예제 #1
0
function register($username, $password, $repassword, $email)
{
    global $empire, $user_tablename, $public_r, $user_groupid, $user_username, $user_userid, $user_email, $user_password, $user_dopass, $user_rnd, $user_registertime, $user_register, $user_group, $user_saltnum, $user_salt, $user_seting, $forumgroupid, $registerurl, $dbtbpre, $user_regcookietime, $user_userfen, $user_checked, $level_r;
    if ($public_r['register_ok']) {
        printerror("CloseRegister", "history.go(-1)", 1);
    }
    //验证IP
    eCheckAccessDoIp('register');
    if (!empty($registerurl)) {
        Header("Location:{$registerurl}");
        exit;
    }
    //已经登陆不能注册
    if (getcvar('mluserid')) {
        printerror("LoginToRegister", "history.go(-1)", 1);
    }
    CheckCanPostUrl();
    //验证来源
    $add = $_POST;
    $username = trim($username);
    $password = trim($password);
    $username = RepPostVar($username);
    $password = RepPostVar($password);
    if (!$username || !$password || !$email) {
        printerror("EmptyMember", "history.go(-1)", 1);
    }
    //验证码
    $keyvname = 'checkregkey';
    if ($public_r['regkey_ok']) {
        ecmsCheckShowKey($keyvname, $_POST['key'], 1);
    }
    $user_groupid = (int) $user_groupid;
    $groupid = (int) $add[groupid];
    $groupid = empty($groupid) ? $user_groupid : $groupid;
    CheckMemberGroupCanReg($groupid);
    //IP
    $regip = egetip();
    //用户字数
    $pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
    $userlen = strlen($username);
    if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
        printerror("FaiUserlen", "history.go(-1)", 1);
    }
    //密码字数
    $passlen = strlen($password);
    if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
        printerror("FailPasslen", "history.go(-1)", 1);
    }
    if ($repassword !== $password) {
        printerror("NotRepassword", "history.go(-1)", 1);
    }
    if (!chemail($email)) {
        printerror("EmailFail", "history.go(-1)", 1);
    }
    if (strstr($username, "|") || strstr($username, "*")) {
        printerror("NotSpeWord", "history.go(-1)", 1);
    }
    //同一IP注册
    eCheckIpRegTime($regip, $pr['regretime']);
    //保留用户
    toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
    $username = RepPostStr($username);
    //重复用户
    $num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_username . "='{$username}' limit 1");
    if ($num) {
        printerror("ReUsername", "history.go(-1)", 1);
    }
    //重复邮箱
    $email = RepPostStr($email);
    if ($pr['regemailonly']) {
        $num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_email . "='{$email}' limit 1");
        if ($num) {
            printerror("ReEmailFail", "history.go(-1)", 1);
        }
    }
    //注册时间
    if ($user_register) {
        $registertime = time();
    } else {
        $registertime = date("Y-m-d H:i:s");
    }
    $birthday = $y . $m . $d;
    $rnd = make_password(12);
    //产生随机密码
    //密码
    if (empty($user_dopass)) {
        $password = md5($password);
    } elseif ($user_dopass == 2) {
        $salt = make_password($user_saltnum);
        $password = md5(md5($password) . $salt);
    } elseif ($user_dopass == 3) {
        $password = substr(md5($password), 8, 16);
    }
    //审核
    $checked = ReturnGroupChecked($groupid);
    if ($checked && $public_r['regacttype'] == 1) {
        $checked = 0;
    }
    //验证附加表必填项
    $fid = GetMemberFormId($groupid);
    $member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
    $sql = $empire->query("insert into " . $user_tablename . "(" . $user_username . "," . $user_password . "," . $user_email . "," . $user_registertime . "," . $user_group . "," . $user_rnd . "," . $user_userfen . "," . $user_checked . ") values('{$username}','{$password}','{$email}','{$registertime}','{$groupid}','{$rnd}','{$public_r['reggetfen']}','{$checked}');");
    //取得userid
    $userid = $empire->lastid();
    //附加表
    $addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
    if (!$addr[userid]) {
        $spacestyleid = ReturnGroupSpaceStyleid($groupid);
        $sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}'" . $member_r[1] . ");");
    }
    ecmsEmptyShowKey($keyvname);
    //清空验证码
    if ($sql) {
        //邮箱激活
        if ($checked == 0 && $public_r['regacttype'] == 1) {
            include '../class/qmemberfun.php';
            SendActUserEmail($userid, $username, $email);
        }
        //审核
        if ($checked == 0) {
            $location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
            printerror("RegisterSuccessCheck", $location, 1);
        }
        $logincookie = 0;
        if ($user_regcookietime) {
            $logincookie = time() + $user_regcookietime;
        }
        $set1 = esetcookie("mlusername", $username, $logincookie);
        $set2 = esetcookie("mluserid", $userid, $logincookie);
        $set3 = esetcookie("mlgroupid", $groupid, $logincookie);
        $set4 = esetcookie("mlrnd", $rnd, $logincookie);
        $location = "../member/cp/";
        $returnurl = getcvar('returnurl');
