/**
* 判断用户是否已经登陆
*/
public final function check_member()
{
$phpcms_auth = param::get_cookie('auth');
if (ROUTE_M == 'member' && ROUTE_C == 'index' && in_array(ROUTE_A, array('login', 'register', 'mini', 'send_newmail'))) {
if ($phpcms_auth && ROUTE_A != 'mini') {
showmessage(L('login_success', '', 'member'), 'index.php?m=member&c=index');
} else {
return true;
}
} else {
//判断是否存在auth cookie
if ($phpcms_auth) {
$auth_key = $auth_key = md5(pc_base::load_config('system', 'auth_key') . $_SERVER['HTTP_USER_AGENT']);
list($userid, $password) = explode("\t", sys_auth($phpcms_auth, 'DECODE', $auth_key));
//验证用户,获取用户信息
$this->memberinfo = $this->db->get_one(array('userid' => $userid));
//获取用户模型信息
$this->db->set_model($this->memberinfo['modelid']);
$this->_member_modelinfo = $this->db->get_one(array('userid' => $userid));
$this->_member_modelinfo = $this->_member_modelinfo ? $this->_member_modelinfo : array();
$this->db->set_model();
if (is_array($this->memberinfo)) {
$this->memberinfo = array_merge($this->memberinfo, $this->_member_modelinfo);
}
if ($this->memberinfo && $this->memberinfo['password'] === $password) {
if (!defined('SITEID')) {
define('SITEID', $this->memberinfo['siteid']);
}
if ($this->memberinfo['groupid'] == 1) {
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_username', '');
param::set_cookie('_groupid', '');
showmessage(L('userid_banned_by_administrator', '', 'member'), 'index.php?m=member&c=index&a=login');
} elseif ($this->memberinfo['groupid'] == 7) {
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_groupid', '');
//设置当前登录待验证账号COOKIE,为重发邮件所用
param::set_cookie('_regusername', $this->memberinfo['username']);
param::set_cookie('_reguserid', $this->memberinfo['userid']);
param::set_cookie('_reguseruid', $this->memberinfo['phpssouid']);
param::set_cookie('email', $this->memberinfo['email']);
showmessage(L('need_emial_authentication', '', 'member'), 'index.php?m=member&c=index&a=register&t=2');
}
} else {
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_username', '');
param::set_cookie('_groupid', '');
}
unset($userid, $password, $phpcms_auth, $auth_key);
} else {
$forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url());
showmessage(L('please_login', '', 'member'), 'index.php?m=member&c=index&a=login&forward=' . $forward);
}
}
}
function __construct()
{
$this->content_db = pc_base::load_model('content_model');
$this->db = pc_base::load_model('content_model');
$this->siteid = isset($_GET['siteid']) && intval($_GET['siteid']) > 0 ? intval(trim($_GET['siteid'])) : (param::get_cookie('siteid') ? param::get_cookie('siteid') : 1);
param::set_cookie('siteid', $this->siteid);
$this->wap_site = getcache('wap_site', 'wap');
$this->types = getcache('wap_type', 'wap');
$this->wap = $this->wap_site[$this->siteid];
define('WAP_SITEURL', $this->wap['domain'] ? $this->wap['domain'] . 'index.php?' : APP_PATH . 'index.php?m=wap&siteid=' . $this->siteid);
// if($this->wap['status']!=1) exit(L('wap_close_status'));
}
/**
* 附件更新接口.
* @param string $content 可传入空,html,数组形式url,url地址,传入空时,以cookie方式记录。
* @param string 传入附件关系表中的组装id
* @isurl intval 为本地地址时设为1,以cookie形式管理时设置为2
*/
public function api_update($content, $keyid, $isurl = 0)
{
if (pc_base::load_config('system', 'attachment_stat') == 0) {
return false;
}
$keyid = trim($keyid);
$isurl = intval($isurl);
if ($isurl == 2 || empty($content)) {
$this->api_update_cookie($keyid);
} else {
$att_index_db = pc_base::load_model('attachment_index_model');
$upload_url = pc_base::load_config('system', 'upload_url');
if (strpos($upload_url, '://') !== false) {
$pos = strpos($upload_url, "/", 8);
$domain = substr($upload_url, 0, $pos) . '/';
$dir_name = substr($upload_url, $pos + 1);
}
if ($isurl == 0) {
$pattern = '/(href|src)=\\"(.*)\\"/isU';
preg_match_all($pattern, $content, $matches);
if (is_array($matches) && !empty($matches)) {
$att_arr = array_unique($matches[2]);
foreach ($att_arr as $_k => $_v) {
$att_arrs[$_k] = md5(str_replace(array($domain, $dir_name), '', $_v));
}
}
} elseif ($isurl == 1) {
if (is_array($content)) {
$att_arr = array_unique($content);
foreach ($att_arr as $_k => $_v) {
$att_arrs[$_k] = md5(str_replace(array($domain, $dir_name), '', $_v));
}
} else {
$att_arrs[] = md5(str_replace(array($domain, $dir_name), '', $content));
}
}
$att_index_db->delete(array('keyid' => $keyid));
if (is_array($att_arrs) && !empty($att_arrs)) {
foreach ($att_arrs as $r) {
$infos = $this->get_one(array('authcode' => $r), 'aid');
if ($infos) {
$this->update(array('status' => 1), array('aid' => $infos['aid']));
