function EditSafeInfo($add) { global $empire, $dbtbpre, $public_r; $user_r = islogin(); //是否登陆 $userid = $user_r[userid]; $username = $user_r[username]; $rnd = $user_r[rnd]; //邮箱 $email = trim($add['email']); if (!$email || !chemail($email)) { printerror("EmailFail", "history.go(-1)", 1); } $email = RepPostStr($email); //验证原密码 $oldpassword = RepPostVar($add[oldpassword]); if (!$oldpassword) { printerror('FailOldPassword', '', 1); } $add[password] = RepPostVar($add[password]); $num = 0; $ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,password,salt') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'"); if (empty($ur['userid'])) { printerror('FailOldPassword', '', 1); } if (!eDoCkMemberPw($oldpassword, $ur['password'], $ur['salt'])) { printerror('FailOldPassword', '', 1); } //邮箱 $pr = $empire->fetch1("select regemailonly from {$dbtbpre}enewspublic limit 1"); if ($pr['regemailonly']) { $num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' and " . egetmf('userid') . "<>'{$userid}' limit 1"); if ($num) { printerror("ReEmailFail", "history.go(-1)", 1); } } //密码 $a = ''; $salt = ''; $truepassword = ''; if ($add[password]) { if ($add[password] !== $add[repassword]) { printerror('NotRepassword', 'history.go(-1)', 1); } $salt = eReturnMemberSalt(); $password = eDoMemberPw($add[password], $salt); $a = "," . egetmf('password') . "='{$password}'," . egetmf('salt') . "='{$salt}'"; $truepassword = $add[password]; } $sql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('email') . "='{$email}'" . $a . " where " . egetmf('userid') . "='{$userid}'"); if ($sql) { //易通行系统 DoEpassport('editpassword', $userid, $username, $truepassword, $salt, $email, $user_r['groupid'], ''); printerror("EditInfoSuccess", "../member/EditInfo/EditSafeInfo.php", 1); } else { printerror("DbError", "history.go(-1)", 1); } }
function register($add) { global $empire, $dbtbpre, $public_r, $ecms_config; //关闭注册 if ($public_r['register_ok']) { printerror('CloseRegister', '', 1); } //验证时间段允许操作 eCheckTimeCloseDo('reg'); //验证IP eCheckAccessDoIp('register'); if (!empty($ecms_config['member']['registerurl'])) { Header("Location:" . $ecms_config['member']['registerurl']); exit; } //已经登陆不能注册 if (getcvar('mluserid')) { printerror('LoginToRegister', '', 1); } CheckCanPostUrl(); //验证来源 $username = trim($add['username']); $password = trim($add['password']); $username = RepPostVar($username); $password = RepPostVar($password); $email = RepPostStr($add['email']); if (!$username || !$password || !$email) { printerror("EmptyMember", "history.go(-1)", 1); } $tobind = (int) $add['tobind']; //验证码 $keyvname = 'checkregkey'; if ($public_r['regkey_ok']) { ecmsCheckShowKey($keyvname, $add['key'], 1); } $user_groupid = eReturnMemberDefGroupid(); $groupid = (int) $add['groupid']; $groupid = empty($groupid) ? $user_groupid : $groupid; CheckMemberGroupCanReg($groupid); //IP $regip = egetip(); $regipport = egetipport(); //用户字数 $pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1"); $userlen = strlen($username); if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) { printerror('FaiUserlen', '', 1); } //密码字数 $passlen = strlen($password); if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) { printerror('FailPasslen', '', 1); } if ($add['repassword'] !== $password) { printerror('NotRepassword', '', 1); } if (!chemail($email)) { printerror('EmailFail', '', 1); } if (strstr($username, '|') || strstr($username, '*')) { printerror('NotSpeWord', '', 1); } //同一IP注册 eCheckIpRegTime($regip, $pr['regretime']); //保留用户 toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword'); $username = RepPostStr($username); //重复用户 $num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1"); if ($num) { printerror('ReUsername', '', 1); } //重复邮箱 if ($pr['regemailonly']) { $num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1"); if ($num) { printerror('ReEmailFail', '', 1); } } //注册时间 $lasttime = time(); $registertime = eReturnAddMemberRegtime(); $rnd = make_password(20); //产生随机密码 $userkey = eReturnMemberUserKey(); //密码 $truepassword = $password; $salt = eReturnMemberSalt(); $password = eDoMemberPw($password, $salt); //审核 $checked = ReturnGroupChecked($groupid); if ($checked && $public_r['regacttype'] == 1) { $checked = 0; } //验证附加表必填项 $mr['add_filepass'] = ReturnTranFilepass(); $fid = GetMemberFormId($groupid); $member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username); $sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');"); //取得userid $userid = $empire->lastid(); //附加表 $addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'"); if (!$addr[userid]) { $spacestyleid = ReturnGroupSpaceStyleid($groupid); $sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");"); } //更新附件 UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member'); ecmsEmptyShowKey($keyvname); //清空验证码 //绑定帐号 if ($tobind) { MemberConnect_BindUser($userid); } if ($sql) { //邮箱激活 if ($checked == 0 && $public_r['regacttype'] == 1) { include 'class/member_actfun.php'; SendActUserEmail($userid, $username, $email); } //审核 if ($checked == 0) { $location = DoingReturnUrl("../../", $_POST['ecmsfrom']); printerror("RegisterSuccessCheck", $location, 1); } $logincookie = 0; if ($ecms_config['member']['regcookietime']) { $logincookie = time() + $ecms_config['member']['regcookietime']; } $r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1"); $set1 = esetcookie("mlusername", $username, $logincookie); $set2 = esetcookie("mluserid", $userid, $logincookie); $set3 = esetcookie("mlgroupid", $groupid, $logincookie); $set4 = esetcookie("mlrnd", $rnd, $logincookie); //验证符 qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie); //登录附加cookie AddLoginCookie($r); $location = "../member/cp/"; $returnurl = getcvar('returnurl'); if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) { $location = $returnurl; } $set5 = esetcookie("returnurl", ""); //易通行系统 DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime); $location = DoingReturnUrl($location, $_POST['ecmsfrom']); printerror("RegisterSuccess", $location, 1); } else { printerror("DbError", "history.go(-1)", 1); } }
