function into_action() { preg_match_all("/case=union&act=into&(.*)/isu",$_SERVER['QUERY_STRING'],$queryout); if(!empty($queryout[1][0])) { $userid = intval($queryout[1][0]); $r = $this->_union->getrow(array('userid'=>$userid)); if($r) { $time = time() -3600*24; $unionvisit = new union_visit(); $r_visit = $unionvisit->rec_select("userid=$userid AND visitip='".front::ip()."' AND visittime>$time",0,'*',' 1'); if(!$r_visit) { $rewardtype = union::getconfig('rewardtype'); $rewardnumber = union::getconfig('rewardnumber'); $user = $this->_user->getrow(array('userid'=>$userid)); $user['username']; switch($rewardtype) { case 'point': union::pointadd($user['username'],$rewardnumber,'union'); break; } $useridarr = array(); $useridarr['userid'] = $userid; $updatevisit = $this->_union->rec_update(array('visits'=>'[visits+1]'),$useridarr); if($this->_union->affected_rows()) { $useridarr['userid'] = $userid; $useridarr['visittime'] = time(); $useridarr['visitip'] = front::ip(); $useridarr['referer'] = $_SERVER['HTTP_REFERER']; if(preg_match('/select/i',$useridarr['referer']) || preg_match('/union/i',$useridarr['referer']) || preg_match('/"/i',$useridarr['referer']) ||preg_match('/\'/i',$useridarr['referer'])){ exit('非法参数'); } $unionvisit->rec_insert($useridarr); $union_visitid = $unionvisit->insert_id(); $cookietime = time() +union::getconfig('keeptime'); cookie::set('union_visitid',$union_visitid,$cookietime); cookie::set('union_userid',$userid,$cookietime); } } } } $url = union::getconfig('forward') ?union::getconfig('forward') : config::get('site_url'); header('location:'.$url); }
function register_action() { if(front::post('submit')) { if(!config::get('reg_on')) { front::flash(lang('网站已经关闭注册!')); return; } if(config::get('verifycode')) { if(!session::get('verify') ||front::post('verify')<>session::get('verify')) { front::flash(lang('验证码错误!')); return; } } if(front::post('username') != strip_tags(front::post('username')) ||front::post('username') != htmlspecialchars(front::post('username')) ) { front::flash(lang('用户名不规范!')); return; } if(strlen(front::post('username'))<4) { front::flash(lang('用户名太短!')); return; } if(strlen(front::post('e_mail'))<1) { front::flash(lang('请填写邮箱!')); return; } if(strlen(front::post('tel'))<1) { front::flash(lang('请填写手机号码!')); return; } if(front::post('username') &&front::post('password')) { $username=front::post('username'); $password=md5(front::post('password')); $e_mail=front::post('e_mail'); $tel=front::post('tel'); if(!preg_match('/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/', front::ip())&&!preg_match('@^\s*((([0-9A-Fa-f]{1,4}:){7}(([0-9A-Fa-f]{1,4})|:))|(([0-9A-Fa-f]{1,4}:){6}(:|((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})|(:[0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){5}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){4}(:[0-9A-Fa-f]{1,4}){0,1}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){0,2}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){0,3}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:)(:[0-9A-Fa-f]{1,4}){0,4}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(:(:[0-9A-Fa-f]{1,4}){0,5}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})))(%.+)?\s*$@', front::ip())){ exit('来源非法'); } $data=array( 'username'=>$username, 'password'=>$password, 'e_mail'=>$e_mail, 'tel'=>$tel, 'groupid'=>101, 'userip'=>front::ip() ); //phpox 2011-06-10 foreach($this->view->field as $f){ $name=$f['name']; if(!preg_match('/^my_/',$name)) { unset($field[$name]); continue; } if(!setting::$var['user'][$name]['showinreg']) { continue; } $data[$name] = front::post($name); } if($this->_user->getrow(array('username'=>$username))) { front::flash(lang('该用户名已被注册!')); return; } $insert=$this->_user->rec_insert($data); $_userid = $this->_user->insert_id(); if($insert){ if(config::get('sms_on') && config::get('sms_reg_on')){ sendMsg($tel,config::get('sms_reg')); } $cmsname = config::get('sitename'); if(config::get('email_reg_on')){ $this->sendmail($e_mail,"欢迎注册 $cmsname !",lang('尊敬的').$username.', '.lang('您好!欢迎你注册'.$cmsname.'!')); } front::flash(lang('注册成功!')); }else { front::flash(lang('注册失败!')); return; } if(union::getconfig('enabled')) { $union_visitid = intval(cookie::get('union_visitid')); $union_userid = intval(cookie::get('union_userid')); if($union_visitid &&$union_userid) { $union_reg = new union(); $r = $union_reg->getrow(array('userid'=>$union_userid)); if($r) { $union_reg->rec_update(array('registers'=>'[registers+1]'),array('userid'=>$union_userid)); if($union_reg->affected_rows()) { $union_visit_reg = new union_visit(); $union_visit_reg->rec_update(array('regusername'=>front::post('username'),'regtime'=>time()),array('visitid'=>$union_visitid)); $this->_user->rec_update(array('introducer'=>$union_userid),array('userid'=>$_userid)); $regrewardtype = union::getconfig('regrewardtype'); $regrewardnumber = union::getconfig('regrewardnumber'); switch($regrewardtype) { case 'point': union::pointadd($r['username'],$regrewardnumber,'union'); break; } } } } } $user=$data; cookie::set('login_username',$user['username']); cookie::set('login_password',front::cookie_encode($user['password'])); session::set('username',$user['username']); front::redirect(url::create('user')); exit; } else { front::flash(lang('注册失败!')); return; } } }