/** * AJAX验证 * */ public function checkOp(){ if (checkSeccode($_GET['nchash'],$_GET['captcha'])){ exit('true'); }else{ exit('false'); } }
public function RegisterOp() { if (!Security::checkToken()) { showMessage('登录错误', '', '', 'error'); } if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { showMessage('验证码错误', '', '', 'error'); } $model_seller = Model('seller'); $seller_info = $model_seller->getSellerInfo(array('seller_name' => $_POST['seller_name'])); if ($seller_info) { $model_member = Model('member'); $member_info = $model_member->infoMember(array('member_id' => $seller_info['member_id'], 'member_passwd' => md5($_POST['password']))); if ($member_info) { // 更新卖家登陆时间 $model_seller->editSeller(array('last_login_time' => TIMESTAMP), array('seller_id' => $seller_info['seller_id'])); $model_seller_group = Model('seller_group'); $seller_group_info = $model_seller_group->getSellerGroupInfo(array('group_id' => $seller_info['seller_group_id'])); $model_store = Model('store'); $store_info = $model_store->getStoreInfoByID($seller_info['store_id']); $_SESSION['is_login'] = '******'; $_SESSION['member_id'] = $member_info['member_id']; $_SESSION['member_name'] = $member_info['member_name']; $_SESSION['member_email'] = $member_info['member_email']; $_SESSION['is_buy'] = $member_info['is_buy']; $_SESSION['avatar'] = $member_info['member_avatar']; $_SESSION['grade_id'] = $store_info['grade_id']; $_SESSION['seller_id'] = $seller_info['seller_id']; $_SESSION['seller_name'] = $seller_info['seller_name']; $_SESSION['seller_is_admin'] = intval($seller_info['is_admin']); $_SESSION['store_id'] = intval($seller_info['store_id']); $_SESSION['store_name'] = $store_info['store_name']; $_SESSION['seller_limits'] = explode(',', $seller_group_info['limits']); if ($seller_info['is_admin']) { $_SESSION['seller_group_name'] = '管理员'; } else { $_SESSION['seller_group_name'] = $seller_group_info['group_name']; } if (!$seller_info['last_login_time']) { $seller_info['last_login_time'] = TIMESTAMP; } $_SESSION['seller_last_login_time'] = date('Y-m-d H:i', $seller_info['last_login_time']); $seller_menu = $this->getSellerMenuList($seller_info['is_admin'], explode(',', $seller_group_info['limits'])); $_SESSION['seller_menu'] = $seller_menu['seller_menu']; $_SESSION['seller_function_list'] = $seller_menu['seller_function_list']; if (!empty($seller_info['seller_quicklink'])) { $quicklink_array = explode(',', $seller_info['seller_quicklink']); foreach ($quicklink_array as $value) { $_SESSION['seller_quicklink'][$value] = $value; } } $this->recordSellerLog('登录成功'); showMessage('登录成功', 'index.php?act=seller_center'); } else { showMessage('用户名密码错误', '', '', 'error'); } } else { showMessage('用户名密码错误', '', '', 'error'); } }
/** * 不进行父类的登录验证,所以增加构造方法重写了父类的构造方法 */ public function __construct() { import('function.seccode'); Language::read('common,layout,login'); if (isset($_POST) && !empty($_POST)) { //登录验证 $obj_validate = new Validate(); $obj_validate->validateparam = array(array("input" => $_POST["user_name"], "require" => "true", "message" => L('login_index_username_null')), array("input" => $_POST["password"], "require" => "true", "message" => L('login_index_password_null')), array("input" => $_POST["captcha"], "require" => "true", "message" => L('login_index_checkcode_null'))); $error = $obj_validate->validate(); if ($error != '') { showMessage(L('error') . $error, '', 'error'); } else { if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { showMessage(L('login_index_checkcode_wrong') . $error); } $model = Model(); $array = array(); $array['admin_name'] = trim($_POST['user_name']); $array['admin_password'] = md5(trim($_POST['password'])); $admin_info = $model->table('admin')->where($array)->find(); if (is_array($admin_info) and !empty($admin_info)) { $this->systemSetKey(array('name' => $admin_info['admin_name'], 'id' => $admin_info['admin_id'])); $update_info = array('admin_login_num' => $admin_info['admin_login_num'] + 1, 'admin_login_time' => TIMESTAMP); $model->table('admin')->where(array('admin_id' => $admin_info['admin_id']))->update($update_info); $_SESSION['admin_login'] = 1; @header('Location: index.php'); exit; } else { showMessage(L('login_index_username_password_wrong'), 'index.php?act=login&op=login', 'error'); } } } Tpl::output('nchash', substr(md5(ADMIN_SITE_URL . $_GET['act'] . $_GET['op']), 0, 8)); Tpl::output('html_title', $lang['login_index_manage_login']); Tpl::showpage('login', 'login_layout'); }
/** * 添加转发 */ public function addforwardOp(){ // 验证用户是否登录 $this->checkLoginStatus(); $obj_validate = new Validate(); $stid = intval($_POST["stid"]); $validate_arr[] = array("input"=>$_POST["forwardcontent"], "validator"=>'Length',"min"=>0,"max"=>140,"message"=>Language::get('sns_content_beyond')); //发帖数超过最大次数出现验证码 if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){ $validate_arr[] = array("input"=>$_POST["captcha"], "require"=>"true","message"=>Language::get('wrong_null')); } $obj_validate -> validateparam = $validate_arr; $error = $obj_validate->validate(); if ($error != ''){ showDialog($error,'','error'); } //发帖数超过最大次数出现验证码 if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){ if (!checkSeccode($_POST['nchash'],$_POST['captcha'])){ showDialog(Language::get('wrong_checkcode'),'','error'); } } //查询会员信息 $model = Model(); $member_info = $model->table('member')->where(array('member_state'=>1))->find($_SESSION['member_id']); if (empty($member_info)){ showDialog(Language::get('sns_member_error'),'','error'); } //查询原帖信息 $model_stracelog = Model('store_sns_tracelog'); $stracelog_info = $model_stracelog->getStoreSnsTracelogInfo(array('strace_id' => $stid)); if (empty($stracelog_info)){ showDialog(Language::get('sns_forward_fail'),'','error'); } if($stracelog_info['strace_content'] == ''){ $data = json_decode($stracelog_info['strace_goodsdata'],true); if( CHARSET == 'GBK') { foreach ((array)$data as $k=>$v){ $data[$k] = Language::getUTF8($v); } } $stracelog_info['strace_content'] = $model_stracelog->spellingStyle($stracelog_info['strace_type'], $data); } $insert_arr = array(); $insert_arr['trace_originalid'] = 0; $insert_arr['trace_originalmemberid'] = 0; $insert_arr['trace_originalstate'] = 0; $insert_arr['trace_memberid'] = $member_info['member_id']; $insert_arr['trace_membername'] = $member_info['member_name']; $insert_arr['trace_memberavatar'] = $member_info['member_avatar']; $insert_arr['trace_title'] = $_POST['forwardcontent']?$_POST['forwardcontent']:Language::get('sns_forward'); $insert_arr['trace_content'] = "<dl class=\"fd-wrap\"> <dt> <h3><a href=\"index.php?act=store_snshome&sid=".$stracelog_info['strace_storeid']."\" target=\"_blank\">".$stracelog_info['strace_storename']."</a>".Language::get('nc_colon')." ".$stracelog_info['strace_title']."</h3> </dt> <dd>".$stracelog_info['strace_content']."</dd> <dl>"; $insert_arr['trace_addtime'] = time(); $insert_arr['trace_state'] = 0; $insert_arr['trace_privacy'] = 0; $insert_arr['trace_commentcount'] = 0; $insert_arr['trace_copycount'] = 0; $insert_arr['trace_orgcommentcount'] = 0; $insert_arr['trace_orgcopycount'] = 0; $insert_arr['trace_from'] = 2; $result = $model->table('sns_tracelog')->insert($insert_arr); if ($result){ //更新动态转发次数 $where = array('strace_id'=>$stid); $update = array('strace_spread'=>array('exp', 'strace_spread+1')); Model('store_sns_tracelog')->editStoreSnsTracelog($update, $where); showDialog(Language::get('sns_forward_succ'),'','succ'); }else { showDialog(Language::get('sns_forward_fail'),'','error'); } }
