public function card_addmoney()
{
$czknum = htmlspecialchars($_POST['czknum']);
$password = htmlspecialchars($_POST['password']);
if (empty($czknum) or empty($password)) {
_message("您尚未填写卡密信息");
}
$czkdata = $this->db->GetList("select * from `@#_czk` where `status` = '1' AND czknum='{$czknum}' AND password='******'");
if (!$czkdata) {
_message("卡号或卡密不正确");
}
$czkdata = $czkdata[0];
$uid = intval(_encrypt(_getcookie("uid"), 'DECODE'));
//查询用户信息
if ($czkdata['type'] == 1) {
$members = $this->db->GetList("select * from `@#_member` where uid='{$uid}'");
$money = $czkdata['mianzhi'] + $members[0]['money'];
$this->db->Query("UPDATE `@#_member` SET money='{$money}' where `uid`='{$uid}' ");
} else {
$members = $this->db->GetList("select * from `@#_member` where uid='{$uid}' and tyczk='0'");
if (empty($members)) {
_message("卡密不存在或者已经参与此活动!");
die;
}
$money = $czkdata['mianzhi'] + $members[0]['money'];
$this->db->Query("UPDATE `@#_member` SET money='{$money}',tyczk='1' where `uid`='{$uid}' ");
}
$this->db->Query("UPDATE `@#_czk` SET status='0' where czknum='{$czknum}' AND password='******' ");
$time = time();
$this->db->Query("INSERT INTO `@#_member_account`(uid,type,pay,content,money,time)VALUES('{$uid}','1','账户','充值卡','{$czkdata['mianzhi']}','{$time}')");
_message("充值成功!");
}
protected final function CheckAdminInfo($uid = null, $ashell = null)
{
$this->db = System::load_app_model('admin_model', G_ADMIN_DIR);
if ($uid && $ashell) {
$CheckId = _encrypt($uid, 'DECODE');
$CheckAshell = _encrypt($ashell, 'DECODE');
} else {
$CheckId = _encrypt(_getcookie("AID"), 'DECODE');
$CheckAshell = _encrypt(_getcookie("ASHELL"), 'DECODE');
}
if (!$CheckId || !$CheckAshell) {
return false;
}
$info = $this->db->GetOne("SELECT * FROM `@#_admin` WHERE `uid` = '{$CheckId}'");
if (isset($_POST['dosubmit']) || isset($_POST['submit-1'])) {
if ($info[mid] == '1') {
_message("测试帐号无修改权限!");
}
}
if (!$info) {
return false;
}
$infoshell = md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']);
if ($infoshell != $CheckAshell) {
return false;
}
$this->AdminInfo = $info;
return true;
}
public function findpassword()
{
if (isset($_POST['submit'])) {
$name = isset($_POST['name']) ? $_POST['name'] : "";
$txtRegSN = strtoupper($_POST['txtRegSN']);
if (md5($txtRegSN) != _getcookie('checkcode')) {
_message("验证码错误");
}
$regtype = null;
if (_checkmobile($name)) {
$regtype = 'mobile';
}
if (_checkemail($name)) {
$regtype = 'email';
}
if ($regtype == null) {
_message("帐号类型不正确!", null, 3);
}
$info = $this->DB()->GetOne("SELECT * FROM `@#_member` WHERE {$regtype} = '{$name}' LIMIT 1");
if (!$info) {
_message("帐号不存在");
}
header("location:" . WEB_PATH . "/member/finduser/find" . $regtype . "check" . "/" . _encrypt($name));
}
$title = "找回密码";
include templates("user", "findpassword");
}
public function __construct()
{
if (ROUTE_M == 'member' && ROUTE_C == 'user' && ROUTE_A == 'login') {
return;
}
if (ROUTE_M == 'member' && ROUTE_C == 'user' && ROUTE_A == 'register') {
return;
}
$uid = intval(_encrypt(_getcookie("uid"), 'DECODE'));
$utype = _encrypt(_getcookie("utype"), 'DECODE');
$ushell = _encrypt(_getcookie("ushell"), 'DECODE');
if ($utype === NULL) {
$this->HeaderLogin();
}
if (!$uid) {
$this->HeaderLogin();
}
$this->userinfo = $this->DB()->GetOne("SELECT * from `@#_member` where `uid` = '{$uid}'");
if (!$this->userinfo) {
$this->HeaderLogin();
}
$shell = md5($this->userinfo['uid'] . $this->userinfo['password'] . $this->userinfo[$utype]);
if ($ushell != $shell) {
$this->HeaderLogin();
}
}
protected final function CheckAdminInfo($uid = null, $ashell = null)
{