$att_index_db->insert(array('keyid' => $keyid, 'aid' => $infos['aid']));
}
}
}
}
param::set_cookie('att_json', '');
return true;
}
public function post()
{
if (isset($_GET['callback']) && !preg_match('/^[a-zA-Z_][a-zA-Z0-9_]+$/', $_GET['callback'])) {
unset($_GET['callback']);
}
$mood_id =& $this->mood_id;
$setting =& $this->setting;
$cookies = param::get_cookie('mood_id');
$cookie = explode(',', $cookies);
if (in_array($this->mood_id, $cookie)) {
$this->_show_result(0, L('expressed'));
} else {
$mood_db = pc_base::load_model('mood_model');
$key = isset($_GET['k']) && intval($_GET['k']) ? intval($_GET['k']) : '';
if (!in_array($key, array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10))) {
$this->_show_result(0, L('illegal_parameters'));
}
$fields = 'n' . $key;
if ($data = $mood_db->get_one(array('catid' => $this->catid, 'siteid' => $this->siteid, 'contentid' => $this->contentid))) {
$mood_db->update(array('total' => '+=1', $fields => '+=1', 'lastupdate' => SYS_TIME), array('id' => $data['id']));
$data['total']++;
$data[$fields]++;
} else {
$mood_db->insert(array('total' => '1', $fields => '1', 'catid' => $this->catid, 'siteid' => $this->siteid, 'contentid' => $this->contentid, '
lastupdate' => SYS_TIME));
$data['total'] = 1;
$data[$fields] = 1;
}
param::set_cookie('mood_id', $cookies . ',' . $mood_id);
foreach ($setting as $k => $v) {
$setting[$k]['fields'] = 'n' . $k;
if (!isset($data[$setting[$k]['fields']])) {
$data[$setting[$k]['fields']] = 0;
}
if (isset($data['total']) && !empty($data['total'])) {
$setting[$k]['per'] = ceil($data[$setting[$k]['fields']] / $data['total'] * 60);
} else {
$setting[$k]['per'] = 0;
}
}
ob_start();
include template('mood', 'index');
$html = ob_get_contents();
ob_clean();
$this->_show_result(1, $html);
}
}
public function best_answer_vote()
{
$id = intval($_POST['id']);
$pid = intval($_POST['pid']);
$method_id = intval($_POST['result']);
if (!in_array($method_id, array(1, 2))) {
echo L('submit_failure');
exit;
}
$cookies = param::get_cookie('best_answer_vote_pids');
$cookie = explode(',', $cookies);
if (in_array($pid, $cookie)) {
echo L('your_have_vote_best_answer');
exit;
}
$a = $this->db->get_one("askid={$id} AND siteid=" . SITEID, 'catid,status');
if ($a['status'] != 5) {
echo L('submit_failure');
exit;
}
//检测表
$posts_table_name = $this->db2->posts_table($a['catid']);
$this->db2->table_name = $posts_table_name;
$r = $this->db2->get_one("pid='{$pid}' AND optimal=1", "candidate,status,optimal");
if ($r['candidate'] == 1 || $r['status'] < 3 || $r['optimal'] != 1 || !$r) {
echo L('submit_failure');
exit;
}
$result = $this->db2->update(array('best_answer_vote_' . $method_id => '+=1'), "pid={$pid} AND optimal=1 AND siteid=" . SITEID);
if ($result) {
param::set_cookie('best_answer_vote_pids', $cookies . ',' . $pid);
echo L('thinks_your_vote');
} else {
echo L('your_have_vote');
}
}
public function info_publish()
{
$memberinfo = $this->memberinfo;
$grouplist = getcache('grouplist');
$SEO['title'] = L('info_publish', '', 'info');
//判断会员组是否允许投稿
if (!$grouplist[$memberinfo['groupid']]['allowpost']) {
showmessage(L('member_group') . L('publish_deny'), HTTP_REFERER);
}
//判断每日投稿数
$this->content_check_db = pc_base::load_model('content_check_model');
$todaytime = strtotime(date('y-m-d', SYS_TIME));
$_username = $memberinfo['username'];
$allowpostnum = $this->content_check_db->count("`inputtime` > {$todaytime} AND `username`='{$_username}'");
if ($grouplist[$memberinfo['groupid']]['allowpostnum'] > 0 && $allowpostnum >= $grouplist[$memberinfo['groupid']]['allowpostnum']) {
showmessage(L('allowpostnum_deny') . $grouplist[$memberinfo['groupid']]['allowpostnum'], HTTP_REFERER);
}
$siteids = getcache('category_content', 'commons');
header("Cache-control: private");
if (isset($_POST['dosubmit'])) {
$catid = intval($_POST['info']['catid']);
$siteid = $siteids[$catid];
$CATEGORYS = getcache('category_content_' . $siteid, 'commons');
$category = $CATEGORYS[$catid];
$modelid = $category['modelid'];
if (!$modelid) {
showmessage(L('illegal_parameters'), HTTP_REFERER);
}
$this->content_db = pc_base::load_model('content_model');
$this->content_db->set_model($modelid);
$table_name = $this->content_db->table_name;
$fields_sys = $this->content_db->get_fields();
$this->content_db->table_name = $table_name . '_data';
$fields_attr = $this->content_db->get_fields();
$fields = array_merge($fields_sys, $fields_attr);
$fields = array_keys($fields);
$info = array();
foreach ($_POST['info'] as $_k => $_v) {
if (in_array($_k, $fields)) {
