public function register($username, $password, $field, $type = 'email')
{
$returns = array('uid' => '-1', 'username' => '', 'email' => '', 'mobile' => '', 'userip' => '');
if (!isset($username) || empty($username) || strlen($username) < 2 || !isset($password) || empty($password) || strlen($password) < 6) {
return $returns;
}
if ($type == 'email' && !isemail($field)) {
return $returns;
}
if ($type == 'mobile' && !ismobile($field)) {
return $returns;
}
$this->group = M('member_group')->where("type='member' AND creditslower>=0")->order('creditslower', 'ASC')->find(1);
cookie('member_group', serialize($this->group));
$type = $type == 'mobile' ? $type : 'email';
$email = $type == 'email' ? $field : '';
$mobile = $type == 'mobile' ? $field : '';
$account = array('username' => $username, 'password' => sha1(md5($password)), 'email' => $email, 'mobile' => $mobile, 'gid' => $this->group['gid'], 'status' => 0, 'newpm' => 0, 'emailstatus' => 0, 'avatarstatus' => 0, 'regdate' => TIMESTAMP);
$this->uid = M('member')->insert($account, true);
$this->username = $username;
$this->email = $email;
$this->mobile = $mobile;
$returns = array('uid' => $this->uid, 'username' => $this->username, 'email' => $this->email, 'mobile' => $this->mobile, 'userip' => $_SERVER['REMOTE_ADDR']);
$account['uid'] = $this->uid;
$this->account = $account;
cookie('member_account', serialize($account));
$this->status = $this->getStatus();
cookie('member_status', serialize($this->status));
$this->count = $this->getCount();
cookie('member_count', serialize($this->count));
$this->profile = $this->getProfile();
cookie('member_profile', serialize($this->profile));
return $returns;
}
/**
* 登录验证
*/
private function chklogin()
{
$account = htmlspecialchars(trim($_GET['account_' . FORMHASH]));
$password = trim($_GET['password_' . FORMHASH]);
$captchacode = strtolower(trim($_GET['captchacode']));
$this->checkCaptchacode($captchacode);
if (strlen($account) < 2) {
$this->showError('username_verify_failed');
}
if (strlen($password) < 6) {
$this->showError('password_verify_failed');
}
$member = new Member();
if (isemail($account)) {
$returns = $member->Login($account, $password, 'email');
} elseif (ismobile($account)) {
$returns = $member->Login($account, $password, 'mobile');
} else {
$returns = $member->Login($account, $password);
}
if ($member->uid > 0) {
$continue = $_GET['continue'];
$this->showSuccess('login_succeed', $continue, array(), '', true);
} else {
$this->showError('login_verify_failed');
}
}
/**
* 保存注册信息
*/
function save()
{
$username = htmlspecialchars(trim($_GET['username_' . FORMHASH]));
$password = trim($_GET['password_' . FORMHASH]);
$email = trim($_GET['email_' . FORMHASH]);
$captchacode = trim($_GET['captchacode']);
$this->checkCaptchacode($captchacode);
if (strlen($username) < 2) {
$this->showError('username_verify_failed');
}
if ($this->_verify(array('username' => $username))) {
$this->showError('username_exists');
}
if (empty($email) || !isemail($email)) {
$this->showError('email_verify_failed');
}
if ($this->_verify(array('email' => $email))) {
$this->showError('email_exists');
}
if (empty($password) || strlen($password) < 6) {
$this->showError('password_verify_failed');
}
$member = new Member();
$returns = $member->register($username, $password, $email, $_GET['type']);
if ($member->uid > 0) {
$this->showSuccess('register_succeed', '/?m=home', array(), '', true);
}
}
function userlogin($username, $password, $questionid, $answer, $loginfield = 'username')
{
$return = array();
if ($loginfield == 'uid') {
$isuid = 1;
} elseif ($loginfield == 'email') {
$isuid = 2;
} elseif ($loginfield == 'auto') {
$isuid = 3;
} else {
$isuid = 0;
}
if (!function_exists('uc_user_login')) {
loaducenter();
}
if ($isuid == 3) {
if (preg_match('/^[1-9]\\d*$/', $username)) {
$return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer);
} elseif (isemail($username)) {
$return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer);
}
if ($return['ucresult'][0] <= 0) {
$return['ucresult'] = uc_user_login($username, $password, 0, 1, $questionid, $answer);
}
} else {
$return['ucresult'] = uc_user_login($username, $password, $isuid, 1, $questionid, $answer);
}
$tmp = array();
$duplicate = '';
list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($return['ucresult'], 1);
$return['ucresult'] = $tmp;
if ($duplicate && $return['ucresult']['uid'] > 0) {
if ($olduid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'ucresult']['username']) . "'")) {
require_once libfile('function/membermerge');
if ($olduid != $return['ucresult']['uid']) {
membermerge($olduid, $return['ucresult']['uid']);
}
uc_user_merge_remove($return['ucresult']['username']);
} else {
$return['status'] = 0;
return $return;
}
}
if ($return['ucresult']['uid'] <= 0) {
$return['status'] = 0;
return $return;
}
$member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $return['ucresult']['uid'] . "'");
if (!$member) {
$return['status'] = -1;
return $return;
}
$return['member'] = $member;
$return['status'] = 1;
if (addslashes($member['email']) != $return['ucresult']['email']) {
DB::query("UPDATE " . DB::table('common_member') . " SET email='" . $return['ucresult']['email'] . "' WHERE uid='" . $return['ucresult']['uid'] . "'");
}
return $return;
}
public static function editUser($keyName, $userInfo)
{
if (!isemail($userInfo[self::TABLE_EMAIL])) {
return control_returnCode::REG_ERROR_EMAIL;
}
$userInfo[self::TABLE_UPDATETIME] = time();
self::getDB()->table(self::TABLE_NAME)->where(array(self::TABLE_UNIONKEY => $keyName))->update($userInfo);
return control_returnCode::REG_TRUE;
}
function userlogin($username, $password, $questionid, $answer, $loginfield = 'username', $ip = '') {
$return = array();
if($loginfield == 'uid' && getglobal('setting/uidlogin')) {
$isuid = 1;
} elseif($loginfield == 'email') {