/** * 添加转发 */ public function addforwardOp(){ $obj_validate = new Validate(); $originalid = intval($_POST["originalid"]); $validate_arr[] = array("input"=>$originalid, "require"=>"true",'validator'=>'Compare',"operator"=>' > ','to'=>0,"message"=>Language::get('sns_forward_fail')); $validate_arr[] = array("input"=>$_POST["forwardcontent"], "validator"=>'Length',"min"=>0,"max"=>140,"message"=>Language::get('sns_content_beyond')); //发帖数超过最大次数出现验证码 if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){ $validate_arr[] = array("input"=>$_POST["captcha"], "require"=>"true","message"=>Language::get('wrong_null')); } $obj_validate -> validateparam = $validate_arr; $error = $obj_validate->validate(); if ($error != ''){ showDialog($error,'','error'); } //发帖数超过最大次数出现验证码 if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){ if (!checkSeccode($_POST['nchash'],$_POST['captcha'])){ showDialog(Language::get('wrong_checkcode'),'','error'); } } //查询会员信息 $member_model = Model('member'); $member_info = $member_model->getMemberInfo(array('member_id'=>$_SESSION['member_id'],'member_state'=>1)); if (empty($member_info)){ showDialog(Language::get('sns_member_error'),'','error'); } //查询原帖信息 $tracelog_model = Model('sns_tracelog'); $tracelog_info = $tracelog_model->getTracelogRow(array('trace_id'=>"{$originalid}",'trace_state'=>"0")); if (empty($tracelog_info)){ showDialog(Language::get('sns_forward_fail'),'','error'); } $insert_arr = array(); $insert_arr['trace_originalid'] = $tracelog_info['trace_originalid']>0?$tracelog_info['trace_originalid']:$originalid;//如果被转发的帖子为原帖的话,那么为原帖ID;如果被转发的帖子为转帖的话,那么为该转帖的原帖ID(即最初始帖子ID) $insert_arr['trace_originalmemberid'] = $tracelog_info['trace_originalid']>0?$tracelog_info['trace_originalmemberid']:$tracelog_info['trace_memberid']; $insert_arr['trace_memberid'] = $_SESSION['member_id']; $insert_arr['trace_membername'] = $_SESSION['member_name']; $insert_arr['trace_memberavatar'] = $member_info['member_avatar']; $insert_arr['trace_title'] = $_POST['forwardcontent']?$_POST['forwardcontent']:Language::get('sns_forward'); if ($tracelog_info['trace_originalid'] > 0 || $tracelog_info['trace_from'] != 1){ $insert_arr['trace_content'] = addslashes($tracelog_info['trace_content']); }else { $content_str ="<div class=\"title\"><a href=\"%siteurl%index.php?act=member_snshome&mid={$tracelog_info['trace_memberid']}\" target=\"_blank\" class=\"uname\">{$tracelog_info['trace_membername']}</a>"; $content_str .= Language::get('nc_colon')."{$tracelog_info['trace_title']}</div>"; $content_str .=addslashes($tracelog_info['trace_content']); $insert_arr['trace_content'] = $content_str; } $insert_arr['trace_addtime'] = time(); $insert_arr['trace_state'] = '0'; if ($tracelog_info['trace_privacy'] >0){ $insert_arr['trace_privacy'] = 2;//因为动态可见权限跟转帖功能,本身就是矛盾的,为了防止可见度无法控制,所以如果原帖不为所有人可见,那么转帖的动态权限就为仅自己可见,否则为所有人可见 }else { $insert_arr['trace_privacy'] = 0; } $insert_arr['trace_commentcount'] = 0; $insert_arr['trace_copycount'] = 0; $insert_arr['trace_orgcommentcount'] = $tracelog_info['trace_orgcommentcount']; $insert_arr['trace_orgcopycount'] = $tracelog_info['trace_orgcopycount']; $result = $tracelog_model->tracelogAdd($insert_arr); if ($result){ //更新动态转发次数 $tracelog_model = Model('sns_tracelog'); $update_arr = array(); $update_arr['trace_copycount'] = array('sign'=>'increase','value'=>'1'); $update_arr['trace_orgcopycount'] = array('sign'=>'increase','value'=>'1'); $condition = array(); //原始贴和被转帖都增加转帖次数 if ($tracelog_info['trace_originalid'] > 0){ $condition['traceid_in'] = "{$tracelog_info['trace_originalid']}','{$originalid}"; }else { $condition['trace_id'] = "$originalid"; } $tracelog_model->tracelogEdit($update_arr,$condition); unset($condition); //更新所有转帖的原帖转发次数 $condition = array(); //原始贴和被转帖都增加转帖次数 if ($tracelog_info['trace_originalid'] > 0){ $condition['trace_originalid'] = "{$tracelog_info['trace_originalid']}"; }else { $condition['trace_originalid'] = "$originalid"; } $tracelog_model->tracelogEdit(array('trace_orgcopycount'=>$tracelog_info['trace_orgcopycount']+1),$condition); if ($_GET['irefresh']){ //建立cookie if (cookie('forwardnum') != null && intval(cookie('forwardnum')) >0){ setNcCookie('forwardnum',intval(cookie('forwardnum'))+1,2*3600);//保存2小时 }else{ setNcCookie('forwardnum',1,2*3600);//保存2小时 } if ($_GET['type']=='home'){ $js = "$('#friendtrace').lazyshow({url:\"index.php?act=member_snshome&op=tracelist&mid={$tracelog_info['trace_memberid']}&curpage=1\",'iIntervalId':true});"; }else if ($_GET['type']=='snshome'){ $js = "$('#forward_".$originalid."').hide();$('#friendtrace').lazyshow({url:\"index.php?act=member_snshome&op=tracelist&mid={$tracelog_info['trace_memberid']}&curpage=1\",'iIntervalId':true});"; }else { $js = "$('#friendtrace').lazyshow({url:\"index.php?act=member_snsindex&op=tracelist&curpage=1\",'iIntervalId':true});"; } showDialog(Language::get('sns_forward_succ'),'','succ',$js); }else { showDialog(Language::get('sns_forward_succ'),'','succ'); } }else { showDialog(Language::get('sns_forward_fail'),'','error'); } }
/** * 新浪微博账号绑定已有用户 */ public function loginOp() { //实例化模型 $model_member = Model('member'); //检查登录状态 $model_member->checkloginMember(); if (!empty($_POST) && strtolower($_POST['form_submit']) == 'ok') { //登录验证 $obj_validate = new Validate(); $obj_validate->validateparam = array(array("input" => $_POST["user_name"], "require" => "true", "message" => Language::get('login_index_username_isnull')), array("input" => $_POST["password"], "require" => "true", "message" => Language::get('login_index_password_isnull'))); $error = $obj_validate->validate(); if ($error != '') { showMessage(Language::get('error') . $error, '', 'html', 'error'); } else { if (C('captcha_status_login') == '1') { $captcha_login = trim($_POST['captcha_login']); if (!$captcha_login) { showMessage(Language::get('login_usersave_code_isnull'), '', 'html', 'error'); } if (!checkSeccode($_POST['nchash'], $captcha_login)) { showMessage(Language::get('login_usersave_wrong_code'), '', 'html', 'error'); } } if ($GLOBALS['setting_config']['ucenter_status'] == '1') { //Ucenter处理 $model_ucenter = Model('ucenter'); $member_id = $model_ucenter->userLogin(trim($_POST['user_name']), trim($_POST['password'])); if (intval($member_id) <= 0) { showMessage(Language::get('login_index_login_again'), SiteUrl . '/index.php?act=login', 'html', 'error'); exit; } } $array = array(); $array['member_name'] = trim($_POST['user_name']); $array['member_passwd'] = md5(trim($_POST['password'])); $member_info = $model_member->infoMember($array); if (is_array($member_info) and !empty($member_info)) { if (!