예제 #1
0
         $expires = 3600;
     default:
         $expires = 0;
         break;
 }
 $expires && !empty($client_t) && ($expires = intval(floatval($client_t) / 1000) - $timestamp + $expires);
 $expires < 0 && ($expires = 0);
 if ($enable_pptin && !empty($pptin_url) && $pptin_login) {
     $url = $pptin_url . $pptin_login;
     $url .= (strpos($url, '?') ? '&' : '?') . "{$getval}=" . rawurlencode($forward);
     header('location:' . $url);
     exit;
 }
 include_once M_ROOT . "./include/admin.fun.php";
 $username = trim($username);
 regcode_pass('login', empty($regcode) ? '' : trim($regcode)) || message('safecodeerr', axaction(1, $forward));
 strlen($username) < 3 && message('membercnameillegal', axaction(1, $forward));
 if (!$password || $password != addslashes($password)) {
     message('pwdillegal', axaction(1, $forward));
 }
 $guestexp = '\\xA1\\xA1|^Guest|^\\xD3\\xCE\\xBF\\xCD|\\xB9\\x43\\xAB\\xC8';
 preg_match("/^\\s*\$|^c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&]|{$guestexp}/is", $username) && message('membercnameillegal', axaction(1, $forward));
 $errtimes = login_safecheck($username);
 $errtimes++ < $maxerrtimes || message('mloginerrtimes');
 $cantimes = $maxerrtimes - $errtimes;
 $md5_password = md5(md5($password));
 $enable_uc && (include_once M_ROOT . './include/ucenter/uc.inc.php');
 $curuser->activeuserbyname($username);
 if ($curuser->info['mid'] && ($enable_uc || $curuser->info['password'] == $md5_password)) {
     //是本站会员,检查更新密码
     if ($curuser->info['password'] != $md5_password) {
예제 #2
0
         _footer();
     } else {
         include_once M_ROOT . './include/common.fun.php';
         parse_str($_SERVER['QUERY_STRING'], $_da);
         _aenter($_da, 1);
         @extract($btags);
         extract($_da, EXTR_OVERWRITE);
         tpl_refresh($tplname);
         @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
         $_content = ob_get_contents();
         ob_clean();
         mexit($_content);
     }
 } else {
     $inajax ? aheader() : _header();
     if (!regcode_pass('archive', empty($regcode) ? '' : trim($regcode))) {
         mcmessage('safecodeerr', axaction(2, M_REFERER));
     }
     if (empty($archiveadd['caid']) || !($catalog = @$acatalogs[$archiveadd['caid']])) {
         mcmessage('choosecatalog', axaction(2, M_REFERER));
     }
     if ($sid != $catalog['sid']) {
         switch_cache($catalog['sid']);
         $sid = $catalog['sid'];
     }
     $sqlmain = "sid='{$sid}',\n\t\tcaid='{$archiveadd['caid']}',\n\t\tchid='{$chid}',\n\t\tmid='{$memberid}',\n\t\tmname='" . $curuser->info['mname'] . "',\n\t\tcreatedate='{$timestamp}',\n\t\trefreshdate='{$timestamp}'";
     $pre_cns = array();
     $pre_cns['caid'] = $archiveadd['caid'];
     //分析分类的定义及权限
     foreach ($cotypes as $k => $v) {
         if (!$v['self_reg'] && !in_array($k, $ccoids) && !in_array("ccid{$k}", $additems)) {
예제 #3
0
!defined('M_COM') && exit('No Permission');
if (!submitcheck('bmemberpwd')) {
    tabheader(lang('memberpwdsetting'), 'memberpwd', '?action=memberpwd', 2, 0, 1);
    trbasic(lang('membercname'), '', $curuser->info['mname'], '');
    trbasic(lang('oldpwd'), 'opassword', '', 'password');
    trbasic(lang('newpwd'), 'npassword', '', 'password');
    trbasic(lang('repwd'), 'npassword2', '', 'password');
    $submitstr = '';
    $submitstr .= makesubmitstr('opassword', 1, 0, 0, 15);
    $submitstr .= makesubmitstr('npassword', 1, 0, 0, 15);
    $submitstr .= makesubmitstr('npassword2', 1, 0, 0, 15);
    $submitstr .= tr_regcode('login');
    tabfooter('bmemberpwd');
    check_submit_func($submitstr);