        if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
            $location = $returnurl;
        }
        $set5 = esetcookie("returnurl", "");
        $location = DoingReturnUrl($location, $_POST['ecmsfrom']);
        printerror("RegisterSuccess", $location, 1);
    } else {
        printerror("DbError", "history.go(-1)", 1);
    }
}
예제 #2
0
function DoRegSend($add)
{
    global $empire, $dbtbpre, $public_r;
    if ($public_r['regacttype'] != 1) {
        printerror('CloseRegAct', '', 1);
    }
    $username = trim($add[username]);
    $password = trim($add[password]);
    $email = trim($add[email]);
    $newemail = trim($add[newemail]);
    if (!$username || !$password || !$email) {
        printerror("EmptyRegAct", "history.go(-1)", 1);
    }
    //验证码
    $key = $add['key'];
    $keyvname = 'checkregsendkey';
    ecmsCheckShowKey($keyvname, $key, 1);
    $username = RepPostVar($username);
    $password = RepPostVar($password);
    $username = RepPostStr($username);
    $email = RepPostStr($email);
    $newemail = RepPostStr($newemail);
    if (!chemail($email)) {
        printerror("EmailFail", "history.go(-1)", 1);
    }
    if ($newemail) {
        if (!chemail($newemail)) {
            printerror("EmailFail", "history.go(-1)", 1);
        }
        $sendemail = $newemail;
    } else {
        $sendemail = $email;
    }
    //密码
    $ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
    if (!$ur['userid']) {
        printerror("ErrorRegActUser", "history.go(-1)", 1);
    }
    if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
        printerror("ErrorRegActUser", "history.go(-1)", 1);
    }
    $r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
    $useremail = $r['email'];
    if (!$r['userid'] || $useremail != $email) {
        printerror("ErrorRegActUser", "history.go(-1)", 1);
    }
    if ($r['checked']) {
        printerror("HaveRegActUser", '', 1);
    }
    $addr = $empire->fetch1("select userid,authstr from {$dbtbpre}enewsmemberpub where userid='" . $r['userid'] . "' limit 1");
    $ar = explode('||', $addr['authstr']);
    if (!$addr['userid'] || !$addr['authstr'] || $ar[1] != 2) {
        printerror("HaveRegActUser", '', 1);
    }
    ecmsEmptyShowKey($keyvname);
    //清空验证码
    SendActUserEmail($r['userid'], $username, $sendemail);
}
예제 #3
0
function register($add)
{
    global $empire, $dbtbpre, $public_r, $ecms_config;
    //关闭注册
    if ($public_r['register_ok']) {
        printerror('CloseRegister', '', 1);
    }
    //验证时间段允许操作
    eCheckTimeCloseDo('reg');
    //验证IP
    eCheckAccessDoIp('register');
    if (!empty($ecms_config['member']['registerurl'])) {
        Header("Location:" . $ecms_config['member']['registerurl']);
        exit;
    }
    //已经登陆不能注册
    if (getcvar('mluserid')) {
        printerror('LoginToRegister', '', 1);
    }
    CheckCanPostUrl();
    //验证来源
    $username = trim($add['username']);
    $password = trim($add['password']);
    $username = RepPostVar($username);
    $password = RepPostVar($password);
    $email = RepPostStr($add['email']);
    if (!$username || !$password || !$email) {
        printerror("EmptyMember", "history.go(-1)", 1);
    }
    $tobind = (int) $add['tobind'];
    //验证码
    $keyvname = 'checkregkey';
    if ($public_r['regkey_ok']) {
        ecmsCheckShowKey($keyvname, $add['key'], 1);
    }
    $user_groupid = eReturnMemberDefGroupid();
    $groupid = (int) $add['groupid'];
    $groupid = empty($groupid) ? $user_groupid : $groupid;
    CheckMemberGroupCanReg($groupid);
    //IP
    $regip = egetip();
    $regipport = egetipport();
    //用户字数
    $pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
    $userlen = strlen($username);
    if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
        printerror('FaiUserlen', '', 1);
    }
    //密码字数
    $passlen = strlen($password);
    if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
        printerror('FailPasslen', '', 1);
    }
    if ($add['repassword'] !== $password) {
        printerror('NotRepassword', '', 1);
    }
    if (!chemail($email)) {
        printerror('EmailFail', '', 1);
    }
    if (strstr($username, '|') || strstr($username, '*')) {
        printerror('NotSpeWord', '', 1);
    }
    //同一IP注册
    eCheckIpRegTime($regip, $pr['regretime']);
    //保留用户
    toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
    $username = RepPostStr($username);
    //重复用户
    $num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
    if ($num) {
        printerror('ReUsername', '', 1);
    }
    //重复邮箱
    if ($pr['regemailonly']) {
        $num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
        if ($num) {
            printerror('ReEmailFail', '', 1);
        }
    }
    //注册时间
    $lasttime = time();
    $registertime = eReturnAddMemberRegtime();
    $rnd = make_password(20);
    //产生随机密码
    $userkey = eReturnMemberUserKey();
    //密码
    $truepassword = $password;
    $salt = eReturnMemberSalt();
    $password = eDoMemberPw($password, $salt);
    //审核
    $checked = ReturnGroupChecked($groupid);
    if ($checked && $public_r['regacttype'] == 1) {
