public function save() { //注册开关 if (User_Reg == 0) { msg_url(L('reg_35'), Web_Path); } $userinfo = array(); $token = $this->input->post('token', TRUE); if ($token != $_SESSION['token']) { msg_url(L('reg_02'), 'javascript:history.back();'); } //判断验证码开关 if (User_Code_Mode == 1) { $codes = str_checkhtml($this->input->post('usercode', TRUE)); if (empty($codes) || $this->cookie->get_cookie('codes') != strtolower($codes)) { msg_url(L('reg_03'), 'javascript:history.back();'); } } $userinfo['code'] = random_string('alnum', 6); $userinfo['name'] = $this->input->post('username', TRUE, TRUE); $userinfo['pass'] = $this->input->post('userpass', TRUE, TRUE); $userinfo['nichen'] = $this->input->post('usernichen', TRUE); $userinfo['email'] = $this->input->post('useremail', TRUE, TRUE); $userinfo['tel'] = $this->input->post('usertel', TRUE, TRUE); $userinfo['regip'] = getip(); $userinfo['cion'] = User_Cion_Reg; $userinfo['jinyan'] = User_Jinyan_Reg; $userinfo['addtime'] = time(); $userinfo['yid'] = 0; if ($userinfo['nichen'] == "0") { $userinfo['nichen'] = ''; } if (!is_username($userinfo['name'])) { msg_url(L('reg_04'), 'javascript:history.back();'); } if (!is_userpass($userinfo['pass'])) { msg_url(L('reg_05'), 'javascript:history.back();'); } if (!empty($userinfo['nichen']) && !is_username($userinfo['nichen'], 1)) { msg_url(L('reg_06'), 'javascript:history.back();'); } if (!is_email($userinfo['email'])) { msg_url(L('reg_07'), 'javascript:history.back();'); } //判断保留用户名 $ymext = explode('|', Home_Ymext); if (in_array($userinfo['name'], $ymext)) { msg_url(L('reg_08'), 'javascript:history.back();'); } //判断同一IP注册时间限制 if (User_RegIP > 0) { $row = $this->db->query("SELECT addtime FROM " . CS_SqlPrefix . "user where regip='" . $userinfo['regip'] . "' order by id desc")->row(); if ($row && $row->addtime + 3600 * User_RegIP > time()) { msg_url(L('reg_09'), 'javascript:history.back();'); } } //判断用户名是否注册 $username = $this->CsdjDB->get_row('user', 'id', $userinfo['name'], 'name'); if ($username) { msg_url(L('reg_10'), 'javascript:history.back();'); } //判断邮箱是否注册 $useremail = $this->CsdjDB->get_row('user', 'id', $userinfo['email'], 'email'); if ($useremail) { msg_url(L('reg_11'), 'javascript:history.back();'); } //下面选填字段 $userinfo['qq'] = $this->input->post('userqq', TRUE); $userinfo['sex'] = intval($this->input->post('usersex', TRUE)); $userinfo['city'] = $this->input->post('usercity', TRUE); $userinfo['skins'] = Home_Skins; $userinfo['qianm'] = ''; if (!empty($userinfo['tel'])) { if (!is_tel($userinfo['tel'])) { msg_url(L('reg_12'), 'javascript:history.back();'); } //判断手机号码是否注册 $usertel = $this->CsdjDB->get_row('user', 'id', $userinfo['tel'], 'tel'); if ($usertel) { msg_url(L('reg_13'), 'javascript:history.back();'); } } //判断手机强制验证 if (User_Tel == 1) { if (empty($userinfo['tel'])) { msg_url(L('reg_12'), 'javascript:history.back();'); } $telcode = intval($this->input->post('telcode', TRUE)); if ($telcode == 0 || $telcode != $_SESSION['tel_code']) { msg_url(L('reg_14'), 'javascript:history.back();'); } } //是否需要人工验证 if (User_RegFun == 1) { $userinfo['yid'] = 1; $title = L('reg_15'); } //是否需要邮件验证 if (User_RegEmailFun == 1) { $userinfo['yid'] = 2; $title = L('reg_16', array($userinfo['email'])); } //--------------------------- Ucenter --------------------------- if (User_Uc_Mode == 1) { include CSCMS . 'lib/Cs_Ucenter.php'; include CSCMSPATH . 