'] = local_strtotime(local_date('Y-m-d H:i:s'));
if ($other) {
foreach ($other as $key => $val) {
//删除非法key值
if (!in_array($key, $other_key_array)) {
unset($other[$key]);
} else {
$other[$key] = htmlspecialchars(trim($val));
//防止用户输入javascript代码
}
}
$update_data = array_merge($update_data, $other);
}
$GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('users'), $update_data, 'UPDATE', 'user_id = ' . $_SESSION['user_id']);
update_user_info();
// 更新用户信息
recalculate_price();
// 重新计算购物车中的商品价格
return true;
}
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha']))
{
show_message($_LANG['invalid_captcha']);
}
}
if ($user->login($_POST['username'], $_POST['password'],isset($_POST['remember'])))
{
update_user_info(); //更新用户信息
recalculate_price(); // 重新计算购物车中的商品价格
/* 检查购物车中是否有商品 没有商品则跳转到首页 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('cart') . " WHERE session_id = '" . SESS_ID . "' ";
if ($db->getOne($sql) > 0)
{
ecs_header("Location: flow.php?step=checkout\n");
}
else
{
ecs_header("Location:index.php\n");
}
exit;
}
else
/**
* 处理会员登录
*/
function action_act_login()
{
$user_id = $_SESSION['user_id'];
$smarty = get_smarty();
$ecs = get_ecs();
$db = get_database();
/* 处理会员的登录 */
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
$captcha = intval($_CFG['captcha']);
if ($captcha & CAPTCHA_LOGIN && (!($captcha & CAPTCHA_LOGIN_FAIL) || $captcha & CAPTCHA_LOGIN_FAIL && $_SESSION['login_fail'] > 2) && gd_version() > 0) {
if (empty($_POST['captcha'])) {
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', $_LANG['invalid_captcha']);
$smarty->display('chat_passport.dwt');
return;
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', $_LANG['invalid_captcha']);
$smarty->display('chat_passport.dwt');
return;
}
}
if (is_email($username)) {
$sql = "select user_name from " . $ecs->table('users') . " where email='" . $username . "'";
$username_e = $db->getOne($sql);
if ($username_e) {
$username = $username_e;
}
}
if (is_telephone($username)) {
$sql = "select user_name from " . $ecs->table('users') . " where mobile_phone='" . $username . "'";
$username_res = $db->query($sql);
$kkk = 0;
while ($username_row = $db->fetchRow($username_res)) {
$username_e = $username_row['user_name'];
$kkk = $kkk + 1;
}
if ($kkk > 1) {
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', '本网站有多个会员ID绑定了和您相同的手机号,请使用其他登录方式,如:邮箱或用户名。');
$smarty->display('chat_passport.dwt');
return;
}
if ($username_e) {
$username = $username_e;
}
}
if ($GLOBALS['user']->login($username, $password, isset($_POST['remember']))) {
update_user_info();
recalculate_price();
// 登录成功
$ucdata = isset($user->ucdata) ? $user->ucdata : '';
// show_message($_LANG['login_success'] . $ucdata ,
// array($_LANG['back_up_page'], $_LANG['profile_lnk']),
// array($back_act,'user.php'), 'info');
// 刷新user_id
$user_id = $_SESSION['user_id'];
header('Location: chat.php?act=chat');
} else {
$_SESSION['login_fail']++;
$smarty->assign('lang', $_LANG);
$smarty->assign('action', 'login');
$smarty->assign('error', $_LANG['login_failure']);
$smarty->display('chat_passport.dwt');
return;
}
}
/**
* 用户注册,登录函数
*
* @access public
* @param string $username 注册用户名
* @param string $password 用户密码
* @param string $email 注册email
* @param array $other 注册的其他信息
*
* @return bool $bool
*/
function register($username, $password, $email, $other = array())
{
/* 检查注册是否关闭 */
if (!empty($GLOBALS['_CFG']['shop_reg_closed'])) {
$GLOBALS['err']->add($GLOBALS['_LANG']['shop_register_closed']);
}
/* 检查username */
if (empty($username)) {
$GLOBALS['err']->add($GLOBALS['_LANG']['username_empty']);
} else {
if (preg_match('/\'\\/^\\s*$|^c:\\\\con\\\\con$|[%,\\*\\"\\s\\t\\<\\>\\&\'\\\\]/', $username)) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_invalid'], htmlspecialchars($username)));
}
}
/* 检查email */
if (empty($email)) {
$GLOBALS['err']->add($GLOBALS['_LANG']['email_empty']);
} else {
if (!is_email($email)) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['email_invalid'], htmlspecialchars($email)));
}
}
if ($GLOBALS['err']->error_no > 0) {
return false;
}
/* 检查是否和管理员重名 */
if (admin_registered($username)) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_exist'], $username));