$member_info['member_state']) { //1为启用 0 为禁用 showMessage(Language::get('nc_notallowed_login'), '', 'html', 'error'); } /** * 登录时间更新 */ $update_info = array('member_login_num' => $member_info['member_login_num'] + 1, 'member_login_time' => time(), 'member_old_login_time' => $member_info['member_login_time'], 'member_login_ip' => getIp(), 'member_old_login_ip' => $member_info['member_login_ip'], 'member_sinaopenid' => $_SESSION['slast_key']['uid']); //sina openid //处理sina账号信息 $sina_arr = array(); if (trim($_POST['loginsname'])) { $sina_arr['name'] = trim($_POST['loginsname']); } $sina_str = ''; if (is_array($sina_arr) && count($sina_arr) > 0) { $sina_str = serialize($sina_arr); } $update_info['member_sinainfo'] = $sina_str; //sina 信息 $model_member->updateMember($update_info, $member_info['member_id']); /** * 写入session */ $_SESSION['is_login'] = '******'; $_SESSION['is_seller'] = intval($member_info['store_id']) == 0 ? '' : 1; $_SESSION['member_id'] = $member_info['member_id']; $_SESSION['member_name'] = $member_info['member_name']; $_SESSION['member_email'] = $member_info['member_email']; //查询店铺信息 $store_model = Model('store'); $store_info = $store_model->shopStore(array('store_id' => $member_info['store_id'])); if (is_array($store_info) && count($store_info) > 0) { $_SESSION['store_id'] = $store_info['store_id']; $_SESSION['store_name'] = $store_info['store_name']; $_SESSION['grade_id'] = $store_info['grade_id']; } //添加会员积分 if ($GLOBALS['setting_config']['points_isuse'] == 1) { $points_model = Model('points'); $points_model->savePointsLog('login', array('pl_memberid' => $_SESSION['member_id'], 'pl_membername' => $_SESSION['member_name']), true); } /** * 同步登录通知 */ $success_message = Language::get('login_index_login_success'); if ($GLOBALS['setting_config']['ucenter_status'] == '1') { $out_str = $model_ucenter->outputLogin($member_info['member_id'], trim($_POST['password'])); $success_message = $success_message . $out_str; } /** * 返回信息 */ showMessage($success_message, SiteUrl); } else { /** * 返回信息 */ showMessage(Language::get('login_index_login_again'), '', 'html', 'error'); } } } else { //获取新浪微博账号信息 require_once BasePath . DS . 'api' . DS . 'sina' . DS . 'get_user_info.php'; $sinauser_info = get_user_info($GLOBALS['setting_config']['sina_wb_akey'], $GLOBALS['setting_config']['sina_wb_skey'], $_SESSION['slast_key']['oauth_token'], $_SESSION['slast_key']['oauth_token_secret'], $_SESSION['slast_key']['user_id']); Tpl::output('sinauser_info', $sinauser_info); Tpl::output('nchash', substr(md5(SiteUrl . $_GET['act'] . $_GET['op']), 0, 8)); Tpl::showpage('sconnect_register'); } }
/** * 检测FORM是否提交 * @param $check_token 是否验证token * @param $check_captcha 是否验证验证码 * @param $return_type 'alert','num' * @return boolean */ function chksubmit($check_token = false, $check_captcha = false, $return_type = 'alert') { $submit = isset($_POST['form_submit']) ? $_POST['form_submit'] : $_GET['form_submit']; if ($submit != 'ok') { return false; } if ($check_token && !Security::checkToken()) { if ($return_type == 'alert') { showDialog('Token error!'); } else { return -11; } } if ($check_captcha) { if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { setNcCookie('seccode' . $_POST['nchash'], '', -3600); if ($return_type == 'alert') { showDialog('验证码错误!'); } else { return -12; } } setNcCookie('seccode' . $_POST['nchash'], '', -3600); } return true; }