} else {
    if (!regcode_pass('login', empty($regcode) ? '' : trim($regcode))) {
        mcmessage('regcodeerror', '?action=memberpwd');
    }
    $opassword = trim($opassword);
    $npassword = trim($npassword);
    $npassword2 = trim($npassword2);
    if (md5(md5($opassword)) != $curuser->info['password']) {
        mcmessage('oldpasserror', '?action=memberpwd');
    }
    if ($npassword != $npassword2) {
        mcmessage('notsamepwd', '?action=memberpwd');
    }
    if (!$npassword || strlen($npassword) > 15 || $npassword != addslashes($npassword)) {
        mcmessage('memberpwdillegal', '?action=memberpwd');
    }
    if ($enable_uc) {
예제 #4
0
         tpl_refresh($tplname);
         @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
         $_content = ob_get_contents();
         ob_clean();
         mexit($_content);
     }
 } else {
     //数据处理
     load_cache('rfields,ucotypes');
     include_once M_ROOT . "./include/fields.cls.php";
     include_once M_ROOT . "./include/upload.cls.php";
     include_once M_ROOT . "./include/arcedit.cls.php";
     include_once M_ROOT . "./include/cuedit.cls.php";
     include_once M_ROOT . "./include/cheader.inc.php";
     $inajax ? aheader() : _header();
     if (!regcode_pass('reply', empty($regcode) ? '' : trim($regcode))) {
         mcmessage('regcodeerror', axaction(2, M_REFERER));
     }
     if (!$curuser->checkforbid('reply')) {
         mcmessage('userisforbid', axaction(2, M_REFERER));
     }
     //屏蔽组
     $aedit = new cls_arcedit();
     $aedit->set_aid($aid);
     $aedit->basic_data();
     if (!$aedit->aid) {
         mcmessage('choosereplyobject', axaction(2, M_REFERER));
     }
     if (!$aedit->archive['checked']) {
         mcmessage('poinarcnoche');
     }
예제 #5
0
 if (!submitcheck('bpmsend')) {
     //发送框
     tabheader(lang('sendpm'), 'pmsend', "?action=pmsend&box={$box}&page={$page}", 2, 0, 1);
     trbasic(lang('pmtitle'), 'pmnew[title]', '', 'btext');
     trbasic(lang('pmtonames'), 'pmnew[tonames]', empty($tonames) ? '' : $tonames, 'btext');
     trbasic(lang('pmcontent'), 'pmnew[content]', '', 'btextarea');
     $submitstr = '';
     //		$submitstr .= makesubmitstr('pmnew[title]',1,0,0,80);
     $submitstr .= makesubmitstr('pmnew[tonames]', 1, 0, 0, 100);
     $submitstr .= makesubmitstr('pmnew[content]', 1, 0, 0, 1000);
     $submitstr .= tr_regcode('pm');
     tabfooter('bpmsend');
     check_submit_func($submitstr);
 } else {
     //发送短信
     if (!regcode_pass('pm', empty($regcode) ? '' : trim($regcode))) {
         mcmessage(lang('regcodeerror'), M_REFERER);
     }
     $pmnew['title'] = trim($pmnew['title']);
     $pmnew['tonames'] = trim($pmnew['tonames']);
     $pmnew['content'] = trim($pmnew['content']);
     if (empty($pmnew['content']) || empty($pmnew['tonames'])) {
         mcmessage(lang('pmdatamiss'), M_REFERER);
     }
     $tos = array_filter(explode(',', $pmnew['tonames']));
     $count = 0;
     $pmnew['title'] = $pmnew['title'] ? $pmnew['title'] : ($pmnew['content'] ? $pmnew['content'] : '');
     foreach ($tos as $to) {
         if (uc_pm_send($uid, $to, $pmnew['title'], $pmnew['content'], 1, 0, 1)) {
             $count++;
         }
예제 #6
0
         $_da = array('mchid' => $mchid);
         _aenter($_da, 1);
         @extract($btags);
         extract($_da, EXTR_OVERWRITE);
         tpl_refresh($tplname);
         @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
         $_content = ob_get_contents();
         ob_clean();
         mexit($_content);
     }
 } else {
     $mname = addslashes(trim(stripslashes($mname)));