$info[$_k] = $_v;
}
}
$post_fields = array_keys($_POST['info']);
$post_fields = array_intersect_assoc($fields, $post_fields);
$setting = string2array($category['setting']);
if ($setting['presentpoint'] < 0 && $memberinfo['point'] < abs($setting['presentpoint'])) {
showmessage(L('points_less_than', array('point' => $memberinfo['point'], 'need_point' => abs($setting['presentpoint']))), APP_PATH . 'index.php?m=pay&c=deposit&a=pay&exchange=point', 3000);
}
//判断会员组投稿是否需要审核
if ($grouplist[$memberinfo['groupid']]['allowpostverify'] || !$setting['workflowid']) {
$info['status'] = 99;
} else {
$info['status'] = 1;
}
$info['username'] = $memberinfo['username'];
$this->content_db->siteid = $siteid;
$id = $this->content_db->add_content($info);
//检查投稿奖励或扣除积分
$flag = $catid . '_' . $id;
if ($setting['presentpoint'] > 0) {
pc_base::load_app_class('receipts', 'pay', 0);
receipts::point($setting['presentpoint'], $memberinfo['userid'], $memberinfo['username'], $flag, 'selfincome', L('contribute_add_point'), $memberinfo['username']);
} else {
pc_base::load_app_class('spend', 'pay', 0);
spend::point($setting['presentpoint'], L('contribute_del_point'), $memberinfo['userid'], $memberinfo['username'], '', '', $flag);
}
//缓存结果
$model_cache = getcache('model', 'commons');
$infos = array();
foreach ($model_cache as $modelid => $model) {
if ($model['siteid'] == $siteid) {
$datas = array();
$this->content_db->set_model($modelid);
$datas = $this->content_db->select(array('username' => $memberinfo['username'], 'sysadd' => 0), 'id,catid,title,url,username,sysadd,inputtime,status', 100, 'id DESC');
}
}
setcache('member_' . $memberinfo['userid'] . '_' . $siteid, $infos, 'content');
//缓存结果 END
if ($info['status'] == 99) {
showmessage(L('contributors_success'), APP_PATH . 'index.php?m=member&c=content&a=info_top&id=' . $id . '&catid=' . $catid . '&msg=1');
} else {
showmessage(L('contributors_checked'), APP_PATH . 'index.php?m=member&c=content&a=info_top&id=' . $id . '&catid=' . $catid . '&msg=1');
}
} else {
$show_header = $show_dialog = $show_validator = '';
$step = $step_1 = $step_2 = $step_3 = $step_4;
$temp_language = L('news', '', 'content');
$sitelist = getcache('sitelist', 'commons');
/*
if(!isset($_GET['siteid']) && count($sitelist)>1) {
include template('member', 'content_publish_select_model');
exit;
}
*/
//设置cookie 在附件添加处调用
param::set_cookie('module', 'content');
$siteid = intval($_GET['siteid']);
//获取信息模型类别、区域、城市信息
$info_linkageid = getinfocache('info_linkageid');
$cityid = getcity(trim($_GET['city']), 'linkageid');
$cityname = getcity(trim($_GET['city']), 'name');
$citypinyin = getcity(trim($_GET['city']), 'pinyin');
$zone = intval($_GET['zone']);
$zone_name = get_linkage($zone, $info_linkageid, '', 0);
if (!$siteid) {
$siteid = 1;
}
$CATEGORYS = getcache('category_content_' . $siteid, 'commons');
$priv_db = pc_base::load_model('category_priv_model');
//加载栏目权限表数据模型
foreach ($CATEGORYS as $catid => $cat) {
if ($cat['siteid'] == $siteid && $cat['child'] == 0 && $cat['type'] == 0 && $priv_db->get_one(array('catid' => $catid, 'roleid' => $memberinfo['groupid'], 'is_admin' => 0, 'action' => 'add'))) {
break;
}
}
$catid = $_GET['catid'] ? intval($_GET['catid']) : $catid;
if (!$catid) {
showmessage(L('category') . L('publish_deny'), APP_PATH . 'index.php?m=member');
}
//判断本栏目是否允许投稿
if (!$priv_db->get_one(array('catid' => $catid, 'roleid' => $memberinfo['groupid'], 'is_admin' => 0, 'action' => 'add'))) {
showmessage(L('category') . L('publish_deny'), APP_PATH . 'index.php?m=member');
}
$category = $CATEGORYS[$catid];
if ($category['siteid'] != $siteid) {
showmessage(L('site_no_category'), '?m=member&c=content&a=info_publish');
}
$setting = string2array($category['setting']);
if ($zone == 0 && !isset($_GET['catid'])) {
$step = 1;
include template('member', 'info_content_publish_select');
exit;
} elseif ($zone == 0 && $category['child']) {
$step = 2;
$step_1 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '">' . $category['catname'] . '</a>';
include template('member', 'info_content_publish_select');
exit;
} elseif ($zone == 0 && isset($_GET['catid'])) {
$step = 3;
$step_1 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '">' . $CATEGORYS[$category['parentid']]['catname'] . '</a>';
$step_2 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '&catid=' . $category['parentid'] . '">' . $category['catname'] . '</a>';
$zone_arrchild = show_linkage($info_linkageid, $cityid, $cityid);
include template('member', 'info_content_publish_select');
exit;