/** * 找回密码的发邮件处理 */ public function find_passwordOp() { /** * 读取语言包 */ Language::read('home_login_register'); $lang = Language::getLangContent(); /** * 表单合法性验证 */ if ($_POST['form_submit'] != 'ok') { showMessage($lang['login_password_enter_find'], 'index.php?act=login2&op=forget_password'); } /** * 验证码验证 */ if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { showMessage($lang['login_usersave_wrong_code'], '', 'html', 'error'); } /** * 用户名验证 */ if (empty($_POST['username'])) { showMessage($lang['login_password_input_username'], '', 'html', 'error'); } $member_model = Model('member'); $member = $member_model->infoMember(array('member_name' => $_POST['username'])); if (empty($member) or !is_array($member)) { showMessage($lang['login_password_username_not_exists'], '', 'html', 'error'); } /** * 原始手机验证 */ if (empty($_POST['mobile'])) { showMessage($lang['login_password_input_mobile'], '', 'html', 'error'); } if (strtoupper($_POST['mobile']) != strtoupper($member['member_mobile'])) { showMessage($lang['login_password_mobile_not_exists'], '', 'html', 'error'); } /** * 产生密码 */ $new_password = rand(100000, 999999); if (!$member_model->updateMember(array('member_passwd' => md5($new_password)), $member['member_id'])) { showMessage($lang['login_password_email_fail'], '', 'html', 'error'); } /** * 忘记密码发送短信---------------------------------------------------------------------------------------------------------- */ $phone_zc = $_POST['mobile']; //注册填写的手机号 $youghu = $_POST['username']; //输入的用户名 $xinmima = $new_password; //新密码 $user = $GLOBALS['setting_config']['dxuser']; //短信接口账号 $passwd = $GLOBALS['setting_config']['dxmima']; //短信接口密码 $message_mj = $GLOBALS['setting_config']['husjqm']; //手机取回密码短信内容 $gateway_1 = $GLOBALS['setting_config']['husjqmjk']; //HTTP_POST接口 $gateway_1 = iconv("UTF-8", "GB2312//IGNORE", $gateway_1); $rccc_1 = @file_get_contents($gateway_1); //短信发送结束------------------------------------------------------------------------------------------------------------ /** * 发送邮件 */ $result = $this->send_notice($member['member_id'], 'email_touser_find_password', array('site_name' => $GLOBALS['setting_config']['site_name'], 'site_url' => SiteUrl, 'user_name' => $_POST['username'], 'new_password' => $new_password), false); if ($result) { if (C('ucenter_status')) { /** * Ucenter处理 */ $model_ucenter = Model('ucenter'); $model_ucenter->userEdit(array('login_name' => $_POST['username'], '', 'password' => trim($new_password))); } showMessage($lang['login_password_mobile_success'], SiteUrl); } else { showMessage($lang['login_password_mobile_fail'], '', 'html', 'error'); } }
/** * 商品咨询添加 */ public function save_consultajaxOp() { //检查是否可以评论 if (!C('guest_comment') && !$_SESSION['member_id']) { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_noallow'))); die; } $goods_id = intval($_GET['goods_id']); if ($goods_id <= 0) { echo json_encode(array('done' => 'false', 'msg' => Language::get('wrong_argument'))); die; } //咨询内容的非空验证 if (trim($_GET['goods_content']) == "") { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_input_consult'))); die; } //验证码验证 if (C('captcha_status_goodsqa') == '1' && !checkSeccode($_GET['nchash'], $_GET['captcha'])) { echo json_encode(array('done' => 'false', 'msg' => Language::get('wrong_checkcode'))); die; } if (check_repeat('comment')) { echo json_encode(array('done' => 'false', 'msg' => Language::get('nc_common_op_repeat'))); die; } if ($_SESSION['member_id']) { //查询会员信息 $member_model = Model('member'); $member_info = $member_model->infoMember(array('member_id' => "{$_SESSION['member_id']}")); if (empty($member_info) || $member_info['is_allowtalk'] == 0) { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_noallow'))); die; } } //判断商品编号的存在性和合法性 $goods = Model('goods'); $goods_info = array(); $goods_info = $goods->checkGoods(array('goods_id' => "{$goods_id}")); if (empty($goods_info)) { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_not_exists'))); die; } //判断是否是店主本人 if ($_SESSION['store_id'] && $goods_info['store_id'] == $_SESSION['store_id']) { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_consult_store_error'))); die; } //检查店铺状态 $store_model = Model('store'); $store_info = $store_model->shopStore(array('store_id' => "{$goods_info['store_id']}")); if ($store_info['store_state'] == '0' || intval($store_info['store_state']) == '2' || intval($store_info['store_end_time']) != 0 && $store_info['store_end_time'] <= time()) { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_store_closed'))); die; } //接收数据并保存 $input = array(); $input['goods_id'] = $goods_id; $input['cgoods_name'] = $goods_info['goods_name']; $input['member_id'] = intval($_SESSION['member_id']) > 0 ? $_SESSION['member_id'] : 0; $input['cmember_name'] = $_SESSION['member_name'] ? $_SESSION['member_name'] : ''; $input['seller_id'] = $store_info['member_id']; $input['email'] = $_GET['email']; if (strtoupper(CHARSET) == 'GBK') { $input['consult_content'] = Language::getGBK($_GET['goods_content']); } else { $input['consult_content'] = $_GET['goods_content']; } $input['isanonymous'] = $_GET['hide_name'] == 'hide' ? 1 : 0; $consult_model = Model('consult'); if ($consult_model->addConsult($input)) { echo json_encode(array('done' => 'true')); die; } else { echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_consult_fail'))); die; } }
/** * 检测FORM是否提交 * @param $check_token 是否验证token * @param $check_captcha 是否验证验证码 * @param $return_type 'alert','num' * @return boolean */ function chksubmit($check_token = false, $check_captcha = false, $return_type = 'alert') { $submit = isset($_POST['form_submit']) ? $_POST['form_submit'] : $_GET['form_submit']; if ($submit != 'ok') { return false; } if ($check_token && !Security::checkToken()) { if ($return_type == 'alert') { showDialog('Token error!'); } else { return -11; } } if ($check_captcha) { if (!function_exists('checkSeccode')) { import('function.seccode'); } if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { if ($return_type == 'alert') { showDialog('Verification code error!'); } else { return -12; } } } return true; }
/** * 找回密码 */ public function find_passwordOp() { if (checkSeccode($_POST['nchash'], $_POST['captcha'])) { if (C('sms_password') != 1) { showDialog('系统没有开启手机找回密码功能', '', 'error'); } $phone = $_POST['phone']; $captcha = $_POST['sms_captcha']; $condition = array(); $condition['log_phone'] = $phone; $condition['log_captcha'] = $captcha; $condition['log_type'] = 3; $model_sms_log = Model('sms_log'); $sms_log = $model_sms_log->getSmsInfo($condition); if (empty($sms_log) || $sms_log['add_time'] < TIMESTAMP - 1800) { //半小时内进行验证为有效 showDialog('动态码错误或已过期,重新输入', '', 'error'); } $model_member = Model('member'); $member = $model_member->getMemberInfo(array('member_mobile' => $phone)); //检查手机号是否已被注册 if (!empty($member)) { $new_password = md5($_POST['password']); $model_member->editMember(array('member_id' => $member['member_id']), array('member_passwd' => $new_password)); $model_member->createSession($member); //自动登录 showDialog('密码修改成功', urlMember('member_information', 'member'), 'succ'); } } }