     $password = trim($password);
     $password2 = trim($password2);
     $email = trim($email);
     if (!regcode_pass('register', empty($regcode) ? '' : trim($regcode))) {
         message('regcodeerror', M_REFERER);
     }
     if (strlen($mname) < 3 || strlen($mname) > 15) {
         message('memnamelengthillegal', M_REFERER);
     }
     $guestexp = '\\xA1\\xA1|^Guest|^\\xD3\\xCE\\xBF\\xCD|\\xB9\\x43\\xAB\\xC8';
     $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($censoruser = trim($censoruser), '/')) . ')$/i';
     if (preg_match("/^\\s*\$|^c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&]|{$guestexp}/is", $mname) || $censoruser && @preg_match($censorexp, $mname)) {
         message('membcnameilleg', M_REFERER);
     }
     if ($db->result_one("SELECT COUNT(*) FROM {$tblprefix}members WHERE mname='{$mname}'")) {
         message('memcnamerepeat', M_REFERER);
     }
     if ($password != $password2) {
         message('notsamepwd', M_REFERER);
예제 #7
0
    tabheader(lang('onlinepay'), 'paynew', '?action=payonline&deal=confirm', 2, 0, 1);
    trbasic(lang('payinterface'), 'paynew[poid]', makeoption($poids), 'select');
    trbasic(lang('payamount'), 'paynew[amount]', $amount, 'text', lang('payamountrmbi'));
    trbasic(lang('contactorname'), 'paynew[truename]', empty($oldmsg['truename']) ? '' : $oldmsg['truename'], 'btext');
    trbasic(lang('contacttel'), 'paynew[telephone]', empty($oldmsg['telephone']) ? '' : $oldmsg['telephone'], 'btext');
    trbasic(lang('contactemail'), 'paynew[email]', empty($oldmsg['email']) ? '' : $oldmsg['email'], 'btext');
    $submitstr = '';
    $submitstr .= makesubmitstr('paynew[amount]', 1, 'number', 0, 15);
    $submitstr .= makesubmitstr('paynew[truename]', 0, 0, 0, 80);
    $submitstr .= makesubmitstr('paynew[telephone]', 0, 0, 0, 30);
    $submitstr .= makesubmitstr('paynew[email]', 0, 'email', 0, 100);
    $submitstr .= tr_regcode('payonline');
    tabfooter('submit', lang('continue'));
    check_submit_func($submitstr);
} elseif ($deal == 'confirm') {
    if (!regcode_pass('payonline', empty($regcode) ? '' : trim($regcode))) {
        mcmessage('regcodeerror', '?action=payonline');
    }
    $paynew['amount'] = max(0, round(floatval($paynew['amount']), 2));
    empty($paynew['amount']) && mcmessage('pinputpayamount', '?action=payonline');
    array_key_exists($paynew['poid'], $poids) || mcmessage('errorpaymode', '?action=payonline');
    /*
    	$paynew['handfee'] = 0;
    	if(!empty($payonline['percent'])){
    		$paynew['handfee'] = round($paynew['amount'] * $payonline['percent'] / 100,2);
    	}
    	$paynew['total'] = $paynew['amount'] + $paynew['handfee'];*/
    $paynew['truename'] = trim(strip_tags($paynew['truename']));
    $paynew['telephone'] = trim(strip_tags($paynew['telephone']));
    $paynew['email'] = trim(strip_tags($paynew['email']));
    #	$paynew['ordersn'] = $payonline['partner'].date('Ymd').date('His').random(4,1);
예제 #8
0
            $curuser->updatedb();
            $memberid = $curuser->info['mid'];
            msetcookie('userauth', authcode("{$md5_password}\t" . $curuser->info['mid'], 'ENCODE'), $expires);
            echo "<script> location.reload();</script>";
            exit;
        } else {
            login_msg('账号/密码错误', '', 'error');
        }
        print_r($curuser);
        exit;
    }
    login_msg('', '', 'error');
} elseif ($aflag == 'ipdenied') {
    login_msg(lang('backarea_ip_forbid'), '', 'error');
} elseif ($aflag == 'recheck') {
    if (empty($admin_password) || md5(md5($admin_password)) != $curuser->info['password'] || !regcode_pass('admin', empty($regcode) ? '' : trim($regcode))) {
