function getverifyicon($iconkey = 'iconnew', $target) { global $_G, $_GET, $_FILES; if ($_FILES[$iconkey]) { $iconnew = uploadtolocal($_FILES[$iconkey], 'common', $target); } elseif ($_GET['' . $iconkey]) { $icon_url = parse_url($_GET['' . $iconkey]); if ($icon_url['host']) { $iconnew = imagetolocal($_GET['' . $iconkey], 'common', $target); } else { $iconnew = $_GET['' . $iconkey]; } } else { $iconnew = ''; } return $iconnew; }
foreach ($_FILES as $key => $file) { if (!isset($_G['cache']['profilesetting'][$key])) { continue; } $field = $_G['cache']['profilesetting'][$key]; if (!empty($file) && $file['error'] == 0 || !empty($space[$key]) && empty($_GET['deletefile'][$key])) { $value = '1'; } else { $value = ''; } if (!profile_check($key, $value, $space)) { profile_showerror($key); } elseif ($field['size'] && $field['size'] * 1024 < $file['size']) { profile_showerror($key, lang('message', 'filesize_lessthan') . $field['size'] . 'KB'); } if ($attachment = uploadtolocal($file, 'profile', '')) { if (!@getimagesize($_G['setting']['attachdir'] . $attachment)) { //判断是否为图片文件 @unlink($_G['setting']['attachdir'] . $attachment); continue; } $setarr[$key] = ''; //$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($vid && $verifyconfig['available'] && isset($verifyconfig['field'][$key])) { if (isset($verifyinfo['field'][$key])) { @unlink(getglobal('setting/attachdir') . $verifyinfo['field'][$key]); $verifyarr[$key] = $attachment; } continue; } if (isset($setarr[$key]) && $_G['cache']['profilesetting'][$key]['needverify']) {
function on_register() { global $_G; $_GET['username'] = $_GET['username']; $_GET['nickname'] = $_GET['nickname']; $_GET['password'] = $_GET['password']; $_GET['password2'] = $_GET['password2']; $_GET['email'] = $_GET['email']; if ($_G['uid']) { $url_forward = dreferer(); if (strpos($url_forward, 'reg') !== false) { $url_forward = 'index.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array()); } elseif (!$this->setting['regclosed']) { if ($_GET['action'] == 'activation' || $_GET['activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; $username = isset($_GET['username']) ? $_GET['username'] : ''; $invitestatus = false; $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = 0; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_GET['auth']; if (!$invitestatus) { $invite = getinvite(); } if (!submitcheck('regsubmit', 0, $seccodecheck)) { if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); $dreferer = dreferer(); include template($this->template); } else { $emailstatus = 0; if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } //验证同意协议 if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } //验证用户姓名 $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } if ($usernamelen > 30) { showmessage('profile_username_toolong'); } //验证用户名 if ($nickname = trim($_GET['nickname'])) { $nicknamelen = dstrlen($nickname); if ($nicknamelen < 3) { showmessage('profile_nickname_tooshort'); } if ($nicknamelen > 30) { showmessage('profile_nickname_toolong'); } } else { $nickname = ''; } //验证邮箱 $email = strtolower(trim($_GET['email'])); checkemail($email); //验证密码长度 if ($this->setting['pwlength']) { if (strlen($_GET['password']) < $this->setting['pwlength']) { showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength'])); } } //验证密码强度 if ($this->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_1'); } if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_2'); } if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_3'); } if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('user/template', 'password_weak') . implode(',', $strongpw_str)); } } //验证两次密码一致性 if ($_GET['password'] !== $_GET['password2']) { showmessage('两次密码不匹配'); } if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) { showmessage('profile_passwd_illegal'); } $password = $_GET['password']; $ctrlip = $_G['clientip']; $setregip = null; $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { /*if(defined('IN_MOBILE')) { break; }*/ $field_key = $field['fieldid']; $field_val = $_GET['' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.parentNode.parentNode.className = \'form-group warning\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.parentNode.parentNode.className = \'form-group\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } $groupinfo = array(); $addorg = 0; if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; $addorg = 1; } $result = uc_user_register(addslashes($username), $password, $email, addslashes($nickname), $questionid, $answer, $_G['clientip'], $addorg); if (is_array($result)) { $uid = $result['uid']; $password = $result['password']; } else { $uid = $result; } if ($uid <= 0) { if ($uid == -1) { showmessage('profile_nickname_illegal'); } elseif ($uid == -2) { showmessage('profile_nickname_protect'); } elseif ($uid == -3) { showmessage('profile_nickname_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } elseif ($uid == -7) { showmessage('profile_username_illegal'); } else { showmessage('undefined_action'); } } $_G['username'] = $username; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { if ($attachment = uploadtolocal($file, 'profile', '')) { if (@getimagesize($_G['setting']['attachdir'] . $attachment)) { //判断是否为图片文件 @unlink($_G['setting']['attachdir'] . $attachment); continue; } if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attachment; } else { $profile[$key] = $attachment; } } } } } $init_arr = array('profile' => $profile, 'emailstatus' => $emailstatus); C::t('user')->insert($uid, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP); C::t('user_verify_info')->insert($setverify); C::t('user_verify')->insert(array('uid' => $uid)); } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = replacesitevar($welcomemsgtitle); $welcomemsgtxt = replacesitevar($welcomemsgtxt); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); } } dsetcookie('loginuser', ''); dsetcookie('invite_auth', ''); $url_forward = dreferer(); $refreshtime = 3000; switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('user')->update($_G['uid'], array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}user.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'sitename' => $this->setting['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $refreshtime = 10000; break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; break; } $param = daddslashes(array('sitename' => $this->setting['sitename'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid'])); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'index.php'; } $extra = array('showdialog' => true, 'locationtime' => false, 'extrajs' => ''); showmessage('', $url_forward, array(), array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $url_forward . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $url_forward . '\';' . '$(\'register_form\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $message, $param) . '\';</script>', 'striptags' => false, 'showdialog' => false)); //showmessage($message, $url_forward, $param, $extra); } }
$open[$arr[count($arr) - 1]] = $arr; } } else { $open[$arr[$count - 1]] = $arr; } $openarr = json_encode(array('orgid' => $open)); include template('import_list'); } else { if (submitcheck('importfilesubmit')) { if ($_FILES['importfile']['tmp_name']) { $allowext = array('xls', 'xlsx'); $ext = strtolower(substr(strrchr($_FILES['importfile']['name'], '.'), 1, 10)); if (!in_array($ext, $allowext)) { showmessage('只允许导入xls,xlsx类型的文件', dreferer()); } if ($file = uploadtolocal($_FILES['importfile'], 'cache')) { $url = ADMINSCRIPT . '?mod=orguser&op=import&do=list&file=' . urlencode($file); @header("Location: {$url}"); exit; showmessage('人员信息表上传成功,正在调转到导入页面', ADMINSCRIPT . '?mod=orguser&op=import&do=list&file=' . urlencode($file)); } else { showmessage('上传信息表未成功,请稍候重试', dreferer()); } } else { showmessage('请选择人员信息表', dreferer()); } } else { include template('import_guide'); } } function checkprofile($fieldid, &$value)
} if (($oappid = DB::result_first("select appid from %t where appurl=%s", array('app_market', $setarr['appurl']))) && $oappid != $appid) { $msg .= '应用地址已经存在'; } if ($msg) { showmessage($msg); } //处理应用图标 $iconnew = ''; $target = ''; if ($appid) { $target = DB::result_first("select appico from " . DB::table('app_market') . " where appid='{$appid}'"); } if ($_FILES['iconnew']) { if ($_FILES['iconnew']['tmp_name']) { if ($appico = uploadtolocal($_FILES['iconnew'], 'appico', $target)) { $setarr['appico'] = $appico; } } } else { if (!$_GET['iconnew']) { $_GET['iconnew'] = 'dzz/images/default/icodefault.png'; } if ($_GET['iconnew'] && $_GET['iconnew'] != $_G['setting']['attachurl'] . $target) { if ($appico = imagetolocal($_GET['iconnew'], 'appico', $target)) { $setarr['appico'] = $appico; } } } $picids = $_GET['picids']; //删除已有图片