public static function checkLogin()
{
// self::$LOGIN_COUNT = (int)authcode(get_cookie('iCMS_LOGIN_COUNT'),'DECODE');
// if(self::$LOGIN_COUNT>iCMS_LOGIN_COUNT) exit();
$a = iS::escapeStr($_POST['username']);
$p = iS::escapeStr($_POST['password']);
$ip = iPHP::getIp();
$sep = iPHP_AUTH_IP ? '#=iCMS[' . $ip . ']=#' : '#=iCMS=#';
if (empty($a) && empty($p)) {
$auth = iPHP::get_cookie(self::$AUTH);
list($a, $p) = explode($sep, authcode($auth, 'DECODE'));
return self::check($a, $p);
} else {
$p = md5($p);
$crs = self::check($a, $p);
iDB::query("UPDATE `#iCMS@__members` SET `lastip`='" . $ip . "',`lastlogintime`='" . time() . "',`logintimes`=logintimes+1 WHERE `uid`='" . self::$userid . "'");
iPHP::set_cookie(self::$AUTH, authcode($a . $sep . $p, 'ENCODE'));
self::$AJAX && iPHP::json(array('code' => 1));
return $crs;
}
}
function do_save()
{
$uid = (int) $_POST['uid'];
$gender = (int) $_POST['gender'];
$type = $_POST['type'];
$username = iS::escapeStr($_POST['uname']);
$nickname = iS::escapeStr($_POST['nickname']);
$realname = iS::escapeStr($_POST['realname']);
$power = $_POST['power'] ? json_encode($_POST['power']) : '';
$cpower = $_POST['cpower'] ? json_encode($_POST['cpower']) : '';
$gid = 0;
$info = array();
$info['icq'] = iS::escapeStr($_POST['icq']);
$info['home'] = iS::escapeStr($_POST['home']);
$info['year'] = intval($_POST['year']);
$info['month'] = intval($_POST['month']);
$info['day'] = intval($_POST['day']);
$info['from'] = iS::escapeStr($_POST['from']);
$info['signature'] = iS::escapeStr($_POST['signature']);
$info = addslashes(serialize($info));
$_POST['pwd'] && ($password = md5($_POST['pwd']));
$username or iPHP::alert('账号不能为空');
if (iACP::is_superadmin()) {
$gid = (int) $_POST['gid'];
} else {
isset($_POST['gid']) && iPHP::alert('您没有权限更改角色');
}
$fields = array('gid', 'gender', 'username', 'nickname', 'realname', 'power', 'cpower', 'info');
$data = compact($fields);
if (empty($uid)) {
iDB::value("SELECT `uid` FROM `#iCMS@__members` where `username` ='{$username}' LIMIT 1") && iPHP::alert('该账号已经存在');
$_data = compact(array('password', 'regtime', 'lastip', 'lastlogintime', 'logintimes', 'post', 'type', 'status'));
$_data['regtime'] = time();
$_data['lastip'] = iPHP::getIp();
$_data['lastlogintime'] = time();
$_data['status'] = '1';
$data = array_merge($data, $_data);
iDB::insert('members', $data);
$msg = "账号添加完成!";
} else {
iDB::value("SELECT `uid` FROM `#iCMS@__members` where `username` ='{$username}' AND `uid` !='{$uid}' LIMIT 1") && iPHP::alert('该账号已经存在');
iDB::update('members', $data, array('uid' => $uid));
$password && iDB::query("UPDATE `#iCMS@__members` SET `password`='{$password}' WHERE `uid` ='" . $uid . "'");
$msg = "账号修改完成!";
}
iPHP::success($msg, 'url:' . APP_URI);
}
public function ACTION_report()
{
$this->auth or iPHP::code(0, 'iCMS:!login', 0, 'json');
$iid = (int) $_POST['iid'];
$uid = (int) $_POST['userid'];
$appid = (int) $_POST['appid'];
$reason = (int) $_POST['reason'];
$content = iS::escapeStr($_POST['content']);
$iid or iPHP::code(0, 'iCMS:error', 0, 'json');
$uid or iPHP::code(0, 'iCMS:error', 0, 'json');
$reason or $content or iPHP::code(0, 'iCMS:report:empty', 0, 'json');
$addtime = time();
$ip = iPHP::getIp();
$userid = user::$userid;
$status = 0;
$fields = array('appid', 'userid', 'iid', 'uid', 'reason', 'content', 'ip', 'addtime', 'status');
$data = compact($fields);
$id = iDB::insert('user_report', $data);
iPHP::code(1, 'iCMS:report:success', $id, 'json');
}
public function ACTION_add()
{
if (!iCMS::$config['comment']['enable']) {
iPHP::code(0, 'iCMS:comment:close', 0, 'json');
}
iPHP::app('user.class', 'static');
user::get_cookie() or iPHP::code(0, 'iCMS:!login', 0, 'json');
$seccode = iS::escapeStr($_POST['seccode']);
if (iCMS::$config['comment']['seccode']) {
iPHP::seccode($seccode, true) or iPHP::code(0, 'iCMS:seccode:error', 'seccode', 'json');
}
iPHP::app('user.msg.class', 'static');
$appid = (int) $_POST['appid'];
$iid = (int) $_POST['iid'];
$cid = (int) $_POST['cid'];
$suid = (int) $_POST['suid'];
$reply_id = (int) $_POST['id'];
$reply_uid = (int) $_POST['userid'];
$reply_name = iS::escapeStr($_POST['name']);
$title = iS::escapeStr($_POST['title']);
$content = iS::escapeStr($_POST['content']);
$iid or iPHP::code(0, 'iCMS:article:empty_id', 0, 'json');
$content or iPHP::code(0, 'iCMS:comment:empty', 0, 'json');
$fwd = iCMS::filter($content);
$fwd && iPHP::code(0, 'iCMS:comment:filter', 0, 'json');
$appid or $appid = iCMS_APP_ARTICLE;
$addtime = $_SERVER['REQUEST_TIME'];
$ip = iPHP::getIp();
$userid = user::$userid;
$username = user::$nickname;
$status = iCMS::$config['comment']['examine'] ? '0' : '1';
$up = '0';
$down = '0';
$quote = '0';
$floor = '0';
$fields = array('appid', 'cid', 'iid', 'suid', 'title', 'userid', 'username', 'content', 'reply_id', 'reply_uid', 'reply_name', 'addtime', 'status', 'up', 'down', 'ip', 'quote', 'floor');
$data = compact($fields);
$id = iDB::insert('comment', $data);
iDB::query("UPDATE `#iCMS@__article` SET comments=comments+1 WHERE `id` ='{$iid}' limit 1");
user::update_count($userid, 1, 'comments');
if (iCMS::$config['comment']['examine']) {
iPHP::code(0, 'iCMS:comment:examine', $id, 'json');
}
iPHP::code(1, 'iCMS:comment:success', $id, 'json');
}