$this->db = System::load_app_model('admin_model', G_ADMIN_DIR);
if ($uid && $ashell) {
$CheckId = _encrypt($uid, 'DECODE');
$CheckAshell = _encrypt($ashell, 'DECODE');
} else {
$CheckId = _encrypt(_getcookie("AID"), 'DECODE');
$CheckAshell = _encrypt(_getcookie("ASHELL"), 'DECODE');
}
if (!$CheckId || !$CheckAshell) {
return false;
}
$info = $this->db->GetOne("SELECT * FROM `@#_admin` WHERE `uid` = '{$CheckId}'");
if (!$info) {
return false;
}
$infoshell = md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']);
if ($infoshell != $CheckAshell) {
return false;
}
if (empty($_SESSION['token']) && $_SESSION['token'] != md5($info['username'] . $info['userpass'])) {
return false;
}
$this->AdminInfo = $info;
return true;
}
public function upload()
{
$getinfo = $this->segment_array();
//var_dump($getinfo);
$title = isset($getinfo[4]) ? htmlspecialchars($getinfo[4]) : '';
//标题
$type = isset($getinfo[5]) ? htmlspecialchars($getinfo[5]) : '';
//上传类型
$path = isset($getinfo[6]) ? htmlspecialchars($getinfo[6]) : '';
//上传的文件夹
$num = isset($getinfo[7]) ? intval($getinfo[7]) : 0;
//上传个数
$size = isset($getinfo[8]) ? intval($getinfo[8]) : 0;
//最大size大小
$frame = isset($getinfo[9]) ? htmlspecialchars($getinfo[9]) : '';
//iframe的ID
$input = isset($getinfo[10]) ? htmlspecialchars($getinfo[10]) : '';
//父框架保存图片地址的input的id
$func = isset($getinfo[11]) ? htmlspecialchars($getinfo[11]) : '';
//父框架保存图片地址的input的id
$desc = $type;
//类型描述
$title = urldecode($title);
if (!_is_utf8($title)) {
$title = iconv("GBK", "UTF-8", $title);
}
$size_str = $this->getsize($size, false);
$uptype = $this->getUPtype($type, false);
$check = _getcookie("AID") . '&' . _getcookie("ASHELL");
System::load_app_class("admin", G_ADMIN_DIR, "no");
$admincheck = admin::StaticCheckAdminInfo() ? 1 : 0;
include $this->tpl(ROUTE_M, 'uploadify');
}
public function __construct()
{
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma:no-cache");
$this->Cartlist = _getcookie('Cartlist');
$this->db = System::load_sys_class("model");
}
public function __construct()
{
parent::__construct();
/* if(ROUTE_A!='userphotoup' and ROUTE_A!='singphotoup'){
if(!$this->userinfo)_message("请登录",WEB_PATH."/mobile/user/login",3);
} */
$this->db = System::load_sys_class('model');
//查询购物车的信息
$Mcartlist = _getcookie("Mcartlist");
$this->Mcartlist = json_decode(stripslashes($Mcartlist), true);
}
function coo($id)
{
$code = _getcookie('CODE');
$cook = explode(",", $code);
$count = count($cook) - 1;
for ($i = 0; $i < $count; $i++) {
if ($id == $cook[$i]) {
return true;
}
}
}
function spcook($me)
{
$mysql_model = System::load_sys_class('model');
$uid = _encrypt(_getcookie('uid'), 'DECODE');
$member = $mysql_model->GetOne("select * from `@#_member` where `uid`='" . $uid . "'");
if ($me == "pic") {
$img = explode(".", $member['img']);
return $img[1];
} else {
return $member[$me];
}
}
public function cook()
{
$mysql_model = System::load_sys_class('model');
$uid = _encrypt(_getcookie('uid'), 'DECODE');
$member = $mysql_model->GetOne("select * from `@#_member` where `uid`='" . $uid . "'");
if (!$member) {
$lei = $this->segment(2);
$funct = $this->segment(3);
//echo $lei;
header("location:" . WEB_PATH . "home/user/login?lei=" . $lei . "&funct=" . $funct);
exit;
} else {
return $member;
}
}
public function __construct()
{
$this->db = System::load_sys_class("model");
$uid = intval(_encrypt(_getcookie("uid"), 'DECODE'));
$ushell = _encrypt(_getcookie("ushell"), 'DECODE');
if (!$uid) {
$this->userinfo = false;
}
$this->userinfo = $this->db->GetOne("SELECT * from `@#_member` where `uid` = '{$uid}'");
if (!$this->userinfo) {
