function _login($forward = '')
{
global $_GPC;
require_once IA_ROOT . '/source/model/member.mod.php';
hooks('member:login:before');
$member = array();
$username = trim($_GPC['username']);
if (empty($username)) {
message('请输入要登录的用户名');
}
$member['username'] = $username;
$member['password'] = $_GPC['password'];
if (empty($member['password'])) {
message('请输入密码');
}
$record = member_single($member);
if (!empty($record)) {
if ($record['status'] == -1) {
message('您的账号正在核合或是已经被系统禁止,请联系网站管理员解决!');
}
$cookie = array();
$cookie['uid'] = $record['uid'];
$cookie['lastvisit'] = $record['lastvisit'];
$cookie['lastip'] = $record['lastip'];
$cookie['hash'] = md5($record['password'] . $record['salt']);
$session = base64_encode(json_encode($cookie));
isetcookie('__session', $session, !empty($_GPC['rember']) ? 7 * 86400 : 0);
$status = array();
$status['uid'] = $record['uid'];
$status['lastvisit'] = TIMESTAMP;
$status['lastip'] = CLIENT_IP;
member_update($status);
hooks('member:login:success');
if (empty($forward)) {
$forward = $_GPC['forward'];
}
if (empty($forward)) {
$forward = './index.php?refersh';
}
message("欢迎回来,{$record['username']}。", $forward);
} else {
message('登录失败,请检查您输入的用户名和密码!');
}
}
$do = in_array($do, $dos) ? $do : 'account';
if ($do == 'account') {
require model('wechat');
$condition = '';
$params = array();
if (!empty($_GPC['keyword'])) {
$condition = '`name` LIKE :name';
$params[':name'] = "%{$_GPC['keyword']}%";
}
$pindex = max(1, intval($_GPC['page']));
$psize = 5;
$total = 0;
$wechats = wechat_search($condition, $params, $pindex, $psize, $total);
$owner = $_GPC['owner'];
foreach ($wechats as &$wechat) {
$member = member_single(array('uid' => $wechat['uid']));
$wechat['member'] = $member;
if ($wechat['uid'] == $owner) {
$wechat['owner'] = true;
}
}
$pager = pagination($total, $pindex, $psize, '', array('ajaxcallback' => 'null'));
template('member/select');
}
if ($do == 'module') {
$sql = "SELECT resourceid AS `mid` FROM " . tablename('members_permission') . " WHERE `uid`=:uid AND type = '1'";
$mids = pdo_fetchall($sql, array(':uid' => $owner));
$qMids = array();
foreach ($mids as $row) {
array_push($qMids, $row['mid']);
}
<?php
/**
* [WeEngine System] Copyright (c) 2013 WE7.CC
*/
defined('IN_IA') or exit('Access Denied');
include_once model('setting');
$uid = intval($_GPC['uid']);
$m = array();
$m['uid'] = $uid;
$member = member_single($m);
$founders = explode(',', $_W['config']['setting']['founder']);
if(empty($member) || in_array($m['uid'], $founders)) {
message('访问错误.');
}
$do = $_GPC['do'];
$dos = array('edit', 'deny', 'delete', 'auth', 'revo', 'revos');
$do = in_array($do, $dos) ? $do: 'edit';
if($do == 'edit') {
if(checksubmit('profile')) {
require_once IA_ROOT . '/source/model/member.mod.php';
$nMember = array();
$nMember['uid'] = $uid;
$nMember['password'] = $_GPC['password'];
$nMember['salt'] = $member['salt'];
if(!empty($nMember['password']) && istrlen($nMember['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$nMember['lastip'] = $_GPC['lastip'];
$datastatus['gid'] = $groupid;
$datastatus['status'] = 0;
pdo_update('members_status', $datastatus, array('id' => $wedata['id']));
//pdo_delete('members_modules', array('uid' => $data['uid']));
} else {
$datastatus = array();
$datastatus['endtime'] = $endtime;
$datastatus['stattime'] = $stattime;
$datastatus['uid'] = $data['uid'];
$datastatus['gid'] = $groupid;