$isuid = 2;
} elseif($loginfield == 'auto') {
$isuid = 3;
} else {
$isuid = 0;
}
if(!function_exists('uc_user_login')) {
loaducenter();
}
if($isuid == 3) {
if(!strcmp(dintval($username), $username) && getglobal('setting/uidlogin')) {
$return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer, $ip);
} elseif(isemail($username)) {
$return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer, $ip);
}
if($return['ucresult'][0] <= 0 && $return['ucresult'][0] != -3) {
$return['ucresult'] = uc_user_login(addslashes($username), $password, 0, 1, $questionid, $answer, $ip);
}
} else {
$return['ucresult'] = uc_user_login(addslashes($username), $password, $isuid, 1, $questionid, $answer, $ip);
}
$tmp = array();
$duplicate = '';
list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = $return['ucresult'];
$return['ucresult'] = $tmp;
if($duplicate && $return['ucresult']['uid'] > 0 || $return['ucresult']['uid'] <= 0) {
$return['status'] = 0;
return $return;
}
$member = getuserbyuid($return['ucresult']['uid'], 1);
if(!$member || empty($member['uid'])) {
$return['status'] = -1;
return $return;
}
$return['member'] = $member;
$return['status'] = 1;
if($member['_inarchive']) {
C::t('common_member_archive')->move_to_master($member['uid']);
}
if($member['email'] != $return['ucresult']['email']) {
C::t('common_member')->update($return['ucresult']['uid'], array('email' => $return['ucresult']['email']));
}
return $return;
}
public function save()
{
$accountnew = $_GET['accountnew'];
$profilenew = $_GET['profilenew'];
if (isemail($accountnew['email']) || ismobile($accountnew['mobile'])) {
$this->t('member')->where(array('uid' => $this->uid))->update($accountnew);
}
$profilenew['locked'] = 1;
$profilenew['modified'] = time();
$this->t('member_profile')->where(array('uid' => $this->uid))->update($profilenew);
$this->showSuccess('modi_succeed');
}
function mobcent_threadsort_validator($sortoption, $pid)
{
global $_G, $var;
$postaction = $_G['tid'] && $pid ? "edit&tid={$_G['tid']}&pid={$pid}" : 'newthread';
$_G['forum_optiondata'] = array();
foreach ($_G['forum_checkoption'] as $var => $option) {
if ($_G['forum_checkoption'][$var]['required'] && ($sortoption[$var] === '' && $_G['forum_checkoption'][$var]['type'] != 'number')) {
return array('message' => 'threadtype_required_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
//showmessage('threadtype_required_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $_G['forum_checkoption'][$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
return array('message' => 'threadtype_required_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
//showmessage('threadtype_format_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['maxlength'] && strlen($sortoption[$var]) > $_G['forum_checkoption'][$var]['maxlength']) {
return array('message' => 'threadtype_toolong_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
// showmessage('threadtype_toolong_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['maxnum'] && $sortoption[$var] > $_G['forum_checkoption'][$var]['maxnum'] || $_G['forum_checkoption'][$var]['minnum'] && $sortoption[$var] < $_G['forum_checkoption'][$var]['minnum'])) {
return array('message' => 'threadtype_num_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
// showmessage('threadtype_num_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['unchangeable'] && !($_G['tid'] && $pid)) {
return array('message' => 'threadtype_unchangeable_invalid', 'params' => array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
//showmessage('threadtype_unchangeable_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['type'] == 'select') {
if ($_G['forum_optionlist'][$_G['forum_checkoption'][$var]['optionid']]['choices'][$sortoption[$var]]['level'] != 1) {
//判断下拉选择项的必填项是否填写,如果为多级连动选择客户端会发不出去帖子,注释此行
//return array('message'=>'threadtype_select_invalid','params'=>array('{typetitle}' => $_G['forum_checkoption'][$var]['title']));
// showmessage('threadtype_select_invalid', "forum.php?mod=post&action=$postaction&fid=$_G[fid]&sortid=".$_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
}
}
if ($_G['forum_checkoption'][$var]['type'] == 'checkbox') {
$sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
} elseif ($_G['forum_checkoption'][$var]['type'] == 'url') {
$sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
}
if ($_G['forum_checkoption'][$var]['type'] == 'image') {
if ($sortoption[$var]['aid']) {
$_GET['attachnew'][$sortoption[$var]['aid']] = $sortoption[$var];
}
$sortoption[$var] = serialize($sortoption[$var]);
} elseif ($_G['forum_checkoption'][$var]['type'] == 'select') {
$sortoption[$var] = censor(trim($sortoption[$var]));
} else {
$sortoption[$var] = dhtmlspecialchars(censor(trim($sortoption[$var])));
}
$_G['forum_optiondata'][$_G['forum_checkoption'][$var]['optionid']] = $sortoption[$var];
}
return $_G['forum_optiondata'];
}
//$row = $_SGLOBAL['db']->fetch_array($query);$_SGLOBAL['db']->fetch_array($query)
}
//提示用户已经激活过了
showmessage('identifier_is_active', '', 3);
}
}
//根据学号取得邮箱和激活信息
//$query = $_SGLOBAL['db']->query("SELECT defaultemail, isactive, emaildateline FROM ".tname('baseprofile')." WHERE collegeid='$collegeid'");
//$row = $_SGLOBAL['db']->fetch_array($query);
if (empty($one)) {
showmessage('collegeid_is_invalid', '', 3);
}
$defaultemail = $one['defaultemail'];
$isactive = $one['isactive'];
//没有邮箱信息
if (empty($defaultemail) || !isemail($defaultemail)) {
showmessage('have_no_email', '', 10);
}
if ($isactive > 0) {
showmessage('collegeid_is_active', '', 3);
} elseif (empty($isactive)) {
$nowtime = explode(' ', microtime());
$tmptime = $nowtime[1];
//记录邮件发送时间,存入数据库
$tmptime = $tmptime + $nowtime[0];
if ($tmptime - intval($row['emaildateline']) <= 1800) {
showmessage('sendtime_limit');
}
//激活成功
$hash = authcode("{$collegeid}\t{$defaultemail}", 'ENCODE');