$this->userinfo = false;
}
$shell = md5($this->userinfo['uid'] . $this->userinfo['password'] . $this->userinfo['mobile'] . $this->userinfo['email']);
if ($ushell != $shell) {
$this->userinfo = false;
}
}
public function detail()
{
$member = $this->userinfo;
$sd_id = abs(intval($this->segment(4)));
$shaidan = $this->db->GetOne("select * from `@#_shaidan` where `sd_id`='{$sd_id}'");
$goods = $this->db->GetOne("select sid from `@#_shoplist` where `id` = '{$shaidan['sd_shopid']}'");
$goods = $this->db->GetOne("select id,qishu,money,q_uid,maxqishu,thumb,title from `@#_shoplist` where `sid` = '{$goods['sid']}' order by `qishu` DESC");
if (isset($_POST['submit'])) {
$sdhf_syzm = _getcookie("checkcode");
$sdhf_pyzm = isset($_POST['sdhf_code']) ? strtoupper($_POST['sdhf_code']) : '';
$sdhf_id = $shaidan['sd_id'];
$sdhf_userid = $member['uid'];
$sdhf_content = $_POST['sdhf_content'];
$sdhf_time = time();
$sdhf_username = _htmtocode(get_user_name($member));
$sdhf_img = _htmtocode($member['img']);
if (empty($sdhf_content)) {
_message("页面错误");
}
if (empty($sdhf_pyzm)) {
_message("请输入验证码");
}
if ($sdhf_syzm != md5($sdhf_pyzm)) {
_message("验证码不正确");
}
$this->db->Query("INSERT INTO `@#_shaidan_hueifu`(`sdhf_id`,`sdhf_userid`,`sdhf_content`,`sdhf_time`,`sdhf_username`,`sdhf_img`)VALUES\n\t\t\t('{$sdhf_id}','{$sdhf_userid}','{$sdhf_content}','{$sdhf_time}','{$sdhf_username}','{$sdhf_img}')");
$sd_ping = $shaidan['sd_ping'] + 1;
$this->db->Query("UPDATE `@#_shaidan` SET sd_ping='{$sd_ping}' where sd_id='{$shaidan['sd_id']}'");
_message("评论成功", WEB_PATH . "/go/shaidan/detail/" . $sd_id);
}
$shaidannew = $this->db->GetList("select * from `@#_shaidan` order by `sd_id` DESC limit 5");
$shaidan_hueifu = $this->db->GetList("select * from `@#_shaidan_hueifu` where `sdhf_id`='{$sd_id}' LIMIT 10");
foreach ($shaidan_hueifu as $k => $v) {
$shaidan_hueifu[$k]['sdhf_content'] = _htmtocode($shaidan_hueifu[$k]['sdhf_content']);
}
if (!$shaidan) {
_message("页面错误");
}
$substr = substr($shaidan['sd_photolist'], 0, -1);
$sd_photolist = explode(";", $substr);
$title = $shaidan['sd_title'] . "_" . _cfg("web_name");
$keywords = $shaidan['sd_title'];
$description = $shaidan['sd_title'];
include templates("index", "detail");
}
function friends1()
{
$webname = $this->_cfg['web_name'];
$member = $this->userinfo;
$title = "我的购买中心";
$memberdj = $this->db->GetList("select * from `@#_member_group`");
$jingyan = $member['jingyan'];
if (!empty($memberdj)) {
foreach ($memberdj as $key => $val) {
if ($jingyan >= $val['jingyan_start'] && $jingyan <= $val['jingyan_end']) {
$member['yungoudj'] = $val['name'];
}
}
}
$mysql_model = System::load_sys_class('model');
$member = $this->userinfo;
$uid = _getcookie('uid');
$notinvolvednum = 0;
//未参加购买的人数
$involvednum = 0;
//参加预购的人数
$involvedtotal = 0;
//邀请人数
//查询邀请好友信息
$invifriends = $mysql_model->GetList("select * from `@#_member` where `yaoqing`='{$member['uid']}' ORDER BY `time` DESC");
$involvedtotal = count($invifriends);
//var_dump($invifriends);
for ($i = 0; $i < count($invifriends); $i++) {
$sqluid = $invifriends[$i]['uid'];
$sqname = get_user_name($invifriends[$i]);
$invifriends[$i]['sqlname'] = $sqname;
//查询邀请好友的消费明细
$accounts[$sqluid] = $mysql_model->GetList("select * from `@#_member_account` where `uid`='{$sqluid}' ORDER BY `time` DESC");
//判断哪个好友有消费
if (empty($accounts[$sqluid])) {
$notinvolvednum += 1;
$records[$sqluid] = '未参与购买';
} else {
$involvednum += 1;
$records[$sqluid] = '已参与购买';
}
}
include templates("mobile/invite", "friends1");
}
public function __construct()
{
$this->mysql_model = System::load_sys_class('model');