} elseif ($zone !== 0 && get_linkage_level($info_linkageid, $zone, 'child') && !$_GET['jumpstep']) {
$step = 4;
$step_1 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '">' . $CATEGORYS[$category['parentid']]['catname'] . '</a>';
$step_2 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '&catid=' . $category['parentid'] . '">' . $category['catname'] . '</a>';
$step_3 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '&catid=' . $catid . '">' . $zone_name . '</a>';
$zone_arrchild = get_linkage_level($info_linkageid, $zone, 'arrchildinfo');
include template('member', 'info_content_publish_select');
exit;
}
if ($setting['presentpoint'] < 0 && $memberinfo['point'] < abs($setting['presentpoint'])) {
showmessage(L('points_less_than', array('point' => $memberinfo['point'], 'need_point' => abs($setting['presentpoint']))), APP_PATH . 'index.php?m=pay&c=deposit&a=pay&exchange=point', 3000);
}
if ($category['type'] != 0) {
showmessage(L('illegal_operation'));
}
$modelid = $category['modelid'];
require CACHE_MODEL_PATH . 'content_form.class.php';
$content_form = new content_form($modelid, $catid, $CATEGORYS);
$data = array('zone' => $zone, 'city' => $cityid);
$forminfos_data = $content_form->get($data);
$forminfos = array();
foreach ($forminfos_data as $_fk => $_fv) {
if ($_fv['isomnipotent']) {
continue;
}
if ($_fv['formtype'] == 'omnipotent') {
foreach ($forminfos_data as $_fm => $_fm_value) {
if ($_fm_value['isomnipotent']) {
$_fv['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $_fv['form']);
}
}
}
$forminfos[$_fk] = $_fv;
}
$formValidator = $content_form->formValidator;
//去掉栏目id
unset($forminfos['catid']);
$workflowid = $setting['workflowid'];
header("Cache-control: private");
include template('member', 'info_content_publish');
}
}
public function edit()
{
//设置cookie 在附件添加处调用
param::set_cookie('module', 'content');
if (isset($_POST['dosubmit']) || isset($_POST['dosubmit_continue'])) {
define('INDEX_HTML', true);
$id = $_POST['info']['id'] = intval($_POST['id']);
$catid = $_POST['info']['catid'] = intval($_POST['info']['catid']);
if (trim($_POST['info']['title']) == '') {
showmessage(L('title_is_empty'));
}
$modelid = $this->categorys[$catid]['modelid'];
$this->db->set_model($modelid);
$this->db->edit_content($_POST['info'], $id);
if (isset($_POST['dosubmit'])) {
showmessage(L('update_success') . L('2s_close'), 'blank', '', '', 'function set_time() {$("#secondid").html(1);}setTimeout("set_time()", 500);setTimeout("window.close()", 1200);');
} else {
showmessage(L('update_success'), HTTP_REFERER);
}
} else {
$show_header = $show_dialog = $show_validator = '';
//从数据库获取内容
$id = intval($_GET['id']);
if (!isset($_GET['catid']) || !$_GET['catid']) {
showmessage(L('missing_part_parameters'));
}
$catid = $_GET['catid'] = intval($_GET['catid']);
$this->model = getcache('model', 'commons');
param::set_cookie('catid', $catid);
$category = $this->categorys[$catid];
$modelid = $category['modelid'];
$this->db->table_name = $this->db->db_tablepre . $this->model[$modelid]['tablename'];
$r = $this->db->get_one(array('id' => $id));
$this->db->table_name = $this->db->table_name . '_data';
$r2 = $this->db->get_one(array('id' => $id));
if (!$r2) {
showmessage(L('subsidiary_table_datalost'), 'blank');
}
$data = array_merge($r, $r2);
$data = array_map('htmlspecialchars_decode', $data);
require CACHE_MODEL_PATH . 'content_form.class.php';
$content_form = new content_form($modelid, $catid, $this->categorys);
$forminfos = $content_form->get($data);
$formValidator = $content_form->formValidator;
include $this->admin_tpl('content_edit');
}
header("Cache-control: private");
}
/**
* QQ微博登录
*/
public function public_qq_login()
{
define('QQ_AKEY', pc_base::load_config('system', 'qq_akey'));
define('QQ_SKEY', pc_base::load_config('system', 'qq_skey'));
pc_base::load_app_class('qqoauth', '', 0);
$this->_session_start();
if (isset($_GET['callback']) && trim($_GET['callback'])) {
$o = new WeiboOAuth(QQ_AKEY, QQ_SKEY, $_SESSION['keys']['oauth_token'], $_SESSION['keys']['oauth_token_secret']);
$_SESSION['last_key'] = $o->getAccessToken($_REQUEST['oauth_verifier']);
if (!empty($_SESSION['last_key']['name'])) {
//检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面
$where = array('connectid' => $_REQUEST['openid'], 'from' => 'qq');
$r = $this->db->get_one($where);
//connect用户已经绑定本站用户
if (!empty($r)) {
//读取本站用户信息,执行登录操作
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME, 'nickname' => $me['name']), array('userid' => $userid));
if (!$cookietime) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', get_auth_key('login'));