        $checked = 0;
    }
    //验证附加表必填项
    $mr['add_filepass'] = ReturnTranFilepass();
    $fid = GetMemberFormId($groupid);
    $member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
    $sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
    //取得userid
    $userid = $empire->lastid();
    //附加表
    $addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
    if (!$addr[userid]) {
        $spacestyleid = ReturnGroupSpaceStyleid($groupid);
        $sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
    }
    //更新附件
    UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
    ecmsEmptyShowKey($keyvname);
    //清空验证码
    //绑定帐号
    if ($tobind) {
        MemberConnect_BindUser($userid);
    }
    if ($sql) {
        //邮箱激活
        if ($checked == 0 && $public_r['regacttype'] == 1) {
            include 'class/member_actfun.php';
            SendActUserEmail($userid, $username, $email);
        }
        //审核
        if ($checked == 0) {
            $location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
            printerror("RegisterSuccessCheck", $location, 1);
        }
        $logincookie = 0;
        if ($ecms_config['member']['regcookietime']) {
            $logincookie = time() + $ecms_config['member']['regcookietime'];
        }
        $r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
        $set1 = esetcookie("mlusername", $username, $logincookie);
        $set2 = esetcookie("mluserid", $userid, $logincookie);
        $set3 = esetcookie("mlgroupid", $groupid, $logincookie);
        $set4 = esetcookie("mlrnd", $rnd, $logincookie);
        //验证符
        qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
        //登录附加cookie
        AddLoginCookie($r);
        $location = "../member/cp/";
        $returnurl = getcvar('returnurl');
        if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
            $location = $returnurl;
        }
        $set5 = esetcookie("returnurl", "");
        //易通行系统
        DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
        $location = DoingReturnUrl($location, $_POST['ecmsfrom']);
        printerror("RegisterSuccess", $location, 1);
    } else {
        printerror("DbError", "history.go(-1)", 1);
    }
}
예제 #4
0
function DoRegSend($add)
{
    global $empire, $dbtbpre, $public_r, $user_tablename, $user_username, $user_userid, $user_email, $user_password, $user_dopass, $user_salt, $user_checked;
    if ($public_r['regacttype'] != 1) {
        printerror('CloseRegAct', '', 1);
    }
    $username = trim($add[username]);
    $password = trim($add[password]);
    $email = trim($add[email]);
    $newemail = trim($add[newemail]);
    if (!$username || !$password || !$email) {
        printerror("EmptyRegAct", "history.go(-1)", 1);
    }
    //ÑéÖ¤Âë
    $key = $add['key'];
    $keyvname = 'checkregsendkey';
    ecmsCheckShowKey($keyvname, $key, 1);
    $username = RepPostVar($username);
    $password = RepPostVar($password);
    $username = RepPostStr($username);
    $email = RepPostStr($email);
    $newemail = RepPostStr($newemail);
    if (!chemail($email)) {
        printerror("EmailFail", "history.go(-1)", 1);
    }
    if ($newemail) {
        if (!chemail($newemail)) {
            printerror("EmailFail", "history.go(-1)", 1);
        }
        $sendemail = $newemail;
    } else {
        $sendemail = $email;
    }
    //±àÂëת»»
    $utfusername = doUtfAndGbk($username, 0);
    $password = doUtfAndGbk($password, 0);
    //ÃÜÂë
    if (empty($user_dopass)) {
        $password = md5($password);
    }
    if ($user_dopass == 3) {
        $password = substr(md5($password), 8, 16);
    }
    //Ë«ÖØmd5
    $num = 0;
    if ($user_dopass == 2) {
        $ur = $empire->fetch1("select " . $user_userid . "," . $user_salt . "," . $user_password . " from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
        $password = md5(md5($password) . $ur[$user_salt]);
        $num = 0;
        if ($password == $ur[$user_password]) {
            $num = 1;
        }
        if (empty($ur[$user_userid])) {
            $num = 0;
        }
    } else {
        $num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_username . "='{$utfusername}' and " . $user_password . "='" . $password . "' limit 1");
    }
    if (!$num) {
        printerror("ErrorRegActUser", "history.go(-1)", 1);
    }
    $r = $empire->fetch1("select * from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
    $utfemail = doUtfAndGbk($r[$user_email], 1);
    if (!$r[$user_userid] || $utfemail != $email) {
        printerror("ErrorRegActUser", "history.go(-1)", 1);
    }
    if ($r[$user_checked]) {
        printerror("HaveRegActUser", '', 1);
    }
    $addr = $empire->fetch1("select userid,authstr from {$dbtbpre}enewsmemberadd where userid='" . $r[$user_userid] . "' limit 1");
    $ar = explode('||', $addr['authstr']);
    if (!$addr['userid'] || !$addr['authstr'] || $ar[1] != 2) {
        printerror("HaveRegActUser", '', 1);
    }
    ecmsEmptyShowKey($keyvname);
    //Çå¿ÕÑéÖ¤Âë
    SendActUserEmail($r[$user_userid], $username, $sendemail);
}