} else {
showmessage('profile_succeed', 'home.php?mod=spacecp&ac=profile&op=password');
}
}
if ($operation == 'password') {
$resend = getcookie('resendemail');
$resend = empty($resend) ? true : TIMESTAMP - $resend > 300;
$newemail = getcookie('newemail');
$space['newemail'] = !$space['emailstatus'] ? $space['email'] : '';
if (!empty($newemail)) {
$mailinfo = explode("\t", $newemail);
$space['newemail'] = $mailinfo[0] == $_G['uid'] && isemail($mailinfo[1]) && $mailinfo[1] != $space['email'] ? $mailinfo[1] : '';
}
if ($_G['gp_resend'] && $resend) {
$toemail = $space['newemail'] ? $space['newemail'] : $space['email'];
emailcheck_send($space['uid'], $toemail);
dsetcookie('resendemail', TIMESTAMP);
showmessage('send_activate_mail_succeed', "home.php?mod=spacecp&ac=profile&op=password");
} elseif ($_G['gp_resend']) {
showmessage('send_activate_mail_error', "home.php?mod=spacecp&ac=profile&op=password");
}
if (!empty($space['newemail'])) {
$acitvemessage = lang('spacecp', 'email_acitve_message', array('newemail' => $space['newemail'], 'imgdir' => $_G['style']['imgdir']));
}
$actives = array('password' => ' class="a"');
$navtitle = lang('core', 'title_password_security');
} else {
space_merge($space, 'field_home');
space_merge($space, 'field_forum');
require_once libfile('function/editor');
$space['sightml'] = html2bbcode($space['sightml']);
// }
//邮箱修改
if (empty($newemail)) {
//邮箱删除
$setarr['email'] = '';
$setarr['emailcheck'] = 0;
} elseif ($newemail != $space['email']) {
//之前已经验证
if ($space['emailcheck']) {
//发送邮件验证,不修改邮箱
$setarr['newemail'] = $newemail;
} else {
//修改邮箱
$setarr['email'] = $newemail;
}
emailcheck_send($space['uid'], $newemail);
}
}
updatetable('spacefield', $setarr, array('uid' => $_SGLOBAL['supe_uid']));
//隐私
$inserts = array();
foreach ($_POST['friend'] as $key => $value) {
$value = intval($value);
$inserts[] = "('contact','{$key}','{$space['uid']}','{$value}')";
}
if ($inserts) {
$_SGLOBAL['db']->query("DELETE FROM " . tname('spaceinfo') . " WHERE uid='{$space['uid']}' AND type='contact'");
$_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend)\r\n\t\t\t\tVALUES " . implode(',', $inserts));
}
//变更记录
if ($_SCONFIG['my_status']) {
function common()
{
global $_G;
$space = getuserbyuid($_G['uid']);
if (empty($space)) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'cant find user info'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'cant find user info'))));
die(0);
}
$membersql = $memberfieldsql = $authstradd1 = $authstradd2 = $newpasswdadd = '';
$setarr = array();
$emailnew = dhtmlspecialchars($_GET['emailnew']);
$ignorepassword = 0;
if (empty($_GET['newpassword'])) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'empty_params'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'empty_params'))));
die(0);
}
if (!isset($_GET['questionidnew']) || $_GET['questionidnew'] === '') {
$_GET['questionidnew'] = $_GET['answernew'] = '';
} else {
$secquesnew = $_GET['questionidnew'] > 0 ? random(8) : '';
}
//密码强度,取消
$strongpw = false;
if ($strongpw && !empty($_GET['newpassword']) && $_G['setting']['strongpw']) {
$strongpw_str = array();
if (in_array(1, $_G['setting']['strongpw']) && !preg_match("/\\d+/", $_GET['newpassword'])) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if (in_array(2, $_G['setting']['strongpw']) && !preg_match("/[a-z]+/", $_GET['newpassword'])) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if (in_array(3, $_G['setting']['strongpw']) && !preg_match("/[A-Z]+/", $_GET['newpassword'])) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if (in_array(4, $_G['setting']['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['newpassword'])) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
}
}
if (!empty($_GET['newpassword']) && $_GET['newpassword'] != addslashes($_GET['newpassword'])) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'password illegal'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password illegal'))));
}
if (!empty($_GET['newpassword']) && $_GET['newpassword'] != $_GET['newpassword2']) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'password notmatch'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password notmatch'))));
die(0);
}
loaducenter();
//检测email,可以省略
if (false && $emailnew != $_G['member']['email']) {
include_once libfile('function/member');
checkemail($emailnew);
}
$ucresult = uc_user_edit(addslashes($_G['username']), $_GET['oldpassword'], $_GET['newpassword'], '', $ignorepassword, $_GET['questionidnew'], $_GET['answernew']);
if ($ucresult == -1) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'password wrong'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password wrong'))));
