public function validUserAuth($id, $phone)
{
global $db, $config;
$query = "SELECT phone \n\t\tFROM `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_profile`\n\t\tWHERE \n\t\t\t`prefixid` = '{$config['default_prefix_id']}' \n\t\t\tAND `userid` = '{$id}'\n\t\t\tAND `phone` = '{$phone}'\n\t\t\tAND `switch` = 'Y'\n\t\t";
$table = $db->getQueryRecord($query);
if (empty($table['table']['record'])) {
return false;
} else {
$query = "SELECT * \n\t\t\tFROM `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_sms_auth`\n\t\t\tWHERE \n\t\t\t\t`prefixid` = '{$config['default_prefix_id']}' \n\t\t\t\tAND `userid` = '{$id}'\n\t\t\t\tAND `switch` = 'Y'\n\t\t\t";
$table = $db->getQueryRecord($query);
if (!empty($table['table']['record'])) {
return $table['table']['record'][0];
} else {
//新增SMS check code
$shuffle = get_shuffle();
$checkcode = substr($shuffle, 0, 6);
$query = "INSERT INTO `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_sms_auth` \n\t\t\t\tSET\n\t\t\t\t\t`prefixid`='{$config['default_prefix_id']}',\n\t\t\t\t\t`userid`='{$userid}',\n\t\t\t\t\t`code`='{$checkcode}',\n\t\t\t\t\t`verified`='N',\n\t\t\t\t\t`insertt`=NOW()\n\t\t\t\t";
$db->query($query);
return false;
}
}
}
public function mk_user()
{
global $db, $config;
//自動產生密碼
$shuffle = get_shuffle();
$pwcode = substr($shuffle, 0, 6);
$reg_type = $_POST['type'];
if ($reg_type == 'flash') {
$passwd = $this->str->strEncode($pwcode, $config['encode_key']);
} else {
$passwd = $this->str->strEncode($_POST['passwd'], $config['encode_key']);
}
$exchangepasswd = $this->str->strEncode(substr($_POST['phone'], -6), $config['encode_key']);
$query = "\r\n\t\tINSERT INTO `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user`\r\n\t\tSET\r\n\t\t\t`prefixid`='{$config['default_prefix_id']}',\r\n\t\t\t`name`='{$_POST['phone']}',\r\n\t\t\t`passwd`='{$passwd}',\r\n\t\t\t`exchangepasswd`='{$exchangepasswd}',\r\n\t\t\t`email`='',\r\n\t\t\t`insertt`=NOW()\r\n\t\t";
$db->query($query);
$userid = $db->_con->insert_id;
/*
$query = "
INSERT INTO `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_profile`
SET
`prefixid`='{$config['default_prefix_id']}',
`userid`='{$userid}',
`nickname`='{$_POST['nickname']}',
`gender`='{$_POST['gender']}',
`cityid`='',
`area`='',
`address`='',
`addressee`='',
`phone`='{$_POST['phone']}',
`insertt`=NOW()
";
*/
$countryid = $config['country'];
$regionid = $config['region'];
$provinceid = $config['province'];
$channelid = $config['channel'];
if ($reg_type == 'flash') {
$query = "\r\n\t\t\tselect ch.channelid, ch.provinceid, pr.regionid, ch.countryid \r\n\t\t\tfrom `{$config['db'][2]['dbname']}`.`{$config['default_prefix']}channel` ch \r\n\t\t\tleft join `{$config['db'][2]['dbname']}`.`{$config['default_prefix']}province` pr on\r\n\t\t\t\tpr.prefixid = ch.prefixid \r\n\t\t\t\tand pr.provinceid = ch.provinceid\r\n\t\t\t\tand pr.switch = 'Y'\r\n\t\t\twhere \r\n\t\t\t\tch.prefixid = '{$config['default_prefix_id']}' \r\n\t\t\t\tand ch.channelid = '{$_POST['channelid']}'\r\n\t\t\t\tand ch.switch = 'Y'\r\n\t\t\t";