$this->userid = intval(_encrypt(_getcookie("uid"), 'DECODE'));
//获取当前客户的基本信息 (积分、剩余金额等)
$this->userinfo = $this->mysql_model->GetOne("SELECT * from `@#_member` where `uid` = '{$this->userid}'");
$curtime = time();
/* if(!$this->userid){
_message("你还未登录,无权限访问该页!",WEB_PATH."/member/user/login");
} */
//显示当前抽奖第几期
$this->ruleinfo = $this->mysql_model->GetOne("select * from `@#_egglotter_rule` where `starttime`<='{$curtime}' and `endtime`>='{$curtime}' and `startusing`=1");
$this->username = $this->userinfo['username'];
$rule_id = $this->ruleinfo['rule_id'];
if (!$this->ruleinfo) {
_message("没有设置游戏");
}
//产看当期奖品
$this->spoilinfo = $this->mysql_model->GetList("select * from `@#_egglotter_spoil` where `rule_id`='{$rule_id}'");
}
function wxlogin()
{
$user = $this->userinfo;
$pro = $this->segment(4);
file_put_contents('t.txt', "\n\r\r\n-----pro:" . $pro, FILE_APPEND);
$this->db = System::load_sys_class('model');
$wx_set = $this->db->GetOne("SELECT * from `@#_wxset` ");
if (!$user) {
$code = $this->create_code();
if ($pro) {
_setcookie("procode", $pro);
$pu = $this->db->GetOne("select * from `@#_activity_code` where `code`='{$pro}'");
if (empty($pu)) {
$pu = $this->db->GetOne("select * from `@#_member` where `code`='{$pro}'");
}
} else {
$pro = _getcookie("procode");
$pu = $this->db->GetOne("select * from `@#_activity_code` where `code`='{$pro}'");
}
$p_mobile = $pu['mobile'] ? $pu['mobile'] : '';
$this->db->Query("insert into `@#_activity_code`(`code`,`status`,`pro`) values('{$code}',0,'{$p_mobile}')");
} else {
if (empty($user['code'])) {
$user['code'] = $this->create_code();
$this->db->GetOne("update `@#_member` set code='{$user['code']}' where `uid`='{$user['uid']}'");
}
}
if (!empty($user) && !empty($pro) && $pro == $user['code']) {
$mylink = '';
include templates("mobile/index", "activity_share");
die;
}
session_start();
$state = md5(uniqid(rand(), TRUE));
$_SESSION["wxState"] = $state;
$redirect_uri = urlencode("" . $wx_set['back'] . "/?mobile/user/wx_callback/" . $code . "/");
$wxurl = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=" . $wx_set['appid'] . "&redirect_uri={$redirect_uri}&response_type=code&scope=snsapi_userinfo&state={$state}#wechat_redirect";
header("Location: {$wxurl}");
}
static final function StaticCheckAdminInfo($uid = null, $ashell = null)
{
$db = System::load_app_model('admin_model', G_ADMIN_DIR);
if ($uid && $ashell) {
$CheckId = _encrypt($uid, 'DECODE');
$CheckAshell = _encrypt($ashell, 'DECODE');
} else {
$CheckId = _encrypt(_getcookie("AID"), 'DECODE');
$CheckAshell = _encrypt(_getcookie("ASHELL"), 'DECODE');
}
if (!$CheckId || !$CheckAshell) {
return false;
}
$info = $db->GetOne("SELECT * FROM `@#_admin` WHERE `uid` = '{$CheckId}'");
if (!$info) {
return false;
}
$infoshell = md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']);
if ($infoshell != $CheckAshell) {
return false;
}
return $info;
}
function qznum()
{
$mysql_model = System::load_sys_class('model');
$uid = _encrypt(_getcookie('uid'), 'DECODE');
$member = $mysql_model->GetOne("select * from `@#_member` where `uid`='{$uid}'");
$addgroup = rtrim($member['addgroup'], ",");
if ($addgroup) {
$group = $mysql_model->GetList("select * from `@#_quanzi` where `id` in ({$addgroup})");
return count($group);
} else {
$group = null;
return false;
}
}
case 'Tumblr':
return 'tumbrl';
case 'Twitter':
return 'twitter';
case 'Vkontakte':
return 'vk';
default:
return false;
}
};
$data['list'] = h::{'ul.cs-hybrid-auth-providers-list li'}([$L->or_sign_in_with, ['class' => 'uk-nav-header']], array_map(function ($provider) use($L, $icon_mapper) {