die(0);
} elseif ($ucresult == -4) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'email illegal'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email illegal'))));
die(0);
} elseif ($ucresult == -5) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'email domain illegal'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email domain illegal'))));
die(0);
} elseif ($ucresult == -6) {
echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'email duplicate'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email duplicate'))));
die(0);
}
if (!empty($_GET['newpassword']) || $secquesnew) {
$setarr['password'] = md5(random(10));
}
$authstr = false;
if (false && $emailnew != $_G['member']['email']) {
$authstr = true;
emailcheck_send($space['uid'], $emailnew);
dsetcookie('newemail', "{$space['uid']}\t{$emailnew}\t{$_G['timestamp']}", 31536000);
}
if ($setarr) {
if ($_G['member']['freeze'] == 1) {
$setarr['freeze'] = 0;
}
C::t('common_member')->update($_G['uid'], $setarr);
}
if ($_G['member']['freeze'] == 2) {
C::t('common_member_validate')->update($_G['uid'], array('message' => dhtmlspecialchars($_G['gp_freezereson'])));
}
echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'succ'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => '', 'messagestr' => lang('plugin/bigapp', 'succ'))));
die(0);
}
function space_open($uid, $username, $gid = 0, $email = '')
{
global $_SGLOBAL, $_SCONFIG;
if (empty($uid) || empty($username)) {
return array();
}
//验证 space 是否被管理员 delete
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spacelog') . " WHERE uid='{$uid}' AND flag='-1'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
showmessage('the_space_has_been_closed');
}
$space = array('uid' => $uid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'groupid' => $gid, 'regip' => getonlineip());
// Bonus Points
$reward = getreward('register', 0, $uid);
if ($reward['credit']) {
$space['credit'] = $reward['credit'];
}
if ($reward['experience']) {
$space['experience'] = $reward['experience'];
}
inserttable('space', $space, 0, true);
inserttable('spacefield', array('uid' => $uid, 'email' => $email), 0, true);
//发送PM
if ($_SGLOBAL['supe_uid'] && $_SGLOBAL['supe_uid'] != $uid) {
include_once S_ROOT . './uc_client/client.php';
uc_pm_send($_SGLOBAL['supe_uid'], $uid, cplang('space_open_subject'), cplang('space_open_message', array(getsiteurl())), 1, 0, 0);
}
//发送邮箱验证邮件
include_once S_ROOT . './source/function_cp.php';
emailcheck_send($uid, $email);
//产生feed
$_uid = $_SGLOBAL['supe_uid'];
$_username = $_SGLOBAL['supe_username'];
$_SGLOBAL['supe_uid'] = $uid;
$_SGLOBAL['supe_username'] = addslashes($username);
if (ckprivacy('spaceopen', 1)) {
feed_add('profile', cplang('feed_space_open'));
}
// update 最新会员
if ($_SCONFIG['newspacenum'] > 0) {
$newspacelist = array();
$wherearr = array('1');
if ($_SCONFIG['newspaceavatar']) {
$wherearr[] = "avatar='1'";
}
if ($_SCONFIG['newspacerealname']) {
$wherearr[] = "namestatus='1'";
}
if ($_SCONFIG['newspacevideophoto']) {
$wherearr[] = "videostatus='1'";
}
$query = $_SGLOBAL['db']->query("SELECT uid,username,name,namestatus,videostatus,dateline FROM " . tname('space') . " WHERE " . implode(' AND ', $wherearr) . " ORDER BY uid DESC LIMIT 0,{$_SCONFIG['newspacenum']}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$newspacelist[] = $value;
}
data_set('newspacelist', $newspacelist);
}
//Statistics update
include_once S_ROOT . './source/function_cp.php';
updatestat('register');
$_SGLOBAL['supe_uid'] = $_uid;
$_SGLOBAL['supe_username'] = $_username;
return $space;
}
//验证密保问题
if ($_POST['question_email'] == NULL or $_POST['answer_email'] == NULL) {
showmessage('密保问题或答案未填写!', 'cp.php?ac=protect&op=email');
}
if ($protect_info["answer{$_POST['question_email']}"] != $_POST['answer_email']) {
showmessage('密保答案错误', 'cp.php?ac=protect&op=email');
}
if ($_POST['email'] != $_POST['email_1']) {
showmessage('验证邮箱有误!', 'cp.php?ac=protect&op=email');
}
if (!isemail($_POST['email'])) {
showmessage('邮箱错误!', 'cp.php?ac=protect&op=email');
}
//检查邮箱唯一性
if ($_SCONFIG['uniqueemail']) {
if (getcount('spacefield', array('email' => $_POST['email'], 'emailcheck' => 1))) {
showmessage('uniqueemail_check');
}
}
$setarr = array();
if ($space_field['emailcheck']) {
$setarr['newemail'] = $_POST['email'];
} else {
$setarr['email'] = $_POST['email'];
}
updatetable('spacefield', $setarr, array('uid' => $_SGLOBAL['supe_uid']));
$url = emailcheck_send($_SGLOBAL['supe_uid'], $_POST['email']);
showmessage('protect_email_send', 'cp.php?ac=protect&op=email', 10, array($_POST['email']));
}
}
include template("cp_protect");
