/**
* 会员登陆
* @author 肖飞
* @param array $arrUser 会员信息数组
* @return void
*/
public function userLogin($arrData, $isEncryption = 0, $jamStr)
{
if (!check::CheckUser($arrData['User'])) {
check::AlertExit("输入的用户名必须是4-20字符之间的数字、字母或中文!", -1);
return false;
}
if (!check::CheckPassword($arrData['Pass'])) {
check::AlertExit("输入的密码必须是4-20字符之间的数字、字母!", -1);
return false;
}
$strPassTemp = $arrData['Pass'];
if ($isEncryption) {
$strPassTemp = check::strEncryption($strPassTemp, $jamStr);
}
$strSQL = "SELECT * FROM {$this->tablename2} WHERE user_name = ? and password = ?";
$rs = $this->db->prepare($strSQL);
$rs->execute(array($arrData['User'], $strPassTemp));
if ($arr = $rs->fetchAll()) {
$arr = current($this->loadTableFieldG($arr));
$user_id = '';
$user_name = '';
$password = '';
$real_name = '';
$user_group = '';
$user_popedom = '';
$submit_date = '';
$pass = '';
$email = '';
$tel = '';
$company_cn = '';
$user_type = '';
$user_bonus = '';
$_SESSION['user_id'] = $arr['user_id'];
$_SESSION['user_name'] = $arr['user_name'];
$_SESSION['password'] = $arr['password'];
$_SESSION['user_group'] = $arr['user_group'];
$_SESSION['user_grade'] = $arr['user_grade'];
$_SESSION['user_popedom'] = $arr['user_popedom'];
$_SESSION['real_name'] = $arr['real_name'];
$_SESSION['email'] = $arr['email'];
$_SESSION['tel'] = $arr['tel'];
$_SESSION['company_cn'] = $arr['company_cn'];
$_SESSION['user_type'] = $arr['user_type'];
$_SESSION['user_bonus'] = $arr['user_bonus'];
$_SESSION['pass'] = $arr['pass'];
$_SESSION['province'] = $arr['province'];
$_SESSION['city'] = $arr['city'];
$_SESSION['type_id'] = $arr['type_id'];
$arrUpdate['user_ip'] = check::getIP();
$arrUpdate['lastlog '] = date('Y-m-d H:i:s');
$arrUpdate['user_id'] = $arr['user_id'];
$this->updateUser($arrUpdate);
return true;
} else {
return false;
}
}
* @subpackage mcenter
*/
require_once '../config/config.inc.php';
require_once "../class/mcenter.class.php";
require_once '../..' . __WEBADMIN_ROOT . '/checklogin.php';
$objWebInit = new mcenter();
$objWebInit->db();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//访问权限检查
if (!$objWebInit->checkPopedomG($_SESSION['user_id'], 'w')) {
check::AlertExit('对不起,您没有写权限', -1);
}
if (!check::CheckUser($_POST['user_name'])) {
check::AlertExit("输入的用户名必须是4-21字符之间的数字、字母,或7个中文!", -1);
}
if (!check::CheckPassword($_POST['password'])) {
check::AlertExit("输入的密码必须是4-21字符之间的数字、字母!", -1);
}
if (empty($_POST['user_id'])) {
check::AlertExit("用户ID不能为空!", -1);
}
if (empty($_POST['nick_name'])) {
check::AlertExit("用户昵称不能为空!", -1);
}
//如果两次密码不一致,说明,需要更新密码
if ($_POST['password'] != $_POST['oldpassword']) {
if (!empty($arrGWeb['user_pass_type'])) {
$_POST['password'] = check::strEncryption($_POST['password'], $arrGWeb['jamstr']);
}
}
unset($_POST['oldpassword']);
/**
* 会员登陆
* @author 肖飞
* @param array $arrUser 会员信息数组
* @return void
*/
public function userLogin($arrData, $isEncryption = 0, $jamStr, $isAlert = ture)
{
if (!check::CheckUser($arrData['User']) && !check::CheckEmailAddr($_POST['User']) && !check::CheckMobilePhone($_POST['User'])) {
if ($isAlert) {
check::AlertExit("输入的用户名必须是4-21字符之间的数字、字母,或7个中文!", -1);
} else {
return 0;
}
}
if (!check::CheckPassword($arrData['Pass'])) {
if ($isAlert) {
check::AlertExit("输入的密码必须是4-21字符之间的数字、字母!", -1);
}
return 0;
}
$strPassTemp = $arrData['Pass'];
if ($isEncryption) {
$strPassTemp = check::strEncryption($strPassTemp, $jamStr);
}
$strUserName = $arrData['User'];
if ($_SESSION['user_group'] == 3) {
$strSQL = "SELECT * FROM {$this->tablename1} WHERE user_name = '" . $strUserName . "' and status=1";
$rs = $this->db->query($strSQL);
} else {
$strSQL = "SELECT * FROM {$this->tablename1} WHERE user_name = '" . $strUserName . "' and password = '******' and status=1";
$rs = $this->db->query($strSQL);
if (!($arr = $rs->fetch(PDO::FETCH_ASSOC))) {
$strSQL = "SELECT * FROM {$this->tablename1} WHERE email = '" . $strUserName . "' and password = '******' and status=1";
$rs = $this->db->query($strSQL);
if (!($arr = $rs->fetch(PDO::FETCH_ASSOC))) {
$strSQL = "SELECT * FROM {$this->tablename1} WHERE mobile = '" . $strUserName . "' and password = '******' and status=1";
$rs = $this->db->query($strSQL);
$arr = $rs->fetch(PDO::FETCH_ASSOC);
}
}
}
if ($arr) {
if (is_array($_SESSION)) {
$_SESSION = array_merge($_SESSION, $arr);
} else {
$_SESSION = $arr;
}
$arrUpdate = array();
$arrUpdate['user_ip'] = check::getIP();
$arrUpdate['lastlog'] = date('Y-m-d H:i:s');
$arrUpdate['user_id'] = $arr['user_id'];
$arrUpdate['logtimes'] = ++$arr['logtimes'];
$arrUpdate['session_id'] = session_id();
$this->updateUser($arrUpdate);
return 1;
} else {
if ($isAlert) {
check::AlertExit("用户名或密码错误", -1);
} else {
return 0;
}
}
}