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_from', 'snda');
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success') . $synloginstr, $forward);
} else {
//弹出绑定注册页面
$_SESSION = array();
$_SESSION['connectid'] = $_REQUEST['openid'];
$_SESSION['from'] = 'qq';
$connect_username = $_SESSION['last_key']['name'];
//加载用户模块配置
$member_setting = getcache('member_setting');
if (!$member_setting['allowregister']) {
showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');
}
//获取用户siteid
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//过滤非当前站点会员模型
$modellist = getcache('member_model', 'commons');
foreach ($modellist as $k => $v) {
if ($v['siteid'] != $siteid || $v['disabled']) {
unset($modellist[$k]);
}
}
if (empty($modellist)) {
showmessage(L('site_have_no_model') . L('deny_register'), HTTP_REFERER);
}
$modelid = 10;
//设定默认值
if (array_key_exists($modelid, $modellist)) {
//获取会员模型表单
require CACHE_MODEL_PATH . 'member_form.class.php';
$member_form = new member_form($modelid);
$this->db->set_model($modelid);
$forminfos = $forminfos_arr = $member_form->get();
//万能字段过滤
foreach ($forminfos as $field => $info) {
if ($info['isomnipotent']) {
unset($forminfos[$field]);
} else {
if ($info['formtype'] == 'omnipotent') {
foreach ($forminfos_arr as $_fm => $_fm_value) {
if ($_fm_value['isomnipotent']) {
$info['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $info['form']);
}
}
$forminfos[$field]['form'] = $info['form'];
}
}
}
$formValidator = $member_form->formValidator;
}
include template('member', 'connect');
}
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$oauth_callback = APP_PATH . 'index.php?m=member&c=index&a=public_qq_login&callback=1';
$oauth_nonce = md5(SYS_TIME);
$oauth_signature_method = 'HMAC-SHA1';
$oauth_timestamp = SYS_TIME;
$oauth_version = '1.0';
$url = "https://open.t.qq.com/cgi-bin/request_token?oauth_callback={$oauth_callback}&oauth_consumer_key=" . QQ_AKEY . "&oauth_nonce={$oauth_nonce}&oauth_signature=" . QQ_SKEY . "&oauth_signature_method=HMAC-SHA1&oauth_timestamp={$oauth_timestamp}&oauth_version={$oauth_version}";
$o = new WeiboOAuth(QQ_AKEY, QQ_SKEY);
$keys = $o->getRequestToken(array('callback' => $oauth_callback));
$_SESSION['keys'] = $keys;
$aurl = $o->getAuthorizeURL($keys['oauth_token'], false, $oauth_callback);
include template('member', 'connect_qq');
}
}
public function log_out()
{
param::set_cookie('username', '');
param::set_cookie('userid', '');
}
public function public_edit_info() {
$userid = $_SESSION['userid'];
if(isset($_POST['dosubmit'])) {
$admin_fields = array('email','realname','lang');
$info = array();
$info = $_POST['info'];
if(trim($info['lang'])=='') $info['lang'] = 'zh-cn';
foreach ($info as $k=>$value) {
if (!in_array($k, $admin_fields)){
unset($info[$k]);
}
}
$this->db->update($info,array('userid'=>$userid));
param::set_cookie('sys_lang', $info['lang'],SYS_TIME+86400*30);
showmessage(L('operation_success'),HTTP_REFERER);
} else {
$info = $this->db->get_one(array('userid'=>$userid));
extract($info);
$lang_dirs = glob(PC_PATH.'languages/*');
$dir_array = array();
foreach($lang_dirs as $dirs) {
$dir_array[] = str_replace(PC_PATH.'languages/','',$dirs);
}
include $this->admin_tpl('admin_edit_info');
}
}
if (!$cookietime) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $_SERVER['HTTP_USER_AGENT']);
$phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $phpcms_auth_key);
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
exit('1');
}
/**
* 同步退出
*/
if ($action == 'synlogout') {
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
pc_base::load_sys_class('param', '', 0);
param::set_cookie('auth', '');
param::set_cookie('_userid', '');
param::set_cookie('_username', '');
param::set_cookie('_nickname', '');
param::set_cookie('_groupid', '');
param::set_cookie('cookietime', '');
exit('1');
//执行本系统退出操作
}
/**
* @设置网站模式 设置了模式后,后台仅出现在此模式中的菜单
*/
public function public_set_model()
{
$model = $_GET['site_model'];
if (!$model) {
param::set_cookie('site_model', '');
} else {
$models = pc_base::load_config('model_config');
if (in_array($model, array_keys($models))) {
param::set_cookie('site_model', $model);
} else {
param::set_cookie('site_model', '');
}
}
$menudb = pc_base::load_model('menu_model');
$where = array('parentid' => 0, 'display' => 1);
if ($model) {
$where[$model] = 1;
}
$result = $menudb->select($where, 'id', 1000, 'listorder ASC');
$menuids = array();
if (is_array($result)) {
foreach ($result as $r) {
$menuids[] = $r['id'];
}
}
exit(json_encode($menuids));