$table = $db->getQueryRecord($query);
}
if (!empty($table['table']['record'][0]['countryid'])) {
//$countryid = $_POST['countryid'];
$countryid = $table['table']['record'][0]['countryid'];
}
if (!empty($table['table']['record'][0]['regionid'])) {
//$regionid = $_POST['regionid'];
$regionid = $table['table']['record'][0]['regionid'];
}
if (!empty($table['table']['record'][0]['provinceid'])) {
//$provinceid = $_POST['provinceid'];
$provinceid = $table['table']['record'][0]['provinceid'];
}
if (!empty($table['table']['record'][0]['channelid'])) {
//$channelid = $_POST['channelid'];
$channelid = $table['table']['record'][0]['channelid'];
}
// 記錄連線來源
// 抓來源IP
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$temp_ip = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = $temp_ip[0];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
// 抓User Agent
$user_agent = 'BROWSER';
$memo = $_SERVER['HTTP_USER_AGENT'];
if (strpos($memo, 'MicroMessenger') > 0) {
$user_agent = 'WEIXIN';
}
$productid = $_POST['productid'];
$src_from = 'SAJA';
$intro_by = '';
$act = 'REG';
$goto = '';
if ($reg_type == 'flash') {
if (empty($_POST['nickname'])) {
$_POST['nickname'] = '_guest_' . $userid;
}
if (empty($_POST['gender'])) {
$_POST['gender'] = 'male';
}
$src_from = 'FLASH';
} else {
if ($reg_type == 'sso') {
$src_from = strtoupper($_POST['sso_name']);
}
}
$query = "\r\n\t\tINSERT INTO `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_profile`\r\n\t\tSET\r\n\t\t\t`prefixid`='{$config['default_prefix_id']}',\r\n\t\t\t`userid`='{$userid}',\r\n\t\t\t`nickname`='{$_POST['nickname']}',\r\n\t\t\t`gender`='{$_POST['gender']}',\r\n\t\t\t`countryid`='{$countryid}',\r\n\t\t\t`regionid`='{$regionid}',\r\n\t\t\t`provinceid`='{$provinceid}',\r\n\t\t\t`channelid`='{$channelid}',\r\n\t\t\t`thumbnail_url`='{$_POST['thumbnail_url']}',\r\n\t\t\t`area`='',\r\n\t\t\t`address`='',\r\n\t\t\t`addressee`='',\r\n\t\t\t`phone`='{$_POST['phone']}',\r\n\t\t\t`src_from` = '{$src_from}|{$productid}',\r\n\t\t\t`insertt`=NOW()\r\n\t\t";
$db->query($query);
//新增SMS check code
$shuffle = get_shuffle();
$checkcode = substr($shuffle, 0, 6);
$query = "INSERT INTO `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_sms_auth` \r\n\t\tSET\r\n\t\t\t`prefixid`='{$config['default_prefix_id']}',\r\n\t\t\t`userid`='{$userid}',\r\n\t\t\t`code`='{$checkcode}',\r\n\t\t\t`verified`='N',\r\n\t\t\t`insertt`=NOW()\r\n\t\t";
$db->query($query);
if ($reg_type == 'flash') {
//閃殺活動
$this->spoint_by_flash($userid);
$user_phone_0 = substr($_POST['phone'], 0, 1);
$user_phone_1 = substr($_POST['phone'], 1, 1);
if ($user_phone_0 == '0' && $user_phone_1 == '9') {
$area = 1;
} else {
if ($user_phone_0 == '1') {
$area = 2;
} else {
//'手机号码只提供台灣及大陸驗證'
$r['err'] = 5;
}
}
//傳簡訊
if ($area == 1) {
$this->mk_sms($userid, $_POST['phone'], $pwcode, $area);
}
}
if (!empty($_POST['user_src'])) {
/*拉人進來的會員送S碼
$scodeModel = new ScodeModel;
