function currentuser() { global $m_cookie, $db, $tblprefix, $onlineip, $nouserinfos, $timestamp, $sessionexists; $this->cumonthadd_reset(); //将所有会员的月交互数量置为0 $memberid = 0; if (!empty($m_cookie['userauth'])) { @(list($memberpwd, $memberid) = maddslashes(explode("\t", authcode($m_cookie['userauth'], 'DECODE')), 1)); if (empty($memberid) || $memberid != intval($memberid)) { mclearcookie('userauth'); } } else { list($memberpwd, $memberid) = array('', 0); } $sessionexists = 0; $msid = isset($m_cookie['msid']) ? $m_cookie['msid'] : ''; if ($msid) { if ($memberid) { $sqlstr = "SELECT ms.* FROM {$tblprefix}msession ms,{$tblprefix}members m\n\t\t\t\t\tWHERE ms.mid=m.mid AND ms.msid='{$msid}' AND onlineip='{$onlineip}' AND m.mid='{$memberid}' AND m.password='******'"; } else { $sqlstr = "SELECT * FROM {$tblprefix}msession WHERE msid='{$msid}' AND onlineip='{$onlineip}'"; } if ($msession = $db->fetch_one($sqlstr)) { $sessionexists = 1; if ($memberid) { $msession = array_merge($msession, $db->fetch_one("SELECT * FROM {$tblprefix}members WHERE mid='{$msession['mid']}'")); } else { $msession = array_merge($msession, $nouserinfos); } } } if (!$sessionexists) { if ($memberid) { if (!($msession = $db->fetch_one("SELECT * FROM {$tblprefix}members WHERE mid='{$memberid}' AND password='******'"))) { mclearcookie('userauth'); } else { $msession['mslastactive'] = $msession['lastolupdate'] = $timestamp; } } $msession['msid'] = random(6); if (empty($msession['mid'])) { $msession = array_merge($msession, $nouserinfos); } } if (empty($m_cookie['msid']) || $msession['msid'] != $m_cookie['msid']) { msetcookie('msid', $msession['msid']); } $this->info = $msession; $this->updatesession(); }
message('outmemberactive', axaction(0, 'tools/memactive.php?username='******'&password='******'&forward=' . rawurlencode($forward))); } login_safecheck($username, $errtimes); $password = preg_replace("/^(.{" . round(strlen($password) / 4) . "})(.+?)(.{" . round(strlen($password) / 6) . "})\$/s", "\\1***\\3", $password); $record = mhtmlspecialchars($timestamp . "\t" . stripslashes($username) . "\t" . $password . "\t" . $onlineip); record2file('badlogin', $record); message($cantimes ? 'loginfailed' : 'mloginerrtimes', axaction(1, $forward), $cantimes); } } elseif ($action == 'logout') { if ($enable_uc) { include_once M_ROOT . './include/ucenter/uc.inc.php'; } $cmember = $curuser->info; if ($enable_pptin && !empty($pptin_url) && $pptin_logout) { $url = $pptin_url . $pptin_logout; $url .= (strpos($url, '?') ? '&' : '?') . 'verify=' . substr(md5("{$onlineip}{$pptin_key}{$_SERVER['HTTP_USER_AGENT']}"), 8, 8) . "&{$getval}=" . rawurlencode($forward); #PHPWind header('location:' . $url); exit; } mclearcookie(); if ($enable_pptout && !empty($pptout_file) && !empty($pptout_url)) { include M_ROOT . './include/pptout/' . $pptout_file . '.php'; header('location:' . $url); exit; } if (!$forward || preg_match('/\\blogin.php(\\?|#|$)/i', $forward)) { $forward = 'index.php'; } message('memlogoutsucce', $forward); }
function cms_spread($uid, $mode = 0) { global $db, $tblprefix, $onlineip, $timestamp, $curuser, $m_cookie; if (empty($uid) && $mode == 1) { $uid = empty($m_cookie['spread_uid']) ? '' : $m_cookie['spread_uid']; } else { $uid = trim($uid); } if (empty($uid) || !($commu = read_cache('commu', 9)) || empty($commu['available']) || empty($commu['setting'][$mode])) { return; } $user = new cls_userinfo(); $user->activeuserbyname($uid); if (!($mid = $user->info['mid']) || $mid == $curuser->info['mid']) { return; } $s =& $commu['setting'][$mode]; $ip = ip2long($onlineip); $time = getdate($timestamp); $time = mktime(0, 0, 0, $time['mon'], $time['mday'], $time['year']); $record = $db->result_one("SELECT COUNT(*) FROM {$tblprefix}spreads WHERE mid='{$mid}' AND ip={$ip} AND mode={$mode} AND time>{$time}"); if ($s['value'] && (!$s['count'] || $s['count'] > $db->result_one("SELECT COUNT(*) FROM {$tblprefix}spreads WHERE mid='{$mid}' AND time>{$time}")) && !$record) { $user->updatecrids(array($s['crid'] => $s['value']), 1); } $record || $db->query("INSERT INTO {$tblprefix}spreads(mid,ip,mode,time) VALUES('{$mid}',{$ip},{$mode},{$timestamp})"); $mode ? mclearcookie('spread_uid') : msetcookie('spread_uid', $uid); }
function synlogout($get, $post) { if (!API_SYNLOGOUT) { return API_RETURN_FORBIDDEN; } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); require_once M_ROOT . './include/general.fun.php'; mclearcookie(); }