$url = getsiteurl() . 'do.php?ac=' . $_SCONFIG['buaaregister_action'] . '&hash=' . urlencode($hash);
function check_limit()
{
$mlimit = $this->field['mlimit'];
if ($this->field['datatype'] == 'date') {
$mlimit = 'date';
} elseif ($this->field['datatype'] == 'int') {
$mlimit = 'int';
} elseif ($this->field['datatype'] == 'float') {
$mlimit = 'number';
}
if (empty($this->newvalue) || empty($mlimit)) {
return true;
}
$cname = $this->field['cname'];
if ($mlimit == 'date' && !isdate($this->newvalue)) {
$this->error = "{$cname} " . lang('liminpda');
} elseif ($mlimit == 'int' && !is_numeric($this->newvalue)) {
$this->error = "{$cname} " . lang('liminpint');
} elseif ($mlimit == 'number' && !is_numeric($this->newvalue)) {
$this->error = "{$cname} " . lang('liminpnum');
} elseif ($mlimit == 'letter' && !preg_match("/^[a-z]+\$/i", $this->newvalue)) {
$this->error = "{$cname} " . lang('limiinputlett');
} elseif ($mlimit == 'numberletter' && !preg_match("/^[0-9a-z]+\$/i", $this->newvalue)) {
$this->error = "{$cname} " . lang('limitinputnumberl');
} elseif ($mlimit == 'tagtype' && !preg_match("/^[a-z]+\\w*\$/i", $this->newvalue)) {
$this->error = "{$cname} " . lang('limitinputtagtype');
} elseif ($mlimit == 'email' && !isemail($this->newvalue)) {
$this->error = "{$cname} " . lang('limitinputemail');
}
return $this->error ? false : true;
}
function threadsort_validator($sortoption)
{
global $checkoption, $var, $selectsortid, $fid, $tid, $pid;
$postaction = $tid && $pid ? "edit&tid={$tid}&pid={$pid}" : 'newthread';
$optiondata = array();
foreach ($checkoption as $var => $option) {
if ($checkoption[$var]['required'] && !$sortoption[$var]) {
showmessage('threadtype_required_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
} elseif ($sortoption[$var] && ($checkoption[$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $checkoption[$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
showmessage('threadtype_format_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
} elseif ($sortoption[$var] && $checkoption[$var]['maxlength'] && strlen($typeoption[$var]) > $checkoption[$var]['maxlength']) {
showmessage('threadtype_toolong_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
} elseif ($sortoption[$var] && ($checkoption[$var]['maxnum'] && $sortoption[$var] >= $checkoption[$var]['maxnum'] || $checkoption[$var]['minnum'] && $sortoption[$var] < $checkoption[$var]['minnum'])) {
showmessage('threadtype_num_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
} elseif ($sortoption[$var] && $checkoption[$var]['unchangeable'] && !($tid && $pid)) {
showmessage('threadtype_unchangeable_invalid', "post.php?action={$postaction}&fid={$fid}&sortid={$selectsortid}");
}
if ($checkoption[$var]['type'] == 'checkbox') {
$sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
} elseif ($checkoption[$var]['type'] == 'url') {
$sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
}
$sortoption[$var] = dhtmlspecialchars(censor(trim($sortoption[$var])));
$optiondata[$checkoption[$var]['optionid']] = $sortoption[$var];
}
return $optiondata;
}
checkclose();
$realname = trim($_GET['realname']);
$birthday = trim($_GET['birthday']);
$password = $birthday;
if (empty($realname)) {
showmessage('对不起,请输入姓名!', '', 2);
}
if (empty($birthday)) {
showmessage('对不起,请输入生日!', '', 2);
}
//已经注册用户
if ($_SGLOBAL['supe_uid']) {
showmessage('registered', 'space.php');
}
//检查邮箱
$email = isemail(trim($_GET['email'])) ? trim($_GET['email']) : '';
if (empty($email)) {
showmessage('email_format_is_wrong');
}
if ($_SCONFIG['checkemail']) {
if ($count = getcount('spacefield', array('email' => $email))) {
showmessage('email_has_been_registered');
}
}
$num = strpos($email, '@');
$num = $num > 15 ? 15 : $num;
$newusername = substr($email, 0, $num);
/*******************这里应该判断要不要用户名是否被占********************
$username = $newusername;
if(!@include_once S_ROOT.'./uc_client/client.php')
function threadsort_validator($sortoption, $pid)
{
global $_G, $var;
$postaction = $_G['tid'] && $pid ? "edit&tid={$_G['tid']}&pid={$pid}" : 'newthread';
$_G['forum_optiondata'] = array();
foreach ($_G['forum_checkoption'] as $var => $option) {
if ($_G['forum_checkoption'][$var]['required'] && !$sortoption[$var]) {
showmessage('threadtype_required_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $_G['forum_checkoption'][$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
showmessage('threadtype_format_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['maxlength'] && strlen($typeoption[$var]) > $_G['forum_checkoption'][$var]['maxlength']) {
showmessage('threadtype_toolong_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && ($_G['forum_checkoption'][$var]['maxnum'] && $sortoption[$var] > $_G['forum_checkoption'][$var]['maxnum'] || $_G['forum_checkoption'][$var]['minnum'] && $sortoption[$var] < $_G['forum_checkoption'][$var]['minnum'])) {
showmessage('threadtype_num_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
} elseif ($sortoption[$var] && $_G['forum_checkoption'][$var]['unchangeable'] && !($_G['tid'] && $pid)) {
showmessage('threadtype_unchangeable_invalid', "forum.php?mod=post&action={$postaction}&fid={$_G['fid']}&sortid=" . $_G['forum_selectsortid'], array('typetitle' => $_G['forum_checkoption'][$var]['title']));
}
if ($_G['forum_checkoption'][$var]['type'] == 'checkbox') {
$sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
} elseif ($_G['forum_checkoption'][$var]['type'] == 'url') {
$sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
}
$sortoption[$var] = $_G['forum_checkoption'][$var]['type'] != 'image' ? dhtmlspecialchars(censor(trim($sortoption[$var]))) : addslashes(serialize($sortoption[$var]));
$_G['forum_optiondata'][$_G['forum_checkoption'][$var]['optionid']] = $sortoption[$var];
}
return $_G['forum_optiondata'];
}
/*
[UCenter Home] (C) 2007-2008 Comsenz Inc.
$Id: do_login.php 8543 2008-08-21 05:51:48Z liguode $
*/
if (!defined('IN_UCHOME')) {
exit('Access Denied');
}
$uid = 0;
$email = '';
$_GET['hash'] = empty($_GET['hash']) ? '' : trim($_GET['hash']);
if ($_GET['hash']) {
list($uid, $email) = explode("\t", authcode($_GET['hash'], 'DECODE'));
$uid = intval($uid);
}
if ($uid && isemail($email)) {
//检查邮箱唯一性
if ($_SCONFIG['uniqueemail']) {
if (getcount('spacefield', array('email' => $email, 'emailcheck' => 1))) {
showmessage('uniqueemail_recheck');
}
}
// Bonus Points
getreward('realemail', 1, $uid);
//修改资料
updatetable('spacefield', array('email' => addslashes($email), 'emailcheck' => '1', 'newemail' => ''), array('uid' => $uid));
//跳转页面
showmessage('email_check_sucess', '', 1, array($email));
} else {
showmessage('email_check_error');
}
<?php
include "../common.inc.php";
include "function_common.php";
InitGP(array("page", "action", "inbox", "uname", "email", "subject", "message", "did", "delids"));
//初始化变量全局返回
AjaxHead();
//禁止页面缓存
header("Content-type: text/html; charset=" . CHARSET);
if (empty($action)) {
InitGP(array("uid", "isadmin", "email", "subject", "message"));
//初始化变量全局返回
if (!empty($_POST) and !empty($subject)) {
//发送邮件
if (isemail($email) && !empty($message)) {
$emailstr = $message;
include_once INC_PATH . "/sendmail.class.php";
$sendmail = new SendEmail();
$sendmail->sendmailto($subject, $emailstr, $email);
if (!empty($inbox)) {
exit("<script language='javascript'>alert('" . $sendmail->printmsg . "');parent.\$.fn.colorbox.close();</script>");
} else {
showmsg($sendmail->printmsg, PHP_SELF);
//出错!
}
} else {
if (!empty($inbox)) {
exit("<script language='javascript'>alert('email格式错误');location.reload();</script>");
} else {
showmsg("email格式错误", PHP_SELF);
//出错!
if ($cur_user && $cur_user['flag'] == 0) {
header('location: /');
exit;
}
//
$errors = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = addslashes(trim($_POST["name"]));
$email = addslashes(trim($_POST["email"]));
if ($name && $email) {
if (strlen($name) < 21 && strlen($email) < 32) {
if (preg_match('/^[a-zA-Z0-9\\x80-\\xff]{4,20}$/i', $name)) {
if (preg_match('/^[0-9]{4,20}$/', $name)) {
$errors[] = '名字不能全为数字';
} else {
if (isemail($email)) {
$db_user = $DBS->fetch_one_array("SELECT * FROM yunbbs_users WHERE name='" . $name . "' LIMIT 1");
if ($db_user) {
if ($email == $db_user['email']) {
header("content-Type: text/html; charset=UTF-8");
exit('请用该邮箱: ' . $db_user['email'] . ' 给管理员(管理员信箱' . $options['admin_email'] . ')发送一封密码重设请求,内容只需包含您的用户名“' . $name . '”');
} else {
$errors[] = '填写的邮箱 和 个人设置里的邮箱 不一致';
}
} else {
$errors[] = '用户名 错误';
}
} else {
$errors[] = '邮箱 格式错误';
}
}
if (submitcheck('login')) {
/*
echo $_POST[username];
echo $_POST[password];
exit();
*/
//exit('26');
$password = $_POST['password'];
$username = trim($_POST['username']);
$cookietime = intval($_POST['cookietime']);
$cookiecheck = $cookietime ? ' checked' : '';
$membername = $username;
if (empty($_POST['username'])) {
showmessage('users_were_not_empty_please_re_login_1', './login.php', 0);
} else {
if (isemail($_POST['username'])) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('spacefield') . " WHERE email='{$_POST['username']}'");
$value = $_SGLOBAL['db']->fetch_array($query);
if (empty($value)) {
showmessage('users_were_not_empty_please_re_login_2', './login.php', 0);
}
$query = $_SGLOBAL['db']->query("SELECT username FROM " . tname('member') . " WHERE uid='{$value['uid']}'");
$value = $_SGLOBAL['db']->fetch_array($query);
//得到用户名
$username = $value['username'];
}
}
if ($_SCONFIG['seccode_login']) {
include_once S_ROOT . './source/function_cp.php';
if (!ckseccode($_POST['seccode'])) {
$_SGLOBAL['input_seccode'] = 1;
function threadsort_validator($sortoption)
{
global $_G;
$_G['category_optiondata'] = array();
foreach ($_G['category_checkoption'] as $var => $option) {
$typetitle = $_G['category_checkoption'][$var]['title'];
if ($_G['category_checkoption'][$var]['required'] && !$sortoption[$var]) {
showmessage('threadtype_required_invalid', '', array('typetitle' => $typetitle));
} elseif ($sortoption[$var] && ($_G['category_checkoption'][$var]['type'] == 'number' && !is_numeric($sortoption[$var]) || $_G['forum_checkoption'][$var]['type'] == 'email' && !isemail($sortoption[$var]))) {
showmessage('threadtype_format_invalid', '', array('typetitle' => $typetitle));
} elseif ($sortoption[$var] && $_G['category_checkoption'][$var]['maxlength'] && strlen($typeoption[$var]) > $_G['forum_checkoption'][$var]['maxlength']) {
showmessage('threadtype_toolong_invalid', '', array('typetitle' => $typetitle));
} elseif ($sortoption[$var] && ($_G['category_checkoption'][$var]['maxnum'] && $sortoption[$var] > $_G['category_checkoption'][$var]['maxnum'] || $_G['forum_checkoption'][$var]['minnum'] && $sortoption[$var] < $_G['category_checkoption'][$var]['minnum'])) {
showmessage('threadtype_num_invalid', '', array('typetitle' => $typetitle));
} elseif ($sortoption[$var] && $_G['category_checkoption'][$var]['unchangeable']) {
showmessage('threadtype_unchangeable_invalid', '', array('typetitle' => $typetitle));
}
if ($_G['category_checkoption'][$var]['numbercheck']) {
checkphonenum($sortoption[$var]);
}
if ($_G['category_checkoption'][$var]['type'] == 'checkbox') {
$sortoption[$var] = $sortoption[$var] ? implode("\t", $sortoption[$var]) : '';
} elseif ($_G['category_checkoption'][$var]['type'] == 'url') {
$sortoption[$var] = $sortoption[$var] ? substr(strtolower($sortoption[$var]), 0, 4) == 'www.' ? 'http://' . $sortoption[$var] : $sortoption[$var] : '';
}
$sortoption[$var] = dhtmlspecialchars(censor(trim($sortoption[$var])));
$_G['category_optiondata'][$_G['category_checkoption'][$var]['optionid']] = $sortoption[$var];
}
return $_G['category_optiondata'];
}
capi_showmessage_by_data('incorrect_code');
}
}
if (!@(include_once S_ROOT . './uc_client/client.php')) {
capi_showmessage_by_data('system_error');
}
if ($_REQUEST['password'] != $_REQUEST['password2']) {
capi_showmessage_by_data('password_inconsistency');
}
if (!$_REQUEST['password'] || $_REQUEST['password'] != addslashes($_REQUEST['password'])) {
capi_showmessage_by_data('profile_passwd_illegal');
}
$username = trim($_REQUEST['username']);
$password = $_REQUEST['password'];
$_REQUEST['email'] = "{$username}@dawnlightning.com";
$email = isemail($_REQUEST['email']) ? $_REQUEST['email'] : '';
if (empty($email)) {
capi_showmessage_by_data('email_format_is_wrong');
}
//检查邮件
if ($_SCONFIG['checkemail']) {
if ($count = getcount('spacefield', array('email' => $email))) {
capi_showmessage_by_data('email_has_been_registered');
}
}
//检查IP
$onlineip = getonlineip();
if ($_SCONFIG['regipdate']) {
$query = $_SGLOBAL['db']->query("SELECT dateline FROM " . tname('space') . " WHERE regip='{$onlineip}' ORDER BY dateline DESC LIMIT 1");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($_SGLOBAL['timestamp'] - $value['dateline'] < $_SCONFIG['regipdate'] * 3600) {
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: misc_emailcheck.php 30383 2012-05-25 04:45:49Z liulanbo $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$uid = 0;
$email = '';
$_GET['hash'] = empty($_GET['hash']) ? '' : $_GET['hash'];
if ($_GET['hash']) {
list($uid, $email, $time) = explode("\t", authcode($_GET['hash'], 'DECODE', md5(substr(md5($_G['config']['security']['authkey']), 0, 16))));
$uid = intval($uid);
}
if ($uid && isemail($email) && $time > TIMESTAMP - 86400) {
$member = getuserbyuid($uid);
$setarr = array('email' => $email, 'emailstatus' => '1');
loaducenter();
$ucresult = uc_user_edit(addslashes($member['username']), '', '', $email, 1);
if ($ucresult == -8) {
showmessage('email_check_account_invalid', '', array(), array('return' => true));
} elseif ($ucresult == -4) {
showmessage('profile_email_illegal', '', array(), array('return' => true));
} elseif ($ucresult == -5) {
showmessage('profile_email_domain_illegal', '', array(), array('return' => true));
} elseif ($ucresult == -6) {
showmessage('profile_email_duplicate', '', array(), array('return' => true));
}
if ($_G['setting']['regverify'] == 1 && $member['groupid'] == 8) {
$membergroup = C::t('common_usergroup')->fetch_by_credits($member['credits']);
/**
* Process CMS tags into HTML for comments.
*/
function cms_tag_comments($tag_attr, $tag_default)
{
global $db, $row, $block, $Current_weblog, $Weblogs, $Paths;
if (strlen($Weblogs[$Current_weblog]['comment_format']) > 1) {
$format = $Weblogs[$Current_weblog]['comment_format'];
} else {
$format = "%anchor%<p>%comment%</p><p><small><b>%name%</b> %email% %url% - %date%</small></p>";
}
if (strlen($Weblogs[$Current_weblog]['comment_reply']) > 1) {
$format_reply = $Weblogs[$Current_weblog]['comment_reply'];
} else {
$format_reply = "Reply on %name%";
}
if (strlen($Weblogs[$Current_weblog]['comment_forward']) > 1) {
$format_forward = $Weblogs[$Current_weblog]['comment_forward'];
} else {
$format_forward = "Replied on by %name%";
}
if (strlen($Weblogs[$Current_weblog]['comment_backward']) > 1) {
$format_backward = $Weblogs[$Current_weblog]['comment_backward'];
} else {
$format_backward = "This is a reply on %name%";
}
// If %editlink% is not present, insert it right after %date%..
if (strpos($format, "%editlink%") == 0) {
$format = str_replace("%date%", "%date% %editlink%", $format);
}
$content_code = get_attr_value('content_code', $tag_attr);
$nocomments = get_attr_value('ifnocomments', $tag_attr);
$comments = get_attr_value('ifcomments', $tag_attr);
$order = get_attr_value('order', $tag_attr);
$entrydate = $Weblogs[$Current_weblog]['fulldate_format'];
if ($content_code == "") {
$content_code = $row["code"];
}
$last_comment = "";
if (isset($db->entry['comments']) && count($db->entry['comments']) > 0) {
// first, make a list of comment-on-comments..
$crosslink = array();
foreach ($db->entry['comments'] as $count => $temp_row) {
if (preg_match("/\\[(.*):([0-9]*)\\]/Ui", $temp_row['comment'], $matches)) {
$crosslink[$count + 1] = $matches[2];
// remove [name:1] from comment..
$db->entry['comments'][$count]['comment'] = str_replace($matches[0], "", $db->entry['comments'][$count]['comment']);
}
}
$last_count = count($db->entry['comments']) - 1;
foreach ($db->entry['comments'] as $count => $temp_row) {
/**
* If we get here, this is a record we have to output in some form..
*/
$temp_row['name'] = strip_tags($temp_row['name']);
$temp_row['email'] = strip_tags($temp_row['email']);
$temp_row['url'] = strip_tags($temp_row['url']);
// Set the flag to display the 'awaiting moderation' text.
if ($temp_row["moderate"] == 1) {
$awaiting_moderation = true;
}
// Check if the comment is different than the last one, if the author's
// IP isn't blocked, and if the comment isn't waiting for moderation.
if ($temp_row["ip"] . $temp_row["comment"] != $last_comment && !ip_check_block($temp_row["ip"]) && ($temp_row["moderate"] != 1 || $temp_row['showpreview'] == 1)) {
/**
* make email link..
*/
if (isemail($temp_row["email"]) && !$temp_row["discreet"]) {
$email_format = "(" . encodemail_link($temp_row["email"], lang('email'), $temp_row["name"]) . ")";
$emailtoname = encodemail_link($temp_row["email"], $temp_row["name"], $temp_row["name"]);
} else {
$email_format = "";
$emailtoname = $temp_row["name"];
}
if (isemail($temp_row["email"])) {
$grav_email = $temp_row["email"];
$grav_default = $Weblogs[$Current_weblog]['comment_gravatardefault'];
$grav_html = stripslashes($Weblogs[$Current_weblog]['comment_gravatarhtml']);
$grav_size = $Weblogs[$Current_weblog]['comment_gravatarsize'];
if ($grav_default == "") {
$grav_default = "http://www.pivotlog.net/images/gravatar.gif";
}
if ($grav_html == "") {
$grav_html = '<img src="%img%" align="right" valign="top" hspace="2" vspace="2" />';
}
if ($grav_size == "") {
$grav_size = 48;
}
$grav_imgurl = "http://www.gravatar.com/avatar.php?gravatar_id=" . md5($grav_email) . "&default=" . urlencode($grav_default) . "&size=" . $grav_size;
$grav_url = str_replace("%img%", $grav_imgurl, $grav_html);
} else {
$grav_url = "";
}
/**
* make url link..
*/
if (isurl($temp_row["url"])) {
if (strpos($temp_row["url"], "ttp://") < 1) {
$temp_row["url"] = "http://" . $temp_row["url"];
}
$target = $Weblogs[$Current_weblog]['target_blank'] == 1 ? " target='_blank'" : "";
$temp_row["url_title"] = str_replace('http://', '', $temp_row["url"]);
//perhaps redirect the link..
if (isset($Weblogs[$Current_weblog]['lastcomm_redirect']) && $Weblogs[$Current_weblog]['lastcomm_redirect'] == 1) {
$target .= " rel=\"nofollow\" ";
}
$url_format = sprintf("(<a href='%s' {$target} title='%s'>%s</a>)", $temp_row["url"], $temp_row["url_title"], lang('url'));
$urltoname = sprintf("<a href='%s' {$target} title='%s'>%s</a>", $temp_row["url"], $temp_row["url_title"], $temp_row['name']);
} else {
$url_format = "";
$urltoname = $temp_row["name"];
}
/**
* Make 'edit' and 'delete' links..
*/
$editlink = get_editcommentlink($db->entry['code'], $count);
/**
* make a 'registered user' span..
*/
if ($temp_row['registered'] == 1) {
$name = "<span class='registered'>[" . $temp_row["name"] . "]</span>";
} else {
$name = $temp_row["name"];
}
/**
* make quote link..
*/
$quote = sprintf("<a href='#form' onclick='javascript:var pv=document.getElementsByName(\"piv_comment\");pv[0].value=\"[%s:%s] \"+pv[0].value;'>%s</a>", $temp_row["name"], $count + 1, $format_reply);
// make backward link..
if (isset($crosslink[$count + 1])) {
$to = $db->entry['comments'][$crosslink[$count + 1] - 1];
$backward_text = str_replace("%name%", $to['name'], $format_backward);
$backward_anchor = safe_string($to["name"], TRUE) . "-" . format_date($to["date"], "%ye%%month%%day%%hour24%%minute%");
$backward_link = sprintf("<a href='#%s'>%s</a>", $backward_anchor, $backward_text);
} else {
$backward_link = "";
}
/**
* make forward link..
*/
$forward_link = "";
foreach ($crosslink as $key => $val) {
if ($val - 1 == $count) {
$from = $db->entry['comments'][$key - 1];
$forward_text = str_replace("%name%", $from['name'], $format_forward);
$forward_anchor = safe_string($from["name"], TRUE) . "-" . format_date($from["date"], "%ye%%month%%day%%hour24%%minute%");
$forward_link .= sprintf("<a href='#%s'>%s</a> ", $forward_anchor, $forward_text);
}
}
/**
* make anchor
*/
$anchor = "<a id=\"" . safe_string($temp_row["name"], TRUE) . "-" . format_date($temp_row["date"], "%ye%%month%%day%%hour24%%minute%") . "\"></a>";
/**
* substite all of the parameters into the comment, and add it to the output.
*/
$this_tag = $format;
$this_tag = str_replace("%quote%", $quote, $this_tag);
$this_tag = str_replace("%quoted-back%", $backward_link, $this_tag);
$this_tag = str_replace("%quoted-forward%", $forward_link, $this_tag);
$this_tag = str_replace("%count%", $count + 1, $this_tag);
$this_tag = str_replace("%code%", $db->entry['code'], $this_tag);
$this_tag = str_replace("%even-odd%", $count % 2 ? 'even' : 'odd', $this_tag);
$this_tag = str_replace("%ip%", $temp_row["ip"], $this_tag);
$this_tag = str_replace("%date%", format_date($temp_row["date"], $entrydate), $this_tag);
$this_tag = str_replace("%comment%", comment_format($temp_row["comment"]), $this_tag);
$this_tag = str_replace("%name%", $name, $this_tag);
$this_tag = str_replace("%email%", $email_format, $this_tag);
$this_tag = str_replace("%url%", $url_format, $this_tag);
$this_tag = str_replace("%anchor%", $anchor, $this_tag);
$this_tag = str_replace("%url-to-name%", $urltoname, $this_tag);
$this_tag = str_replace("%email-to-name%", $emailtoname, $this_tag);
$this_tag = str_replace("%gravatar%", $grav_url, $this_tag);
$this_tag = str_replace("%editlink%", $editlink, $this_tag);
if ($count == $last_count) {
$this_tag = '<a id="lastcomment"></a>' . $this_tag;
}
$last_comment = $temp_row["ip"] . $temp_row["comment"];
// Outputting according to order:
if ($order == 'ascending') {
$output .= $this_tag . "\n";
} elseif ($order == 'descending') {
$output = $this_tag . "\n" . $output;
}
}
}
}
// If there are comments waiting for moderation, append a note saying so.
if ($awaiting_moderation) {
$output .= sprintf("<p id='moderate_queue_waiting'>%s</p>", lang("comment", "moderate_waiting"));
}
return '<a id="comm"></a>' . "\n" . $output;
}
function on_register()
{
global $_G;
$_GET['username'] = $_GET['' . $this->setting['reginput']['username']];
$_GET['password'] = $_GET['' . $this->setting['reginput']['password']];
$_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']];
$_GET['email'] = $_GET['' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
if ($this->setting['regconnect']) {
dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
}
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_GET['username']) ? $_GET['username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if (!$invitestatus) {
$invite = getinvite();
}
$sendurl = $this->setting['sendregisterurl'] ? true : false;
if ($sendurl) {
if (!empty($_GET['hash'])) {
$_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']);
$hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
$sendurl = false;
}
}
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_GET['action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
$sendurl = false;
}
if (!$sendurl) {
if ($fromuid) {
$member = getuserbyuid($fromuid);
if (!empty($member)) {
$fromuser = dhtmlspecialchars($member['username']);
} else {
dsetcookie('promotion');
}
}
if ($_GET['action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$activationauth = array();
if (isset($_GET['activationauth']) && $_GET['activationauth']) {
$activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
if ($activationauth[1] != FORMHASH) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$sendurl = false;
}
if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
checkemail($_GET['email']);
}
if ($sendurl) {
$hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey']));
$registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}";
$email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl));
if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) {
runlog('sendmail', "{$_GET['email']} sendmail failed.");
}
showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
}
$emailstatus = 0;
if ($this->setting['sendregisterurl'] && !$sendurl) {
$_GET['email'] = strtolower($hash[0]);
$this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
if (!$this->setting['regverify']) {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$emailstatus = 1;
}
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
}
}
if ($this->setting['pwlength']) {
if (strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
if ($this->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
}
}
$email = strtolower(trim($_GET['email']));
if (empty($email) && $_G['setting']['forgeemail']) {
$_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST'];
}
if (empty($this->setting['ignorepassword'])) {
if ($_GET['password'] !== $_GET['password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$setregip = null;
if ($this->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_GET['' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (getuserbyuid($uid, 1)) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($emailstatus) {
updatecreditbyaction('realemail', $uid);
}
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
C::t('common_member_verify_info')->insert($setverify);
C::t('common_member_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600);
if ($this->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($this->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
if (!$result) {
C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
trbasic(lang('space_tpl_prj'), 'minfosnew[mtcid]', makeoption(mtcidsarr($mchid), $actuser->info['mtcid']), 'select');
foreach ($mfields as $k => $field) {
if ($field['available'] && !$field['issystem'] && !$field['isfunc']) {
$a_field->init();
$a_field->field = $field;
$a_field->oldvalue = isset($actuser->info[$k]) ? $actuser->info[$k] : '';
$a_field->trfield('minfosnew', '', 'm', $mchid);
$submitstr .= $a_field->submitstr;
}
}
tabfooter('bmemberdetail');
check_submit_func($submitstr);
a_guide('memberdetail');
} else {
$minfosnew['email'] = empty($minfosnew['email']) ? '' : trim($minfosnew['email']);
if (empty($minfosnew['email']) || !isemail($minfosnew['email'])) {
amessage('memberemailillegal', M_REFERER);
}
if (!empty($minfosnew['password']) && strlen($minfosnew['password']) > 15 || $minfosnew['password'] != addslashes($minfosnew['password'])) {
amessage('memberpwdillegal', M_REFERER);
}
$minfosnew['password'] = trim($minfosnew['password']);
$actuser->updatefield('email', $minfosnew['email'], 'main');
!empty($minfosnew['password']) && $actuser->updatefield('password', md5(md5($minfosnew['password'])), 'main');
$actuser->updatefield('mtcid', empty($minfosnew['mtcid']) ? 0 : $minfosnew['mtcid'], 'main');
$c_upload = new cls_upload();
$mfields = fields_order($mfields);
$a_field = new cls_field();
foreach ($mfields as $k => $v) {
if ($v['available'] && !$v['issystem'] && !$v['isfunc']) {
$a_field->init();
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: spacecp_sendmail.php 25246 2011-11-02 03:34:53Z zhangguosheng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$_GET['op'] = empty($_GET['op']) ? '' : trim($_GET['op']);
if (empty($_G['setting']['sendmailday'])) {
showmessage('no_privilege_sendmailday');
}
if (submitcheck('setsendemailsubmit')) {
$_GET['sendmail'] = serialize($_GET['sendmail']);
C::t('common_member_field_home')->update($_G['uid'], array('acceptemail' => $_GET['sendmail']));
showmessage('do_success', 'home.php?mod=spacecp&ac=sendmail');
}
if (empty($space['email']) || !isemail($space['email'])) {
showmessage('email_input');
}
$sendmail = array();
if ($space['acceptemail'] && is_array($space['acceptemail'])) {
foreach ($space['acceptemail'] as $mkey => $mailset) {
if ($mkey != 'frequency') {
$sendmail[$mkey] = empty($space['acceptemail'][$mkey]) ? '' : ' checked';
} else {
$sendmail[$mkey] = array($space['acceptemail']['frequency'] => 'selected');
}
}
}
include_once template("home/spacecp_sendmail");
require_once DISCUZ_ROOT . './forumdata/cache/usergroup_8.php';
$authstradd1 = ", groupid='8'";
$authstradd2 = "authstr='{$timestamp}\t2\t{$idstring}'";
sendmail("{$discuz_userss} <{$emailnew}>", 'email_verify_subject', 'email_verify_message');
}
$membersql = "secques='{$secquesnew}', email='{$emailnew}' {$newpasswdadd} {$authstradd1}";
$memberfieldsql = $authstradd2;
} elseif ($typeid == 2) {
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($censoruser = trim($censoruser), '/')) . ')$/i';
if ($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
showmessage('profile_nickname_cstatus_illegal');
}
if ($msnnew && !isemail($msnnew)) {
showmessage('profile_alipay_msn');
}
if ($alipaynew && !isemail($alipaynew)) {
showmessage('profile_alipay_illegal');
}
$sitenew = !preg_match("/^http:\\/\\/\$/i", $sitenew) ? dhtmlspecialchars(trim(preg_match("/^https?:\\/\\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://' . $sitenew : ''))) : '';
$icqnew = preg_match("/^([0-9]+)\$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
$qqnew = preg_match("/^([0-9]+)\$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
$bdaynew = datecheck($bdaynew) ? $bdaynew : '0000-00-00';
$yahoonew = dhtmlspecialchars($yahoonew);
$msnnew = dhtmlspecialchars($msnnew);
$msnnew = "{$msnnew}\t{$member[msn][1]}";
$taobaonew = dhtmlspecialchars($taobaonew);
$alipaynew = dhtmlspecialchars($alipaynew);
$nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';
$cstatusadd = $allowcstatus ? ', customstatus=\'' . cutstr(censor(dhtmlspecialchars($cstatusnew)), 30) . '\'' : '';
$gendernew = empty($gendernew) ? 0 : intval($gendernew);
$locationnew = cutstr(censor(dhtmlspecialchars($locationnew)), 30);
if ($_SCONFIG['closeinvite']) {
showmessage('close_invite');
}
$mails = array_unique(explode(",", $_POST['email']));
$invitenum = 0;
$failingmail = array();
foreach ($mails as $key => $value) {
$value = trim($value);
if (empty($value) || !isemail($value)) {
$failingmail[] = $value;
continue;
}
if ($reward['credit']) {
//计算积分扣减积分
$credit = intval($reward['credit']) * ($invitenum + 1);
if (!isemail($value) || $reward['credit'] && $credit > $space['credit']) {
$failingmail[] = $value;
continue;
}
$code = strtolower(random(6));
$setarr = array('uid' => $_SGLOBAL['supe_uid'], 'code' => $code, 'email' => saddslashes($value), 'type' => 1);
$id = inserttable('invite', $setarr, 1);
if ($id) {
$mailvar[4] = "{$siteurl}invite.php?{$id}{$code}{$inviteapp}";
// $mailvar[4] = "http://openid.enjoyoung.cn/account/new?{$id}{$code}{$inviteapp}&renturn_to=uchome";
createmail($value, $mailvar);
$invitenum++;
} else {
$failingmail[] = $value;
}
} else {
showmessage('对不起,姓名与邀请码不匹配!', '', 2);
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('baseprofile') . " WHERE realname='{$realname}' and mobile='{$mobile}' ORDER BY userid DESC limit 1");
$bp = $_SGLOBAL['db']->fetch_array($query);
if (empty($bp)) {
showmessage('对不起,您的邀请码已经过期!');
}
}
if ($bp['isactive'] == 1) {
showmessage('users_have_actived', 'index.php', 2);
}
if (!@(include_once S_ROOT . './uc_client/client.php')) {
showmessage('system_error');
}
//邮箱
$email = isemail(trim($_POST['email'])) ? trim($_POST['email']) : '';
if (empty($email)) {
showmessage('email_format_is_wrong');
}
if ($_SCONFIG['checkemail']) {
if ($count = getcount('spacefield', array('email' => $email))) {
showmessage('email_has_been_registered');
}
}
$num = strpos($email, '@');
$num = $num > 15 ? 15 : $num;
$username = substr($email, 0, $num);
//创建新用户
$newuid = uc_user_register($username, $password, $email);
if ($newuid <= 0) {
if ($newuid == -1) {
$authstradd1 = ", groupid='8'";
$authstradd2 = "authstr='$timestamp\t2\t$idstring'";
sendmail("$discuz_userss <$emailnew>", 'email_verify_subject', 'email_verify_message');
}
$membersql = "secques='$secquesnew', email='$emailnew' $newpasswdadd $authstradd1";
$memberfieldsql = $authstradd2;
} elseif($typeid == 2) {
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
if($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
showmessage('profile_nickname_cstatus_illegal');
}
if($msnnew && !isemail($msnnew)) {
showmessage('profile_alipay_msn');
}
$sitenew = !preg_match("/^http:\/\/$/i", $sitenew) ? (dhtmlspecialchars(trim(preg_match("/^https?:\/\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://'.$sitenew : '')))) : '';
$icqnew = preg_match ("/^([0-9]+)$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
$qqnew = preg_match ("/^([0-9]+)$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
$bdaynew = datecheck($bdaynew) ? $bdaynew : '0000-00-00';
$yahoonew = dhtmlspecialchars($yahoonew);
$msnnew = dhtmlspecialchars($msnnew);
$msnnew = "$msnnew\t{$member[msn][1]}";
$taobaonew = dhtmlspecialchars($taobaonew);
$alipaynew = dhtmlspecialchars($alipaynew);
$nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';
$cstatusadd = $allowcstatus ? ', customstatus=\''.cutstr(censor(dhtmlspecialchars($cstatusnew)), 30).'\'' : '';
DB::update('common_member', $setarr, array('uid' => $_G['uid']));
}
if ($authstr) {
showmessage('profile_email_verify', 'home.php?mod=spacecp&ac=profile&op=password');
} else {
showmessage('profile_succeed', 'home.php?mod=spacecp&ac=profile&op=password');
}
}
if ($operation == 'password') {
$resend = getcookie('resendemail');
$resend = empty($resend) ? true : TIMESTAMP - $resend > 300;
$newemail = getcookie('newemail');
$space['newemail'] = !$space['emailstatus'] ? $space['email'] : '';
if (!empty($newemail)) {
$mailinfo = explode("\t", $newemail);
$space['newemail'] = $mailinfo[0] == $_G['uid'] && isemail($mailinfo[1]) && $mailinfo[1] != $space['email'] ? $mailinfo[1] : '';
}
if ($_G['gp_resend'] && $resend) {
$toemail = $space['newemail'] ? $space['newemail'] : $space['email'];
emailcheck_send($space['uid'], $toemail);
dsetcookie('resendemail', TIMESTAMP);
showmessage('send_activate_mail_succeed', "home.php?mod=spacecp&ac=profile&op=password");
} elseif ($_G['gp_resend']) {
showmessage('send_activate_mail_error', "home.php?mod=spacecp&ac=profile&op=password");
}
if (!empty($space['newemail'])) {
$acitvemessage = lang('spacecp', 'email_acitve_message', array('newemail' => $space['newemail'], 'imgdir' => $_G['style']['imgdir']));
}
$actives = array('password' => ' class="a"');
$navtitle = lang('core', 'title_password_security');
} else {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spaceinfo') . " WHERE uid='{$space['uid']}' AND type='base'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$friendarr[$value['subtype']][$value['friend']] = ' selected';
}
} elseif ($_GET['op'] == 'contact') {
if ($_GET['resend']) {
//重新发送邮箱验证
$toemail = $space['newemail'] ? $space['newemail'] : $space['email'];
emailcheck_send($space['uid'], $toemail);
showmessage('do_success', "cp.php?ac=profile&op=contact");
}
if (submitcheck('profilesubmit') || submitcheck('nextsubmit')) {
//提交检查
$setarr = array('mobile' => getstr($_POST['mobile'], 40, 1, 1), 'qq' => getstr($_POST['qq'], 20, 1, 1), 'msn' => getstr($_POST['msn'], 80, 1, 1));
//邮箱问题
$newemail = isemail($_POST['email']) ? $_POST['email'] : '';
if (isset($_POST['email']) && $newemail != $space['email']) {
//检查邮箱唯一性
if ($_SCONFIG['uniqueemail']) {
if (getcount('spacefield', array('email' => $newemail, 'emailcheck' => 1))) {
showmessage('uniqueemail_check');
}
}
//验证密码
// if(!$passport = getpassport($_SGLOBAL['supe_username'], $_POST['password'])) {
// showmessage('password_is_not_passed');
// }
//邮箱修改
if (empty($newemail)) {
//邮箱删除
$setarr['email'] = '';