$scodeModel->register_scode($userid, $_POST['user_src']);
*/
// 拉人進來的會員
$this->str = new convertString();
$user_src = $this->str->decryptAES128($config['encode_key'], base64_decode($_POST['user_src']));
$arr = explode("&&", $user_src);
if (is_array($arr)) {
$intro_by = $arr[0];
}
if (!empty($_POST['sso_uid']) && !empty($_POST['productid'])) {
$insert = "insert into saja_user.saja_passphrase set openid='{$_POST['sso_uid']}', \r\n\t\t\t\tuserid='{$userid}', \r\n\t\t\t\tuser_src='{$_POST['user_src']}', \r\n\t\t\t productid='{$_POST['productid']}', \r\n\t\t\t\tswitch='N', insertt=NOW(), modifyt=NOW() ";
error_log("[ajax/user_register] passphrase :" . $insert);
$db->query($insert);
$intro_by = $_POST['user_src'];
}
}
/*
if($reg_type=='sso') {
//建立会员SSO账号
$this->mk_sso($userid);
}
*/
if (!empty($_POST['sso_uid']) && !empty($userid)) {
//建立会员SSO账号
$this->mk_sso($userid);
}
//註冊送限定S碼活動
$this->give_oscode_by_promote($userid);
// 設成已登入
$this->mk_login($userid);
// 記錄連線及註冊來源
$this->logAffiliate($ip, $intro_by, $src_from, $productid, $userid, $goto, $memo, $user_agent);
error_log("[ajax/user_register] mk_user : {type:" . $reg_type . ",userid:" . $userid . ",user_src:" . $intro_by . ",pwd:" . $_POST['passwd'] . ",expwd:" . substr($_POST['phone'], -6) . "}");
}
public function validUserAuth($id, $db, $config)
{
//資料庫連結介面
$db->connect();
$query = "select phone from `{$config->db[0]['dbname']}`.`{$config->default_prefix}user_profile` \r\n\t\twhere \r\n\t\t\t`prefixid` = '{$config->default_prefix_id}'\r\n\t\t\tAND `userid` = '{$id}'\r\n\t\t\tand `switch`= 'Y'\r\n\t\t";
//error_log("query: ".$query);
$recArr = $db->getQueryRecord($query);
if (empty($recArr['table']['record'][0])) {
return false;
} else {
$query = "SELECT * \r\n\t\t\tFROM `{$config->db[0]['dbname']}`.`{$config->default_prefix}user_sms_auth`\r\n\t\t\tWHERE \r\n\t\t\t\t`prefixid` = '{$config->default_prefix_id}' \r\n\t\t\t\tAND `userid` = '{$id}'\r\n\t\t\t\tAND `switch` = 'Y'\r\n\t\t\t";
$table = $db->getQueryRecord($query);
if (!empty($table['table']['record'])) {
$table['table']['record'][0]['phone'] = $recArr['table']['record'][0]['phone'];
return $table['table']['record'][0];
} else {
//新增SMS check code
$shuffle = get_shuffle();
$checkcode = substr($shuffle, 0, 6);
$query = "INSERT INTO `{$config->db[0]['dbname']}`.`{$config->default_prefix}user_sms_auth` \r\n\t\t\t\tSET\r\n\t\t\t\t\t`prefixid` = '{$config->default_prefix_id}',\r\n\t\t\t\t\t`userid` = '{$id}',\r\n\t\t\t\t\t`code` = '{$checkcode}',\r\n\t\t\t\t\t`verified` = 'N',\r\n\t\t\t\t\t`insertt` = NOW()\r\n\t\t\t\t";
$db->query($query);
return false;
}
}
}
public function check_sms()
{
global $db, $config, $usermodel;
// 初始化資料庫連結介面
$db = new mysql($config["db"]);
$db->connect();
$usermodel = new UserModel();
$ret['status'] = 0;
$user_auth = $usermodel->validUserAuth($_SESSION['auth_id'], $_POST['phone']);
if (empty($user_auth)) {
//'手机号码不正确'
$ret['status'] = 2;