'uc_client/client.php'; $uid = uc_user_register($userinfo['name'], $userinfo['pass'], $userinfo['email']); if ($uid > 0) { $userinfo['uid'] = $uid; } } //--------------------------- Ucenter End --------------------------- //密码加密 $userinfo['pass'] = md5(md5($userinfo['pass']) . $userinfo['code']); $regid = $this->CsdjDB->get_insert('user', $userinfo); if (intval($regid) == 0) { msg_url(L('reg_17'), 'javascript:history.back();'); } //摧毁token unset($_SESSION['token']); $this->load->model('CsdjEmail'); if (User_RegEmailFun == 1) { //发送激活邮件 $key = md5($regid . $userinfo['name'] . $userinfo['pass'] . $userinfo['yid']); $Msgs['username'] = $userinfo['name']; $Msgs['url'] = userurl(site_url('user/reg/verify')) . "?key=" . $key . "&username="******"user_id", $regid, time() + 86400); $this->cookie->set_cookie("user_login", $user_login, time() + 86400); msg_url(L('reg_21'), userurl(site_url('user/space')), 'ok'); } else { msg_url(L('reg_21') . $title . '~!', userurl(site_url('user/login')), 'ok'); } }
public function login() { //当sessions使用文件存储时,每天清理一次sessions文件夹 if (CS_Session_Is == 1) { $day = @file_get_contents(FCPATH . "cache/sessions/day.txt"); if ($day != date('Y-m-d')) { $dh = opendir(FCPATH . "cache/sessions/"); while ($file = readdir($dh)) { if ($file != "." && $file != "..") { $fullpath = FCPATH . "cache/sessions/" . $file; @unlink($fullpath); } } closedir($dh); @file_put_contents(FCPATH . "cache/sessions/day.txt", date('Y-m-d')); } } if (User_Mode == 0) { die(User_No_info); } $username = $this->input->get('username', TRUE, TRUE); //username or useremail $userpass = $this->input->get('userpass', TRUE, TRUE); //userpass $callback = $this->input->get('callback', true); $cookietime = intval($this->input->get('cookie')); //cookie保存时间 if ($cookietime == 0) { $cookietime = 1; } if (empty($username)) { $error = '10001'; //用户名为空 } elseif (empty($userpass)) { $error = '10002'; //密码为空 } else { //可以用会员名、邮箱来进行登入 $sqlu = "SELECT code,email,pass,sid,yid,id,name,lognum,cion,vip,logtime,viptime FROM " . CS_SqlPrefix . "user where name='" . $username . "' or email='" . $username . "'"; $row = $this->db->query($sqlu)->row(); if (!$row) { //--------------------------- Ucenter --------------------------- if (User_Uc_Mode == 1) { include CSCMS . 'lib/Cs_Ucenter.php'; include CSCMSPATH . 'uc_client/client.php'; $uid = uc_user_login($username, $userpass); if (intval($uid[0]) > 0) { //UC存在则新增会员 $this->load->helper('string'); $user['name'] = $username; $user['code'] = random_string('alnum', 6); $user['pass'] = md5(md5($userpass) . $user['code']); $user['email'] = $uid[3]; $user['uid'] = $uid[0]; $user['regip'] = getip(); $user['qianm'] = ''; if (User_Cion_Reg > 0) { $user['cion'] = User_Cion_Reg; } if (User_Uc_Fun == 1) { $user['yid'] = 2; } $user['zx'] = 1; $user['lognum'] = 1; $user['logtime'] = time(); $user['logip'] = getip(); $user['logms'] = time(); $user['addtime'] = time(); $res = $this->CsdjDB->get_insert('user', $user); if (intval($res) > 0) { if (User_Uc_Fun == 0) { //不需要激活 //登录日志 $agent = ($this->agent->is_mobile() ? $this->agent->mobile() : $this->agent->platform()) . ' / ' . $this->agent->browser() . ' v' . $this->agent->version(); $add['uid'] = $res; $add['loginip'] = getip(); $add['logintime'] = time(); $add['useragent'] = $agent; $this->CsdjDB->get_insert('user_log', $add); $_SESSION['cscms__id'] = $res; $_SESSION['cscms__name'] = $username; $_SESSION['cscms__login'] = md5($username . $user['pass']); //记住登录 $this->cookie->set_cookie("user_id", $res, time() + 86400 * $cookietime); $this->cookie->set_cookie("user_login", md5($username . $user['pass'] . $user['code']), time() + 86400 * $cookietime); $error = '10006'; //登入成功 } else { $key = md5($res . $username . $user['pass'] . $user['yid']); $Msgs['username'] = $username; $Msgs['url'] = userurl(site_url('user/reg/verify')) . "?key=" . $key . "&username="******"?key=" . $key . "&username="******"Y-m-d", $row->logtime) != date('Y-m-d')) { $updata['cion'] = $row->cion + User_Cion_Log; } //判断VIP if ($row->vip > 0 && $viptime < time()) { $updata['vip'] = 0; $updata['viptime'] = 0; } $updata['zx'] = 1; $updata['lognum'] = $row->lognum + 1; $updata['logtime'] = time(); $updata['logip'] = getip(); $updata['logms'] = time(); $this->CsdjDB->get_update('user', $row->id, $updata); //登录日志 $agent = ($this->agent->is_mobile() ? $this->agent->mobile() : $this->agent->platform()) . ' / ' . $this->agent->browser() . ' v' . $this->agent->version(); $add['uid'] = $row->id; $add['loginip'] = getip(); $add['logintime'] = time(); $add['useragent'] = $agent; $this->CsdjDB->get_insert('user_log', $add); $_SESSION['cscms__id'] = $row->id; $_SESSION['cscms__name'] = $row->name; $_SESSION['cscms__login'] = md5($row->name . $row->pass); //记住登录 $this->cookie->set_cookie("user_id", $row->id, time() + 86400 * $cookietime); $this->cookie->set_cookie("user_login", md5($row->name . $row->pass . $row->code), time() + 86400 * $cookietime); $error = '10006'; //登入成功 } } } echo $callback . "({error:" . json_encode($error) . "})"; }
public function save() { $token = $this->input->post('token', TRUE); if ($token != $_SESSION['token']) { msg_url(L('pass_04'), 'javascript:history.back();'); } $username = $this->input->get_post('username', TRUE, TRUE); //username $useremail = $this->input->get_post('useremail', TRUE, TRUE); //useremail //判断验证码开关 if (User_Code_Mode == 1) { $codes = $this->input->post('usercode', TRUE); if (empty($codes) || $this->cookie->get_cookie('codes') != strtolower($codes)) { msg_url(L('pass_05'), 'javascript:history.back();'); } } if (empty($username)) { msg_url(L('pass_06'), 'javascript:history.back();'); //用户名为空 } elseif (empty($useremail)) { msg_url(L('pass_07'), 'javascript:history.back();'); //用户邮箱为空 } else { //可以用会员名、邮箱来进行登入 $sqlu = "SELECT code,email,pass,id,name FROM " . CS_SqlPrefix . "user where name='" . $username . "' and email='" . $useremail . "'"; $row = $this->db->query($sqlu)->row(); if (!$row) { msg_url(L('pass_08'), 'javascript:history.back();'); //账号或者邮箱不正确 } else { $key = md5($row->id . $row->name . $row->pass . $row->email . substr(time(), 0, -6)); $Msgs['username'] = $row->name; $Msgs['url'] = userurl(site_url('user/pass')) . "?key=" . $key . "&username=" . $username; $title = Web_Name . L('pass_09'); $content = getmsgto(User_PassContent, $Msgs); $this->load->model('CsdjEmail'); $this->CsdjEmail->send($row->email, $title, $content); msg_url(L('pass_10'), 'javascript:history.back();'); } } }
public function save() { $token = $this->input->post('token', TRUE); if ($token != $_SESSION['token']) { msg_url(L('login_02'), 'javascript:history.back();'); } $username = $this->input->get_post('username', TRUE, TRUE); //username or useremail $userpass = $this->input->get_post('userpass', TRUE, TRUE); //userpass $cookietime = intval($this->input->get_post('cookie')); //cookie保存时间 if ($cookietime == 0) { $cookietime = 1; } //判断验证码开关 if (User_Code_Mode == 1) { $codes = $this->input->post('usercode', TRUE); if (empty($codes) || $this->cookie->get_cookie('codes') != strtolower($codes)) { msg_url(L('login_03'), 'javascript:history.back();'); } } if (empty($username)) { msg_url(L('login_04'), 'javascript:history.back();'); //用户名为空 } elseif (empty($userpass)) { msg_url(L('login_05'), 'javascript:history.back();'); //用户名为空 } else { //可以用会员名、邮箱来进行登入 $sqlu = "SELECT code,email,pass,sid,yid,uid,id,name,lognum,cion,vip,logtime,viptime FROM " . CS_SqlPrefix . "user where name='" . $username . "' or email='" . $username . "'"; $row = $this->db->query($sqlu)->row(); if (!