function DoGetPassword($add) { global $empire, $dbtbpre, $public_r; if (!$public_r['opengetpass']) { printerror('CloseGetPassword', '', 1); } $r = CheckGetPassword($add, 1); $password = RepPostVar($add['newpassword']); $add['renewpassword'] = RepPostVar($add['renewpassword']); if ($password != $add['renewpassword']) { printerror('NotRepassword', '', 1); } //密码 $salt = eReturnMemberSalt(); $password = eDoMemberPw($password, $salt); $sql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('password') . "='{$password}'," . egetmf('salt') . "='{$salt}' where " . egetmf('userid') . "='{$r['id']}'"); $usql = $empire->query("update {$dbtbpre}enewsmemberpub set authstr='' where userid='{$r['id']}'"); printerror('GetPasswordSuccess', $public_r['newsurl'], 1); }
function admin_EditMember($add, $logininid, $loginin) { global $empire, $dbtbpre; if (!trim($add[userid]) || !trim($add[email]) || !trim($add[username]) || !$add[groupid]) { printerror("EmptyEmail", "history.go(-1)"); } CheckLevel($logininid, $loginin, $classid, "member"); //验证权限 //变量 $add[userid] = (int) $add[userid]; $add[checked] = (int) $add[checked]; $add[username] = RepPostVar($add[username]); $add[oldusername] = RepPostVar($add[oldusername]); $add[password] = RepPostVar($add[password]); $add[email] = RepPostStr($add[email]); $dousername = $add[username]; $dooldusername = $add[oldusername]; //修改密码 $add1 = ''; if ($add[password]) { $salt = eReturnMemberSalt(); $add[password] = eDoMemberPw($add[password], $salt); $add1 = "," . egetmf('password') . "='{$add['password']}'," . egetmf('salt') . "='{$salt}'"; } //修改用户名 if ($add[oldusername] != $add[username]) { $num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$add['username']}' and " . egetmf('userid') . "<>" . $add[userid] . " limit 1"); $add1 .= "," . egetmf('username') . "='{$add['username']}'"; if ($num) { printerror("ReUsername", "history.go(-1)"); } } //包月 $add[zgroupid] = (int) $add[zgroupid]; if ($add[userdate] > 0) { $userdate = time() + $add[userdate] * 24 * 3600; } else { $add[zgroupid] = 0; } //变量 $add[groupid] = (int) $add[groupid]; $add[userfen] = (int) $add[userfen]; $userdate = (int) $userdate; $add[money] = (double) $add[money]; $add[spacestyleid] = (int) $add[spacestyleid]; //验证附加表必填项 $addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$add['userid']}'"); $fid = GetMemberFormId($add[groupid]); if (empty($addr[userid])) { $mr['add_filepass'] = $add['userid']; $member_r = ReturnDoMemberF($fid, $_POST, $mr, 0, $dousername, 1); } else { $addr['add_filepass'] = $add['userid']; $member_r = ReturnDoMemberF($fid, $_POST, $addr, 1, $dousername, 1); } $sql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('email') . "='{$add['email']}'," . egetmf('groupid') . "='{$add['groupid']}'," . egetmf('userfen') . "='{$add['userfen']}'," . egetmf('money') . "='{$add['money']}'," . egetmf('userdate') . "='{$userdate}'," . egetmf('zgroupid') . "='{$add['zgroupid']}'," . egetmf('checked') . "='{$add['checked']}'" . $add1 . " where " . egetmf('userid') . "='{$add['userid']}'"); //更改用户名 if ($add[oldusername] != $add[username]) { //短消息 $empire->query("update {$dbtbpre}enewsqmsg set to_username='******' where to_username='******'"); $empire->query("update {$dbtbpre}enewsqmsg set from_username='******' where from_username='******'"); //收藏 $empire->query("update {$dbtbpre}enewsfava set username='******' where userid='{$add['userid']}'"); //购买记录 $empire->query("update {$dbtbpre}enewsbuybak set username='******' where userid='{$add['userid']}'"); //下载记录 $empire->query("update {$dbtbpre}enewsdownrecord set username='******' where userid='{$add['userid']}'"); //信息表 $tbsql = $empire->query("select tbname from {$dbtbpre}enewstable"); while ($tbr = $empire->fetch($tbsql)) { $empire->query("update {$dbtbpre}ecms_" . $tbr['tbname'] . " set username='******' where userid='{$add['userid']}' and ismember=1"); $empire->query("update {$dbtbpre}ecms_" . $tbr['tbname'] . "_check set username='******' where userid='{$add['userid']}' and ismember=1"); } } //附加表 if (empty($addr[userid])) { $sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid" . $member_r[0] . ") values({$add['userid']},{$add['spacestyleid']}" . $member_r[1] . ");"); } else { $sql1 = $empire->query("update {$dbtbpre}enewsmemberadd set spacestyleid={$add['spacestyleid']}" . $member_r[0] . " where userid='{$add['userid']}'"); } //更新附件 UpdateTheFileEditOther(6, $add['userid'], 'member'); if ($sql) { insert_dolog("userid=" . $add[userid] . "<br>username="******"EditMemberSuccess", "ListMember.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }