function _login($forward = '') { global $_GPC; require_once IA_ROOT . '/source/model/member.mod.php'; hooks('member:login:before'); $member = array(); $username = trim($_GPC['username']); if (empty($username)) { message('请输入要登录的用户名'); } $member['username'] = $username; $member['password'] = $_GPC['password']; if (empty($member['password'])) { message('请输入密码'); } $record = member_single($member); if (!empty($record)) { if ($record['status'] == -1) { message('您的账号正在核合或是已经被系统禁止,请联系网站管理员解决!'); } $cookie = array(); $cookie['uid'] = $record['uid']; $cookie['lastvisit'] = $record['lastvisit']; $cookie['lastip'] = $record['lastip']; $cookie['hash'] = md5($record['password'] . $record['salt']); $session = base64_encode(json_encode($cookie)); isetcookie('__session', $session, !empty($_GPC['rember']) ? 7 * 86400 : 0); $status = array(); $status['uid'] = $record['uid']; $status['lastvisit'] = TIMESTAMP; $status['lastip'] = CLIENT_IP; member_update($status); hooks('member:login:success'); if (empty($forward)) { $forward = $_GPC['forward']; } if (empty($forward)) { $forward = './index.php?refersh'; } message("欢迎回来,{$record['username']}。", $forward); } else { message('登录失败,请检查您输入的用户名和密码!'); } }
$do = in_array($do, $dos) ? $do : 'account'; if ($do == 'account') { require model('wechat'); $condition = ''; $params = array(); if (!empty($_GPC['keyword'])) { $condition = '`name` LIKE :name'; $params[':name'] = "%{$_GPC['keyword']}%"; } $pindex = max(1, intval($_GPC['page'])); $psize = 5; $total = 0; $wechats = wechat_search($condition, $params, $pindex, $psize, $total); $owner = $_GPC['owner']; foreach ($wechats as &$wechat) { $member = member_single(array('uid' => $wechat['uid'])); $wechat['member'] = $member; if ($wechat['uid'] == $owner) { $wechat['owner'] = true; } } $pager = pagination($total, $pindex, $psize, '', array('ajaxcallback' => 'null')); template('member/select'); } if ($do == 'module') { $sql = "SELECT resourceid AS `mid` FROM " . tablename('members_permission') . " WHERE `uid`=:uid AND type = '1'"; $mids = pdo_fetchall($sql, array(':uid' => $owner)); $qMids = array(); foreach ($mids as $row) { array_push($qMids, $row['mid']); }
<?php /** * [WeEngine System] Copyright (c) 2013 WE7.CC */ defined('IN_IA') or exit('Access Denied'); include_once model('setting'); $uid = intval($_GPC['uid']); $m = array(); $m['uid'] = $uid; $member = member_single($m); $founders = explode(',', $_W['config']['setting']['founder']); if(empty($member) || in_array($m['uid'], $founders)) { message('访问错误.'); } $do = $_GPC['do']; $dos = array('edit', 'deny', 'delete', 'auth', 'revo', 'revos'); $do = in_array($do, $dos) ? $do: 'edit'; if($do == 'edit') { if(checksubmit('profile')) { require_once IA_ROOT . '/source/model/member.mod.php'; $nMember = array(); $nMember['uid'] = $uid; $nMember['password'] = $_GPC['password']; $nMember['salt'] = $member['salt']; if(!empty($nMember['password']) && istrlen($nMember['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $nMember['lastip'] = $_GPC['lastip'];