} elseif (empty($_POST['smscode']) || $_POST['smscode'] !== $user_auth['code']) {
//'手机号码不正确'
$ret['status'] = 3;
}
if (empty($ret['status'])) {
//修改SMS check code
$shuffle = get_shuffle();
$checkcode = substr($shuffle, 0, 6);
$query = "UPDATE `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_sms_auth` \r\n\t\t\tSET verified='Y', code='{$checkcode}'\r\n\t\t\tWHERE \r\n\t\t\t\t`prefixid` = '{$config['default_prefix_id']}'\r\n\t\t\t\tAND `userid` = '{$_SESSION['auth_id']}'\r\n\t\t\t";
$db->query($query);
//檢查是否介紹人(送scode)
$query = "select * from `{$config['db'][1]['dbname']}`.`{$config['default_prefix']}scode_history`\r\n\t\t\t\twhere `prefixid` = '{$config['default_prefix_id']}' \r\n\t\t\t\tand memo = '{$_SESSION['auth_id']}'\r\n\t\t\t\tand switch = 'N'";
$table = $db->getQueryRecord($query);
if (!empty($table['table']['record'])) {
//return $table['table']['record'];
$query = "UPDATE `{$config['db'][1]['dbname']}`.`{$config['default_prefix']}scode` \r\n\t\t\t\tSET switch = 'Y', modifyt = NOW() \r\n\t\t\t\tWHERE \r\n\t\t\t\t\t`prefixid` = '{$config['default_prefix_id']}' \r\n\t\t\t\t\tAND `scodeid` = '{$table['table']['record'][0]['scodeid']}' \r\n\t\t\t\t\tand `userid` = '{$table['table']['record'][0]['userid']}'\r\n\t\t\t\t";
$db->query($query);
$query = "UPDATE `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}scode_history` \r\n\t\t\t\tSET switch = 'Y', modifyt = NOW() \r\n\t\t\t\tWHERE \r\n\t\t\t\t\t`prefixid` = '{$config['default_prefix_id']}'\r\n\t\t\t\t\tAND `sphid` = '{$table['table']['record'][0]['sphid']}'\r\n\t\t\t\t";
$db->query($query);
}
//回傳:
$ret['status'] = 200;
}
echo json_encode($ret);
}
public function mk_pass($uid, $phone, $code, $type = "password", $area = 1)
{
global $db, $config, $usermodel;
// 初始化資料庫連結介面
$db = new mysql($config["db"]);
$db->connect();
$usermodel = new UserModel();
$this->str = new convertString();
if ($area == 1) {
//簡訊王 SMS-API
error_log("[ajax/user] 1.forgot gen code for " . $uid . " : " . $code);
//簡訊王 SMS-API
if ($type == "password") {
$sMessage = urlencode("New Password : "******" www.shajiawang.com");
} else {
if ($type == "nickname") {
$sMessage = urlencode("NickName : " . $code . " www.shajiawang.com");
} else {
if ($type == "expasswd") {
$sMessage = urlencode("New ExchangePassword : "******" www.shajiawang.com");
}
}
}
$msg = "username=saja&password=sj9889&dstaddr={$phone}&smbody=" . $sMessage;
$to_url = "http://202.39.48.216/kotsmsapi-1.php?" . $msg;
if (!($getfile = file($to_url))) {
//('ERROR: SMS-API 无法连接 !', $this->config->default_main ."/user/register");
return false;
} else {
$term_tmp = implode('', $getfile);
$check_kmsgid = explode('=', $term_tmp);
$kmsgid = (int) $check_kmsgid[1];
error_log("[ajax/user] kmsgid : " . $kmsgid);
if ($kmsgid < 0) {
//('手机号码错误!!', $this->config->default_main ."/user/register");
return false;
}
}
} else {
if ($area == 2) {
//中國短信網
$url = 'http://smsapi.c123.cn/OpenPlatform/OpenApi';
error_log("[ajax/user]2.forgot gen code for " . $uid . " : " . $code);