        if (!empty($admin_password) || !empty($regcode)) {
            $db->query("UPDATE {$tblprefix}asession SET errorcount=errorcount+1 WHERE mid='{$memberid}'");
        }
        login_msg('', '', 'login');
    } else {
        $db->query("UPDATE {$tblprefix}asession SET errorcount='-1' WHERE mid='{$memberid}'");
        login_msg(lang('admin_login_finish'), '?' . $_SERVER['QUERY_STRING'] . '');
        if (!empty($url_forward)) {
            echo "<meta http-equiv=refresh content=\"0;URL={$url_forward}\">";
            exit;
        }
    }
}
include_once M_ROOT . './include/cache.fun.php';
load_cache('usednames,fcatalogs,mchannels');
예제 #9
0
         arc_parse($_da);
         _aenter($_da, 1);
         @extract($btags);
         extract($_da, EXTR_OVERWRITE);
         tpl_refresh($tplname);
         @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
         $_content = ob_get_contents();
         ob_clean();
         mexit($_content);
     }
 } else {
     include_once M_ROOT . './include/arcedit.cls.php';
     include_once M_ROOT . "./include/cheader.inc.php";
     $inajax ? aheader() : _header();
     !$memberid && mcmessage('nousernooperatepermis', axaction(2, M_REFERER));
     if (!regcode_pass('answer', empty($regcode) ? '' : trim($regcode))) {
         mcmessage('regcodeerror', axaction(2, M_REFERER));
     }
     !$curuser->checkforbid('answer') && mcmessage('userisforbid', axaction(2, M_REFERER));
     //屏蔽组
     $aedit = new cls_arcedit();
     $aedit->set_aid($aid);
     $aedit->basic_data();
     !$aedit->aid && mcmessage('choosearchive');
     !($commu = read_cache('commu', $aedit->channel['cuid'])) && mcmessage('setcomitem', axaction(2, M_REFERER));
     !$curuser->pmbypmids('cuadd', $commu['setting']['apmid']) && mcmessage('younoitempermis', axaction(2, M_REFERER));
     ($aedit->archive['closed'] || $aedit->archive['finishdate'] < $timestamp) && mcmessage('questionclosed', axaction(2, M_REFERER));
     $communew['answer'] = empty($communew['answer']) ? '' : trim($communew['answer']);
     empty($communew['answer']) && mcmessage('inputanswercontent', axaction(2, M_REFERER));
     !empty($commu['setting']['minlength']) && strlen($communew['answer']) < $commu['setting']['minlength'] && mcmessage('answeroverminlength');
     !empty($commu['setting']['maxlength']) && ($communew['answer'] = cutstr($communew['answer'], $commu['setting']['maxlength']));
예제 #10
0
         tpl_refresh($tplname);
         @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
         $_content = ob_get_contents();
         ob_clean();
         mexit($_content);
     }
 } else {
     //数据处理
     load_cache('cfields,ucotypes');
     include_once M_ROOT . "./include/fields.cls.php";
     include_once M_ROOT . "./include/upload.cls.php";
     include_once M_ROOT . "./include/arcedit.cls.php";
     include_once M_ROOT . "./include/cuedit.cls.php";
     include_once M_ROOT . "./include/cheader.inc.php";
     $inajax ? aheader() : _header();
     if (!regcode_pass('comment', empty($regcode) ? '' : trim($regcode))) {
         mcmessage('regcodeerror', axaction(2, M_REFERER));
     }
     if (!$curuser->checkforbid('comment')) {
         mcmessage('userisforbid', axaction(2, M_REFERER));
     }
     //屏蔽组
     $aedit = new cls_arcedit();
     $aedit->set_aid($aid);
     $aedit->basic_data();
     if (!$aedit->aid) {
         mcmessage('choosecommentobject', axaction(2, M_REFERER));
     }
     if (!$aedit->archive['checked']) {
         mcmessage('poinarcnoche');
     }