}
/**
* 设置站点ID COOKIE
*/
public function public_set_siteid()
{
$siteid = isset($_GET['siteid']) && intval($_GET['siteid']) ? intval($_GET['siteid']) : exit('0');
param::set_cookie('siteid', $siteid);
exit('1');
}
<?php
defined('IN_PHPCMS') or exit('No permission resources.');
param::set_cookie('username', '');
param::set_cookie('userid', '');
/**
* 盛大通行证登陆
*/
public function public_snda_login() {
$this->_session_start();
$ticket = $_GET['ticket'];
if(!empty($ticket)) {
$callback_url = urlencode(APP_PATH.'index.php?m=member&c=index&a=public_snda_login');
$snda_res = $this->_snda_get_appid();
$appid = $snda_res['appid'];
$cas_url ="http://gw.sdo.com/cas/validate/?service=$callback_url&ticket=$ticket&appid=$appid&appArea=0";
$result = @file_get_contents($cas_url);
$result = json_decode($result, 1);
if(isset($result['error']) && $result['error'] == 0 && is_numeric($result['data']['uid'])) {
$userid = $result['data']['uid'];
} elseif(isset($result['error']) && $result['errno'] == -1) {
showmessage(L('invalid_appid'), 'index.php?m=member&c=index&a=login');
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
if(!empty($userid)) {
//检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面
$where = array('connectid'=>$userid, 'from'=>'snda');
$r = $this->db->get_one($where);
//connect用户已经绑定本站用户
if(!empty($r)) {
//读取本站用户信息,执行登录操作
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_from', 'snda');
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);
} else {
//弹出绑定注册页面
$_SESSION['connectid'] = $userid;
$_SESSION['from'] = 'snda';
$connect_username = $userid;
include template('member', 'connect');
}
}
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
}
$sso_info['type'] = 'phpcms_v9';
$data = http_build_query($sso_info);
$needmod = 'admin';
$remote_url = $sso_url . 'api.php?op=install&' . $data;
$remote_var = $sso_url . 'api.php';
if (remote_file_exists($remote_var)) {
$returnid = @file_get_contents($remote_url);
}
if ($returnid == '-1') {
$reg_sso_status = 'PHPSSO缺少传递参数';
} elseif ($returnid == '-2') {
$reg_sso_status = 'PHPSSO用户名不存在或者密码错误,请检查';
} elseif ($returnid > 0) {
$reg_sso = array('phpsso' => '1', 'phpsso_appid' => $returnid, 'phpsso_api_url' => $sso_url, 'phpsso_auth_key' => $sso_info['authkey']);
set_config($reg_sso, 'system');
param::set_cookie('reg_sso_succ', $returnid);
} elseif ($returnid == '-4') {
$reg_sso_status = '请删除phpsso_server/caches/phpsso_install.lock';
} else {
$reg_sso_status = 'PHPSSO 的 URL 地址可能填写错误,请检查!';
}
}
$chmod_file = $install_phpsso == 1 ? 'chmod.txt' : 'chmod_unsso.txt';
$selectmod = $needmod . $selectmod;
$selectmods = explode(',', $selectmod);
$files = file(PHPCMS_PATH . "install/" . $chmod_file);
foreach ($files as $_k => $file) {
$file = str_replace('*', '', $file);
$file = trim($file);
if (is_dir(PHPCMS_PATH . $file)) {
$is_dir = '1';
public function pay() {
$memberinfo = $this->memberinfo;
$pay_types = $this->handle->get_paytype();
$trade_sn = create_sn();
param::set_cookie('trade_sn',$trade_sn);
$show_validator = 1;
include template('pay', 'deposit');
}
public function support()
{
$id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : $this->_show_msg(L('illegal_parameters'), HTTP_REFERER);
if (param::get_cookie('reviews_' . $id)) {
$this->_show_msg(L('dragonforce'), HTTP_REFERER);
}
$reviews = pc_base::load_app_class('reviews');
if ($reviews->support($this->reviewsid, $id)) {
param::set_cookie('reviews_' . $id, $id, SYS_TIME + 3600);
}
$this->_show_msg($reviews->get_error(), $reviews->msg_code == 0 ? HTTP_REFERER : '', $reviews->msg_code == 0 ? 1 : 0);
}
/**
* 删除swfupload上传的json格式cookie
*/
public function swfupload_json_del()
{
$arr['aid'] = intval($_GET['aid']);
$arr['src'] = trim($_GET['src']);
$arr['filename'] = urlencode($_GET['filename']);
$json_str = json_encode($arr);
$att_arr_exist = param::get_cookie('att_json');
$att_arr_exist = str_replace(array($json_str, '||||'), array('', '||'), $att_arr_exist);
$att_arr_exist = preg_replace('/^\\|\\|||\\|\\|$/i', '', $att_arr_exist);
param::set_cookie('att_json', $att_arr_exist);
}
public function public_qq_login2()
{
$appid = pc_base::load_config('system', 'qq_appid');
$appkey = pc_base::load_config('system', 'qq_appkey');
$callback = pc_base::load_config('system', 'qq_callback');
pc_base::load_app_class('qqapi', '', 0);
$info = new qqapi($appid, $appkey, $callback);
$this->_session_start();
if (!isset($_GET['oauth_token'])) {
$info->redirect_to_login();
} else {
$info->get_openid();
if (!empty($_SESSION['openid'])) {