return [h::a(h::icon($icon_mapper($provider)) . $L->{$provider}), ['data-provider' => $provider, 'class' => "cs-hybrid-auth-{$provider}"]];
}, array_keys($providers)));
});
Trigger::instance()->register('System/User/registration/confirmation/after', function () {
if ($referer = _getcookie('HybridAuth_referer')) {
header("Refresh: 5; url={$referer}");
_setcookie('HybridAuth_referer', '');
}
});
Trigger::instance()->register('System/User/del/after', function ($data) {
/**
* @var \cs\DB\_Abstract $cdb
*/
$cdb = DB::instance()->{Config::instance()->module('HybridAuth')->db('integration')}();
$cdb->q(["DELETE FROM `[prefix]users_social_integration`\n\t\t\t\tWHERE `id` = '%s'", "DELETE FROM `[prefix]users_social_integration_contacts`\n\t\t\t\tWHERE `id` = '%s'"], $data['id']);
});
Trigger::instance()->register('System/User/get_contacts', function ($data) {
$data['contacts'] = array_unique(array_merge($data['contacts'], get_user_contacts($data['id'])));
});
/**
private function go_record()
{
if (is_array($this->scookie)) {
$Cartlist = $this->scookie;
} else {
$Cartlist = json_decode(stripslashes(_getcookie('Cartlist')), true);
}
$shopids = '';
//商品ID
if (is_array($Cartlist)) {
foreach ($Cartlist as $key => $val) {
$shopids .= intval($key) . ',';
}
$shopids = str_replace(',0', '', $shopids);
$shopids = trim($shopids, ',');
}
$shoplist = array();
//商品信息
if ($shopids != NULL) {
$shoplist = $this->db->GetList("SELECT * FROM `@#_shoplist` where `id` in({$shopids}) and `q_uid` is null for update", array("key" => "id"));
} else {
$this->db->Autocommit_rollback();
return '购物车内没有商品!';
}
$MoenyCount = 0;
$shopguoqi = 0;
if (count($shoplist) >= 1) {
$scookies_arr = array();
$scookies_arr['MoenyCount'] = 0;
foreach ($Cartlist as $key => $val) {
$key = intval($key);
if (isset($shoplist[$key]) && $shoplist[$key]['shenyurenshu'] != 0) {
if ($shoplist[$key]['xsjx_time'] != '0' && $shoplist[$key]['xsjx_time'] < time()) {
unset($shoplist[$key]);
$shopguoqi = 1;
continue;
}
$shoplist[$key]['cart_gorenci'] = $val['num'] ? $val['num'] : 1;
if ($shoplist[$key]['cart_gorenci'] >= $shoplist[$key]['shenyurenshu']) {
$shoplist[$key]['cart_gorenci'] = $shoplist[$key]['shenyurenshu'];
}
$MoenyCount += $shoplist[$key]['yunjiage'] * $shoplist[$key]['cart_gorenci'];
$shoplist[$key]['cart_xiaoji'] = substr(sprintf("%.3f", $shoplist[$key]['yunjiage'] * $shoplist[$key]['cart_gorenci']), 0, -1);
$shoplist[$key]['cart_shenyu'] = $shoplist[$key]['zongrenshu'] - $shoplist[$key]['canyurenshu'];
$scookies_arr[$key]['shenyu'] = $shoplist[$key]['cart_shenyu'];
$scookies_arr[$key]['num'] = $shoplist[$key]['cart_gorenci'];
$scookies_arr[$key]['money'] = intval($shoplist[$key]['yunjiage']);
$scookies_arr['MoenyCount'] += intval($shoplist[$key]['cart_xiaoji']);
} else {
unset($shoplist[$key]);
}
}
if (count($shoplist) < 1) {
$scookies_arr = '0';
$this->db->Autocommit_rollback();
if ($shopguoqi) {
return '限时揭晓过期商品不能购买!';
} else {
return '购物车里没有商品!';
}
}
} else {
$scookies_arr = '0';
$this->db->Autocommit_rollback();
return '购物车里商品已经卖完或已下架!';
}
$this->MoenyCount = substr(sprintf("%.3f", $MoenyCount), 0, -1);
/**
* 最多能抵扣多少钱
**/
if ($this->fufen) {
if ($this->fufen >= $this->members['score']) {
$this->fufen = $this->members['score'];
}
$fufen = System::load_app_config("user_fufen", '', 'member');
if ($fufen['fufen_yuan']) {
$this->fufen_to_money = intval($this->fufen / $fufen['fufen_yuan']);
if ($this->fufen_to_money >= $this->MoenyCount) {
$this->fufen_to_money = $this->MoenyCount;
$this->fufen = $this->fufen_to_money * $fufen['fufen_yuan'];
}
} else {
$this->fufen_to_money = 0;