$row) { //--------------------------- Ucenter --------------------------- if (User_Uc_Mode == 1) { include CSCMS . 'lib/Cs_Ucenter.php'; include CSCMSPATH . 'uc_client/client.php'; $uid = uc_user_login($username, $userpass); if (intval($uid[0]) > 0) { //UC存在则新增会员 $this->load->helper('string'); $user['name'] = $username; $user['code'] = random_string('alnum', 6); $user['pass'] = md5(md5($userpass) . $user['code']); $user['email'] = $uid[3]; $user['uid'] = $uid[0]; $user['regip'] = getip(); $user['qianm'] = ''; if (User_Cion_Reg > 0) { $user['cion'] = User_Cion_Reg; } if (User_Uc_Fun == 1) { $user['yid'] = 2; } $user['zx'] = 1; $user['lognum'] = 1; $user['logtime'] = time(); $user['logip'] = getip(); $user['logms'] = time(); $user['addtime'] = time(); $res = $this->CsdjDB->get_insert('user', $user); if (intval($res) > 0) { if (User_Uc_Fun == 0) { //不需要激活 //登录日志 $agent = ($this->agent->is_mobile() ? $this->agent->mobile() : $this->agent->platform()) . ' / ' . $this->agent->browser() . ' v' . $this->agent->version(); $add['uid'] = $res; $add['loginip'] = getip(); $add['logintime'] = time(); $add['useragent'] = $agent; $this->CsdjDB->get_insert('user_log', $add); $_SESSION['cscms__id'] = $res; $_SESSION['cscms__name'] = $username; $_SESSION['cscms__login'] = md5($username . $user['pass']); //记住登录 $this->cookie->set_cookie("user_id", $res, time() + 86400 * $cookietime); $this->cookie->set_cookie("user_login", md5($username . $user['pass'] . $user['code']), time() + 86400 * $cookietime); //UC同步登陆 $log = $row->uid > 0 ? uc_user_synlogin($row->uid) : ''; msg_url(L('login_06') . $log, userurl(site_url('user/space')), 'ok'); //登录成功 } else { $key = md5($res . $username . $user['pass'] . '2'); $Msgs['username'] = $username; $Msgs['url'] = userurl(site_url('user/reg/verify')) . "?key=" . $key . "&username="******"?key=" . $key . "&username="******"Y-m-d", $row->logtime) != date('Y-m-d')) { $updata['cion'] = $row->cion + User_Cion_Log; } //判断VIP if ($row->vip > 0 && $viptime < time()) { $updata['vip'] = 0; $updata['viptime'] = 0; } $updata['zx'] = 1; $updata['lognum'] = $row->lognum + 1; $updata['logtime'] = time(); $updata['logip'] = getip(); $updata['logms'] = time(); $this->CsdjDB->get_update('user', $row->id, $updata); //登录日志 $agent = ($this->agent->is_mobile() ? $this->agent->mobile() : $this->agent->platform()) . ' / ' . $this->agent->browser() . ' v' . $this->agent->version(); $add['uid'] = $row->id; $add['loginip'] = getip(); $add['logintime'] = time(); $add['useragent'] = $agent; $this->CsdjDB->get_insert('user_log', $add); $_SESSION['cscms__id'] = $row->id; $_SESSION['cscms__name'] = $row->name; $_SESSION['cscms__login'] = md5($row->name . $row->pass); //记住登录 $this->cookie->set_cookie("user_id", $row->id, time() + 86400 * $cookietime); $this->cookie->set_cookie("user_login", md5($row->name . $row->pass . $row->code), time() + 86400 * $cookietime); //--------------------------- Ucenter --------------------------- $log = ''; if (User_Uc_Mode == 1) { include CSCMS . 'lib/Cs_Ucenter.php'; include CSCMSPATH . 'uc_client/client.php'; $log = $row->uid > 0 ? uc_user_synlogin($row->uid) : ''; } //--------------------------- Ucenter --------------------------- msg_url(L('login_15') . $log, userurl(site_url('user/space')), 'ok'); //登录成功 } } } }