$contactsNew = new Contacts(); $contactsNew->setFname($_POST['fname']); $contactsNew->setSname($_POST['sname']); $contactsNew->setCo_name($_POST['co_name']); $contactsNew->setRole($_POST['role']); $contactsNew->setCustid($_POST['custid']); $contactsNew->setSuppid($_POST['suppid']); $contactsNew->setAddsid($addsid); $contactsNew->setNotes($_POST['notes']); $contactId = $contactsNew->insertIntoDB(); // Insert into DB $pwdNew = new Pwd(); $pwdNew->setUsr($logon); $pwdNew->setContactsid($contactId); $pwdNew->setSeclev(100); $pwdNew->setPw(mkPwd($pw)); file_put_contents('/etc/athenace/pwd', "{$_POST['custid']}\t{$_POST['suppid']}\t{$logon}\t{$pw}\n", FILE_APPEND); // Dont add to the Password table unless they have a custid or a suppid if (isset($_POST['custid']) && $_POST['custid'] > 0 || isset($_POST['suppid']) && $_POST['suppid'] > 0) { $pwdNew->insertIntoDB(); } else { // Not adding to passwd table // i.e contacts not associated with a customer or supplier cant log in } $logresult = logEvent(6, $logContent); header("Location: /contacts/?Added=" . $result['id']); exit; } include "../tmpl/header.php"; if (isset($_GET['FromAddCustomer'])) { ?>
public function register() { $request = $this->getHeaderBody(); $userModel = new User(); //验证手机 模拟通过 if (!$request->key) { sendMsg('KEY NOT FIND', 1); } $phone = $this->mCache->get($request->key); if (!$phone) { sendMsg('KEY ERROR', 1); } if ($userModel->issetPhone($phone['phone'])) { sendMsg('PHONE USED', 1); } //清理key $this->mCache->delete($request->key); $userModel = new User(); $createData = ['phone' => $phone['phone'], 'registerTime' => new MongoDate(), 'registerIP' => $this->request->getClientAddress()]; foreach ($request as $key => $val) { if (in_array($key, ['phone', 'password', 'userName', 'sex'])) { $createData[$key] = $val; } if ($key == 'password') { $createData[$key] = mkPwd($val); } //头像 if ($key == 'headerimg' && file_exists(TEMP_PATH . '/' . $val)) { if (copy(TEMP_PATH . '/' . $val, HEADERIMG_PATH . '/' . $val)) { $createData['headImg'] = $val; } } } $res = $userModel->createUser($createData); if ($res) { //注册EM账户密码 EM::onConstruct($this->config->em_conf); $imUser = EM::createUser(); if ($imUser) { $imUser['userId'] = $res; $userModel->create_imuser($imUser); } sendMsg("OK"); } else { sendMsg('NOT CREATE', 1); } }
} } if (isset($_GET['go']) && $_GET['go'] == "y") { $logContent = ""; $pw = generatePassword(); // Add to Address table $addsid = db_addAddress($_POST); # Insert into DB $staffNew = new Staff(); $staffNew->setFname($_POST['fname']); $staffNew->setSname($_POST['sname']); $staffNew->setAddsid($addsid); $staffNew->setJobtitle($_POST['jobtitle']); $stfid = $staffNew->insertIntoDB(); $usr = generateStafflogon($_POST['fname'], $_POST['sname']); $staffPwd = mkPwd($pw); # Insert Pwd into DB $pwdNew = new Pwd(); $pwdNew->setUsr($usr); $pwdNew->setStaffid($stfid); $pwdNew->setPw($staffPwd); $pwdNew->insertIntoDB(); file_put_contents('/etc/athenace/pwd', "Staff\t{$stfid}\t{$usr}\t{$pw}\n", FILE_APPEND); $logresult = logEvent(15, $logContent); $done = 1; } include "../tmpl/header.php"; if ($done) { ?> <h1>New staff member has been added</h1> <h2>Write down the password now. It cannot be found anywhere else.</h2>
$errors[] = 'npw1'; } elseif (!chkLowercase($_POST['npw1'])) { $pwhelp = 'No lower case letters in password'; $errors[] = 'npw1'; } elseif (!chkUppercase($_POST['npw1'])) { $pwhelp = 'No upper case letters in password'; $errors[] = 'npw1'; } elseif (!chkDigit($_POST['npw1'])) { $pwhelp = 'No numbers in password'; $errors[] = 'npw1'; } elseif ($_POST['npw1'] != $_POST['npw2']) { $pwhelp = 'New passwords are not the same'; $errors[] = 'npw1'; } if (empty($errors)) { $newPwd = mkPwd($_POST['npw1']); $pwdid = getContactPwdID($contactsID); // Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setPwdid($pwdid); $pwdUpdate->setPw($newPwd); $pwdUpdate->updateDB(); $logresult = logEvent(33, $logContent); $token = base64_encode(encrypt($rrt->usr . "|" . $_POST['npw1'])); header("Location: /pass.php?t={$token}"); } } include "tmpl/header.php"; ?> <ol>
} elseif (!chkLowercase($_POST['npw1'])) { $pwhelp = 'No lower case letters in password'; $pw_errors[] = 'npw1'; } elseif (!chkUppercase($_POST['npw1'])) { $pwhelp = 'No upper case letters in password'; $pw_errors[] = 'npw1'; } elseif (!chkDigit($_POST['npw1'])) { $pwhelp = 'No numbers in password'; $pw_errors[] = 'npw1'; } elseif ($_POST['npw1'] != $_POST['npw2']) { $pwhelp = 'New passwords are not the same'; $pw_errors[] = 'npw1'; } $stfid = $_POST['stfid']; if (empty($pw_errors)) { $cryptPwd = mkPwd($_POST['npw1']); # Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setUsr($rrt->usr); $pwdUpdate->setPw($cryptPwd); $result = $pwdUpdate->updateDB(); $logresult = logEvent(33, $logContent); $done = 1; } } $pagetitle = "staff"; include "../tmpl/header.php"; ?> <h1>Staff Log In</h1> <?php
$r = $q[0]; if (!empty($q)) { $dbPwd = mkPwd($_POST['pw']); $pwdid = getStaffEmailPwdID($email); // Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setPwdid($pwdid); $pwdUpdate->setPw($dbPwd); $pwdUpdate->updateDB(); $pw_changed++; } else { $sqltext = "SELECT contactsid FROM contacts,address WHERE email=? AND contacts.addsid=address.addsid"; $q = $db->select($sqltext, array($email, 's')); $r = $q[0]; if (!empty($q)) { $dbPwd = mkPwd($_POST['pw']); $pwdid = getContactsEmailPwdID($email); // Update DB $pwdUpdate = new Pwd(); $pwdUpdate->setPwdid($pwdid); $pwdUpdate->setPw($dbPwd); $pwdUpdate->updateDB(); $pw_changed++; } } } if ($pw_changed) { header("Location: /login.php?pwch=y"); exit; } }