$this->fufen = 0;
}
} else {
$this->fufen_to_money = 0;
$this->fufen = 0;
}
//总支付价格
$this->MoenyCount = $this->MoenyCount - $this->fufen_to_money;
$this->shoplist = $shoplist;
$this->scookies_arr = $scookies_arr;
return 'ok';
}
function get_user_arr($key = '', $where = '')
{
global $_cfg;
if (isset($_cfg['userinfo'])) {
return $_cfg['userinfo'];
}
if (empty($where)) {
$where = 'uid,username,password,email,mobile,img';
} else {
$where = 'uid,username,password,email,mobile,img,' . $where;
}
$db = System::load_sys_class("model");
$uid = abs(intval(_encrypt(_getcookie("uid"), 'DECODE')));
$ushell = _encrypt(_getcookie("ushell"), 'DECODE');
if (!$uid) {
return false;
}
$_cfg['userinfo'] = $db->GetOne("SELECT {$where} FROM `@#_member` WHERE `uid` = '{$uid}'");
if (!$_cfg['userinfo']) {
return false;
}
$shell = md5($_cfg['userinfo']['uid'] . $_cfg['userinfo']['password'] . $_cfg['userinfo']['mobile'] . $_cfg['userinfo']['email']);
if ($ushell != $shell) {
return false;
}
if (empty($key)) {
return $_cfg['userinfo'];
} elseif (isset($_cfg['userinfo']['key'])) {
return $_cfg['userinfo']['key'];
} else {
return false;
}
}
public function login()
{
if (isset($_POST['ajax'])) {
$location = WEB_PATH . '/' . ROUTE_M . '/index';
$message = array("error" => false, 'text' => $location);
$username = $_POST['username'];
$password = $_POST['password'];
$code = strtoupper($_POST['code']);
if (empty($username)) {
$message['error'] = true;
$message['text'] = "请输入用户名!";
echo json_encode($message);
exit;
}
if (empty($password)) {
$message['error'] = true;
$message['text'] = "请输入密码!";
echo json_encode($message);
exit;
}
if (_cfg("web_off")) {
if (empty($code)) {
$message['error'] = true;
$message['text'] = "请输入验证码!";
echo json_encode($message);
exit;
}
if (md5($code) != _getcookie('checkcode')) {
$message['error'] = true;
$message['text'] = "验证码输入错误";
echo json_encode($message);
exit;
}
}
$info = $this->db->GetOne("SELECT * FROM `@#_admin` WHERE `username` = '{$username}' LIMIT 1");
if (!$info) {
$message['error'] = true;
$message['text'] = "登录失败,请检查用户名或密码!";
echo json_encode($message);
exit;
}
if ($info['userpass'] != md5($password)) {
$message['error'] = true;
$message['text'] = "登陆失败!";
echo json_encode($message);
exit;
}
if (!$message['error']) {
_setcookie("AID", _encrypt($info['uid'], 'ENCODE'));
_setcookie("ASHELL", _encrypt(md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT'])));
$_SESSION['token'] = md5($info['username'] . $info['userpass']);
$this->AdminInfo = $info;
$time = time();
$ip = _get_ip();
$this->db->Query("UPDATE `@#_admin` SET `logintime`='{$time}' WHERE (`uid`='{$info['uid']}')");
$this->db->Query("UPDATE `@#_admin` SET `loginip`='{$ip}' WHERE (`uid`='{$info['uid']}')");
}
echo json_encode($message);
exit;
} else {
include $this->tpl(ROUTE_M, 'user.login');
}
}
public function login()
{
$user = $this->userinfo;
if ($user) {
header("Location:" . G_WEB_PATH);
exit;
} else {
if (!$this->segment(4)) {
global $_cfg;
$url = WEB_PATH . '/' . $_cfg['param_arr']['url'];
$url = rtrim($url, '/');
$url .= '/' . base64_encode(trim(G_HTTP_REFERER));
if ($url != get_web_url()) {
header("Location:" . $url);
exit;
}
}
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = md5($_POST['password']);
$code = md5(strtoupper($_POST['verify']));
$logintype = '';
if ($code != _getcookie('checkcode')) {
_message("验证码输入错误!");
}
if (strpos($username, '@') == false) {
//手机
$logintype = 'mobile';
if (!_checkmobile($username)) {
_message("手机格式不正确!");
}
} else {
//邮箱
$logintype = 'email';
if (!_checkemail($username)) {
_message("邮箱格式不正确!");