/** * 找回密码的发邮件处理 */ public function find_passwordOp() { /** * 读取语言包 */ Language::read('home_login_register'); $lang = Language::getLangContent(); /** * 表单合法性验证 */ if ($_POST['form_submit'] != 'ok') { showMessage($lang['login_password_enter_find'], 'index.php?act=login&op=forget_password'); } /** * 验证码验证 */ if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { showMessage($lang['login_usersave_wrong_code'], '', 'html', 'error'); } /** * 用户名验证 */ if (empty($_POST['username'])) { showMessage($lang['login_password_input_username'], '', 'html', 'error'); } $member_model = Model('member'); $member = $member_model->infoMember(array('member_name' => $_POST['username'])); if (empty($member) or !is_array($member)) { showMessage($lang['login_password_username_not_exists'], '', 'html', 'error'); } /** * 邮箱验证 */ if (empty($_POST['email'])) { showMessage($lang['login_password_input_email'], '', 'html', 'error'); } if (strtoupper($_POST['email']) != strtoupper($member['member_email'])) { showMessage($lang['login_password_email_not_exists'], '', 'html', 'error'); } /** * 产生密码 */ $new_password = rand(100000, 999999); if (!$member_model->updateMember(array('member_passwd' => md5($new_password)), $member['member_id'])) { showMessage($lang['login_password_email_fail'], '', 'html', 'error'); } /** * 发送邮件 */ $result = $this->send_notice($member['member_id'], 'email_touser_find_password', array('site_name' => $GLOBALS['setting_config']['site_name'], 'site_url' => SiteUrl, 'user_name' => $_POST['username'], 'new_password' => $new_password), false); if ($result) { if (C('ucenter_status')) { /** * Ucenter处理 */ $model_ucenter = Model('ucenter'); $model_ucenter->userEdit(array('login_name' => $_POST['username'], '', 'password' => trim($new_password))); } showMessage($lang['login_password_email_success'], SiteUrl); } else { showMessage($lang['login_password_email_fail'], '', 'html', 'error'); } }
/** * 不进行父类的登录验证,所以增加构造方法重写了父类的构造方法 */ public function __construct() { Language::read('common,layout,login'); $lang = Language::getLangContent(); if (chksubmit()) { /** * 检查提交 */ Security::checkToken(); /** * 登录验证 */ $obj_validate = new Validate(); $obj_validate->validateparam = array(array("input" => $_POST["user_name"], "require" => "true", "message" => $lang['login_index_username_null']), array("input" => $_POST["password"], "require" => "true", "message" => $lang['login_index_password_null']), array("input" => $_POST["captcha"], "require" => "true", "message" => $lang['login_index_checkcode_null'])); $error = $obj_validate->validate(); if ($error != '') { showMessage($lang['error'] . $error); } else { if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) { showMessage($lang['login_index_checkcode_wrong'] . $error); } /** * 验证登录 * 目前为 都可以登录 */ $model_admin = Model('admin'); $array = array(); $array['admin_name'] = trim($_POST['user_name']); $array['admin_password'] = md5(trim($_POST['password'])); $admin_info = $model_admin->infoAdmin($array); if (is_array($admin_info) and !empty($admin_info)) { $login_array = array(); $login_array['name'] = $admin_info['admin_name']; $login_array['id'] = $admin_info['admin_id']; /** * 判断是否有登录权限 * 暂时对admin_info进行赋值用来做权限验证 */ $this->setAdminInfo($login_array); $this->checkPermission('login'); /** * 加密 写入cookie */ $authkey = md5(C('setup_date') . MD5_KEY); setNcCookie('sys_key', encrypt(serialize($login_array), $authkey)); /** * 登录时间更新 */ $update_info = array('admin_id' => $admin_info['admin_id'], 'admin_login_num' => $admin_info['admin_login_num'] + 1, 'admin_login_time' => time()); $model_admin->updateAdmin($update_info); @header('Location: index.php'); exit; } else { showMessage($lang['login_index_username_password_wrong'], 'index.php?act=login&op=login'); } } } Tpl::output('nchash', substr(md5(SiteUrl . $_GET['act'] . $_GET['op']), 0, 8)); Tpl::output('html_title', $lang['login_index_need_login']); Tpl::showpage('login', 'login_layout'); }