show_msg('危险!指定的SupeSite数据库已有数据,如果继续将会清空原有数据!', $step + 1);
} else {
show_msg('数据库配置成功,进入下一步操作', $step + 1, 1);
}
} elseif (submitcheck('opensubmit')) {
//检查用户身份
$step = 5;
include_once S_ROOT . './common.php';
//UC注册用户
if (!@(include_once S_ROOT . './uc_client/client.php')) {
showmessage('system_error');
}
$uid = uc_user_register($_POST['username'], $_POST['password'], '*****@*****.**');
if ($uid == -3) {
//已存在,登录
if (!($passport = getpassport($_POST['username'], $_POST['password']))) {
show_msg('输入的用户名密码不正确,请确认');
}
$setarr = array('uid' => $passport['uid'], 'username' => addslashes($passport['username']));
} elseif ($uid > 0) {
$setarr = array('uid' => $uid, 'username' => $_POST['username']);
} else {
show_msg('输入的用户名无法注册,请重新确认');
}
$setarr['dateline'] = $_SGLOBAL['timestamp'];
$setarr['updatetime'] = $_SGLOBAL['timestamp'];
$setarr['lastlogin'] = $_SGLOBAL['timestamp'];
$setarr['ip'] = $_SGLOBAL['onlineip'];
$setarr['password'] = md5("{$setarr['uid']}|{$_SGLOBAL['timestamp']}");
//本地密码随机生成
$setarr['groupid'] = 1;
function authUser($username, $password)
{
global $_SGLOBAL;
$username = addslashes(siconv($username, $this->charset, 'UTF-8'));
$password = addslashes(siconv($password, $this->charset, 'UTF-8'));
if ($this->member = getpassport($username, $password)) {
$_SGLOBAL['supe_uid'] = $this->member['uid'];
$this->member['username'] = addslashes($this->member['username']);
$_SGLOBAL['supe_username'] = $this->member['username'];
$_SGLOBAL['timestamp'] = $this->timestamp;
return true;
} else {
$this->sendFault(1, 'Authoried Error.Please check your password.');
}
}
} elseif ($session['errorcount'] <= 3) {
$cpaccess = 1;
}
} else {
$_SGLOBAL['db']->query("DELETE FROM " . tname('adminsession') . " WHERE uid='{$_SGLOBAL['supe_uid']}' OR dateline+1800<'{$timestamp}'");
$_SGLOBAL['db']->query("INSERT INTO " . tname('adminsession') . " (uid, ip, dateline, errorcount)\r\n\t\t\tVALUES ('{$_SGLOBAL['supe_uid']}', '" . getonlineip() . "', '{$_SGLOBAL['timestamp']}', '0')");
$cpaccess = 1;
}
} else {
$cpaccess = 2;
}
switch ($cpaccess) {
case '1':
//可以登录
if (submitcheck('loginsubmit')) {
if (!($passport = getpassport($_SGLOBAL['supe_username'], $_POST['password']))) {
$_SGLOBAL['db']->query("UPDATE " . tname('adminsession') . " SET errorcount=errorcount+1 WHERE uid='{$_SGLOBAL['supe_uid']}'");
cpmessage('enter_the_password_is_incorrect', 'admincp.php');
} else {
$_SGLOBAL['db']->query("UPDATE " . tname('adminsession') . " SET errorcount='-1' WHERE uid='{$_SGLOBAL['supe_uid']}'");
$refer = empty($_SCOOKIE['_refer']) ? $_SGLOBAL['refer'] : rawurldecode($_SCOOKIE['_refer']);
if (empty($refer) || preg_match("/(login)/i", $refer)) {
$refer = 'admincp.php';
}
ssetcookie('_refer', '');
showmessage('login_success', $refer, 0);
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
ssetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
if ($_SCONFIG['seccode_login']) {
include_once S_ROOT . './source/function_cp.php';
if (!ckseccode($_POST['seccode'])) {
$_SGLOBAL['input_seccode'] = 1;
include template('do_login');
exit;
}
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('member') . " WHERE username='******'");
$value = $_SGLOBAL['db']->fetch_array($query);
if (empty($value)) {
showmessage('login_failure_please_re_login', 'do.php?ac=' . $_SCONFIG['login_action']);
}
$password = $value[2];
//同步获取用户源
if (!($passport = getpassport($username, $password))) {
showmessage('login_failure_please_re_login', 'do.php?ac=' . $_SCONFIG['login_action']);
}
$setarr = array('uid' => $passport['uid'], 'username' => addslashes($passport['username']), 'password' => md5("{$passport['uid']}|{$_SGLOBAL['timestamp']}"));
include_once S_ROOT . './source/function_space.php';
//开通空间
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('space') . " WHERE uid='{$setarr['uid']}'");
if (!($space = $_SGLOBAL['db']->fetch_array($query))) {
$space = space_open($setarr['uid'], $setarr['username'], 0, $passport['email']);
}
$_SGLOBAL['member'] = $space;
//实名
realname_set($space['uid'], $space['username'], $space['name'], $space['namestatus']);
//检索当前用户
$query = $_SGLOBAL['db']->query("SELECT password FROM " . tname('member') . " WHERE uid='{$setarr['uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($session['errorcount'] == -1) {
DB::query("UPDATE " . tname('adminsession') . " SET dateline='{$_G['timestamp']}' WHERE uid='{$_G['uid']}'");
$cpaccess = 2;
} elseif ($session['errorcount'] <= 3) {
$cpaccess = 1;
}
} else {
DB::query("DELETE FROM " . tname('adminsession') . " WHERE uid='{$_G['uid']}' OR dateline+1800<'{$timestamp}'");
DB::query("INSERT INTO " . tname('adminsession') . " (uid, ip, dateline, errorcount)\n\t\tVALUES ('{$_G['uid']}', '" . $_G['clientip'] . "', '{$_G['timestamp']}', '0')");
$cpaccess = 1;
}
switch ($cpaccess) {
case '1':
//可以登錄
if (submitcheck('dologin', 1)) {
if (!($passport = getpassport($_G['username'], $_POST['admin_password']))) {
DB::query("UPDATE " . tname('adminsession') . " SET errorcount=errorcount+1 WHERE uid='{$_G['uid']}'");
showmessage('enter_the_password_is_incorrect', $BASESCRIPT);
} else {
DB::query("UPDATE " . tname('adminsession') . " SET errorcount='-1' WHERE uid='{$_G['uid']}'");
$refer = empty($_G['cookie']['_refer']) ? $_SGLOBAL['refer'] : rawurldecode($_G['cookie']['_refer']);
if (empty($refer) || preg_match("/(login)/i", $refer)) {
$refer = $BASESCRIPT;
}
showmessage('login_success', $refer, 0);
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
ssetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
ssetcookie('_refer', rawurlencode($BASESCRIPT));