}
}
$member = $this->db->GetOne("select * from `@#_member` where `{$logintype}`='{$username}' and `password`='{$password}'");
if (!$member) {
_message("帐号不存在错误!");
}
$check = $logintype . 'code';
if ($member[$check] != 1) {
$strcode = _encrypt($member['email']);
_message("帐号未认证", WEB_PATH . "/member/user/" . $logintype . "check/" . _encrypt($member[$logintype]));
}
if (!is_array($member)) {
_message("帐号或密码错误", NULL, 3);
} else {
$time = time();
$user_ip = _get_ip_dizhi();
$this->db->GetOne("UPDATE `@#_member` SET `user_ip` = '{$user_ip}',`login_time` = '{$time}' where `uid` = '{$member['uid']}'");
_setcookie("uid", _encrypt($member['uid']), 60 * 60 * 24 * 7);
_setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email'])), 60 * 60 * 24 * 7);
}
_message("登录成功", base64_decode($this->segment(4)), 2);
}
include templates("user", "login");
}
public function userMobile()
{
$name = safe_replace($_POST['username']);
$pass = md5(safe_replace($_POST['password']));
$verify = md5(strtoupper($_POST['verify']));
if ($verify != _getcookie('checkcode')) {
$userMobile['state'] = -1;
echo json_encode($userMobile);
exit;
}
$time = time();
$decode = 0;
//邮箱验证 -1 代表未验证, 1 验证成功 都不等代表等待验证
$sql = "INSERT INTO `@#_member`(`mobile`,password,img,emailcode,mobilecode,yaoqing,time)VALUES('{$name}','{$pass}','photo/member.jpg','-1','-1','{$decode}','{$time}')";
if ($this->db->Query($sql)) {
$userMobile['state'] = 0;
} else {
//_message("注册失败!");
$userMobile['state'] = 1;
}
echo json_encode($userMobile);
}
public function tenpaysuccess()
{
$webname = $this->_cfg['web_name'];
$code = _getcookie('CODE');
if (!isset($_GET['attach'])) {
_messagemobile("页面错误!");
exit;
}
if (!$code) {
_messagemobile("页面错误!");
exit;
}
$mysql_model = System::load_sys_class('model');
$member = $this->userinfo;
$total_fee = $_GET['total_fee'] / 100 + $member['money'];
$attach = $_GET['attach'];
$sign = $_GET['sign'];
if ($pay_result < 1) {
$mysql_model->Query("UPDATE `@#_member` SET money='" . $total_fee . "' where uid='" . $member['uid'] . "'");
$shop = explode("&", $attach);
gopay($member, $shop[0], $shop[1], $shop[2]);
}
}
public function __construct()
{
$this->userid = intval(_encrypt(_getcookie("uid"), 'DECODE'));
}
public function invitefriends()
{
$mysql_model = System::load_sys_class('model');
$member = $this->userinfo;
$uid = _getcookie('uid');
$notinvolvednum = 0;
//未参加购买的人数
$involvednum = 0;
//参加预购的人数
$involvedtotal = 0;
//邀请人数
//查询邀请好友信息
$invifriends = $mysql_model->GetList("select * from `@#_member` where `yaoqing`='{$member['uid']}' ORDER BY `time` DESC");
$involvedtotal = count($invifriends);
//var_dump($invifriends);
for ($i = 0; $i < count($invifriends); $i++) {
$sqluid = $invifriends[$i]['uid'];
$sqname = get_user_name($invifriends[$i]);
$invifriends[$i]['sqlname'] = $sqname;
//查询邀请好友的消费明细
$accounts[$sqluid] = $mysql_model->GetList("select * from `@#_member_account` where `uid`='{$sqluid}' ORDER BY `time` DESC");
//判断哪个好友有消费
if (empty($accounts[$sqluid])) {
$notinvolvednum += 1;
$records[$sqluid] = '未参与购买';
} else {
$involvednum += 1;
$records[$sqluid] = '已参与购买';
}
}
include templates("member", "invitefriends");
}
/**
* Error pages processing
*
* @param null|string|string[] $custom_text Custom error text instead of text like "404 Not Found",
* or array with two elements: [error, error_description]
* @param bool $json Force JSON return format
*/
function error($custom_text = null, $json = false)
{
static $error_showed = false;
if ($error_showed) {
return;
}
$error_showed = true;
if (!defined('ERROR_CODE')) {
error_code(500);
}
