function decrypt($eid, $prefix = "JHC")
{
// 默认ID都加密了,不允许ID直接访问
if ($_GET['id'] && is_numeric($_GET['id'])) {
return 0;
}
if (strpos($eid, $prefix) === 0) {
$eid = substr($eid, 3);
return intval(Crypt::de($eid));
}
return $eid;
}
function __construct()
{
global $login_user;
global $partner;
// login as customer
if ($this->_get('token')) {
$cmd_user_id_viapm = intval(Crypt::de($this->_get('token')));
$login_user = D('CmsUsers')->getById($cmd_user_id_viapm);
Session::Set("login_user", $login_user);
Session::Set("via_pm", 1);
} else {
$login_user = Session::Get("login_user");
}
if (!empty($login_user)) {
$this->assign("login_user", $login_user);
$user_info = D(PM_NAME . "://UserInfo")->getUserInfo($login_user['id']);
if ($user_info && !$user_info['birthday']) {
$user_info['birthday'] = '1990-01-01';
// if(!$user_info['submit_time']) {
// $user_info['submit_time'] = date('Y-m-d');
// }
}
$this->user_info = $this->userinfo = $user_info;
define(USER_ID, $login_user['id']);
} else {
redirect("/");
}
$options = M("Options")->where("autoload = 'Y'")->select();
$INI = array();
foreach ($options as $index => $option) {
$INI[$option['option_name']] = $option['option_value'];
}
$this->assign("INI", $INI);
// 安全过滤
foreach ($_POST as $k => $v) {
if (!is_array($v)) {
$v = preg_replace('/script.*?\\/script/is', '', $v);
$v = preg_replace('/alert\\(.*?\\)/is', '', $v);
$v = str_replace(array('eval', 'function', 'onerror', 'alert'), '', $v);
// $_POST[$k] = htmlspecialchars($v);
}
}
// $this->user_info_items = $this->get_user_info();
}
static function decrypt_id($eid, $prefix = "CYD")
{
if (strpos($eid, $prefix) === 0) {
$eid = substr($eid, 3);
return intval(Crypt::de($eid));
}
return $eid;
}
function decrypt_id($eid, $prefix = "XSZZ")
{
if (strpos($eid, $prefix) === 0) {
$eid = substr($eid, 4);
return Crypt::de($eid);
}
return $eid;
}
public function verify_repass()
{
$id = Crypt::de($this->_param("id"));
$repasscode = $this->_param("repasscode");
$user = D("CmsUsers")->where(array("id" => $id, "repasscode" => $repasscode))->find();
if ($user) {
//为保证安全,用户信息保存在session中,确认修改后再删除
Session::set("repass_user", $user);
$this->display();
} else {
$this->display("repass_fail");
}
}
function decrypt_id($eid)
{
if (strpos($eid, 'JXD') === 0) {
$eid = substr($eid, 3);
return Crypt::de($eid);
}
return $eid;
}