$r = $this->db->get_one(array('connectid' => $_SESSION['openid'], 'from' => 'qq'));
if (!empty($r)) {
//登陆
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME, 'nickname' => $me['name']), array('userid' => $userid));
if (!$cookietime) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success') . $synloginstr, $forward);
} else {
$user = $info->get_user_info();
$_SESSION['connectid'] = $_SESSION['openid'];
$_SESSION['from'] = 'qq';
$connect_username = $user['nickname'];
include template('member', 'connect');
}
}
}
}
/**
* 按照模型搜索
*/
public function init()
{
$grouplist = getcache('grouplist', 'member');
$_groupid = param::get_cookie('_groupid');
if (!$_groupid) {
$_groupid = 8;
}
if (!$grouplist[$_groupid]['allowsearch']) {
if ($_groupid == 8) {
showmessage(L('guest_not_allowsearch'));
} else {
showmessage('');
}
}
if (!isset($_GET['catid'])) {
showmessage(L('missing_part_parameters'));
}
$catid = intval($_GET['catid']);
$siteids = getcache('category_content', 'commons');
$siteid = $siteids[$catid];
$this->categorys = getcache('category_content_' . $siteid, 'commons');
if (!isset($this->categorys[$catid])) {
showmessage(L('missing_part_parameters'));
}
if (isset($_GET['info']['catid']) && $_GET['info']['catid']) {
$catid = intval($_GET['info']['catid']);
} else {
$_GET['info']['catid'] = 0;
}
$modelid = $this->categorys[$catid]['modelid'];
$modelid = intval($modelid);
if (!$modelid) {
showmessage(L('illegal_parameters'));
}
//搜索间隔
$minrefreshtime = getcache('common', 'commons');
$minrefreshtime = intval($minrefreshtime['minrefreshtime']);
$minrefreshtime = $minrefreshtime ? $minrefreshtime : 5;
if (param::get_cookie('search_cookie') && param::get_cookie('search_cookie') > SYS_TIME - 2) {
showmessage(L('search_minrefreshtime', array('min' => $minrefreshtime)), 'index.php?m=content&c=search&catid=' . $catid, $minrefreshtime * 1280);
} else {
param::set_cookie('search_cookie', SYS_TIME + 2);
}
//搜索间隔
$CATEGORYS = $this->categorys;
//产生表单
pc_base::load_sys_class('form', '', 0);
$fields = getcache('model_field_' . $modelid, 'model');
$forminfos = array();
foreach ($fields as $field => $r) {
if ($r['issearch']) {
if ($r['formtype'] == 'catid') {
$r['form'] = form::select_category('', $_GET['info']['catid'], 'name="info[catid]"', L('please_select_category'), $modelid, 0, 1);
} elseif ($r['formtype'] == 'number') {
$r['form'] = "<input type='text' name='{$field}_start' id='{$field}_start' value='' size=5 class='input-text'/> - <input type='text' name='{$field}_end' id='{$field}_start' value='' size=5 class='input-text'/>";
} elseif ($r['formtype'] == 'datetime') {
$r['form'] = form::date("info[{$field}]");
} elseif ($r['formtype'] == 'box') {
$options = explode("\n", $r['options']);
foreach ($options as $_k) {
$v = explode("|", $_k);
$option[$v[1]] = $v[0];
}
switch ($r['boxtype']) {
case 'radio':
$string = form::radio($option, $value, "name='info[{$field}]' id='{$field}'");
break;
case 'checkbox':
$string = form::radio($option, $value, "name='info[{$field}]' id='{$field}'");
break;
case 'select':
$string = form::select($option, $value, "name='info[{$field}]' id='{$field}'");
break;
case 'multiple':
$string = form::select($option, $value, "name='info[{$field}]' id='{$field}'");
break;
}
$r['form'] = $string;
} elseif ($r['formtype'] == 'typeid') {
$types = getcache('type_content', 'commons');
$types_array = array(L('no_limit'));
foreach ($types as $_k => $_v) {
if ($modelid == $_v['modelid']) {
$types_array[$_k] = $_v['name'];
}
}
$r['form'] = form::select($types_array, 0, "name='info[{$field}]' id='{$field}'");
} elseif ($r['formtype'] == 'linkage') {
$setting = string2array($r['setting']);
$value = $_GET['info'][$field];
$r['form'] = menu_linkage($setting['linkageid'], $field, $value);
} elseif (in_array($r['formtype'], array('text', 'keyword', 'textarea', 'editor', 'title', 'author', 'omnipotent'))) {
$value = safe_replace($_GET['info'][$field]);
$r['form'] = "<input type='text' name='info[{$field}]' id='{$field}' value='" . $value . "' class='input-text search-text'/>";
} else {
continue;
}
$forminfos[$field] = $r;
}
}
//-----------
if (isset($_GET['dosubmit'])) {
$siteid = $this->categorys[$catid]['siteid'];
$siteurl = siteurl($siteid);
$this->db->set_model($modelid);
$tablename = $this->db->table_name;
$page = max(intval($_GET['page']), 1);
$sql = "SELECT * FROM `{$tablename}` a,`{$tablename}_data` b WHERE a.id=b.id AND a.status=99";
$sql_count = "SELECT COUNT(*) AS num FROM `{$tablename}` a,`{$tablename}_data` b WHERE a.id=b.id AND a.status=99";
//构造搜索SQL
$where = '';