if (defined('API') && !API && ERROR_CODE == 403 && _getcookie('sign_out')) {
header('Location: ' . Config::instance()->base_url(), true, 302);
$this->Content = '';
exit;
}
interface_off();
$error = code_header(ERROR_CODE);
if (is_array($custom_text)) {
$error = $custom_text[0];
$error_description = $custom_text[1];
} else {
$error_description = $custom_text ?: $error;
}
if (defined('API') && API || $json) {
if ($json) {
header('Content-Type: application/json; charset=utf-8', true);
interface_off();
}
$this->json(['error' => $error, 'error_description' => $error_description]);
} else {
ob_start();
if (!_include_once(THEMES . "/{$this->theme}/error.html", false) && !_include_once(THEMES . "/{$this->theme}/error.php", false)) {
echo "<!doctype html>\n" . h::title(code_header($error)) . ($error_description ?: $error);
}
$this->Content = ob_get_clean();
}
$this->__finish();
exit;
}
/**
* @package CleverStyle CMS
* @subpackage System module
* @category modules
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2011-2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs;
$Config = Config::instance();
$L = Language::instance();
$Page = Page::instance();
$User = User::instance();
if (_getcookie('restore_password_confirm')) {
_setcookie('restore_password_confirm', '');
$Page->title($L->restore_password_success_title);
$Page->success($L->restore_password_success);
return;
} elseif (!$User->guest()) {
$Page->title($L->you_are_already_registered_title);
$Page->warning($L->you_are_already_registered);
return;
} elseif (!isset($Config->route[2])) {
$Page->title($L->invalid_confirmation_code);
$Page->warning($L->invalid_confirmation_code);
return;
}
$result = $User->restore_password_confirmation($Config->route[2]);
if ($result === false) {
public function singleupdate()
{
_message("不可编辑!");
if (isset($_POST['submit'])) {
System::load_sys_class('upload', 'sys', 'no');
if ($_POST['title'] == null) {
_message("标题不能为空");
}
if ($_POST['content'] == null) {
_message("内容不能为空");
}
$sd_id = $_POST['sd_id'];
$shaidan = $this->db->GetOne("select * from `@#_shaidan` where `sd_id`='{$sd_id}'");
$pic = null;
$thumbs = null;
if (isset($_POST['fileurl_tmp'])) {
if ($shaidan['sd_photolist'] == null) {
$img = $_POST['fileurl_tmp'];
$num = count($img);
for ($i = 0; $i < $num; $i++) {
$pic .= trim($img[$i]) . ";";
}
$src = trim($img[0]);
$size = getimagesize(G_UPLOAD_PATH . "/" . $src);
$width = 220;
$height = $size[1] * ($width / $size[0]);
$thumbs = tubimg($src, $width, $height);
} else {
$img = $_POST['fileurl_tmp'];
$num = count($img);
for ($i = 0; $i < $num; $i++) {
$pic .= $img[$i] . ";";
}
}
}
if ($thumbs != null) {
$sd_thumbs = $thumbs;
} else {
$sd_thumbs = $shaidan['sd_thumbs'];
}
$uid = $this->userinfo;
$sd_userid = $uid['uid'];
$sd_shopid = $shaidan['sd_shopid'];
$sd_title = $_POST['title'];
$sd_content = $_POST['content'];
$sd_photolist = $pic . $shaidan['sd_photolist'];
$sd_time = time();
$this->db->Query("UPDATE `@#_shaidan` SET\n\t\t\t`sd_userid`='{$sd_userid}',\n\t\t\t`sd_shopid`='{$sd_shopid}',\n\t\t\t`sd_title`='{$sd_title}',\n\t\t\t`sd_thumbs`='{$sd_thumbs}',\n\t\t\t`sd_content`='{$sd_content}',\n\t\t\t`sd_photolist`='{$sd_photolist}',\n\t\t\t`sd_time`='{$sd_time}' where sd_id='{$sd_id}'");
_message("晒单修改成功", WEB_PATH . "/mobile/home/singlelist");
}
$member = $this->userinfo;
$title = "修改晒单";
$uid = _getcookie('uid');
$ushell = _getcookie('ushell');
$sd_id = intval($this->segment(4));
if ($sd_id > 0) {
$shaidan = $this->db->GetOne("select * from `@#_shaidan` where `sd_id`='{$sd_id}'");
include templates("mobile", "singleupdate");
} else {
_message("页面错误");
}
}