if ($type == "password") {
$sMessage = urlencode("新密码为:" . $code . " www.shajiawang.com(重置密码服务,请您尽快修改)");
} else {
if ($type == "nickname") {
$sMessage = urlencode("您的昵称为:" . $code . " www.shajiawang.com(昵称找回服务,请您妥善保管)");
} else {
if ($type == "expasswd") {
$sMessage = urlencode("新的兑换密码为:" . $code . " www.shajiawang.com(重置兑换密码服务,请您尽快修改)");
}
}
}
$data = array('action' => 'sendOnce', 'ac' => '1001@501091960001', 'authkey' => 'F99AD9CBBB17B21DEA3494115E228D30', 'cgid' => '184', 'm' => $phone, 'c' => urldecode($sMessage), 'csid' => '', 't' => '');
$xml = $this->postSMS($url, $data);
error_log("[ajax/user] mk_pass : "******"[ajax/user] result : " . $re['result']);
if (trim($re['result']) != 1) {
return false;
}
}
}
if ($type == "password") {
$pwd = $this->str->strEncode($code, $config['encode_key']);
$query = "UPDATE `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user` \r\n\t\t\tSET passwd='{$pwd}'\r\n\t\t\tWHERE \r\n\t\t\t\t`prefixid` = '{$config['default_prefix_id']}'\r\n\t\t\t\tAND `userid` = '{$uid}'\r\n\t\t\t";
//error_log("query: ".$query);
$db->query($query);
//修改SMS check code
$shuffle = get_shuffle();
$checkcode = substr($shuffle, 0, 6);
$query = "UPDATE `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_sms_auth` \r\n\t\t\tSET verified='Y', code='{$checkcode}'\r\n\t\t\tWHERE \r\n\t\t\t\t`prefixid` = '{$config['default_prefix_id']}'\r\n\t\t\t\tAND `userid` = '{$uid}'\r\n\t\t\t";
$db->query($query);
} else {
if ($type == "nickname") {
} else {
if ($type == "expasswd") {
$expw = $this->str->strEncode($code, $config['encode_key']);
$query = "UPDATE `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user` \r\n\t\t\tSET exchangepasswd='{$expw}'\r\n\t\t\tWHERE \r\n\t\t\t\t`prefixid` = '{$config['default_prefix_id']}'\r\n\t\t\t\tAND `userid` = '{$uid}'\r\n\t\t\t";
$db->query($query);
//修改SMS check code
$shuffle = get_shuffle();
$checkcode = substr($shuffle, 0, 6);
$query = "UPDATE `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user_sms_auth` \r\n\t\t\tSET verified='Y', code='{$checkcode}'\r\n\t\t\tWHERE \r\n\t\t\t\t`prefixid` = '{$config['default_prefix_id']}'\r\n\t\t\t\tAND `userid` = '{$uid}'\r\n\t\t\t";
$db->query($query);
}
}
}
return true;
}
$amp = "&";
}
if (!empty($type)) {
$gotourl .= $amp . "type=" . $type;
$amp = "&";
}
if (isset($_SESSION['sso']['nickname'])) {
$nickname = $_SESSION['sso']['nickname'];
}
$gender = "male";
if ($_SESSION['sso']['sex'] == 2) {
$gender = "female";
} else {
$gender = "male";
}
$pwd = get_shuffle();
error_log("[v/sso_register]" . $openid . "==>default pwd:" . $pwd);
error_log("[v/sso_register]jdata=" . $jdata);
error_log("[v/sso_register]gotourl=" . $gotourl);
error_log("[v/sso_register]user_src=" . $user_src);
error_log("[v/sso_register]type=" . $type);
error_log("[v/sso_register]productid=" . $productid);
if (empty($openid)) {
// 非微信認證註冊
?>
<div class="article">
<ul data-role="listview" data-inset="true" data-icon="false">
<li>
<label><?php
echo $nickname;