return false;
}
if (!$GLOBALS['user']->add_user($username, $password, $email)) {
if ($GLOBALS['user']->error == ERR_INVALID_USERNAME) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_invalid'], $username));
} elseif ($GLOBALS['user']->error == ERR_USERNAME_NOT_ALLOW) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_not_allow'], $username));
} elseif ($GLOBALS['user']->error == ERR_USERNAME_EXISTS) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['username_exist'], $username));
} elseif ($GLOBALS['user']->error == ERR_INVALID_EMAIL) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['email_invalid'], $email));
} elseif ($GLOBALS['user']->error == ERR_EMAIL_NOT_ALLOW) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['email_not_allow'], $email));
} elseif ($GLOBALS['user']->error == ERR_EMAIL_EXISTS) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['email_exist'], $email));
} else {
$GLOBALS['err']->add('UNKNOWN ERROR!');
}
//注册失败
return false;
} else {
//注册成功
/* 设置成登录状态 */
$GLOBALS['user']->set_session($username);
$GLOBALS['user']->set_cookie($username);
/* 注册送积分 */
if (!empty($GLOBALS['_CFG']['register_points'])) {
log_account_change($_SESSION['user_id'], 0, 0, $GLOBALS['_CFG']['register_points'], $GLOBALS['_CFG']['register_points'], $GLOBALS['_LANG']['register_points']);
}
/*推荐处理*/
$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
if (isset($affiliate['on']) && $affiliate['on'] == 1) {
// 推荐开关开启
$up_uid = get_affiliate();
empty($affiliate) && ($affiliate = array());
$affiliate['config']['level_register_all'] = intval($affiliate['config']['level_register_all']);
$affiliate['config']['level_register_up'] = intval($affiliate['config']['level_register_up']);
if ($up_uid) {
if (!empty($affiliate['config']['level_register_all'])) {
if (!empty($affiliate['config']['level_register_up'])) {
$rank_points = $GLOBALS['db']->getOne("SELECT rank_points FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id = '{$up_uid}'");
if ($rank_points + $affiliate['config']['level_register_all'] <= $affiliate['config']['level_register_up']) {
log_account_change($up_uid, 0, 0, $affiliate['config']['level_register_all'], 0, sprintf($GLOBALS['_LANG']['register_affiliate'], $_SESSION['user_id'], $username));
}
} else {
log_account_change($up_uid, 0, 0, $affiliate['config']['level_register_all'], 0, $GLOBALS['_LANG']['register_affiliate']);
}
}
//设置推荐人
$sql = 'UPDATE ' . $GLOBALS['ecs']->table('users') . ' SET parent_id = ' . $up_uid . ' WHERE user_id = ' . $_SESSION['user_id'];
$GLOBALS['db']->query($sql);
}
}
//定义other合法的变量数组
$other_key_array = array('msn', 'qq', 'office_phone', 'home_phone', 'mobile_phone');
$update_data['reg_time'] = local_strtotime(local_date('Y-m-d H:i:s'));
if ($other) {
foreach ($other as $key => $val) {
//删除非法key值
if (!in_array($key, $other_key_array)) {
unset($other[$key]);
} else {
$other[$key] = htmlspecialchars(trim($val));
//防止用户输入javascript代码
}
}
$update_data = array_merge($update_data, $other);
}
$GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('users'), $update_data, 'UPDATE', 'user_id = ' . $_SESSION['user_id']);
update_user_info();
// 更新用户信息
recalculate_price();
// 重新计算购物车中的商品价格
/*ross 跟踪订单 */
/* 取得订单来源 */
$username1 = $_SESSION['user_name'];
if (isset($_COOKIE['request_info'])) {
$request_info = unserialize(strtr($_COOKIE['request_info'], array("\\" => "")));
$from_cat = 1;
$sql = "INSERT INTO " . "jindong_tongji " . "(order_sn, user_name,start_time,end_time,host,ip,start_url,end_url,from_cat) value('" . $order['order_sn'] . "','" . $username1 . "','" . $request_info['time'] . "','" . gmtime() . "','" . $request_info['host'] . "','" . $_SERVER['REMOTE_ADDR'] . "','" . $request_info['start_url'] . "','" . $request_info['end_url'] . "','" . $from_cat . "')";
} else {
$sql = "INSERT INTO " . "jindong_tongji " . "(order_sn, user_name,start_time,end_time,host,ip,start_url,end_url,from_cat) value('" . $order['order_sn'] . "','" . $username1 . "','" . gmtime() . "','" . gmtime() . "','本站','" . $_SERVER['REMOTE_ADDR'] . "','本站','本站',1)";
}
$GLOBALS['db']->query($sql);
/*ross 跟踪订单 end */
return true;
}
}
