exit;
}
if (md5($pwdInput . "sdshare") != $pwdNow) {
return 'bad.原密码错误';
exit;
}
$pwdNew = md5($pwdNew . "sdshare");
$sql = "UPDATE `sd_users` SET `pwd` = '{$pwdNew}' WHERE `uid` = {$userId}";
mysqli_query($con, $sql);
return 'ok.密码修改成功';
}
switch ($action) {
case 'login':
print_r(userLogin($_POST['username'], $_POST['password'], $con));
break;
case 'register':
print_r(userReg($_POST['username-reg'], $_POST['password-reg'], $con));
break;
case 'delshare':
print_r(delShare($_POST['key'], $con, $userInfo['uid']));
break;
case 'delshares':
print_r(delShareS($_POST['key'], $con, $userInfo['uid']));
break;
case 'changepwd':
print_r(changePwd($_POST['pwd'], $con, $userInfo['pwd'], $_POST['pwdnow'], $userInfo['uid']));
break;
default:
# code...
break;
}
function try_reg()
{
include 'api_functions.php';
$domain = preg_replace('/^www\\./', '', $_SERVER['HTTP_HOST']);
$options = get_option('my_option_name');
$email = $options['uptolike_email'];
if ('' == $options['id_number']) {
$reg_ans = userReg($email, 'cms', 'cms' . $domain);
if (is_string($reg_ans)) {
$my_options = get_option('my_option_name');
$my_options['id_number'] = $reg_ans;
// cryptkey store
$my_options['choice'] = 'reg';
update_option('my_option_name', $my_options);
}
update_option('regme', true);
}
}
echo json_encode($response);
} else {
$result = mysql_query("SELECT max(user_id) FROM user");
while ($row = mysql_fetch_array($result)) {
$id = $row['max(user_id)'] + 1;
}
$sql_insert = "INSERT INTO user \n\t\t\t\t\t\t VALUES ('{$id}', NULL, NULL, NULL, '{$_POST['password']}','{$_POST['usertel']}', NULL, NULL)";
$res_insert = mysql_query($sql_insert);
if ($res_insert) {
$regStatus = 0;
$response = array('regStatus' => $regStatus);
// 将数据字典使用JSON编码
echo json_encode($response);
} else {
$regStatus = 4;
$response = array('regStatus' => $regStatus);
// 将数据字典使用JSON编码
echo json_encode($response);
}
}
} else {
$regStatus = 3;
$response = array('regStatus' => $regStatus);
// 将数据字典使用JSON编码
echo json_encode($response);
}
}
}
header('Content-Type:application/json;charset=utf-8');
userReg();
function try_reg($info, $page, $menu, $name, $u)
{
$disallow = array('/kano/i', '/pool/i', '/kolivas/i');
$user = getparam('user', false);
$mail = trim(getparam('mail', false));
$pass = getparam('pass', false);
$pass2 = getparam('pass2', false);
$data = array();
if (nuem($user)) {
$data['user'] = '';
} else {
$data['user'] = $user;
}
if (nuem($mail)) {
$data['mail'] = '';
} else {
$data['mail'] = $mail;
}
$ok = true;
if (nuem($user) || nuem($mail) || nuem($pass) || nuem($pass2)) {
$ok = false;
} else {
if (stripos($mail, 'hotmail') !== false) {
$ok = false;
$data['error'] = "hotmail not allowed";
}
if (safepass($pass) !== true) {
$ok = false;
$data['error'] = "Password is unsafe";
} elseif ($pass2 != $pass) {
$ok = false;
$data['error'] = "Passwords don't match";
}
$orig = $user;
$user = loginStr($orig);
if ($user != $orig) {
$ok = false;
$data['error'] = "Username cannot include '.', '_', '/' or Tab";
$data['user'] = $user;
}
}
if ($ok === true) {
foreach ($disallow as $patt) {
if (preg_match($patt, $user) === 1) {
$ok = false;
$data['error'] = 'Disallowed username';
break;
}
}
}
if ($ok === true) {
$ans = userReg($user, $mail, $pass);
if ($ans['STATUS'] == 'ok') {
gopage($info, $data, 'doreg2', $page, $menu, $name, $u, true, true, false);
} else {
$data['error'] = "Invalid username, password or email address";
}
}
gopage($info, $data, 'doregres', $page, $menu, $name, $u, true, true, false);
}