$datastatus['gid'] = $groupid; $datastatus['status'] = 0; pdo_update('members_status', $datastatus, array('id' => $wedata['id'])); //pdo_delete('members_modules', array('uid' => $data['uid'])); } else { $datastatus = array(); $datastatus['endtime'] = $endtime; $datastatus['stattime'] = $stattime; $datastatus['uid'] = $data['uid']; $datastatus['gid'] = $groupid; $datastatus['status'] = 0; pdo_insert('members_status', $datastatus); } pdo_insert('members_paylog', array('uid' => $data['uid'], 'money' => 0, 'type' => 3, 'msg' => "由管理员开通服务 ,等级:" . $groupid . " 开始日期:" . date('Y-m-d h:i:s', $stattime) . ",到期时间" . date('Y-m-d h:i:s', $endtime), 'paytime' => TIMESTAMP)); message('用户编辑成功!', create_url('finance/userlist')); } message('用户编辑失败,请稍候重试或联系网站管理员解决!'); } } if ($operation == 'display') { $member = array(); $member['username'] = trim($_GPC['username']); if ($member['username']) { $member = member_single(array('username' => $member['username'])); $wedata = pdo_fetch("SELECT * FROM " . tablename('members_status') . " WHERE uid = '{$id}' LIMIT 1"); $starttime = empty($wedata['stattime']) ? TIMESTAMP : $wedata['stattime']; $endtime = empty($wedata['endtime']) ? TIMESTAMP + 86399 : $wedata['endtime']; $groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC"); } } template('finance/useredit');
$datastatus = array(); $datastatus['endtime'] = $endtime; $datastatus['stattime'] = $stattime; $datastatus['uid'] = $data['uid']; $datastatus['gid'] = $groupid; $datastatus['status'] = 0; pdo_update('members_status', $datastatus, array('id' => $wedata['id'])); //pdo_delete('members_modules', array('uid' => $data['uid'])); } else { $datastatus = array(); $datastatus['endtime'] = $endtime; $datastatus['stattime'] = $stattime; $datastatus['uid'] = $data['uid']; $datastatus['gid'] = $groupid; $datastatus['status'] = 0; pdo_insert('members_status', $datastatus); } pdo_insert('members_paylog', array('uid' => $data['uid'], 'money' => 0, 'type' => 3, 'msg' => "由管理员开通服务 ,等级:" . $groupid . " 开始日期:" . date('Y-m-d h:i:s', $stattime) . ",到期时间" . date('Y-m-d h:i:s', $endtime), 'paytime' => TIMESTAMP)); message('用户编辑成功!', create_url('finance/userlist')); } message('用户编辑失败,请稍候重试或联系网站管理员解决!'); } $id = intval($_GPC['id']); if ($id) { $member = member_single(array('uid' => $id)); $wedata = pdo_fetch("SELECT * FROM " . tablename('members_status') . " WHERE uid = '{$id}' LIMIT 1"); $starttime = empty($wedata['stattime']) ? TIMESTAMP : $wedata['stattime']; $endtime = empty($wedata['endtime']) ? TIMESTAMP + 86399 : $wedata['endtime']; $groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC"); } template('finance/edit');
<?php /** * 微擎管理后台初始化文件 * [WeEngine System] Copyright (c) 2013 WE7.CC */ $session = json_decode(base64_decode($_GPC['__session']), true); if (is_array($session)) { $member = member_single(array('uid' => $session['uid'])); if (is_array($member) && $session['hash'] == md5($member['password'] . $member['salt'])) { $_W['uid'] = $member['uid']; $_W['username'] = $member['username']; $member['currentvisit'] = $member['lastvisit']; $member['currentip'] = $member['lastip']; $member['lastvisit'] = $session['lastvisit']; $member['lastip'] = $session['lastip']; $_W['member'] = $member; $founder = explode(',', $_W['config']['setting']['founder']); $_W['isfounder'] = in_array($_W['uid'], $founder) ? true : false; } else { isetcookie('__session', false, -100); } unset($member); } unset($session); if (!empty($_GPC['__weid'])) { $_W['weid'] = intval($_GPC['__weid']); } if (!empty($_W['weid'])) { $_W['account'] = pdo_fetch("SELECT * FROM " . tablename('wechats') . " WHERE weid = :weid", array(':weid' => $_W['weid'])); $_W['account']['default_message'] = iunserializer($_W['account']['default_message']);