$datastatus['status'] = 0;
pdo_insert('members_status', $datastatus);
}
pdo_insert('members_paylog', array('uid' => $data['uid'], 'money' => 0, 'type' => 3, 'msg' => "由管理员开通服务 ,等级:" . $groupid . " 开始日期:" . date('Y-m-d h:i:s', $stattime) . ",到期时间" . date('Y-m-d h:i:s', $endtime), 'paytime' => TIMESTAMP));
message('用户编辑成功!', create_url('finance/userlist'));
}
message('用户编辑失败,请稍候重试或联系网站管理员解决!');
}
}
if ($operation == 'display') {
$member = array();
$member['username'] = trim($_GPC['username']);
if ($member['username']) {
$member = member_single(array('username' => $member['username']));
$wedata = pdo_fetch("SELECT * FROM " . tablename('members_status') . " WHERE uid = '{$id}' LIMIT 1");
$starttime = empty($wedata['stattime']) ? TIMESTAMP : $wedata['stattime'];
$endtime = empty($wedata['endtime']) ? TIMESTAMP + 86399 : $wedata['endtime'];
$groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC");
}
}
template('finance/useredit');
$datastatus = array();
$datastatus['endtime'] = $endtime;
$datastatus['stattime'] = $stattime;
$datastatus['uid'] = $data['uid'];
$datastatus['gid'] = $groupid;
$datastatus['status'] = 0;
pdo_update('members_status', $datastatus, array('id' => $wedata['id']));
//pdo_delete('members_modules', array('uid' => $data['uid']));
} else {
$datastatus = array();
$datastatus['endtime'] = $endtime;
$datastatus['stattime'] = $stattime;
$datastatus['uid'] = $data['uid'];
$datastatus['gid'] = $groupid;
$datastatus['status'] = 0;
pdo_insert('members_status', $datastatus);
}
pdo_insert('members_paylog', array('uid' => $data['uid'], 'money' => 0, 'type' => 3, 'msg' => "由管理员开通服务 ,等级:" . $groupid . " 开始日期:" . date('Y-m-d h:i:s', $stattime) . ",到期时间" . date('Y-m-d h:i:s', $endtime), 'paytime' => TIMESTAMP));
message('用户编辑成功!', create_url('finance/userlist'));
}
message('用户编辑失败,请稍候重试或联系网站管理员解决!');
}
$id = intval($_GPC['id']);
if ($id) {
$member = member_single(array('uid' => $id));
$wedata = pdo_fetch("SELECT * FROM " . tablename('members_status') . " WHERE uid = '{$id}' LIMIT 1");
$starttime = empty($wedata['stattime']) ? TIMESTAMP : $wedata['stattime'];
$endtime = empty($wedata['endtime']) ? TIMESTAMP + 86399 : $wedata['endtime'];
$groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC");
}
template('finance/edit');
<?php
/**
* 微擎管理后台初始化文件
* [WeEngine System] Copyright (c) 2013 WE7.CC
*/
$session = json_decode(base64_decode($_GPC['__session']), true);
if (is_array($session)) {
$member = member_single(array('uid' => $session['uid']));
if (is_array($member) && $session['hash'] == md5($member['password'] . $member['salt'])) {
$_W['uid'] = $member['uid'];
$_W['username'] = $member['username'];
$member['currentvisit'] = $member['lastvisit'];
$member['currentip'] = $member['lastip'];
$member['lastvisit'] = $session['lastvisit'];
$member['lastip'] = $session['lastip'];
$_W['member'] = $member;
$founder = explode(',', $_W['config']['setting']['founder']);
$_W['isfounder'] = in_array($_W['uid'], $founder) ? true : false;
} else {
isetcookie('__session', false, -100);
}
unset($member);
}
unset($session);
if (!empty($_GPC['__weid'])) {
$_W['weid'] = intval($_GPC['__weid']);
}
if (!empty($_W['weid'])) {
$_W['account'] = pdo_fetch("SELECT * FROM " . tablename('wechats') . " WHERE weid = :weid", array(':weid' => $_W['weid']));
$_W['account']['default_message'] = iunserializer($_W['account']['default_message']);