foreach ($fields as $field => $r) {
if ($r['issearch']) {
$table_nickname = $r['issystem'] ? 'a' : 'b';
if ($r['formtype'] == 'catid') {
if ($_GET['info']['catid']) {
$where .= " AND {$table_nickname}.catid='{$catid}'";
}
} elseif ($r['formtype'] == 'number') {
$start = "{$field}_start";
$end = "{$field}_end";
if ($_GET[$start]) {
$start = intval($_GET[$start]);
$where .= " AND {$table_nickname}.{$field}>'{$start}'";
}
if ($_GET[$end]) {
$end = intval($_GET[$end]);
$where .= " AND {$table_nickname}.{$field}<'{$end}'";
}
} elseif ($r['formtype'] == 'datetime') {
if ($_GET['info'][$field]) {
$start = strtotime($_GET['info'][$field]);
if ($start) {
$where .= " AND {$table_nickname}.{$field}>'{$start}'";
}
}
} elseif ($r['formtype'] == 'box') {
if ($_GET['info'][$field]) {
$field_value = safe_replace($_GET['info'][$field]);
switch ($r['boxtype']) {
case 'radio':
$where .= " AND {$table_nickname}.`{$field}`='{$field_value}'";
break;
case 'checkbox':
$where .= " AND {$table_nickname}.`{$field}` LIKE '%,{$field_value},%'";
break;
case 'select':
$where .= " AND {$table_nickname}.`{$field}`='{$field_value}'";
break;
case 'multiple':
$where .= " AND {$table_nickname}.`{$field}` LIKE '%,{$field_value},%'";
break;
}
}
} elseif ($r['formtype'] == 'typeid') {
if ($_GET['info'][$field]) {
$typeid = intval($_GET['info'][$field]);
$where .= " AND {$table_nickname}.`{$field}`='{$typeid}'";
}
} elseif ($r['formtype'] == 'linkage') {
if ($_GET['info'][$field]) {
$linkage = intval($_GET['info'][$field]);
$where .= " AND {$table_nickname}.`{$field}`='{$linkage}'";
}
} elseif (in_array($r['formtype'], array('text', 'keyword', 'textarea', 'editor', 'title', 'author', 'omnipotent'))) {
if ($_GET['info'][$field]) {
$keywords = safe_replace($_GET['info'][$field]);
$where .= " AND {$table_nickname}.`{$field}` LIKE '%{$keywords}%'";
}
} else {
continue;
}
}
}
//-----------
if ($where == '') {
showmessage(L('please_enter_content_to_search'));
}
$pagesize = 20;
$offset = intval($pagesize * ($page - 1));
$sql_count .= $where;
$this->db->query($sql_count);
$total = $this->db->fetch_array();
$total = $total[0]['num'];
if ($total != 0) {
$sql .= $where;
$order = '';
$order = $_GET['orderby'] == 'a.id DESC' ? 'a.id DESC' : 'a.id ASC';
$sql .= ' ORDER BY ' . $order;
$sql .= " LIMIT {$offset},{$pagesize}";
$this->db->query($sql);
$datas = $this->db->fetch_array();
$pages = pages($total, $page, $pagesize);
} else {
$datas = array();
$pages = '';
}
}
$SEO = seo($siteid, $catid, $keywords);
include template('content', 'search');
}
/**
* 盛大通行证登陆
*/
public function public_snda_login()
{
$ticket = $_GET['ticket'];
if (!empty($ticket)) {
$callback_url = urlencode(APP_PATH . 'index.php?m=member&c=index&a=public_snda_login');
$snda_res = $this->_snda_get_appid();
$appid = $snda_res['appid'];
$cas_url = "http://gw.sdo.com/cas/validate/?service={$callback_url}&ticket={$ticket}&appid={$appid}&appArea=0";
$result = @file_get_contents($cas_url);
$result = json_decode($result, 1);
if (isset($result['error']) && $result['error'] == 0 && is_numeric($result['data']['uid'])) {
$userid = $result['data']['uid'];
} elseif (isset($result['error']) && $result['errno'] == -1) {
showmessage(L('invalid_appid'), 'index.php?m=member&c=index&a=login');
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
if (!empty($userid)) {
$this->_init_phpsso();
$status = $this->client->ps_get_member_info('snda_' . $userid, 2);
//如果sso中有用户
if ($status != '-1') {
$memberinfo = unserialize($status);
//接口返回序列化,进行判断
} else {
//sso中无此用户,注册用户
$status = $this->client->ps_member_register('snda_' . $userid, md5($userid), $userid . '@sdo.com', ip());
if ($status > 0) {
$memberinfo['uid'] = $status;
$info['phpssouid'] = $status;
//取phpsso密码随机数
$info['username'] = '******' . $userid;
$info['password'] = md5($userid);
$info['email'] = '';
$info['nickname'] = '';
$info['modelid'] = 10;
$info['regip'] = ip();
$info['groupid'] = $this->_get_usergroup_bypoint();
$info['regdate'] = $info['lastdate'] = SYS_TIME;
$this->db->insert($info);
}
}
if (isset($memberinfo['uid']) && is_numeric($memberinfo['uid'])) {
//查询帐号信息
$r = $this->db->get_one(array('phpssouid' => $memberinfo['uid']));
$password = $r['password'];
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME, 'nickname' => $me['name']), array('userid' => $userid));
if (!$cookietime) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_from', 'snda');
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success') . $synloginstr, $forward);
}
}
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
}
